summaryrefslogtreecommitdiffstats
path: root/kubernetes/aai/charts/aai-traversal
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/aai/charts/aai-traversal')
-rw-r--r--kubernetes/aai/charts/aai-traversal/.helmignore42
-rw-r--r--kubernetes/aai/charts/aai-traversal/Chart.yaml14
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/aaf/cadi.properties8
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile27
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12bin0 -> 4158 bytes
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props13
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.osaaf.location.props23
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/aaf/permissions.properties2
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/aaf/truststoreONAPall.jksbin0 -> 114865 bytes
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/aaiconfig.properties70
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/application.properties90
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-cached.properties57
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-realtime.properties59
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/localhost-access-logback.xml125
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/logback.xml4
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/realm.properties14
-rw-r--r--kubernetes/aai/charts/aai-traversal/templates/configmap.yaml36
-rw-r--r--kubernetes/aai/charts/aai-traversal/templates/deployment.yaml61
-rw-r--r--kubernetes/aai/charts/aai-traversal/templates/job.yaml26
-rw-r--r--kubernetes/aai/charts/aai-traversal/templates/service.yaml14
-rw-r--r--kubernetes/aai/charts/aai-traversal/values.yaml30
21 files changed, 515 insertions, 200 deletions
diff --git a/kubernetes/aai/charts/aai-traversal/.helmignore b/kubernetes/aai/charts/aai-traversal/.helmignore
index f0c1319444..daebc7da77 100644
--- a/kubernetes/aai/charts/aai-traversal/.helmignore
+++ b/kubernetes/aai/charts/aai-traversal/.helmignore
@@ -1,21 +1,21 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/aai/charts/aai-traversal/Chart.yaml b/kubernetes/aai/charts/aai-traversal/Chart.yaml
index 8f79b421c3..15f69167e1 100644
--- a/kubernetes/aai/charts/aai-traversal/Chart.yaml
+++ b/kubernetes/aai/charts/aai-traversal/Chart.yaml
@@ -1,3 +1,17 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
apiVersion: v1
description: ONAP AAI traversal
name: aai-traversal
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/cadi.properties b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/cadi.properties
new file mode 100644
index 0000000000..9523367f27
--- /dev/null
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/cadi.properties
@@ -0,0 +1,8 @@
+
+cadi_loglevel=INFO
+cadi_prop_files=/opt/app/aai-traversal/resources/aaf/org.osaaf.location.props:/opt/app/aai-traversal/resources/aaf/org.onap.aai.props
+
+# OAuth2
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile
new file mode 100644
index 0000000000..3416d4a737
--- /dev/null
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile
@@ -0,0 +1,27 @@
+2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf
+jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm
+4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe
+moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf
+GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT
+74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh
+iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb
+p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt
+3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW
+hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7
+RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX
+xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk
+8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q
+ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i
+5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe
+GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE
+_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k
+zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf
+S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU
+LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw
+hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W
+nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP
+bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN
+JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk
+Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y
+J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP
+mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12
new file mode 100644
index 0000000000..023e2eaac6
--- /dev/null
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12
Binary files differ
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props
new file mode 100644
index 0000000000..4596d91cfe
--- /dev/null
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props
@@ -0,0 +1,13 @@
+############################################################
+# Properties Generated by AT&T Certificate Manager
+# @copyright 2016, AT&T
+############################################################
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US
+cadi_keyfile=/opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile
+cadi_keystore=/opt/app/aai-traversal/resources/aaf/org.onap.aai.p12
+cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV
+#cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)>
+cadi_alias=aai@aai.onap.org
+cadi_truststore=/opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks
+cadi_truststore_password=enc:s77wlnZFoQ08NhnU3OSeWO6uKgRwC6sAK-wTvVubNz2
+cadi_loglevel=INFO \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.osaaf.location.props b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.osaaf.location.props
new file mode 100644
index 0000000000..132fb242f4
--- /dev/null
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.osaaf.location.props
@@ -0,0 +1,23 @@
+##
+## org.osaaf.location.props
+##
+## Localized Machine Information
+##
+# Almeda California ?
