diff options
Diffstat (limited to 'kubernetes/aai/components/aai-resources/templates')
4 files changed, 58 insertions, 1364 deletions
diff --git a/kubernetes/aai/components/aai-resources/templates/configmap.yaml b/kubernetes/aai/components/aai-resources/templates/configmap.yaml index 2927031eb5..f173916104 100644 --- a/kubernetes/aai/components/aai-resources/templates/configmap.yaml +++ b/kubernetes/aai/components/aai-resources/templates/configmap.yaml @@ -1,5 +1,6 @@ {{/* # Copyright © 2018 Amdocs, Bell Canada, AT&T +# Modifications Copyright (c) 2021 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -49,113 +50,3 @@ data: {{ tpl (.Files.Glob "resources/config/aaf/permissions.properties").AsConfig . | indent 2 }} {{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.props").AsConfig . | indent 2 }} {{ tpl (.Files.Glob "resources/config/aaf/cadi.properties").AsConfig . | indent 2 }} - ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-aaf-keys - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }} - -{{ if .Values.global.installSidecarSecurity }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-aai-policy-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/auth/aai_policy.json").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-fproxy-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-fproxy-log-config - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-fproxy-auth-config - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-rproxy-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-rproxy-log-config - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-rproxy-auth-config - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-rproxy-security-config - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }} -{{ end }} diff --git a/kubernetes/aai/components/aai-resources/templates/deployment.yaml b/kubernetes/aai/components/aai-resources/templates/deployment.yaml index 84d3df3927..6fbbf1c089 100644 --- a/kubernetes/aai/components/aai-resources/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-resources/templates/deployment.yaml @@ -2,6 +2,7 @@ # Copyright (c) 2017 Amdocs, Bell Canada # Modifications Copyright (c) 2018 AT&T # Modifications Copyright (c) 2020 Nokia +# Modifications Copyright (c) 2021 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -39,1151 +40,38 @@ spec: name: {{ include "common.name" . }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + {{- if .Values.global.msbEnabled }} + {{ $values := .Values }} msb.onap.org/service-info: '[ + {{- range $api_endpoint := $values.aai_enpoints -}} + {{- range $api_version := $values.api_list }} { - "serviceName": "_aai-cloudInfrastructure", - "version": "v11", - "url": "/aai/v11/cloud-infrastructure", + "serviceName": "_{{ $api_endpoint.name }}", + "version": "v{{ $api_version }}", + "url": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}", "protocol": "REST", "port": "8447", "enable_ssl": true, "lb_policy":"ip_hash", "visualRange": "1", - "path": "/aai/v11/cloud-infrastructure" + "path": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}" }, { - "serviceName": "_aai-cloudInfrastructure", - "version": "v12", - "url": "/aai/v12/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v12/cloud-infrastructure" - }, - { - "serviceName": "_aai-cloudInfrastructure", - "version": "v13", - "url": "/aai/v13/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v13/cloud-infrastructure" - }, - { - "serviceName": "_aai-cloudInfrastructure", - "version": "v14", - "url": "/aai/v14/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v14/cloud-infrastructure" - }, - { - "serviceName": "_aai-cloudInfrastructure", - "version": "v15", - "url": "/aai/v15/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v15/cloud-infrastructure" - }, - { - "serviceName": "_aai-cloudInfrastructure", - "version": "v16", - "url": "/aai/v16/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v16/cloud-infrastructure" - }, - { - "serviceName": "_aai-cloudInfrastructure", - "version": "v17", - "url": "/aai/v17/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v17/cloud-infrastructure" - }, - { - "serviceName": "_aai-cloudInfrastructure", - "version": "v18", - "url": "/aai/v18/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v18/cloud-infrastructure" - }, - { - "serviceName": "_aai-cloudInfrastructure", - "version": "v19", - "url": "/aai/v19/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v19/cloud-infrastructure" - }, - { - "serviceName": "_aai-business", - "version": "v11", - "url": "/aai/v11/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v11/business" - }, - { - "serviceName": "_aai-business", - "version": "v12", - "url": "/aai/v12/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v12/business" - }, - { - "serviceName": "_aai-business", - "version": "v13", - "url": "/aai/v13/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v13/business" - }, - { - "serviceName": "_aai-business", - "version": "v14", - "url": "/aai/v14/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v14/business" - }, - { - "serviceName": "_aai-business", - "version": "v15", - "url": "/aai/v15/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v15/business" - }, - { - "serviceName": "_aai-business", - "version": "v16", - "url": "/aai/v16