aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/aai/components/aai-resources
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/aai/components/aai-resources')
-rw-r--r--kubernetes/aai/components/aai-resources/Chart.yaml4
-rw-r--r--kubernetes/aai/components/aai-resources/resources/config/aaiconfig.properties4
-rw-r--r--kubernetes/aai/components/aai-resources/resources/config/application-keycloak.properties14
-rw-r--r--kubernetes/aai/components/aai-resources/resources/config/application.properties15
-rw-r--r--kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml108
-rw-r--r--kubernetes/aai/components/aai-resources/resources/config/logback.xml349
-rw-r--r--kubernetes/aai/components/aai-resources/resources/config/realm.properties35
-rw-r--r--kubernetes/aai/components/aai-resources/templates/_helpers.tpl21
-rw-r--r--kubernetes/aai/components/aai-resources/templates/configmap.yaml3
-rw-r--r--kubernetes/aai/components/aai-resources/templates/deployment.yaml48
-rw-r--r--kubernetes/aai/components/aai-resources/templates/servicemonitor.yaml2
-rw-r--r--kubernetes/aai/components/aai-resources/values.yaml69
12 files changed, 87 insertions, 585 deletions
diff --git a/kubernetes/aai/components/aai-resources/Chart.yaml b/kubernetes/aai/components/aai-resources/Chart.yaml
index c83a28671c..44b54bc3d3 100644
--- a/kubernetes/aai/components/aai-resources/Chart.yaml
+++ b/kubernetes/aai/components/aai-resources/Chart.yaml
@@ -18,7 +18,7 @@
apiVersion: v2
description: ONAP AAI resources
name: aai-resources
-version: 15.0.1
+version: 15.0.2
dependencies:
- name: common
@@ -32,4 +32,4 @@ dependencies:
repository: '@local'
- name: readinessCheck
version: ~13.x-0
- repository: '@local' \ No newline at end of file
+ repository: '@local'
diff --git a/kubernetes/aai/components/aai-resources/resources/config/aaiconfig.properties b/kubernetes/aai/components/aai-resources/resources/config/aaiconfig.properties
index 6392a8e0b0..4985a97dba 100644
--- a/kubernetes/aai/components/aai-resources/resources/config/aaiconfig.properties
+++ b/kubernetes/aai/components/aai-resources/resources/config/aaiconfig.properties
@@ -45,8 +45,8 @@ aai.global.callback.url=http://aai.{{ include "common.namespace" . }}/aai/
{{ if .Values.global.config.basic.auth.enabled }}
aai.tools.enableBasicAuth=true
-aai.tools.username={{ .Values.global.config.basic.auth.username }}
-aai.tools.password={{ .Values.global.config.basic.auth.passwd }}
+aai.tools.username={{ (index .Values.global.config.basic.auth.users 0).username }}
+aai.tools.password={{ (index .Values.global.config.basic.auth.users 0).password }}
{{ end }}
aai.notification.current.version={{ .Values.global.config.schema.version.api.default }}
diff --git a/kubernetes/aai/components/aai-resources/resources/config/application-keycloak.properties b/kubernetes/aai/components/aai-resources/resources/config/application-keycloak.properties
deleted file mode 100644
index 738634d230..0000000000
--- a/kubernetes/aai/components/aai-resources/resources/config/application-keycloak.properties
+++ /dev/null
@@ -1,14 +0,0 @@
-
-spring.autoconfigure.exclude=\
- org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,\
- org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
-
-multi.tenancy.enabled={{ .Values.config.keycloak.multiTenancy.enabled }}
-keycloak.auth-server-url=http://{{ .Values.config.keycloak.host }}:{{ .Values.config.keycloak.port }}/auth
-keycloak.realm={{ .Values.config.keycloak.realm }}
-keycloak.resource={{ .Values.config.keycloak.resource }}
-keycloak.public-client=true
-keycloak.principal-attribute=preferred_username
-
-keycloak.ssl-required=external
-keycloak.bearer-only=true
diff --git a/kubernetes/aai/components/aai-resources/resources/config/application.properties b/kubernetes/aai/components/aai-resources/resources/config/application.properties
index eae146b845..6c34705e8a 100644
--- a/kubernetes/aai/components/aai-resources/resources/config/application.properties
+++ b/kubernetes/aai/components/aai-resources/resources/config/application.properties
@@ -28,6 +28,7 @@ spring.jersey.type=filter
spring.main.allow-bean-definition-overriding=true
server.servlet.context-path=/
+spring.sleuth.enabled={{ .Values.tracing.enabled }}
spring.zipkin.baseUrl={{ .Values.tracing.collector.baseUrl }}
spring.sleuth.messaging.jms.enabled = false
spring.sleuth.trace-id128=true
@@ -50,16 +51,9 @@ server.tomcat.max-idle-time=60000