+cadi_latitude=37.78187
+cadi_longitude=-122.26147
+
+# Locate URL (which AAF Env)
+aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
+
+# AAF URL
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+
+# AAF Environment Designation
+aaf_env=DEV
+
+# OAuth2 Endpoints
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+
+
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/permissions.properties b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/permissions.properties
new file mode 100644
index 0000000000..d4956f577c
--- /dev/null
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/permissions.properties
@@ -0,0 +1,2 @@
+permission.type=org.onap.aai.traversal
+permission.instance=* \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/truststoreONAPall.jks b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/truststoreONAPall.jks
new file mode 100644
index 0000000000..2da1dcc4b4
--- /dev/null
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/truststoreONAPall.jks
Binary files differ
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaiconfig.properties b/kubernetes/aai/charts/aai-traversal/resources/config/aaiconfig.properties
index 735609b424..3859590aaf 100644
--- a/kubernetes/aai/charts/aai-traversal/resources/config/aaiconfig.properties
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaiconfig.properties
@@ -20,81 +20,47 @@
# ECOMP is a trademark and service mark of AT&T Intellectual Property.
#
-####################################################################
-# REMEMBER TO THINK ABOUT ENVIRONMENTAL DIFFERENCES AND CHANGE THE
-# TEMPLATE AND *ALL* DATAFILES
-####################################################################
-
-####################################################################
-# REMEMBER TO THINK ABOUT ENVIRONMENTAL DIFFERENCES AND CHANGE THE
-# TEMPLATE AND *ALL* DATAFILES
-####################################################################
-
aai.config.checktime=1000
# this could come from siteconfig.pl?
aai.config.nodename=AutomaticallyOverwritten
-
-
-aai.auth.cspcookies_on=false
-aai.dbmodel.filename=ex5.json
-
aai.server.url.base=https://aai.{{ include "common.namespace" . }}:8443/aai/
-aai.server.url=https://aai.{{ include "common.namespace" . }}:8443/aai/v11/
+aai.server.url=https://aai.{{ include "common.namespace" . }}:8443/aai/{{ .Values.global.config.schema.version.api.default }}/
aai.global.callback.url=https://aai.{{ include "common.namespace" . }}:8443/aai/
+{{ if .Values.global.config.basic.auth.enabled }}
aai.tools.enableBasicAuth=true
-aai.tools.username=AAI
-aai.tools.password=AAI
-
-aai.truststore.filename=aai_keystore
-aai.truststore.passwd.x=OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0
-aai.keystore.filename=aai_keystore
-aai.keystore.passwd.x=OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0
+aai.tools.username={{ .Values.global.config.basic.auth.username }}
+aai.tools.password={{ .Values.global.config.basic.auth.passwd }}
+{{ end }}
+aai.truststore.filename={{ .Values.global.config.truststore.filename }}
+aai.truststore.passwd.x={{ .Values.global.config.truststore.passwd }}
+aai.keystore.filename={{ .Values.global.config.keystore.filename }}
+aai.keystore.passwd.x={{ .Values.global.config.keystore.passwd }}
-aai.notification.current.version=v11
+aai.notification.current.version={{ .Values.global.config.schema.version.api.default }}
aai.notificationEvent.default.status=UNPROCESSED
-aai.notificationEvent.default.eventType=AAI-EVENT
-aai.notificationEvent.default.domain=dev
+aai.notificationEvent.default.eventType={{ .Values.global.config.notification.eventType }}
+aai.notificationEvent.default.domain={{ .Values.global.config.notification.domain }}