/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v16/business" - }, - { - "serviceName": "_aai-business", - "version": "v17", - "url": "/aai/v17/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v17/business" - }, - { - "serviceName": "_aai-business", - "version": "v18", - "url": "/aai/v18/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v18/business" - }, - { - "serviceName": "_aai-business", - "version": "v19", - "url": "/aai/v19/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v19/business" - }, - { - "serviceName": "_aai-actions", - "version": "v11", - "url": "/aai/v11/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v11/actions" - }, - { - "serviceName": "_aai-actions", - "version": "v12", - "url": "/aai/v12/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v12/actions" - }, - { - "serviceName": "_aai-actions", - "version": "v13", - "url": "/aai/v13/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v13/actions" - }, - { - "serviceName": "_aai-actions", - "version": "v14", - "url": "/aai/v14/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v14/actions" - }, - { - "serviceName": "_aai-actions", - "version": "v15", - "url": "/aai/v15/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v15/actions" - }, - { - "serviceName": "_aai-actions", - "version": "v16", - "url": "/aai/v16/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v16/actions" - }, - { - "serviceName": "_aai-actions", - "version": "v17", - "url": "/aai/v17/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v17/actions" - }, - { - "serviceName": "_aai-actions", - "version": "v18", - "url": "/aai/v18/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v18/actions" - }, - { - "serviceName": "_aai-actions", - "version": "v19", - "url": "/aai/v19/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v19/actions" - }, - { - "serviceName": "_aai-service-design-and-creation", - "version": "v11", - "url": "/aai/v11/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v11/service-design-and-creation" - }, - { - "serviceName": "_aai-service-design-and-creation", - "version": "v12", - "url": "/aai/v12/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v12/service-design-and-creation" - }, - { - "serviceName": "_aai-service-design-and-creation", - "version": "v13", - "url": "/aai/v13/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v13/service-design-and-creation" - }, - { - "serviceName": "_aai-service-design-and-creation", - "version": "v14", - "url": "/aai/v14/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v14/service-design-and-creation" - }, - { - "serviceName": "_aai-service-design-and-creation", - "version": "v15", - "url": "/aai/v15/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v15/service-design-and-creation" - }, - { - "serviceName": "_aai-service-design-and-creation", - "version": "v16", - "url": "/aai/v16/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v16/service-design-and-creation" - }, - { - "serviceName": "_aai-service-design-and-creation", - "version": "v17", - "url": "/aai/v17/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v17/service-design-and-creation" - }, - { - "serviceName": "_aai-service-design-and-creation", - "version": "v18", - "url": "/aai/v18/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v18/service-design-and-creation" - }, - { - "serviceName": "_aai-service-design-and-creation", - "version": "v19", - "url": "/aai/v19/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v19/service-design-and-creation" - }, - { - "serviceName": "_aai-network", - "version": "v11", - "url": "/aai/v11/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v11/network" - }, - { - "serviceName": "_aai-network", - "version": "v12", - "url": "/aai/v12/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v12/network" - }, - { - "serviceName": "_aai-network", - "version": "v13", - "url": "/aai/v13/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v13/network" - }, - { - "serviceName": "_aai-network", - "version": "v14", - "url": "/aai/v14/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v14/network" - }, - { - "serviceName": "_aai-network", - "version": "v15", - "url": "/aai/v15/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v15/network" - }, - { - "serviceName": "_aai-network", - "version": "v16", - "url": "/aai/v16/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v16/network" - }, - { - "serviceName": "_aai-network", - "version": "v17", - "url": "/aai/v17/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v17/network" - }, - { - "serviceName": "_aai-network", - "version": "v18", - "url": "/aai/v18/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v18/network" - }, - { - "serviceName": "_aai-network", - "version": "v19", - "url": "/aai/v19/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v19/network" - }, - { - "serviceName": "_aai-externalSystem", - "version": "v11", - "url": "/aai/v11/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v11/external-system" - }, - { - "serviceName": "_aai-externalSystem", - "version": "v12", - "url": "/aai/v12/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v12/external-system" - }, - { - "serviceName": "_aai-externalSystem", - "version": "v13", - "url": "/aai/v13/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