# If you get an application startup failure that the port is already taken
# If thats not it, please check if the key-store file path makes sense
server.local.startpath=aai-resources/src/main/resources/
-server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties
server.port=8447
-security.require-ssl=false
-server.ssl.enabled=false
-# JMS bind address host port
-jms.bind.address=tcp://localhost:61647
-
-# dmaap is deprecated now kafka is used
spring.kafka.producer.bootstrap-servers=${BOOTSTRAP_SERVERS}
spring.kafka.producer.properties.security.protocol=SASL_PLAINTEXT
spring.kafka.producer.properties.sasl.mechanism=SCRAM-SHA-512
@@ -125,3 +119,10 @@ scrape.uri.metrics=false
# This does the same as the /echo endpoint,
# but doesn't show up in micrometer metrics
aai.actuator.echo.enabled={{ .Values.actuator.echo.enabled }}
+aai.graph.properties.path=${server.local.startpath}/etc/appprops/janusgraph-realtime.properties
+
+aai.basic-auth.enabled={{ .Values.global.config.basic.auth.enabled }}
+{{- range $index, $user := .Values.global.config.basic.auth.users }}
+aai.basic-auth.users[{{ $index }}].username={{ $user.username }}
+aai.basic-auth.users[{{ $index }}].password={{ $user.password }}
+{{- end }}
diff --git a/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml b/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml
deleted file mode 100644
index 54c3d81e05..0000000000
--- a/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml
+++ /dev/null
@@ -1,108 +0,0 @@
-{{/*
-<!--
-
- ============LICENSE_START=======================================================
- org.onap.aai
- ================================================================================
- Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- Modifications Copyright © 2018 Amdocs, Bell Canada
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ============LICENSE_END=========================================================
-
- ECOMP is a trademark and service mark of AT&T Intellectual Property.
-
--->
-*/}}
-<configuration>
- <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
-
- <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}' />
- <property name="maxHistory" value='{{.Values.accessLogback.maxHistory}}' />
- <property name="totalSizeCap" value='{{.Values.accessLogback.totalSizeCap}}' />
- <property name="livenessAccessLogEnabled"
- value='{{.Values.accessLogback.livenessAccessLogEnabled}}' />
-
-
- <if condition='property("logToFileEnabled").contains("true")'>
- <then>
- <appender name="ACCESS"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}
- %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU}
- %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST}
- %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter}
- %i{X-AAI-SSL-Client-DN} %D</Pattern>
- </encoder>
- </appender>
- <appender-ref ref="ACCESS" />
- </then>
- </if>
-
- <appender name="STDOUTACCESS" class="ch.qos.logback.core.ConsoleAppender">
- <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}
- %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O}
- %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C}
- %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D -
- "logType": "access"</Pattern>
- </encoder>
- <if condition='property("livenessAccessLogEnabled").contains("false")'>
- <then>
- <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
- <evaluator class="ch.qos.logback.access.net.URLEvaluator">
- <URL>/aai/util/echo</URL>
- </evaluator>
- <OnMismatch>NEUTRAL</OnMismatch>
- <OnMatch>DENY</OnMatch>
- </filter>
- </then>
- </if>
- </appender>
-
- <appender-ref ref="STDOUTACCESS" />
-
-</configuration>
-{{/*
-<!--
-%a - Remote IP address
-%A - Local IP address
-%b - Bytes sent, excluding HTTP headers, or '-' if no bytes were sent
-%B - Bytes sent, excluding HTTP headers
-%h - Remote host name
-%H - Request protocol
-%l - Remote logical username from identd (always returns '-')
-%m - Request method
-%p - Local port
-%q - Query string (prepended with a '?' if it exists, otherwise an empty string
-%r - First line of the request
-%s - HTTP status code of the response
-%S - User session ID
-%t - Date and time, in Common Log Format format
-%u - Remote user that was authenticated
-%U - Requested URL path
-%v - Local server name
-%I - current request thread name (can compare later with stacktraces)
-
-%z - Custom pattern that parses the cert for the subject
-%y - Custom pattern determines rest or dme2
--->
-*/}}
diff --git a/kubernetes/aai/components/aai-resources/resources/config/logback.xml b/kubernetes/aai/components/aai-resources/resources/config/logback.xml
