diff options
Diffstat (limited to 'kubernetes/aai/components/aai-resources')
13 files changed, 198 insertions, 61 deletions
diff --git a/kubernetes/aai/components/aai-resources/requirements.yaml b/kubernetes/aai/components/aai-resources/requirements.yaml new file mode 100644 index 0000000000..42641a2e5c --- /dev/null +++ b/kubernetes/aai/components/aai-resources/requirements.yaml @@ -0,0 +1,26 @@ +# Copyright © 2018 Amdocs, AT&T +# Modifications Copyright © 2018 Bell Canada +# Modifications Copyright © 2020 Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~7.x-0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-resources/resources/config/aaiconfig.properties b/kubernetes/aai/components/aai-resources/resources/config/aaiconfig.properties index f2e7caaa29..70e8bec01a 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/aaiconfig.properties +++ b/kubernetes/aai/components/aai-resources/resources/config/aaiconfig.properties @@ -1,3 +1,4 @@ +{{/* # # ============LICENSE_START======================================================= # org.onap.aai @@ -29,6 +30,7 @@ # REMEMBER TO THINK ABOUT ENVIRONMENTAL DIFFERENCES AND CHANGE THE # TEMPLATE AND *ALL* DATAFILES #################################################################### +*/}} aai.config.checktime=1000 diff --git a/kubernetes/aai/components/aai-resources/resources/config/application.properties b/kubernetes/aai/components/aai-resources/resources/config/application.properties index d0a9c14345..61410c551e 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/application.properties +++ b/kubernetes/aai/components/aai-resources/resources/config/application.properties @@ -1,3 +1,4 @@ +{{/* # Copyright © 2018 Amdocs, Bell Canada, AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -13,6 +14,7 @@ # limitations under the License. # The following info parameters are being referenced by ajsc6 +*/}} info.build.artifact=aai-resources info.build.name=resources info.build.description=Resources Microservice diff --git a/kubernetes/aai/components/aai-resources/resources/config/janusgraph-cached.properties b/kubernetes/aai/components/aai-resources/resources/config/janusgraph-cached.properties index 1db2774d52..b6fdd4c58f 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/janusgraph-cached.properties +++ b/kubernetes/aai/components/aai-resources/resources/config/janusgraph-cached.properties @@ -1,3 +1,4 @@ +{{/* # # ============LICENSE_START======================================================= # org.onap.aai @@ -19,6 +20,7 @@ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # +*/}} query.fast-property=true query.smart-limit=false diff --git a/kubernetes/aai/components/aai-resources/resources/config/janusgraph-realtime.properties b/kubernetes/aai/components/aai-resources/resources/config/janusgraph-realtime.properties index 36cbc4201d..836dc7b176 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/janusgraph-realtime.properties +++ b/kubernetes/aai/components/aai-resources/resources/config/janusgraph-realtime.properties @@ -1,3 +1,4 @@ +{{/* # # ============LICENSE_START======================================================= # Copyright © 2017 AT&T Intellectual Property. All rights reserved. @@ -17,6 +18,7 @@ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # +*/}} query.fast-property=true query.smart-limit=false diff --git a/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml b/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml index 4cf6c74333..7f6a03168e 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml +++ b/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml @@ -1,3 +1,4 @@ +{{/*
<!--
============LICENSE_START=======================================================
@@ -22,6 +23,7 @@ ECOMP is a trademark and service mark of AT&T Intellectual Property.
