diff options
Diffstat (limited to 'kubernetes/aaf/charts')
29 files changed, 511 insertions, 726 deletions
diff --git a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml index 11b0811af3..39544258fd 100644 --- a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,13 +45,11 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: + - name: {{ include "common.name" . }}-readiness + command: - /root/ready.py args: - --container-name - - aaf-cs - - --container-name - aaf-locate env: - name: NAMESPACE @@ -60,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/cm"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/cm/bin/cm"] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -103,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-cm/values.yaml b/kubernetes/aaf/charts/aaf-cm/values.yaml index a149f0656f..9ddb366064 100644 --- a/kubernetes/aaf/charts/aaf-cm/values.yaml +++ b/kubernetes/aaf/charts/aaf-cm/values.yaml @@ -20,20 +20,14 @@ global: readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 flavor: small - ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.1 +image: onap/aaf/aaf_cm:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -44,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql deleted file mode 100644 index c4f77d80c9..0000000000 --- a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql +++ /dev/null @@ -1,279 +0,0 @@ -/* # Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. */ - -// Table Initialization -// First make sure the keyspace exists. - -USE authz; - -// -// CORE Table function -// - -// Namespace - establish hierarchical authority to modify -// Permissions and Roles -// "scope" is flag to determine Policy. Typical important scope -// is "company" (1) -CREATE TABLE ns ( - name varchar, - scope int, // deprecated 2.0.11 - description varchar, - parent varchar, - type int, - PRIMARY KEY (name) -); -CREATE INDEX ns_parent on ns(parent); - -CREATE TABLE ns_attrib ( - ns varchar, - key varchar, - value varchar, - PRIMARY KEY (ns,key) -); -create index ns_attrib_key on ns_attrib(key); - -// Will be cached -CREATE TABLE role ( - ns varchar, - name varchar, - perms set<varchar>, // Use "Key" of "name|type|action" - description varchar, - PRIMARY KEY (ns,name) -); -CREATE INDEX role_name ON role(name); - -// Will be cached -CREATE TABLE perm ( - ns varchar, - type varchar, - instance varchar, - action varchar, - roles set<varchar>, // Need to find Roles given Permissions - description varchar, - PRIMARY KEY (ns,type,instance,action) -); - -// This table is user for Authorization -CREATE TABLE user_role ( - user varchar, - role varchar, // deprecated: change to ns/rname after 2.0.11 - ns varchar, - rname varchar, - expires timestamp, - PRIMARY KEY(user,role) - ); -CREATE INDEX user_role_ns ON user_role(ns); -CREATE INDEX user_role_role ON user_role(role); - -// This table is only for the case where return User Credential (MechID) Authentication -CREATE TABLE cred ( - id varchar, - type int, - expires timestamp, - ns varchar, - other int, - notes varchar, - cred blob, - prev blob, - PRIMARY KEY (id,type,expires) - ); -CREATE INDEX cred_ns ON cred(ns); - -// Certificate Cross Table -// coordinated with CRED type 2 -CREATE TABLE cert ( - fingerprint blob, - id varchar, - x500 varchar, - expires timestamp, - PRIMARY KEY (fingerprint) - ); -CREATE INDEX cert_id ON cert(id); -CREATE INDEX cert_x500 ON cert(x500); - -CREATE TABLE notify ( - user text, - type int, - last timestamp, - checksum int, - PRIMARY KEY (user,type) -); - -CREATE TABLE x509 ( - ca text, - serial blob, - id text, - x500 text, - x509 text, - PRIMARY KEY (ca,serial) -); - - -CREATE INDEX x509_id ON x509 (id); -CREATE INDEX x509_x500 ON x509 (x500); - -// -// Deployment Artifact (for Certman) -// -CREATE TABLE artifact ( - mechid text, - machine text, - type Set<text>, - sponsor text, - ca text, - dir text, - os_user text, - ns text, - notify text, - expires timestamp, - renewDays int, - sans Set<text>, - PRIMARY KEY (mechid,machine) -); -CREATE INDEX artifact_machine ON artifact(machine); -CREATE INDEX artifact_ns ON artifact(ns); - -// -// Non-Critical Table functions -// -// Table Info - for Caching -CREATE TABLE cache ( - name varchar, - seg int, // cache Segment - touched timestamp, - PRIMARY KEY(name,seg) -); - -CREATE TABLE history ( - id timeuuid, - yr_mon int, - user varchar, - action varchar, - target varchar, // user, user_role, - subject varchar, // field for searching main portion of target key - memo varchar, //description of the action - reconstruct blob, //serialized form of the target - // detail Map<varchar, varchar>, // additional information - PRIMARY KEY (id) -); -CREATE INDEX history_yr_mon ON history(yr_mon); -CREATE INDEX history_user ON history(user); -CREATE INDEX history_subject ON history(subject); - -// -// A place to hold objects to be created at a future time. -// -CREATE TABLE future ( - id uuid, // uniquify - target varchar, // Target Table - memo varchar, // Description - start timestamp, // When it should take effect - expires