aai.notificationEvent.default.sourceName=aai
aai.notificationEvent.default.sequenceNumber=0
aai.notificationEvent.default.severity=NORMAL
-aai.notificationEvent.default.version=v11
+aai.notificationEvent.default.version={{ .Values.global.config.schema.version.api.default }}
# This one lets us enable/disable resource-version checking on updates/deletes
aai.resourceversion.enableflag=true
aai.logging.maxStackTraceEntries=10
-aai.default.api.version=v11
-
-
+aai.default.api.version={{ .Values.global.config.schema.version.api.default }}
# Used by Model-processing code
aai.model.delete.sleep.per.vtx.msec=500
aai.model.query.resultset.maxcount=50
aai.model.query.timeout.sec=90
-# Used by Data Grooming
-aai.grooming.default.max.file=150
-aai.grooming.default.sleep.minutes=7
-
aai.model.proc.max.levels=50
aai.edgeTag.proc.max.levels=50
-# for transaction log
-aai.logging.hbase.interceptor=true
-aai.logging.hbase.enabled=true
-aai.logging.hbase.logrequest=true
-aai.logging.hbase.logresponse=true
-
-# for gremlin server
-aai.server.rebind=g
-hbase.table.name=aailogging.dev
-hbase.table.timestamp.format=YYYYMMdd-HH:mm:ss:SSS
-hbase.zookeeper.quorum=localhost
-hbase.zookeeper.property.clientPort=2181
-hbase.zookeeper.znode.parent=/hbase
-
aai.logging.trace.enabled=true
aai.logging.trace.logrequest=false
aai.logging.trace.logresponse=false
@@ -103,13 +69,13 @@ aai.transaction.logging=true
aai.transaction.logging.get=false
aai.transaction.logging.post=false
-aai.realtime.clients=SDNC,MSO,SO,robot-ete
+aai.realtime.clients={{ .Values.global.config.realtime.clients }}
#timeout for traversal enabled flag
-aai.traversal.timeoutenabled=true
+aai.traversal.timeoutenabled={{ .Values.config.timeout.enabled }}
#timeout app specific
-aai.traversal.timeout.appspecific=JUNITTESTAPP1,1|JUNITTESTAPP2,-1|DCAE-CCS,-1|DCAES,-1|AAI-FILEGEN-GFPIP,-1
+aai.traversal.timeout.appspecific={{ .Values.config.timeout.appspecific }}
#default timeout limit added for traversal if not overridden (in ms)
-aai.traversal.timeoutlimit=180000
+aai.traversal.timeoutlimit={{ .Values.config.timeout.limit | int }}
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/application.properties b/kubernetes/aai/charts/aai-traversal/resources/config/application.properties
index ebfe98b77d..2ff95aab51 100644
--- a/kubernetes/aai/charts/aai-traversal/resources/config/application.properties
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/application.properties
@@ -1,8 +1,22 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
# The following info parameters are being referenced by ajsc6
info.build.artifact=aai-traversal
info.build.name=traversal
info.build.description=Traversal Microservice
-info.build.version=1.2.0
+info.build.version=1.3.0
spring.application.name=aai-traversal
spring.jersey.type=filter
@@ -10,7 +24,8 @@ spring.jersey.type=filter
server.contextPath=/
spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
-spring.profiles.active=production,dmaap
+spring.profiles.active={{ .Values.global.config.profiles.active }}
+spring.jersey.application-path=${schema.uri.base.path}
#The max number of active threads in this pool
server.tomcat.max-threads=200
#The minimum number of threads always kept alive
@@ -18,15 +33,6 @@ server.tomcat.min-Spare-Threads=25
#The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads
server.tomcat.max-idle-time=60000
-
-#Add this properties only if you want to change the URL, AJSC Framework interceptors will intercept
-#com.att.ajsc.common.interceptors.PreInterceptor.url=/**
-#com.att.ajsc.common.interceptors.PostInterceptor.url=/**
-
-#Servlet context parameters
-server.context_parameters.p-name=value #context parameter with p-name as key and value as value.