index a90f354cbe..32334d0c5c 100644
--- a/kubernetes/aai/components/aai-resources/resources/config/logback.xml
+++ b/kubernetes/aai/components/aai-resources/resources/config/logback.xml
@@ -29,24 +29,12 @@
<property resource="application.properties" />
- <property name="maxHistory" value='{{.Values.logback.maxHistory}}' />
- <property name="totalSizeCap" value='{{.Values.logback.totalSizeCap}}' />
- <property name="queueSize" value='{{.Values.logback.queueSize}}'/>
-
- <property name="logToFileEnabled" value='{{.Values.logback.logToFileEnabled}}'/>
-
<property name="namespace" value="aai-resources"/>
<property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
<jmxConfigurator />
<property name="logDirectory" value="${AJSC_HOME}/logs" />
- <!-- Old patterns
- <property name="eelfLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
- <property name="eelfAuditLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
- <property name="eelfMetricLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{targetVirtualEntity}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
- <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%ecompServiceName|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%ecompResponseCode|%ecompResponseDescription|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
- <property name="eelfTransLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{partnerName}:%m%n"/>
- -->
+
<property name="p_tim" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}"/>
<property name="p_lvl" value="%level"/>
<property name="p_log" value="%logger"/>
@@ -66,284 +54,22 @@
<conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" />
<conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" />
- <if condition='property("logToFileEnabled").contains("true")'>
- <then>
- <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/rest/sane.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}.zip</fileNamePattern>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
- </pattern>
- </encoder>
- </appender>
-
- <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>${queueSize}</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="SANE"/>
- </appender>
- <appender name="METRIC" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/rest/metrics.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}.zip</fileNamePattern>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${metricPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>${queueSize}</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="METRIC"/>
- </appender>
-
- <appender name="DEBUG"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <file>${logDirectory}/rest/debug.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}.zip</fileNamePattern>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${debugPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="DEBUG"/>
- <includeCallerData>true</includeCallerData>
- </appender>
- <appender name="ERROR"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/rest/error.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}.zip</fileNamePattern>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <encoder>
- <pattern>${errorPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="ERROR"/>
- </appender>
-
- <appender name="AUDIT"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/rest/audit.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${auditPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>${queueSize}</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="AUDIT"/>
- </appender>
-
- <appender name="translog"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <file>${logDirectory}/rest/translog.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${transLogPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>${queueSize}</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="translog"/>
- </appender>
-
- <appender name="kafkaAAIEventConsumer"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <File>${logDirectory}/kafkaAAIEventConsumer/error.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/kafkaAAIEventConsumer/error.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${errorPattern}</pattern>
- </encoder>
-
- </appender>
-
- <appender name="kafkaAAIEventConsumerDebug"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/kafkaAAIEventConsumer/debug.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/kafkaAAIEventConsumer/debug.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${debugPattern}</pattern>