timestamp, // When not longer valid - construct blob, // How to construct this object (like History) - PRIMARY KEY(id) -); -CREATE INDEX future_idx ON future(target); -CREATE INDEX future_start_idx ON future(start); - - -CREATE TABLE approval ( - id timeuuid, // unique Key - ticket uuid, // Link to Future Record - user varchar, // the user who needs to be approved - approver varchar, // user approving - type varchar, // approver types i.e. Supervisor, Owner - status varchar, // approval status. pending, approved, denied - memo varchar, // Text for Approval to know what's going on - operation varchar, // List operation to perform - last_notified timestamp, // Timestamp for the last time approver was notified - PRIMARY KEY(id) - ); -CREATE INDEX appr_approver_idx ON approval(approver); -CREATE INDEX appr_user_idx ON approval(user); -CREATE INDEX appr_ticket_idx ON approval(ticket); -CREATE INDEX appr_status_idx ON approval(status); - -CREATE TABLE approved ( - id timeuuid, // unique Key - user varchar, // the user who needs to be approved - approver varchar, // user approving - type varchar, // approver types i.e. Supervisor, Owner - status varchar, // approval status. pending, approved, denied - memo varchar, // Text for Approval to know what's going on - operation varchar, // List operation to perform - PRIMARY KEY(id) - ); -CREATE INDEX approved_approver_idx ON approved(approver); -CREATE INDEX approved_user_idx ON approved(user); - -CREATE TABLE delegate ( - user varchar, - delegate varchar, - expires timestamp, - PRIMARY KEY (user) -); -CREATE INDEX delg_delg_idx ON delegate(delegate); - -// OAuth Tokens -CREATE TABLE oauth_token ( - id text, // Reference - client_id text, // Creating Client ID - user text, // User requesting - active boolean, // Active or not - type int, // Type of Token - refresh text, // Refresh Token - expires timestamp, // Expiration time/Date (signed long) - exp_sec bigint, // Seconds from Jan 1, 1970 - content text, // Content of Token - scopes Set<text>, // Scopes - state text, // Context string (Optional) - req_ip text, // Requesting IP (for logging purpose) - PRIMARY KEY(id) -) with default_time_to_live = 21600; // 6 hours -CREATE INDEX oauth_token_user_idx ON oauth_token(user); - -CREATE TABLE locate ( - name text, // Component/Server name - hostname text, // FQDN of Service/Component - port int, // Port of Service - major int, // Version, Major - minor int, // Version, Minor - patch int, // Version, Patch - pkg int, // Version, Package (if available) - latitude float, // Latitude - longitude float, // Longitude - protocol text, // Protocol (i.e. http https) - subprotocol set<text>, // Accepted SubProtocols, ie. TLS1.1 for https - port_key uuid, // Key into locate_ports - PRIMARY KEY(name,hostname,port) -) with default_time_to_live = 1200; // 20 mins - -CREATE TABLE locate_ports ( - id uuid, // Id into locate - port int, // SubPort - name text, // Name of Other Port - protocol text, // Protocol of Other (i.e. JMX, DEBUG) - subprotocol set<text>, // Accepted sub protocols or versions - PRIMARY KEY(id, port) -) with default_time_to_live = 1200; // 20 mins; - -// -// Used by authz-batch processes to ensure only 1 runs at a time -// -CREATE TABLE run_lock ( - class text, - host text, - start timestamp, - PRIMARY KEY ((class)) -); diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql deleted file mode 100644 index 2951b2a197..0000000000 --- a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql +++ /dev/null @@ -1,25 +0,0 @@ -/* # Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. */ - -// For Developer Machine single instance -// CREATE KEYSPACE authz -// WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1}; -// -// - -// Example of Network Topology, with Datacenter dc1 & dc2 -// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'dc1': '2', 'dc2': '2' }; -// Out of the box Docker Cassandra comes with "datacenter1", one instance -CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'datacenter1': '1' }; -// diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql deleted file mode 100644 index 89da60f9db..0000000000 --- a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql +++ /dev/null @@ -1,136 +0,0 @@ -/* # Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. */ - -USE authz; - -// Create 'org' root NS -INSERT INTO ns (name,description,parent,scope,type) - VALUES('org','Root Namespace','.',1,1); - -INSERT INTO role(ns, name, perms, description) - VALUES('org','admin',{'org.access|*|*'},'Org Admins'); - -INSERT INTO role(ns, name, perms, description) - VALUES('org','owner',{'org.access|*|read,approve'},'Org Owners'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org','access','*','read,approve',{'org.owner'},'Org Read Access'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org','access','*','*',{'org.admin'},'Org Write Access'); - -// Create Root pass -INSERT INTO cred (id,ns,type,cred,expires) - VALUES ('initial@osaaf.org','org.osaaf',1,0x008c5926ca861023c1d2a36653fd88e2,'2099-12-31') using TTL 