-kubernetes.namespace={{ include "common.namespace" . }}
-
# If you get an application startup failure that the port is already taken
# If thats not it, please check if the key-store file path makes sense
server.local.startpath=aai-traversal/src/main/resources/
@@ -34,39 +40,45 @@ server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties
server.port=8446
server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
-server.ssl.key-store=${server.local.startpath}etc/auth/aai_keystore
-server.ssl.key-store-password=password(OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0)
-server.ssl.trust-store=${server.local.startpath}etc/auth/aai_keystore
-server.ssl.trust-store-password=password(OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0)
+server.ssl.key-store=${server.local.startpath}etc/auth/{{ .Values.global.config.keystore.filename }}
+server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
+server.ssl.trust-store=${server.local.startpath}etc/auth/{{ .Values.global.config.truststore.filename }}
+server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
server.ssl.client-auth=want
server.ssl.key-store-type=JKS
# JMS bind address host port
jms.bind.address=tcp://localhost:61647
-dmaap.ribbon.eureka.enabled=false
dmaap.ribbon.listOfServers=message-router.{{ include "common.namespace" . }}:3904
-# Number of milliseconds to wait before making ping requests again
-dmaap.ribbon.ServerListRefreshInterval=75000
-dmaap.ribbon.NFLoadBalancerPingInterval=75000
-dmaap.ribbon.NFLoadBalancerRuleClassName=com.netflix.loadbalancer.AvailabilityFilteringRule
-dmaap.ribbon.NFLoadBalancerPingClassName=org.onap.aai.config.HttpPingImpl
-dmaap.ribbon.EnableMarkingServerDownOnReachingFailureLimit=true
-dmaap.ribbon.ServerDownFailureLimit=1
-# This needs to be verified but it seems that adding this property should automatically
-# Make the dmaap client change the url from http to https depending on the server
-dmaap.ribbon.securePorts=3905
-# Custom Dmaap Specific Configuration
-dmaap.ribbon.username=
-dmaap.ribbon.password=
-dmaap.ribbon.health.endpoint=/topics/AAI-EVENT
-# Number of seconds to wait for the ping to work and might need to increase this if the pings are all failing
-dmaap.ribbon.pingport.timeout=3
+# Schema related attributes for the oxm and edges
+# Any additional schema related attributes should start with prefix schema
+schema.configuration.location=N/A
+schema.source.name={{ .Values.global.config.schema.source.name }}
+schema.nodes.location=${server.local.startpath}/schema/${schema.source.name}/oxm/
+schema.edges.location=${server.local.startpath}/schema/${schema.source.name}/dbedgerules/
+# Location of where the stored queries are
+schema.queries.location=${server.local.startpath}/schema/${schema.source.name}/query/
+
+schema.ingest.file=${server.local.startpath}/application.properties
+
+# Schema Version Related Attributes
+
+schema.uri.base.path={{ .Values.global.config.schema.uri.base.path }}
+# Lists all of the versions in the schema
+schema.version.list={{ .Values.global.config.schema.version.list }}
+# Specifies from which version should the depth parameter to default to zero
+schema.version.depth.start={{ .Values.global.config.schema.version.depth }}
+# Specifies from which version should the related link be displayed in response payload
+schema.version.related.link.start={{ .Values.global.config.schema.version.related.link }}
+
+# Specifies from which version should the client see only the uri excluding host info
+# Before this version server base will also be included
+schema.version.app.root.start={{ .Values.global.config.schema.version.app.root }}
+# Specifies from which version should the namespace be changed
+schema.version.namespace.change.start={{ .Values.global.config.schema.version.namespace.change }}
+# Specifies from which version should the client start seeing the edge label in payload
+schema.version.edge.label.start={{ .Values.global.config.schema.version.edge.label }}
+# Specifies the version that the application should default to
+schema.version.api.default={{ .Values.global.config.schema.version.api.default }}
-niws.loadbalancer.dmaap.filterCircuitTripped=true
-niws.loadbalancer.dmaap.connectionFailureCountThreshold=3
-niws.loadbalancer.dmaap.circuitTripMaxTimeoutSeconds=180
-#dmaap.ribbon.retryableStatusCodes=404,503
-#dmaap.ribbon.retryableStatusCodes.MaxAutoRetriesNextServer=2
-#dmaap.ribbon.retryableStatusCodes.MaxAutoRetries=2
-#dmaap.ribbon.retryableStatusCodes.OkToRetryOnAllOperations=true
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-cached.properties b/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-cached.properties
index b9216bf8e0..2c22d14a41 100644
--- a/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-cached.properties
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-cached.properties
@@ -23,6 +23,8 @@
query.fast-property=true
query.smart-limit=false
+{{ if .Values.global.config.cluster.cassandra.dynamic }}
+
{{- $seed_size := default 1 .Values.global.cassandra.replicas | int -}}
{{- $global := . }}
@@ -35,9 +37,60 @@ storage.cassandra.read-consistency-level=LOCAL_QUORUM
storage.cassandra.write-consistency-level=LOCAL_QUORUM
storage.cassandra.replication-factor=3
storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy
-#storage.cassandra.replication-strategy-options=MTA1cass,3
-#schema.default=none
+{{ else }}
+
+{{ if .Values.global.config.storage }}
+