- </encoder>
- </appender>
- <appender name="kafkaAAIEventConsumerInfo"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>INFO</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/kafkaAAIEventConsumer/kafka-transaction.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/kafkaAAIEventConsumer/kafka-transaction.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${auditPattern}</pattern>
- </encoder>
- </appender>
- <appender name="kafkaAAIEventConsumerMetric"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>INFO</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/kafkaAAIEventConsumer/metrics.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/kafkaAAIEventConsumer/metrics.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${metricPattern}</pattern>
- </encoder>
- </appender>
- <appender name="external"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <file>${logDirectory}/external/external.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${debugPattern}</pattern>
- </encoder>
- </appender>
- <appender name="auth"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>DEBUG</level>
- </filter>
- <file>${logDirectory}/auth/auth.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/auth/auth.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>%d{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}[%thread] %-5level %logger{1024} - %msg%n</pattern>
- </encoder>
- </appender>
- <appender name="asyncAUTH" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>${queueSize}</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="auth"/>
- </appender>
- </then>
- </if>
+ <property name="CONSOLE_LOG_PATTERN"
+ value="%clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} [%X{traceId},%X{spanId}] [%thread] %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}" />
+ <!-- Appender to log to console -->
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <encoder class="net.logstash.logback.encoder.LoggingEventCompositeJsonEncoder">
- <providers>
- <timestamp><fieldName>timestamp</fieldName></timestamp>
- <message/>
- <mdc>
- <fieldName>context</fieldName>
- <excludeMdcKeyName>ServerIPAddress</excludeMdcKeyName>
- <excludeMdcKeyName>EntryTimestamp</excludeMdcKeyName>
- <excludeMdcKeyName>InvokeTimestamp</excludeMdcKeyName>
- <excludeMdcKeyName>ErrorCode</excludeMdcKeyName>
- <excludeMdcKeyName>ErrorDesc</excludeMdcKeyName>
- </mdc>
- <stackTrace>
- <fieldName>exception</fieldName>
- <throwableConverter class="net.logstash.logback.stacktrace.ShortenedThrowableConverter">
- <exclude>^sun\.reflect\..*\.invoke</exclude>
- <exclude>^net\.sf\.cglib\.proxy\.MethodProxy\.invoke</exclude>
- <rootCauseFirst>true</rootCauseFirst>
- </throwableConverter>
- </stackTrace>
- <threadName><fieldName>thread</fieldName></threadName>
- <loggerName>
- <fieldName>logger</fieldName>
- <shortenedLoggerNameLength>36</shortenedLoggerNameLength>
- </loggerName>
- <logLevel/>
- <pattern>
- <pattern>{"logType":"app"}</pattern>
- </pattern>
- </providers>
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <!-- Minimum logging level to be presented in the console logs-->
+ <level>DEBUG</level>
+ </filter>
+ <encoder>
+ <pattern>${CONSOLE_LOG_PATTERN}</pattern>
+ <charset>utf8</charset>
</encoder>
</appender>
<!-- logback internals logging -->
-
<logger name="ch.qos.logback.classic" level="WARN" />
<logger name="ch.qos.logback.core" level="WARN" />
@@ -360,77 +86,26 @@
<logger name="org.springframework.beans" level="WARN" />
<logger name="org.springframework.web" level="WARN" />
<logger name="org.janusgraph" level="WARN" />
+ <logger name="org.janusgraph.graphdb.transaction" level="ERROR" />
<logger name="org.zookeeper" level="OFF" />
<logger name="org.onap.aai" level={{ .Values.log.level.base | upper | quote }} additivity="false">
- <if condition='property("logToFileEnabled").contains("true")'>
- <then>
- <appender-ref ref="asyncDEBUG"/>
- <appender-ref ref="asyncSANE"/>
- </then>
- </if>
<appender-ref ref="STDOUT"/>
</logger>
<logger name="org.onap.aai.aaf.auth" level="DEBUG" additivity="false">
- <if condition='property("logToFileEnabled").contains("true")'>
- <then>
- <appender-ref ref="asyncAUTH"/>
- </then>
- </if>
<appender-ref ref="STDOUT"/>
</logger>
- <if condition='property("logToFileEnabled").contains("true")'>
- <then>
- <!-- These loggers are not additive and will be redirected to the parent logger.