14400; - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('initial@osaaf.org','org.admin','2099-12-31','org','admin') using TTL 14400; - - -// Create org.osaaf -INSERT INTO ns (name,description,parent,scope,type) - VALUES('org.osaaf','OSAAF Namespace','org',2,2); - -INSERT INTO role(ns, name, perms,description) - VALUES('org.osaaf','admin',{'org.osaaf.access|*|*'},'OSAAF Admins'); - -INSERT INTO perm(ns, type, instance, action, roles,description) - VALUES ('org.osaaf','access','*','*',{'org.osaaf.admin'},'OSAAF Write Access'); - -INSERT INTO role(ns, name, perms,description) - VALUES('org.osaaf','owner',{'org.osaaf.access|*|read,approve'},'OSAAF Owners'); - -INSERT INTO perm(ns, type, instance, action, roles,description) - VALUES ('org.osaaf','access','*','read,appove',{'org.osaaf.owner'},'OSAAF Read Access'); - -// Create org.osaaf.aaf -INSERT INTO ns (name,description,parent,scope,type) - VALUES('org.osaaf.aaf','Application Authorization Framework','org.osaaf',3,3); - -INSERT INTO role(ns, name, perms, description) - VALUES('org.osaaf.aaf','admin',{'org.osaaf.aaf.access|*|*'},'AAF Admins'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.osaaf.aaf','access','*','*',{'org.osaaf.aaf.admin'},'AAF Write Access'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.osaaf.aaf','access','*','read,approve',{'org.osaaf.aaf.owner'},'AAF Read Access'); - -INSERT INTO role(ns, name, perms, description) - VALUES('org.osaaf.aaf','owner',{'org.osaaf.aaf.access|*|read,approve'},'AAF Owners'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('initial@osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') using TTL 14400; - - -// ONAP Specific Entities -// ONAP initial env Namespace -INSERT INTO ns (name,description,parent,scope,type) - VALUES('org.onap','ONAP','org',2,2); - -INSERT INTO ns (name,description,parent,scope,type) - VALUES('org.onap.portal','ONAP Portal','org.onap.portal',3,3); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.onap.portal','access','*','read',{ - 'org.onap.portal.owner','org.onap.portal.designer','org.onap.portal.tester','org.onap.portal.ops','org.onap.portal.governor' - },'Portal Read Access'); - -INSERT INTO role(ns, name, perms, description) - VALUES('org.onap.portal','owner',{'org.onap.portal.access|*|read'},'Portal Owner'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.onap.portal','access','*','*',{'org.onap.portal.admin'},'Portal Write Access'); - -INSERT INTO role(ns, name, perms, description) - VALUES('org.onap.portal','admin',{'org.onap.portal.access|*|*'},'Portal Admins'); - -// DEMO ID (OPS) -insert into cred (id,type,expires,cred,notes,ns,other) values('demo@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('demo@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin'); - -// ADMIN -insert into cred (id,type,expires,cred,notes,ns,other) values('jh0003@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('jh0003@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin'); - -// DESIGNER -INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('cs0008@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); -INSERT INTO role(ns, name, perms, description) - VALUES('org.onap.portal','designer',{'org.onap.portal.access|*|read'},'Portal Designer'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('cs0008@people.osaaf.org','org.onap.portal.designer','2018-10-31','org.onap.portal','designer'); - -// TESTER -INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('jm0007@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); -INSERT INTO role(ns, name, perms, description) - VALUES('org.onap.portal','tester',{'org.onap.portal.access|*|read'},'Portal Tester'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('jm0007@people.osaaf.org','org.onap.portal.tester','2018-10-31','org.onap.portal','tester'); - -// OPS -INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('op0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); -INSERT INTO role(ns, name, perms, description) - VALUES('org.onap.portal','ops',{'org.onap.portal.access|*|read'},'Portal Operations'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('op0001@people.osaaf.org','org.onap.portal.ops','2018-10-31','org.onap.portal','ops'); - -// GOVERNOR -INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('gv0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); -INSERT INTO role(ns, name, perms, description) - VALUES('org.onap.portal','governor',{'org.onap.portal.access|*|read'},'Portal Governor'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('gv0001@people.osaaf.org','org.onap.portal.governor','2018-10-31','org.onap.portal','governor'); - diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql deleted file mode 100644 index 4b6bf44140..0000000000 --- a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql +++ /dev/null @@ -1,22 +0,0 @@ -/* # Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. */ - -USE authz; - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('demo@people.osaaf.org','org.admin','2099-12-31','org','admin') ; - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('demo@people.osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') ; - diff --git a/kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml index cfece7093b..e0d500c420 100644 --- a/kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml @@ -30,25 +30,31 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: - hostname: {{ include "common.name" . }} containers: - - args: + - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","onap"] ports: - containerPort: {{ .Values.service.externalPort }} - containerPort: {{ .Values.service.externalPort2 }} - containerPort: {{ .Values.service.externalPort3 }} - containerPort: {{ .Values.service.externalPort4 }} + env: + - name: CASSANDRA_CLUSTER_NAME + value: "osaaf" + - name: CASSANDRA_DC + value: "dc1" + - name: HEAP_NEWSIZE + value: "512M" + - name: MAX_HEAP_SIZE + value: "1024M" volumeMounts: - - mountPath: /data - name: aaf-cs-data + - mountPath: /var/lib/cassandra + name: cassandra-storage - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -57,25 +63,12 @@ spec: periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort3 }} + exec: + command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","wait"] initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - lifecycle: - postStart: - exec: - command: - - /bin/sh - - -c - - > - /bin/sleep {{ .Values.readiness.initialDelaySeconds }}; - cd /data/; - cqlsh -u root -p root -f keyspace.cql ; - cqlsh -u root -p root -f init.cql ; - cqlsh -u root -p root -f osaaf.cql ; - cqlsh -u root -p root -f temp_identity.cql resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . | indent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} @@ -85,11 +78,15 @@ spec: {{ toYaml .Values.affinity | indent 10 }} {{- end }} volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: aaf-cs-data - secret: - secretName: {{ include "common.fullname" . }} + - name: localtime + hostPath: + path: /etc/localtime + - name: cassandra-storage + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-cs/templates/pv.yaml b/kubernetes/aaf/charts/aaf-cs/templates/pv.yaml new file mode 100644 index 0000000000..4209179af8 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-cs/templates/pv.yaml @@ -0,0 +1,44 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}}
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-cs/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-cs/templates/pvc.yaml new file mode 100644 index 0000000000..b102ffa08d --- /dev/null +++ b/kubernetes/aaf/charts/aaf-cs/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}}
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-cs/templates/secret.yaml b/kubernetes/aaf/charts/aaf-cs/templates/secret.yaml deleted file mode 100644 index 4ae60f17c9..0000000000 --- a/kubernetes/aaf/charts/aaf-cs/templates/secret.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ (.Files.Glob "resources/config/aaf-cs-data/*").AsSecrets | indent 2 }} diff --git a/kubernetes/aaf/charts/aaf-cs/values.yaml b/kubernetes/aaf/charts/aaf-cs/values.yaml index 73dac29fab..a914b542f4 100644 --- a/kubernetes/aaf/charts/aaf-cs/values.yaml +++ b/kubernetes/aaf/charts/aaf-cs/values.yaml @@ -24,12 +24,9 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: library/cassandra:3.11 +image: onap/aaf/aaf_cass:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - # application configuration config: {} @@ -42,14 +39,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 180 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 180 + initialDelaySeconds: 120 periodSeconds: 10 service: @@ -87,4 +84,14 @@ resources: requests: cpu: 40m memory: 9000Mi - unlimited: {}
\ No newline at end of file + unlimited: {} + +persistence: + enabled: true + #existingClaim: + mountPath: /dockerdata-nfs + mountSubPath: "cass" + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 10Gi + storageClass: "manual"
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml index d269dc6536..5125eb161e 100644 --- a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,13 +45,11 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: + - name: {{ include "common.name" . }}-readiness + command: - /root/ready.py args: - --container-name - - aaf-cs - - --container-name - aaf-locate env: - name: NAMESPACE @@ -60,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/fs"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c","ln -s /opt/app/osaaf/data /data;/opt/app/aaf/fs/bin/fs "] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -103,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-fs/values.yaml b/kubernetes/aaf/charts/aaf-fs/values.yaml index 0e3a81a9c6..0f0d7c47e7 100644 --- a/kubernetes/aaf/charts/aaf-fs/values.yaml +++ b/kubernetes/aaf/charts/aaf-fs/values.yaml @@ -25,14 +25,9 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.1 +image: onap/aaf/aaf_fs:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -43,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: diff --git a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml index b24a008fac..24c8e68cec 100644 --- a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,14 +45,12 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: + - name: {{ include "common.name" . }}-readiness + command: - /root/ready.py args: - --container-name - - aaf-cs - - --container-name - - aaf-locate + - aaf-cm env: - name: NAMESPACE valueFrom: @@ -60,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/gui"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/gui/bin/gui "] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -103,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-gui/values.yaml b/kubernetes/aaf/charts/aaf-gui/values.yaml index 5665d1df4f..d44ac5ed46 100644 --- a/kubernetes/aaf/charts/aaf-gui/values.yaml +++ b/kubernetes/aaf/charts/aaf-gui/values.yaml @@ -25,14 +25,9 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.1 +image: onap/aaf/aaf_gui:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -43,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: diff --git a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml index c76c0849ab..f932228cd9 100644 --- a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,13 +45,11 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: + - name: {{ include "common.name" . }}-readiness + command: - /root/ready.py args: - --container-name - - aaf-cs - - --container-name - aaf-locate env: - name: NAMESPACE @@ -60,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/hello"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/hello/bin/hello "] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -103,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-hello/values.yaml b/kubernetes/aaf/charts/aaf-hello/values.yaml index 6fcf861420..9f694be8b8 100644 --- a/kubernetes/aaf/charts/aaf-hello/values.yaml +++ b/kubernetes/aaf/charts/aaf-hello/values.yaml @@ -19,20 +19,15 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - +flavor: small ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.1 +image: onap/aaf/aaf_hello:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -43,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: diff --git a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml index 6e69f2c7ef..a3a9e285cf 100644 --- a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,12 +45,12 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: + - name: {{ include "common.name" . }}-readiness + command: - /root/ready.py args: - --container-name - - aaf-cs + - aaf-service env: - name: NAMESPACE valueFrom: @@ -58,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/locate"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/locate/bin/locate "] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -101,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-locate/values.yaml b/kubernetes/aaf/charts/aaf-locate/values.yaml index c9240025f1..ba1e56373c 100644 --- a/kubernetes/aaf/charts/aaf-locate/values.yaml +++ b/kubernetes/aaf/charts/aaf-locate/values.yaml @@ -19,24 +19,15 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - -# If mountPath is over NFS (e.g. /dockerdata-nfs is NFS mounted between the nodes), uncomment following lines. -# persistence: -# mountPath: /dockerdata flavor: small ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.1 +image: onap/aaf/aaf_locate:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -47,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml index fd4ae21708..06cf2736ef 100644 --- a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,13 +45,11 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: - - /root/ready.py + - name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py args: - --container-name - - aaf-cs - - --container-name - aaf-locate env: - name: NAMESPACE @@ -60,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/oauth"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/oauth/bin/oauth "] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -103,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml b/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml index 281aa1cc8d..d94bcae31c 100644 --- a/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml @@ -26,8 +26,6 @@ spec: ports: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} name: {{ .Values.service.portName }} {{- else -}} diff --git a/kubernetes/aaf/charts/aaf-oauth/values.yaml b/kubernetes/aaf/charts/aaf-oauth/values.yaml index 943ad16109..e52075a447 100644 --- a/kubernetes/aaf/charts/aaf-oauth/values.