v13/external-system" - }, - { - "serviceName": "_aai-externalSystem", - "version": "v14", - "url": "/aai/v14/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v14/external-system" - }, - { - "serviceName": "_aai-externalSystem", - "version": "v15", - "url": "/aai/v15/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v15/external-system" - }, - { - "serviceName": "_aai-externalSystem", - "version": "v16", - "url": "/aai/v16/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v16/external-system" - }, - { - "serviceName": "_aai-externalSystem", - "version": "v17", - "url": "/aai/v17/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v17/external-system" - }, - { - "serviceName": "_aai-externalSystem", - "version": "v18", - "url": "/aai/v18/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v18/external-system" - }, - { - "serviceName": "_aai-externalSystem", - "version": "v19", - "url": "/aai/v19/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1", - "path": "/aai/v19/external-system" - }, - { - "serviceName": "aai-cloudInfrastructure", - "version": "v11", - "url": "/aai/v11/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-cloudInfrastructure", - "version": "v12", - "url": "/aai/v12/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-cloudInfrastructure", - "version": "v13", - "url": "/aai/v13/cloud-infrastructure", + "serviceName": "{{ $api_endpoint.name }}", + "version": "v{{ $api_version }}", + "url": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}", "protocol": "REST", "port": "8447", "enable_ssl": true, "lb_policy":"ip_hash", "visualRange": "1" }, - { - "serviceName": "aai-cloudInfrastructure", - "version": "v14", - "url": "/aai/v14/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-cloudInfrastructure", - "version": "v15", - "url": "/aai/v15/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-cloudInfrastructure", - "version": "v16", - "url": "/aai/v16/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-cloudInfrastructure", - "version": "v17", - "url": "/aai/v17/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-cloudInfrastructure", - "version": "v18", - "url": "/aai/v18/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-cloudInfrastructure", - "version": "v19", - "url": "/aai/v19/cloud-infrastructure", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-business", - "version": "v11", - "url": "/aai/v11/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-business", - "version": "v12", - "url": "/aai/v12/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-business", - "version": "v13", - "url": "/aai/v13/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-business", - "version": "v14", - "url": "/aai/v14/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-business", - "version": "v15", - "url": "/aai/v15/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-business", - "version": "v16", - "url": "/aai/v16/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-business", - "version": "v17", - "url": "/aai/v17/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-business", - "version": "v18", - "url": "/aai/v18/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-business", - "version": "v19", - "url": "/aai/v19/business", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-actions", - "version": "v11", - "url": "/aai/v11/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-actions", - "version": "v12", - "url": "/aai/v12/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-actions", - "version": "v13", - "url": "/aai/v13/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-actions", - "version": "v14", - "url": "/aai/v14/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-actions", - "version": "v15", - "url": "/aai/v15/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-actions", - "version": "v16", - "url": "/aai/v16/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-actions", - "version": "v17", - "url": "/aai/v17/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-actions", - "version": "v18", - "url": "/aai/v18/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-actions", - "version": "v19", - "url": "/aai/v19/actions", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-service-design-and-creation", - "version": "v11", - "url": "/aai/v11/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-service-design-and-creation", - "version": "v12", - "url": "/aai/v12/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-service-design-and-creation", - "version": "v13", - "url": "/aai/v13/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-service-design-and-creation", - "version": "v14", - "url": "/aai/v14/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-service-design-and-creation", - "version": "v15", - "url": "/aai/v15/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-service-design-and-creation", - "version": "v16", - "url": "/aai/v16/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-service-design-and-creation", - "version": "v17", - "url": "/aai/v17/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-service-design-and-creation", - "version": "v18", - "url": "/aai/v18/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-service-design-and-creation", - "version": "v19", - "url