+storage.backend={{ .Values.global.config.storage.backend }}
+
+{{ if eq .Values.global.config.storage.backend "cassandra" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.cassandra.keyspace={{ .Values.global.config.storage.name }}
+
+storage.cassandra.read-consistency-level={{ .Values.global.config.storage.cassandra.readConsistency }}
+storage.cassandra.write-consistency-level={{ .Values.global.config.storage.cassandra.writeConsistency }}
+storage.cassandra.replication-factor={{ .Values.global.config.storage.cassandra.replicationFactor | int }}
+storage.cassandra.astyanax.cluster-name= {{ .Values.global.config.storage.clusterName }}
+storage.cassandra.astyanax.local-datacenter= {{ .Values.global.config.storage.localDataCenter }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ else if eq .Values.global.config.storage.backend "cql" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.cql.keyspace={{ .Values.global.config.storage.name }}
+
+storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
+storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
+storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationFactor | int }}
+
+storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }}
+storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }}
+storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ else if eq .Values.global.config.storage.backend "hbase" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.hbase.table={{ .Values.global.config.storage.name }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ end }}
+
+{{ end }}
+
+{{ end }}
+
storage.lock.wait-time=300
#caching on
cache.db-cache = true
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-realtime.properties b/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-realtime.properties
index a8504dc1c4..b19c9b6df6 100644
--- a/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-realtime.properties
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-realtime.properties
@@ -21,10 +21,11 @@
query.fast-property=true
query.smart-limit=false
+{{ if .Values.global.config.cluster.cassandra.dynamic }}
+
{{- $seed_size := default 1 .Values.global.cassandra.replicas | int -}}
{{- $global := . }}
-# the following parameters are not reloaded automatically and require a manual bounce
storage.backend=cassandra
storage.hostname={{- range $i, $e := until $seed_size }}{{ $global.Release.Name }}-{{$global.Values.global.cassandra.serviceName}}-{{ $i }}.{{$global.Values.global.cassandra.serviceName}},{{- end }}
@@ -34,12 +35,62 @@ storage.cassandra.read-consistency-level=LOCAL_QUORUM
storage.cassandra.write-consistency-level=LOCAL_QUORUM
storage.cassandra.replication-factor=3
storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy
-#storage.cassandra.replication-strategy-options=MTA1cass,3
-#schema.default=none
+{{ else }}
+
+{{ if .Values.global.config.storage }}
+
+storage.backend={{ .Values.global.config.storage.backend }}
+
+{{ if eq .Values.global.config.storage.backend "cassandra" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.cassandra.keyspace={{ .Values.global.config.storage.name }}
+
+storage.cassandra.read-consistency-level={{ .Values.global.config.storage.cassandra.readConsistency }}
+storage.cassandra.write-consistency-level={{ .Values.global.config.storage.cassandra.writeConsistency }}
+storage.cassandra.replication-factor={{ .Values.global.config.storage.cassandra.replicationFactor | int }}
+storage.cassandra.astyanax.cluster-name= {{ .Values.global.config.storage.clusterName }}
+storage.cassandra.astyanax.local-datacenter= {{ .Values.global.config.storage.localDataCenter }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ else if eq .Values.global.config.storage.backend "cql" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.cql.keyspace={{ .Values.global.config.storage.name }}
+
+storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
+storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
+storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationFactor | int }}
+
+storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }}
+storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }}
+storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ else if eq .Values.global.config.storage.backend "hbase" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.hbase.table={{ .Values.global.config.storage.name }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ end }}
+
+{{ end }}
+
+{{ end }}
+
storage.lock.wait-time=300
# Setting db-cache to false ensure the fastest propagation of changes across servers
cache.db-cache = false
-
#load graphson file on startup
load.snapshot.file=false
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/localhost-access-logback.xml b/kubernetes/aai/charts/aai-traversal/resources/config/localhost-access-logback.xml
index a318796c57..4cf6c74333 100644
--- a/kubernetes/aai/charts/aai-traversal/resources/config/localhost-access-logback.xml
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/localhost-access-logback.xml
@@ -1,62 +1,63 @@
-<!--
-
- ============LICENSE_START=======================================================
- org.onap.aai
- ================================================================================
- Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ============LICENSE_END=========================================================
-
- ECOMP is a trademark and service mark of AT&T Intellectual Property.