- Sending events to log is handled by parent loggers-->
- <logger name="org.onap.aai.aailog.logs.AaiScheduledTaskAuditLog" level="INFO">
- <appender-ref ref="asyncAUDIT"/>
- </logger>
- <logger name="org.onap.logging.filter.base.AbstractAuditLogFilter" level={{ .Values.log.level.audit | upper | quote }}>
- <appender-ref ref="asyncAUDIT"/>
- </logger>
- <logger name="org.onap.aai.aailog.logs.AaiDBMetricLog" level={{ .Values.log.level.dbMetric | upper | quote }}>
- <appender-ref ref="asyncMETRIC"/>
- </logger>
- <logger name="org.onap.aai.aailog.logs.AaiDmaapMetricLog" level="INFO">
- <appender-ref ref="kafkaAAIEventConsumerMetric"/>
- </logger>
- <logger name="org.onap.aai.logging.ErrorLogHelper" level="WARN">
- <appender-ref ref="asyncERROR"/>
- </logger>
- <logger name="com.att.nsa.mr" level="INFO">
- <appender-ref ref="kafkaAAIEventConsumerInfo"/>
- </logger>
- </then>
- </if>
-
<logger name="org.onap.aai.interceptors.post" level="DEBUG" additivity="false">
- <if condition='property("logToFileEnabled").contains("true")'>
- <then>
- <appender-ref ref="asynctranslog"/>
- </then>
- </if>
<appender-ref ref="STDOUT"/>
</logger>
<logger name="org.onap.aai.kafka" level="DEBUG" additivity="false">
- <if condition='property("logToFileEnabled").contains("true")'>
- <then>
- <appender-ref ref="kafkaAAIEventConsumer"/>
- <appender-ref ref="kafkaAAIEventConsumerDebug"/>
- </then>
- </if>
<appender-ref ref="STDOUT"/>
</logger>
<root level={{ .Values.log.level.root | upper | quote }}>
- <if condition='property("logToFileEnabled").contains("true")'>
- <then>
- <appender-ref ref="external"/>
- </then>
- </if>
<appender-ref ref="STDOUT"/>
</root>
</configuration>
diff --git a/kubernetes/aai/components/aai-resources/resources/config/realm.properties b/kubernetes/aai/components/aai-resources/resources/config/realm.properties
deleted file mode 100644
index f254d03631..0000000000
--- a/kubernetes/aai/components/aai-resources/resources/config/realm.properties
+++ /dev/null
@@ -1,35 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# format : username: password[,rolename ...]
-# default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader...
-*/ -}}
-AAI:OBF:1gfr1ev31gg7,admin
-MSO:OBF:1jzx1lz31k01,admin
-SDNC:OBF:1itr1i0l1i151isv,admin
-DCAE:OBF:1g8u1f9d1f991g8w,admin
-POLICY:OBF:1mk61i171ima1im41i0j1mko,admin
-ASDC:OBF:1f991j0u1j001f9d,admin
-ModelLoader:OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw,admin
-AaiUI:OBF:1gfr1p571unz1p4j1gg7,admin
-OOF:OBF:1img1ke71ily,admin
-aai@aai.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
-so@so.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
-sdnc@sdnc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
-dcae@dcae.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
-policy@policy.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
-sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
-oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
-pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
-vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
diff --git a/kubernetes/aai/components/aai-resources/templates/_helpers.tpl b/kubernetes/aai/components/aai-resources/templates/_helpers.tpl
new file mode 100644
index 0000000000..003be58409
--- /dev/null
+++ b/kubernetes/aai/components/aai-resources/templates/_helpers.tpl
@@ -0,0 +1,21 @@
+{{- define "aai.waitForSchemaCreation" -}}
+- name: wait-for-schema-creation
+ image: "{{ include "repositoryGenerator.image.curl" . }}"
+ imagePullPolicy: IfNotPresent
+ command: ["/bin/sh", "-c"]
+ args:
+ - |
+ URL="{{ required "URL is required" (.Values.schemaInitCheckURL | default "http://aai-graphadmin:8449/isSchemaInitialized") }}"
+ AUTH="{{ printf "%s:%s" (index .Values.global.config.basic.auth.users 0).username (index .Values.global.config.basic.auth.users 0).password }}"
+ while true; do
+ RESPONSE=$(curl -u $AUTH -s $URL)
+ if [ "$RESPONSE" = "true" ]; then
+ echo "Request successful. Schema is initialized."
+ exit 0
+ else
+ echo "Request unsuccessful. Schema is not yet initialized. Retrying in 3 seconds..."