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/values.yaml @@ -25,14 +25,9 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.1 +image: onap/aaf/aaf_oauth:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -43,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: diff --git a/kubernetes/aaf/charts/aaf-service/.helmignore b/kubernetes/aaf/charts/aaf-service/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-service/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml index a07d06fd0a..c3c140a35d 100644 --- a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,14 +45,12 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: + - name: {{ include "common.name" . }}-readiness + command: - /root/ready.py args: - --container-name - aaf-cs - - --container-name - - aaf-locate env: - name: NAMESPACE valueFrom: @@ -60,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/service"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/service/bin/service "] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -103,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-service/values.yaml b/kubernetes/aaf/charts/aaf-service/values.yaml index 5ad31ffdda..7ec6364f3c 100644 --- a/kubernetes/aaf/charts/aaf-service/values.yaml +++ b/kubernetes/aaf/charts/aaf-service/values.yaml @@ -25,14 +25,9 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.1 +image: onap/aaf/aaf_service:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -43,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: diff --git a/kubernetes/aaf/charts/aaf-sms/resources/config/has.json b/kubernetes/aaf/charts/aaf-sms/resources/config/has.json new file mode 100644 index 0000000000..9d017f99ed --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/resources/config/has.json @@ -0,0 +1,36 @@ +{ + "domain": { + "name": "has", + "secrets": [ + { + "name": "aai", + "values": { + "username": "OOF", + "password": "OOF" + } + }, + { + "name": "conductor_api", + "values": { + "username": "admin1", + "password": "plan.15" + } + }, + { + "name": "sdnc", + "values": { + "username": "admin", + "password": "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U" + } + }, + { + "name": "music_api", + "values": { + "aafuser": "conductor", + "aafpass": "c0nduct0r", + "aafns": "conductor" + } + } + ] + } +} diff --git a/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json b/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json new file mode 100644 index 0000000000..0950957b11 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json @@ -0,0 +1,98 @@ +{ + "domain": { + "name": "osdf", + "secrets": [ + { + "name": "so", + "values": { + "UserName": "", + "Password": "" + } + }, + { + "name": "conductor", + "values": { + "UserName": "admin1", + "Password": "plan.15" + } + }, + { + "name": "policyPlatform", + "values": { + "UserName": "testpdp", + "Password": "alpha123" + } + }, + { + "name": "policyClient", + "values": { + "UserName": "python", + "Password": "test" + } + }, + { + "name": "dmaap", + "values": { + "UserName": "NA", + "Password": "NA" + } + }, + { + "name": "sdc", + "values": { + "UserName": "NA", + "Password": "NA" + } + }, + { + "name": "osdfPlacement", + "values": { + "UserName": "test", + "Password": "testpwd" + } + }, + { + "name": "osdfPlacementSO", + "values": { + "UserName": "so_test", + "Password": "so_testpwd" + } + }, + { + "name": "osdfPlacementVFC", + "values": { + "UserName": "vfc_test", + "Password": "vfc_testpwd" + } + }, + { + "name": "osdfCMScheduler", + "values": { + "UserName": "test1", + "Password": "testpwd1" + } + }, + { + "name": "configDb", + "values": { + "UserName": "osdf", + "Password": "passwd" + } + }, + { + "name": "pciHMS", + "values": { + "UserName": "", + "Password": "" + } + }, + { + "name": "osdfPCIOpt", + "values": { + "UserName": "pci_test", + "Password": "pci_testpwd" + } + } + ] + } +}
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml b/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml index 72ce6fbadb..b513d992ef 100644 --- a/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml +++ b/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright 2018 Intel Corporation, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: ConfigMap @@ -25,3 +27,16 @@ metadata: data: smsconfig.json: | {{ .Values.config | toJson }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-preload + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-preload + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/aaf/charts/aaf-sms/templates/job.yaml b/kubernetes/aaf/charts/aaf-sms/templates/job.yaml new file mode 100644 index 0000000000..2cee8d5e90 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/templates/job.yaml @@ -0,0 +1,92 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-preload + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py + args: + - --container-name + - "aaf-sms" + - --container-name + - "aaf-sms-quorumclient" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.pullPolicy }} + name: {{ include "common.name" . }}-preload + command: + - "/sms/bin/preload" + - "-cacert" + - "/sms/certs/aaf_root_ca.cer" + - "-jsondir" + - "/preload/config" + - "-serviceport" + - "{{ .Values.service.internalPort }}" + - "-serviceurl" + - "https://aaf-sms.{{ include "common.namespace" . }}" + workingDir: /sms + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /preload/config + name: {{ include "common.name" . }}-preload + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name : {{ include "common.name" . }}-preload + configMap: + name: {{ include "common.fullname" . }}-preload + restartPolicy: OnFailure + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" |