-
--->
-<configuration>
- <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
- <appender name="ACCESS"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
- </encoder>
- </appender>
- <appender-ref ref="ACCESS" />
-</configuration>
-
-<!--
-%a - Remote IP address
-%A - Local IP address
-%b - Bytes sent, excluding HTTP headers, or '-' if no bytes were sent
-%B - Bytes sent, excluding HTTP headers
-%h - Remote host name
-%H - Request protocol
-%l - Remote logical username from identd (always returns '-')
-%m - Request method
-%p - Local port
-%q - Query string (prepended with a '?' if it exists, otherwise an empty string
-%r - First line of the request
-%s - HTTP status code of the response
-%S - User session ID
-%t - Date and time, in Common Log Format format
-%u - Remote user that was authenticated
-%U - Requested URL path
-%v - Local server name
-%I - current request thread name (can compare later with stacktraces)
-
-%z - Custom pattern that parses the cert for the subject
-%y - Custom pattern determines rest or dme2
- --> \ No newline at end of file
+<!--
+
+ ============LICENSE_START=======================================================
+ org.onap.aai
+ ================================================================================
+ Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ Modifications Copyright © 2018 Amdocs, Bell Canada
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+
+ ECOMP is a trademark and service mark of AT&T Intellectual Property.
+
+-->
+<configuration>
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <appender name="ACCESS"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
+ </encoder>
+ </appender>
+ <appender-ref ref="ACCESS" />
+</configuration>
+
+<!--
+%a - Remote IP address
+%A - Local IP address
+%b - Bytes sent, excluding HTTP headers, or '-' if no bytes were sent
+%B - Bytes sent, excluding HTTP headers
+%h - Remote host name
+%H - Request protocol
+%l - Remote logical username from identd (always returns '-')
+%m - Request method
+%p - Local port
+%q - Query string (prepended with a '?' if it exists, otherwise an empty string
+%r - First line of the request
+%s - HTTP status code of the response
+%S - User session ID
+%t - Date and time, in Common Log Format format
+%u - Remote user that was authenticated
+%U - Requested URL path
+%v - Local server name
+%I - current request thread name (can compare later with stacktraces)
+
+%z - Custom pattern that parses the cert for the subject
+%y - Custom pattern determines rest or dme2
+ -->
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/logback.xml b/kubernetes/aai/charts/aai-traversal/resources/config/logback.xml
index 2ed8f5c8f1..96fe00567d 100644
--- a/kubernetes/aai/charts/aai-traversal/resources/config/logback.xml
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/logback.xml
@@ -3,6 +3,7 @@
org.onap.aai
================================================================================
Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ Modifications Copyright © 2018 Amdocs, Bell Canada
================================================================================
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -361,5 +362,8 @@
</logger>
<root level="DEBUG">
<appender-ref ref="external" />
+ {{if .Values.global.config.logback.console.enabled}}
+ <appender-ref ref="STDOUT" />
+ {{ end }}
</root>
</configuration>
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties b/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties
index f0e0172d2d..962e4917eb 100644
--- a/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties
@@ -1,3 +1,17 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
# format : username: password[,rolename ...]
# default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader...
AAI:OBF:1gfr1ev31gg7,admin
diff --git a/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml b/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml
index 373819e39e..80983695a4 100644
--- a/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml
+++ b/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml
@@ -1,3 +1,17 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
apiVersion: v1
kind: ConfigMap
metadata:
@@ -53,3 +67,25 @@ metadata:
namespace: {{ include "common.namespace" . }}
data:
{{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-aaf-props
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/aaf/org.osaaf.location.props").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/permissions.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.props").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/cadi.properties").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-aaf-keys
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/truststoreONAPall.jks").AsSecrets . | indent 2 }}
diff --git a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
index 25cd3a9537..3cedaecc9b 100644
--- a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
@@ -1,4 +1,5 @@
# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -247,14 +248,20 @@ spec:
]'
spec:
hostname: aai-traversal
+ {{ if .Values.global.initContainers.enabled }}
initContainers:
- command:
+ {{ if .Values.global.jobs.createSchema.enabled }}
+ - /root/job_complete.py
+ args:
+ - --job-name
+ - {{ .Release.Name }}-aai-graphadmin-create-db-schema
+ {{ else }}
- /root/ready.py
args:
- --container-name
- aai-cassandra
- - --container-name
- - aai-resources
+ {{ end }}
env:
- name: NAMESPACE
valueFrom:
@@ -264,6 +271,7 @@ spec:
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
+ {{ end }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
@@ -272,9 +280,9 @@ spec:
- name: DISABLE_UPDATE_QUERY
value: {{ .Values.config.disableUpdateQuery | quote }}
- name: LOCAL_USER_ID
- value: {{ .Values.config.userId | quote }}
+ value: {{ .Values.global.config.userId | quote }}
- name: LOCAL_GROUP_ID
- value: {{ .Values.config.groupId | quote }}
+ value: {{ .Values.global.config.groupId | quote }}
volumeMounts:
- mountPath: /etc/localtime
name: localtime
@@ -296,12 +304,36 @@ spec:
- mountPath: /opt/app/aai-traversal/resources/localhost-access-logback.xml
name: {{ include "common.fullname" . }}-localhost-access-log-conf
subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile
+ name: {{ include "common.fullname" . }}-aaf-certs
+ subPath: org.onap.aai.keyfile
+ - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.props
+ name: {{ include "common.fullname" . }}-aaf-properties
+ subPath: org.onap.aai.props
+ - mountPath: /opt/app/aai-traversal/resources/aaf/org.osaaf.location.props
+ name: {{ include "common.fullname" . }}-aaf-properties
+ subPath: org.osaaf.location.props
+ - mountPath: /opt/app/aai-traversal/resources/aaf/permissions.properties
+ name: {{ include "common.fullname" . }}-aaf-properties
+ subPath: permissions.properties
+ - mountPath: /opt/app/aai-traversal/resources/cadi.properties
+ name: {{ include "common.fullname" . }}-aaf-properties
+ subPath: cadi.properties
+ - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.p12
+ name: {{ include "common.fullname" . }}-aaf-certs
+ subPath: org.onap.aai.p12
+ - mountPath: /opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks
+ name: {{ include "common.fullname" . }}-aaf-certs
+ subPath: truststoreONAPall.jks
- mountPath: /opt/app/aai-traversal/resources/application.properties
name: {{ include "common.fullname" . }}-springapp-conf
subPath: application.properties
- - mountPath: /opt/app/aai-traversal/resources/etc/auth/aai_keystore
- name: {{ include "common.fullname" . }}-auth-sec
- subPath: aai_keystore
+ {{ $global := . }}
+ {{ range $job := .Values.global.config.auth.files }}
+ - mountPath: /opt/app/aai-traversal/resources/etc/auth/{{ . }}
+ name: {{ include "common.fullname" $global }}-auth-truststore-sec
+ subPath: {{ . }}
+ {{ end }}
ports:
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.internalPort2 }}
@@ -368,15 +400,26 @@ spec:
- name: {{ include "common.fullname" . }}-aaiconfig-conf
configMap:
name: {{ include "common.fullname" . }}-aaiconfig-configmap