-->
+*/}}
<configuration>
<property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
<appender name="ACCESS"
@@ -37,7 +39,7 @@ </appender>
<appender-ref ref="ACCESS" />
</configuration>
-
+{{/*
<!--
%a - Remote IP address
%A - Local IP address
@@ -61,3 +63,4 @@ %z - Custom pattern that parses the cert for the subject
%y - Custom pattern determines rest or dme2
-->
+*/}}
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-resources/resources/config/logback.xml b/kubernetes/aai/components/aai-resources/resources/config/logback.xml index f24e86d8d0..df35aaa0ed 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/logback.xml +++ b/kubernetes/aai/components/aai-resources/resources/config/logback.xml @@ -1,3 +1,4 @@ +{{/* <!-- ============LICENSE_START======================================================= @@ -22,6 +23,7 @@ ECOMP is a trademark and service mark of AT&T Intellectual Property. --> +*/}} <configuration scan="true" scanPeriod="60 seconds" debug="false"> <statusListener class="ch.qos.logback.core.status.NopStatusListener" /> diff --git a/kubernetes/aai/components/aai-resources/resources/config/realm.properties b/kubernetes/aai/components/aai-resources/resources/config/realm.properties index 0499b34f1c..9fbd122492 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/realm.properties +++ b/kubernetes/aai/components/aai-resources/resources/config/realm.properties @@ -1,3 +1,4 @@ +{{/* # Copyright © 2018 Amdocs, Bell Canada, AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -13,6 +14,7 @@ # limitations under the License. # format : username: password[,rolename ...] # default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader... +*/ -}} AAI:OBF:1gfr1ev31gg7,admin MSO:OBF:1jzx1lz31k01,admin SDNC:OBF:1itr1i0l1i151isv,admin diff --git a/kubernetes/aai/components/aai-resources/resources/rproxy/config/cadi.properties b/kubernetes/aai/components/aai-resources/resources/rproxy/config/cadi.properties index 4980071db6..fb3d1ccd3e 100644 --- a/kubernetes/aai/components/aai-resources/resources/rproxy/config/cadi.properties +++ b/kubernetes/aai/components/aai-resources/resources/rproxy/config/cadi.properties @@ -1,3 +1,4 @@ +{{/* # This is a normal Java Properties File # Comments are with Pound Signs at beginning of lines, # and multi-line expression of properties can be obtained by backslash at end of line @@ -7,6 +8,7 @@ #may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com #to your hosts file on your machine. #hostname=test.aic.cip.att.com +*/}} cadi_loglevel=DEBUG diff --git a/kubernetes/aai/components/aai-resources/templates/configmap.yaml b/kubernetes/aai/components/aai-resources/templates/configmap.yaml index 1a1192abfc..2927031eb5 100644 --- a/kubernetes/aai/components/aai-resources/templates/configmap.yaml +++ b/kubernetes/aai/components/aai-resources/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2018 Amdocs, Bell Canada, AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/aai/components/aai-resources/templates/deployment.yaml b/kubernetes/aai/components/aai-resources/templates/deployment.yaml index ae328f5911..84d3df3927 100644 --- a/kubernetes/aai/components/aai-resources/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-resources/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright (c) 2017 Amdocs, Bell Canada # Modifications Copyright (c) 2018 AT&T # Modifications Copyright (c) 2020 Nokia @@ -13,6 +14,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: apps/v1 kind: Deployment @@ -1175,26 +1177,26 @@ spec: ]' spec: hostname: aai-resources - {{ if .Values.global.initContainers.enabled }} - {{ if .Values.global.installSidecarSecurity }} + {{- if .Values.global.initContainers.enabled }} + {{- if .Values.global.installSidecarSecurity }} hostAliases: - ip: {{ .Values.global.aaf.serverIp }} hostnames: - {{ .Values.global.aaf.serverHostname }} - {{ end }} + {{- end }} initContainers: - command: - {{ if .Values.global.jobs.migration.enabled }} + {{- if .Values.global.jobs.migration.enabled }} - /app/ready.py args: - --job-name - {{ include "common.release" . }}-aai-graphadmin-migration - {{ else if .Values.global.jobs.createSchema.enabled }} + {{- else if .Values.global.jobs.createSchema.enabled }} - /app/ready.py args: - --job-name - {{ include "common.release" . }}-aai-graphadmin-create-db-schema - {{ else }} + {{- else }} - /app/ready.py args: - --container-name @@ -1205,27 +1207,27 @@ spec: {{- end }} - --container-name - aai-schema-service - {{ end }} + {{- end }} env: - name: NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness - {{ if .Values.global.installSidecarSecurity }} + {{- if .Values.global.installSidecarSecurity }} - name: {{ .Values.global.tproxyConfig.name }} - image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tproxyConfig.