+ sleep 3
+ fi
+ done
+ {{ include "common.containerSecurityContext" . | indent 2 | trim }}
+{{- end -}}
diff --git a/kubernetes/aai/components/aai-resources/templates/configmap.yaml b/kubernetes/aai/components/aai-resources/templates/configmap.yaml
index 8e13c8c90d..73723a1270 100644
--- a/kubernetes/aai/components/aai-resources/templates/configmap.yaml
+++ b/kubernetes/aai/components/aai-resources/templates/configmap.yaml
@@ -23,9 +23,6 @@ metadata:
labels: {{- include "common.labels" . | nindent 4 }}
data:
{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/localhost-access-logback.xml").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/janusgraph-realtime.properties").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/aaiconfig.properties").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/application-keycloak.properties").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }}
diff --git a/kubernetes/aai/components/aai-resources/templates/deployment.yaml b/kubernetes/aai/components/aai-resources/templates/deployment.yaml
index cb434ed2cd..35378fd83c 100644
--- a/kubernetes/aai/components/aai-resources/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-resources/templates/deployment.yaml
@@ -20,7 +20,7 @@
apiVersion: apps/v1
kind: Deployment
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+metadata: {{- include "common.resourceMetadata" (dict "annotations" .Values.annotations "dot" .) | nindent 2 }}
spec:
{{- if or .Values.config.debug.enabled .Values.config.profiling.enabled }}
replicas: 1
@@ -41,36 +41,6 @@ spec:
app: {{ include "common.name" . }}
template:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
- {{- if .Values.global.msbEnabled }}
- {{ $values := .Values }}
- msb.onap.org/service-info: '[
- {{- range $api_endpoint := $values.aai_enpoints -}}
- {{- range $api_version := $values.api_list }}
- {
- "serviceName": "_{{ $api_endpoint.name }}",
- "version": "v{{ $api_version }}",
- "url": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}",
- "protocol": "REST",
- "port": "8447",
- "enable_ssl": true,
- "lb_policy":"ip_hash",
- "visualRange": "1",
- "path": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}"
- },
- {
- "serviceName": "{{ $api_endpoint.name }}",
- "version": "v{{ $api_version }}",
- "url": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}",
- "protocol": "REST",
- "port": "8447",
- "enable_ssl": true,
- "lb_policy":"ip_hash",
- "visualRange": "1"
- },
- {{- end }}
- {{- end }}
- ]'
- {{- end }}
spec:
hostname: aai-resources
terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }}
@@ -79,9 +49,7 @@ spec:
{{- if .Values.global.jobs.migration.enabled }}
{{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.wait_for_migration) | nindent 8 }}
{{- else if .Values.global.jobs.createSchema.enabled }}
- {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.wait_for_createSchema) | nindent 8 }}
- {{- else }}
- {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.wait_for_cassandra) | nindent 8 }}
+ {{ include "aai.waitForSchemaCreation" . | nindent 6 }}
{{- end }}
containers:
- name: {{ include "common.name" . }}
@@ -128,18 +96,9 @@ spec:
- mountPath: /opt/app/aai-resources/resources/logback.xml
name: {{ include "common.fullname" . }}-config
subPath: logback.xml
- - mountPath: /opt/app/aai-resources/resources/localhost-access-logback.xml
- name: {{ include "common.fullname" . }}-config
- subPath: localhost-access-logback.xml
- - mountPath: /opt/app/aai-resources/resources/etc/auth/realm.properties
- name: {{ include "common.fullname" . }}-config
- subPath: realm.properties
- mountPath: /opt/app/aai-resources/resources/application.properties
name: {{ include "common.fullname" . }}-config
subPath: application.properties
- - mountPath: /opt/app/aai-resources/resources/application-keycloak.properties
- name: {{ include "common.fullname" . }}-config
- subPath: application-keycloak.properties
- mountPath: /tmp
name: tmp
ports:
@@ -178,6 +137,7 @@ spec:
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
{{- end }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
{{- end }}
readinessProbe:
httpGet:
@@ -187,12 +147,14 @@ spec:
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
{{- end }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
startupProbe:
httpGet:
port: {{ .Values.service.metricsPort }}
path: {{ .Values.startup.path }}
failureThreshold: {{ .Values.startup.failureThreshold }}
periodSeconds: {{ .Values.startup.periodSeconds }}
+ timeoutSeconds: {{ .Values.startup.timeoutSeconds }}
resources: {{ include "common.resources" . | nindent 10 }}
{{- if .Values.nodeSelector }}
nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
diff --git a/kubernetes/aai/components/aai-resources/templates/servicemonitor.yaml b/kubernetes/aai/components/aai-resources/templates/servicemonitor.yaml
index c0d9f212b4..dc706029bf 100644
--- a/kubernetes/aai/components/aai-resources/templates/servicemonitor.yaml
+++ b/kubernetes/aai/components/aai-resources/templates/servicemonitor.yaml
@@ -1,3 +1,3 @@
{{- if .Values.metrics.serviceMonitor.enabled }}
{{ include "common.serviceMonitor" . }}
-{{- end }} \ No newline at end of file
+{{- end }}
diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml
index 7cba7a425e..625267b318 100644
--- a/kubernetes/aai/components/aai-resources/values.yaml
+++ b/kubernetes/aai/components/aai-resources/values.yaml
@@ -47,8 +47,33 @@ global: # global defaults
basic:
auth:
enabled: true
- username: AAI
- passwd: AAI
+ users:
+ - username: aai@aai.onap.org
+ password: demo123456!