": "/aai/v19/service-design-and-creation", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-network", - "version": "v11", - "url": "/aai/v11/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-network", - "version": "v12", - "url": "/aai/v12/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-network", - "version": "v13", - "url": "/aai/v13/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-network", - "version": "v14", - "url": "/aai/v14/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-network", - "version": "v15", - "url": "/aai/v15/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-network", - "version": "v16", - "url": "/aai/v16/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-network", - "version": "v17", - "url": "/aai/v17/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-network", - "version": "v18", - "url": "/aai/v18/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-network", - "version": "v19", - "url": "/aai/v19/network", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-externalSystem", - "version": "v11", - "url": "/aai/v11/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-externalSystem", - "version": "v12", - "url": "/aai/v12/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-externalSystem", - "version": "v13", - "url": "/aai/v13/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-externalSystem", - "version": "v14", - "url": "/aai/v14/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-externalSystem", - "version": "v15", - "url": "/aai/v15/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-externalSystem", - "version": "v16", - "url": "/aai/v16/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-externalSystem", - "version": "v17", - "url": "/aai/v17/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-externalSystem", - "version": "v18", - "url": "/aai/v18/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - }, - { - "serviceName": "aai-externalSystem", - "version": "v19", - "url": "/aai/v19/external-system", - "protocol": "REST", - "port": "8447", - "enable_ssl": true, - "lb_policy":"ip_hash", - "visualRange": "1" - } + {{- end }} + {{- end }} ]' + {{- end }} spec: hostname: aai-resources - {{- if .Values.global.initContainers.enabled }} - {{- if .Values.global.installSidecarSecurity }} - hostAliases: - - ip: {{ .Values.global.aaf.serverIp }} - hostnames: - - {{ .Values.global.aaf.serverHostname }} - {{- end }} initContainers: - command: {{- if .Values.global.jobs.migration.enabled }} @@ -1191,23 +79,24 @@ spec: args: - --job-name - {{ include "common.release" . }}-aai-graphadmin-migration - {{- else if .Values.global.jobs.createSchema.enabled }} + {{- else }} + {{- if .Values.global.jobs.createSchema.enabled }} - /app/ready.py args: - --job-name - {{ include "common.release" . }}-aai-graphadmin-create-db-schema - {{- else }} + {{- else }} - /app/ready.py args: - --container-name - {{- if .Values.global.cassandra.localCluster }} + {{- if .Values.global.cassandra.localCluster }} - aai-cassandra - {{- else }} + {{- else }} - cassandra - {{- end }} + {{- end }} - --container-name - aai-schema-service - {{- end }} + {{- end }} env: - name: NAMESPACE valueFrom: @@ -1217,14 +106,7 @@ spec: image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness - {{- if .Values.global.installSidecarSecurity }} - - name: {{ .Values.global.tproxyConfig.name }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tproxyConfig.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - securityContext: - privileged: true {{- end }} - {{- end }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} @@ -1234,6 +116,8 @@ spec: value: {{ .Values.global.config.userId | quote }} - name: LOCAL_GROUP_ID value: {{ .Values.global.config.groupId | quote }} + - name: POST_JAVA_OPTS + value: '-Djavax.net.ssl.trustStore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword=changeit' volumeMounts: - mountPath: /etc/localtime name: localtime @@ -1258,11 +142,6 @@ spec: - mountPath: /opt/app/aai-resources/resources/etc/auth/realm.properties name: {{ include "common.fullname" . }}-config subPath: realm.properties - {{- if .Values.global.installSidecarSecurity }} - - mountPath: /opt/app/aai-resources/resources/etc/auth/aai_policy.json - name: {{ include "common.fullname" . }}-aai-policy - subPath: aai_policy.json - {{- end }} - mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.keyfile name: {{ include "common.fullname" . }}-aaf-certs subPath: org.onap.aai.keyfile @@ -1336,84 +215,6 @@ spec: - mountPath: /usr/share/filebeat/data name: {{ include "common.fullname" . }}-filebeat resources: {{ include "common.resources" . | nindent 12 }} - {{- if .Values.global.installSidecarSecurity }} - - name: {{ .Values.global.rproxy.name }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.rproxy.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: CONFIG_HOME - value: "/opt/app/rproxy/config" - - name: KEY_STORE_PASSWORD - value: {{ .Values.sidecar.keyStorePassword }} - - name: spring_profiles_active - value: {{ .Values.global.rproxy.activeSpringProfiles }} - volumeMounts: - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/forward-proxy.properties - subPath: forward-proxy.properties - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/primary-service.properties - subPath: primary-service.properties - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/reverse-proxy.properties - subPath: reverse-proxy.properties - - name: {{ include "common.fullname" . }}-rproxy-config - mountPath: /opt/app/rproxy/config/cadi.properties - subPath: cadi.properties - - name: {{ include "common.fullname" . }}-rproxy-log-config - mountPath: /opt/app/rproxy/config/logback-spring.xml - subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - mountPath: /opt/app/rproxy/config/auth/uri-authorization.json - subPath: uri-authorization.json - - name: {{ include "common.fullname" . }}-rproxy-auth-config - mountPath: /opt/app/rproxy/config/auth/tomcat_keystore - subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-rproxy-auth-config - mountPath: /opt/app/rproxy/config/auth/client-cert.p12 - subPath: client-cert.p12 - - name: {{ include "common.fullname" . }}-rproxy-auth-config - mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks - subPath: aaf_truststore.jks - - name: {{ include "common.fullname" . }}-rproxy-security-config - mountPath: /opt/app/rproxy/config/security/keyfile - subPath: keyfile - - name: {{ include "common.fullname" . }}-rproxy-auth-config - mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12 - subPath: org.onap.aai.p12 - ports: - - containerPort: {{ .Values.global.rproxy.port }} - - name: {{ .Values.global.fproxy.name }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.fproxy.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: CONFIG_HOME - value: "/opt/app/fproxy/config" - - name: KEY_STORE_PASSWORD - value: {{ .Values.sidecar.keyStorePassword }} - - name: TRUST_STORE_PASSWORD - value: {{ .Values.sidecar.trustStorePassword }} - - name: spring_profiles_active - value: {{ .Values.global.fproxy.activeSpringProfiles }} - volumeMounts: - - name: {{ include "common.fullname" . }}-fproxy-config - mountPath: /opt/app/fproxy/config/fproxy.properties - subPath: fproxy.properties - - name: {{ include "common.fullname" . }}-fproxy-log-config - mountPath: /opt/app/fproxy/config/logback-spring.xml - subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-fproxy-auth-config - mountPath: /opt/app/fproxy/config/auth/fproxy_truststore - subPath: fproxy_truststore - - name: {{ include "common.fullname" . }}-fproxy-auth-config - mountPath: /opt/app/fproxy/config/auth/tomcat_keystore - subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-fproxy-auth-config - mountPath: /opt/app/fproxy/config/auth/client-cert.p12 - subPath: client-cert.p12 - ports: - - containerPort: {{ .Values.global.fproxy.port }} - {{- end }} volumes: - name: aai-common-aai-auth-mount secret: @@ -1445,35 +246,6 @@ spec: - key: {{ . }} path: {{ . }} {{- end }} - {{- if .Values.global.installSidecarSecurity }} - - name: {{ include "common.fullname" . }}-aai-policy - configMap: - name: {{ include "common.fullname" . }}-aai-policy-configmap - - name: {{ include "common.fullname" . }}-rproxy-config - configMap: - name: {{ include "common.fullname" . }}-rproxy-config - - name: {{ include "common.fullname" . }}-rproxy-log-config - configMap: - name: {{ include "common.fullname" . }}-rproxy-log-config - - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - configMap: - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - - name: {{ include "common.fullname" . }}-rproxy-auth-config - secret: - secretName: {{ include "common.fullname" . }}-rproxy-auth-config - - name: {{ include "common.fullname" . }}-rproxy-security-config - secret: - secretName: {{ include "common.fullname" . }}-rproxy-security-config - - name: {{ include "common.fullname" . }}-fproxy-config - configMap: - name: {{ include "common.fullname" . }}-fproxy-config - - name: {{ include "common.fullname" . }}-fproxy-log-config - configMap: - name: {{ include "common.fullname" . }}-fproxy-log-config - - name: {{ include "common.fullname" . }}-fproxy-auth-config - secret: - secretName: {{ include "common.fullname" . }}-fproxy-auth-config - {{- end }} restartPolicy: {{ .Values.restartPolicy }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/components/aai-resources/templates/secret.yaml b/kubernetes/aai/components/aai-resources/templates/secret.yaml new file mode 100644 index 0000000000..d24149086e --- /dev/null +++ b/kubernetes/aai/components/aai-resources/templates/secret.yaml @@ -0,0 +1,31 @@ +{{/* +# Copyright © 2021 Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-aaf-keys + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }}
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-resources/templates/service.yaml b/kubernetes/aai/components/aai-resources/templates/service.yaml index 66dfd493dd..460e0d5b93 100644 --- a/kubernetes/aai/components/aai-resources/templates/service.yaml +++ b/kubernetes/aai/components/aai-resources/templates/service.yaml @@ -27,7 +27,7 @@ metadata: spec: type: {{ .Values.service.type }} ports: - {{if eq .Values.service.type "NodePort" -}} + {{ if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} name: {{ .Values.service.portName }} @@ -39,7 +39,7 @@ spec: name: {{ .Values.service.portName }} - port: {{ .Values.service.internalPort2 }} name: {{ .Values.service.portName2 }} - {{- end}} + {{- end }} selector: app: {{ include "common.name" . }} release: {{ include "common.release" . }} |