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} securityContext: privileged: true - {{ end }} - {{ end }} + {{- end }} + {{- end }} containers: - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: LOCAL_USER_ID @@ -1256,11 +1258,11 @@ spec: - mountPath: /opt/app/aai-resources/resources/etc/auth/realm.properties name: {{ include "common.fullname" . }}-config subPath: realm.properties - {{ if .Values.global.installSidecarSecurity }} + {{- if .Values.global.installSidecarSecurity }} - mountPath: /opt/app/aai-resources/resources/etc/auth/aai_policy.json name: {{ include "common.fullname" . }}-aai-policy subPath: aai_policy.json - {{ end }} + {{- end }} - mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.keyfile name: {{ include "common.fullname" . }}-aaf-certs subPath: org.onap.aai.keyfile @@ -1291,43 +1293,39 @@ spec: - mountPath: /opt/app/aai-resources/resources/application-keycloak.properties name: {{ include "common.fullname" . }}-config subPath: application-keycloak.properties - {{ $global := . }} - {{ range $job := .Values.global.config.auth.files }} + {{- $global := . }} + {{- range $job := .Values.global.config.auth.files }} - mountPath: /opt/app/aai-resources/resources/etc/auth/{{ . }} name: {{ include "common.fullname" $global }}-auth-truststore-sec subPath: {{ . }} - {{ end }} + {{- end }} ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container - {{ if .Values.liveness.enabled }} + {{- if .Values.liveness.enabled }} livenessProbe: tcpSocket: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} + {{- end }} readinessProbe: tcpSocket: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} + {{- end }} {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} + affinity: {{ toYaml .Values.affinity | nindent 8 }} {{- end }} - # side car containers - name: filebeat-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + image: {{ include "repositoryGenerator.image.logging" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: /usr/share/filebeat/filebeat.yml @@ -1337,11 +1335,10 @@ spec: name: {{ include "common.fullname" . }}-logs - mountPath: /usr/share/filebeat/data name: {{ include "common.fullname" . }}-filebeat - resources: -{{ include "common.resources" . }} - {{ if .Values.global.installSidecarSecurity }} + resources: {{ include "common.resources" . | nindent 12 }} + {{- if .Values.global.installSidecarSecurity }} - name: {{ .Values.global.rproxy.name }} - image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.rproxy.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: CONFIG_HOME @@ -1386,9 +1383,8 @@ spec: subPath: org.onap.aai.p12 ports: - containerPort: {{ .Values.global.rproxy.port }} - - name: {{ .Values.global.fproxy.name }} - image: "{{ include "common.repository" . }}/{{ .Values.global.fproxy.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.fproxy.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: CONFIG_HOME @@ -1417,8 +1413,7 @@ spec: subPath: client-cert.p12 ports: - containerPort: {{ .Values.global.fproxy.port }} - {{ end }} - + {{- end }} volumes: - name: aai-common-aai-auth-mount secret: @@ -1435,50 +1430,50 @@ spec: emptyDir: {} - name: {{ include "common.fullname" . }}-config configMap: - name: {{ include "common.fullname" . }}-configmap + name: {{ include "common.fullname" . }}-configmap - name: {{ include "common.fullname" . }}-aaf-properties configMap: - name: {{ include "common.fullname" . }}-aaf-props + name: {{ include "common.fullname" . }}-aaf-props - name: {{ include "common.fullname" . }}-aaf-certs secret: - secretName: {{ include "common.fullname" . }}-aaf-keys + secretName: {{ include "common.fullname" . }}-aaf-keys - name: {{ include "common.fullname" . }}-auth-truststore-sec secret: - secretName: aai-common-truststore - items: - {{ range $job := .Values.global.config.auth.files }} - - key: {{ . }} - path: {{ . }} - {{ end }} - {{ if .Values.global.installSidecarSecurity }} + secretName: aai-common-truststore + items: + {{- range $job := .Values.global.config.auth.files }} + - key: {{ . }} + path: {{ . }} + {{- end }} + {{- if .Values.global.installSidecarSecurity }} - name: {{ include "common.fullname" . }}-aai-policy configMap: - name: {{ include "common.fullname" . }}-aai-policy-configmap + name: {{ include "common.fullname" . }}-aai-policy-configmap - name: {{ include "common.fullname" . }}-rproxy-config configMap: - name: {{ include "common.fullname" . }}-rproxy-config + name: {{ include "common.fullname" . }}-rproxy-config - name: {{ include "common.fullname" . }}-rproxy-log-config configMap: - name: {{ include "common.fullname" . }}-rproxy-log-config + name: {{ include "common.fullname" . }}-rproxy-log-config - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config configMap: - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config + name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - name: {{ include "common.fullname" . }}-rproxy-auth-config secret: - secretName: {{ include "common.fullname" . }}-rproxy-auth-config + secretName: {{ include "common.fullname" . }}-rproxy-auth-config - name: {{ include "common.fullname" . }}-rproxy-security-config secret: - secretName: {{ include "common.fullname" . }}-rproxy-security-config + secretName: {{ include "common.fullname" . }}-rproxy-security-config - name: {{ include "common.fullname" . }}-fproxy-config configMap: - name: {{ include "common.fullname" . }}-fproxy-config + name: {{ include "common.fullname" . }}-fproxy-config - name: {{ include "common.fullname" . }}-fproxy-log-config configMap: - name: {{ include "common.fullname" . }}-fproxy-log-config + name: {{ include "common.fullname" . }}-fproxy-log-config - name: {{ include "common.fullname" . }}-fproxy-auth-config secret: - secretName: {{ include "common.fullname" . }}-fproxy-auth-config - {{ end }} + secretName: {{ include "common.fullname" . }}-fproxy-auth-config + {{- end }} restartPolicy: {{ .Values.restartPolicy }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/components/aai-resources/templates/service.yaml b/kubernetes/aai/components/aai-resources/templates/service.yaml index 68d767b380..66dfd493dd 100644 --- a/kubernetes/aai/components/aai-resources/templates/service.yaml +++ b/kubernetes/aai/components/aai-resources/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2018 Amdocs, Bell Canada, AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: Service diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml index 4b77e31084..2685d9a3f5 100644 --- a/kubernetes/aai/components/aai-resources/values.yaml +++ b/kubernetes/aai/components/aai-resources/values.yaml @@ -1,5 +1,5 @@ # Copyright (c) 2018 Amdocs, Bell Canada, AT&T -# Copyright (c) 2020 Nokia +# Copyright (c) 2020 Nokia, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,10 +18,105 @@ # Declare variables to be passed into your templates. global: # global defaults nodePortPrefix: 302 - readinessImage: onap/oom/readiness:3.0.1 + cassandra: + #Service Name of the cassandra cluster to connect to. + #Override it to aai-cassandra if localCluster is enabled. + serviceName: cassandra + + rproxy: + name: reverse-proxy + + initContainers: + enabled: true + + # Specifies a list of jobs to be run + jobs: + # When enabled, it will create the schema based on oxm and edge rules + createSchema: + enabled: true + #migration using helm hooks + migration: + enabled: false + + config: + # Specifies that the cluster connected to a dynamic + # cluster being spinned up by kubernetes deployment + cluster: + cassandra: + dynamic: true + + # Specifies if the basic authorization is enabled + basic: + auth: + enabled: true + username: AAI + passwd: AAI + + # Active spring profiles for the resources microservice + profiles: + active: production,dmaap,aaf-auth + + # Notification event specific properties + notification: + eventType: AAI-EVENT + domain: dev + + # Schema specific properties that include supported versions of api + schema: + # Specifies if the connection should be one way ssl, two way ssl or no auth + service: + client: one-way-ssl + # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service + translator: + list: schema-service + source: + # Specifies which folder to take a look at + name: onap + uri: + # Base URI Path of the application + base: + path: /aai + version: + # Current version of the REST API + api: + default: v21 + # Specifies which version the depth parameter is configurable + depth: v11 + # List of all the supported versions of the API + list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21 + # Specifies from which version related link should appear + related: + link: v11 + # Specifies from which version the app root change happened + app: + root: v11 + # Specifies from which version the xml namespace changed + namespace: + change: v12 + # Specifies from which version the edge label appeared in API + edge: + label: v12 + + # Keystore configuration password and filename + keystore: + filename: aai_keystore + passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 + + # Truststore configuration password and filename + truststore: + filename: aai_keystore + passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 + + # Specifies a list of files to be included in auth volume + auth: + files: + - aai_keystore + + # Specifies which clients should always default to realtime graph connection + realtime: + clients: SDNC,MSO,SO,robot-ete # application image -repository: nexus3.onap.org:10001 image: onap/aai-resources:1.7.2 pullPolicy: Always restartPolicy: Always |