+ - username: so@so.onap.org
+ password: demo123456!
+ - username: sdnc@sdnc.onap.org
+ password: demo123456!
+ - username: dcae@dcae.onap.org
+ password: demo123456!
+ - username: policy@policy.onap.org
+ password: demo123456!
+ - username: sdc@sdc.onap.org
+ password: demo123456!
+ - username: AAI
+ password: AAI
+ - username: DCAE
+ password: DCAE
+ - username: MSO
+ password: MSO
+ - username: POLICY
+ password: POLICY
+ - username: ASDC
+ password: ASDC
+ - username: ModelLoader
+ password: ModelLoader
+ - username: AaiUI
+ password: AaiUI
# Active spring profiles for the resources microservice
profiles:
@@ -77,11 +102,11 @@ global: # global defaults
version:
# Current version of the REST API
api:
- default: v29
+ default: v30
# Specifies which version the depth parameter is configurable
depth: v11
# List of all the supported versions of the API
- list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26,v27,v28,v29
+ list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26,v27,v28,v29,v30
# Specifies from which version related link should appear
related:
link: v11
@@ -134,7 +159,7 @@ aai_enpoints:
url: external-system
# application image
-image: onap/aai-resources:1.15.2
+image: onap/aai-resources:1.15.5
pullPolicy: Always
restartPolicy: Always
flavor: small
@@ -142,7 +167,7 @@ flavor: small
replicaCount: 1
# number of ReplicaSets that should be retained for the Deployment
-revisionHistoryLimit: 2
+revisionHistoryLimit: 1
# the minimum number of seconds that a newly created Pod should be ready
minReadySeconds: 30
@@ -155,19 +180,6 @@ updateStrategy:
# Configuration for the resources deployment
config:
- # configure keycloak according to your environment.
- # don't forget to add keycloak in active profiles above (global.config.profiles)
- keycloak:
- host: keycloak.your.domain
- port: 8180
- # Specifies a set of users, credentials, roles, and groups
- realm: aai-resources
- # Used by any client application for enabling fine-grained authorization for their protected resources
- resource: aai-resources-app
- # If set to true, additional criteria will be added that match the data-owner property with the given role
- # to the user in keycloak
- multiTenancy:
- enabled: true
janusgraph:
caching:
# enable when running read-heavy workloads
@@ -207,7 +219,6 @@ config:
# environment variables added to the launch of the image in deployment
env:
- MIN_HEAP_SIZE: "512m"
MAX_METASPACE_SIZE: "512m"
# adds jvm args for remote debugging the application
@@ -238,17 +249,20 @@ affinity: {}
# probe configuration parameters
liveness:
enabled: true
- path: /actuator/health/liveness
+ path: /actuator/health
periodSeconds: 10
+ timeoutSeconds: 3
readiness:
path: /actuator/health/readiness
periodSeconds: 10
+ timeoutSeconds: 3
startup:
path: /actuator/health/liveness
failureThreshold: 60
periodSeconds: 5
+ timeoutSeconds: 3
actuator:
echo:
@@ -304,6 +318,7 @@ resources:
unlimited: {}
tracing:
+ enabled: false
collector:
baseUrl: http://jaeger-collector.istio-system:9411
sampling:
@@ -392,18 +407,6 @@ log:
dbMetric: WARN
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-# To make logback capping values configurable
-logback:
- logToFileEnabled: false
- maxHistory: 7
- totalSizeCap: 1GB
- queueSize: 1000
-
-accessLogback:
- livenessAccessLogEnabled: false # false: do not log kubernetes liveness probes
- logToFileEnabled: false
- maxHistory: 7
- totalSizeCap: 1GB
#################################################################
# Secrets metaconfig
#################################################################