+ - name: {{ include "common.fullname" . }}-aaf-properties
+ configMap:
+ name: {{ include "common.fullname" . }}-aaf-props
+ - name: {{ include "common.fullname" . }}-aaf-certs
+ secret:
+ secretName: {{ include "common.fullname" . }}-aaf-keys
- name: {{ include "common.fullname" . }}-springapp-conf
configMap:
name: {{ include "common.fullname" . }}-springapp-configmap
- name: {{ include "common.fullname" . }}-realm-conf
configMap:
name: {{ include "common.fullname" . }}-realm-configmap
- - name: {{ include "common.fullname" . }}-auth-sec
+ - name: {{ include "common.fullname" . }}-auth-truststore-sec
secret:
- secretName: aai-auth-secret
+ secretName: aai-auth-truststore-secret
+ items:
+ {{ range $job := .Values.global.config.auth.files }}
+ - key: {{ . }}
+ path: {{ . }}
+ {{ end }}
restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aai/charts/aai-traversal/templates/job.yaml b/kubernetes/aai/charts/aai-traversal/templates/job.yaml
index 46af0047f7..a018ede1a3 100644
--- a/kubernetes/aai/charts/aai-traversal/templates/job.yaml
+++ b/kubernetes/aai/charts/aai-traversal/templates/job.yaml
@@ -1,4 +1,5 @@
# Copyright © 2017-2018 AT&T
+# Modifications Copyright © 2018 Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -12,6 +13,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+{{ if .Values.global.jobs.updateQueryData.enabled }}
+
apiVersion: batch/v1
kind: Job
metadata:
@@ -58,9 +61,9 @@ spec:
bash -x /opt/app/aai-traversal/docker-entrypoint.sh install/updateQueryData.sh
env:
- name: LOCAL_USER_ID
- value: "1000"
+ value: {{ .Values.global.config.userId | quote }}
- name: LOCAL_GROUP_ID
- value: "1000"
+ value: {{ .Values.global.config.groupId | quote }}
volumeMounts:
- mountPath: /etc/localtime
name: localtime
@@ -85,9 +88,12 @@ spec:
- mountPath: /opt/app/aai-traversal/resources/application.properties
name: {{ include "common.fullname" . }}-springapp-conf
subPath: application.properties
- - mountPath: /opt/app/aai-traversal/resources/etc/auth/aai_keystore
- name: {{ include "common.fullname" . }}-auth-sec
- subPath: aai_keystore
+ {{ $global := . }}
+ {{ range $job := .Values.global.config.auth.files }}
+ - mountPath: /opt/app/aai-traversal/resources/etc/auth/{{ . }}
+ name: {{ include "common.fullname" $global }}-auth-truststore-sec
+ subPath: {{ . }}
+ {{ end }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
volumes:
@@ -123,9 +129,15 @@ spec:
- name: {{ include "common.fullname" . }}-realm-conf
configMap:
name: {{ include "common.fullname" . }}-realm-configmap
- - name: {{ include "common.fullname" . }}-auth-sec
+ - name: {{ include "common.fullname" . }}-auth-truststore-sec
secret:
- secretName: aai-auth-secret
+ secretName: aai-auth-truststore-secret
+ items:
+ {{ range $job := .Values.global.config.auth.files }}
+ - key: {{ . }}
+ path: {{ . }}
+ {{ end }}
restartPolicy: OnFailure
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
+{{ end }}
diff --git a/kubernetes/aai/charts/aai-traversal/templates/service.yaml b/kubernetes/aai/charts/aai-traversal/templates/service.yaml
index 9ba61fa00c..d1199125d2 100644
--- a/kubernetes/aai/charts/aai-traversal/templates/service.yaml
+++ b/kubernetes/aai/charts/aai-traversal/templates/service.yaml
@@ -1,3 +1,17 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
apiVersion: v1
kind: Service
metadata:
diff --git a/kubernetes/aai/charts/aai-traversal/values.yaml b/kubernetes/aai/charts/aai-traversal/values.yaml
index 5cc49a4716..a3410adacc 100644
--- a/kubernetes/aai/charts/aai-traversal/values.yaml
+++ b/kubernetes/aai/charts/aai-traversal/values.yaml
@@ -1,3 +1,17 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
# Default values for traversal.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
@@ -9,15 +23,23 @@ global: # global defaults
# application image
repository: nexus3.onap.org:10001
-image: onap/aai-traversal:1.2.2
+image: onap/aai-traversal:1.3-STAGING-latest
pullPolicy: Always
restartPolicy: Always
# application configuration
config:
- aaicoreversion: 1.1.0-SNAPSHOT
- userId: 1000
- groupId: 1000
+
+ # Specifies timeout information such as application specific and limits
+ timeout:
+ # If set to true application will timeout for queries taking longer than limit
+ enabled: true
+ # Specifies which apps (X-FromAppId) header should get overridden and (-1) no timeout
+ appspecific: JUNITTESTAPP1,1|JUNITTESTAPP2,-1|DCAE-CCS,-1|DCAES,-1|AAI-FILEGEN-GFPIP,-1
+ # Specifies how long should it wait before timing out the REST request
+ limit: 180000
+
+ # Disables the updateQueryData script to run as part of traversal
disableUpdateQuery: true
persistence: