diff options
Diffstat (limited to 'kubernetes/aai/components')
76 files changed, 786 insertions, 3495 deletions
diff --git a/kubernetes/aai/components/aai-data-router/.helmignore b/kubernetes/aai/components/aai-data-router/.helmignore deleted file mode 100644 index daebc7da77..0000000000 --- a/kubernetes/aai/components/aai-data-router/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/aai/components/aai-data-router/Chart.yaml b/kubernetes/aai/components/aai-data-router/Chart.yaml deleted file mode 100644 index 70f75f6dd5..0000000000 --- a/kubernetes/aai/components/aai-data-router/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP AAI Data-Router -name: aai-data-router -version: 7.0.0 diff --git a/kubernetes/aai/components/aai-data-router/requirements.yaml b/kubernetes/aai/components/aai-data-router/requirements.yaml deleted file mode 100644 index 42641a2e5c..0000000000 --- a/kubernetes/aai/components/aai-data-router/requirements.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# Modifications Copyright © 2020 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: common - version: ~7.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' - - name: repositoryGenerator - version: ~7.x-0 - repository: '@local'
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-data-router/resources/config/auth/client-cert-onap.p12 b/kubernetes/aai/components/aai-data-router/resources/config/auth/client-cert-onap.p12 Binary files differdeleted file mode 100644 index dbf4fcacec..0000000000 --- a/kubernetes/aai/components/aai-data-router/resources/config/auth/client-cert-onap.p12 +++ /dev/null diff --git a/kubernetes/aai/components/aai-data-router/resources/config/auth/data-router_policy.json b/kubernetes/aai/components/aai-data-router/resources/config/auth/data-router_policy.json deleted file mode 100644 index c03870e288..0000000000 --- a/kubernetes/aai/components/aai-data-router/resources/config/auth/data-router_policy.json +++ /dev/null @@ -1,18 +0,0 @@ -{
- "roles": [
- {
- "name": "admin",
- "functions": [
- {
- "name": "search", "methods": [ { "name": "GET" },{ "name": "DELETE" }, { "name": "PUT" }, { "name": "POST" } ]
- }
- ],
-
- "users": [
- {
- "username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA"
- }
- ]
- }
- ]
-}
diff --git a/kubernetes/aai/components/aai-data-router/resources/config/auth/tomcat_keystore b/kubernetes/aai/components/aai-data-router/resources/config/auth/tomcat_keystore Binary files differdeleted file mode 100644 index 7a7738602d..0000000000 --- a/kubernetes/aai/components/aai-data-router/resources/config/auth/tomcat_keystore +++ /dev/null diff --git a/kubernetes/aai/components/aai-data-router/resources/config/data-router.properties b/kubernetes/aai/components/aai-data-router/resources/config/data-router.properties deleted file mode 100644 index e69de29bb2..0000000000 --- a/kubernetes/aai/components/aai-data-router/resources/config/data-router.properties +++ /dev/null diff --git a/kubernetes/aai/components/aai-data-router/resources/config/log/logback.xml b/kubernetes/aai/components/aai-data-router/resources/config/log/logback.xml deleted file mode 100644 index d7ff0143a1..0000000000 --- a/kubernetes/aai/components/aai-data-router/resources/config/log/logback.xml +++ /dev/null @@ -1,193 +0,0 @@ -<!-- - ============LICENSE_START======================================================= - org.onap.aai - ================================================================================ - Copyright © 2018 AT&T Intellectual Property. All rights reserved. - Copyright © 2018 Amdocs - ================================================================================ - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ============LICENSE_END========================================================= ---> -<configuration scan="true" scanPeriod="3 seconds" debug="false"> - <!--<jmxConfigurator /> --> - <!-- directory path for all other type logs --> - - <property name="logDir" value="/var/log/onap" /> - - <!-- specify the component name --> - <property name="componentName" value="AAI-DR" /> - - <!-- default eelf log file names --> - <property name="generalLogName" value="error" /> - <property name="metricsLogName" value="metrics" /> - <property name="auditLogName" value="audit" /> - <property name="debugLogName" value="debug" /> - - <property name="errorLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|data-router|%mdc{PartnerName}|%logger||%.-5level|%msg%n" /> - <property name="auditMetricPattern" value="%m%n" /> - - <property name="logDirectory" value="${logDir}/${componentName}" /> - - <!-- Example evaluator filter applied against console appender --> - <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> - <encoder> - <pattern>${errorLogPattern}</pattern> - </encoder> - </appender> - - <!-- ============================================================================ --> - <!-- EELF Appenders --> - <!-- ============================================================================ --> - - <!-- The EELFAppender is used to record events to the general application - log --> - - <appender name="EELF" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${generalLogName}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip - </fileNamePattern> - <maxHistory>60</maxHistory> - </rollingPolicy> - <encoder> - <pattern>${errorLogPattern}</pattern> - </encoder> - </appender> - <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender"> - <!-- deny all events with a level below INFO, that is TRACE and DEBUG --> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>INFO</level> - </filter> - <queueSize>256</queueSize> - <appender-ref ref="EELF" /> - </appender> - - <!-- EELF Audit Appender. This appender is used to record audit engine - related logging events. The audit logger and appender are specializations - of the EELF application root logger and appender. This can be used to segregate - Policy engine events from other components, or it can be eliminated to record - these events as part of the application root log. --> - - <appender name="EELFAudit" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${auditLogName}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip - </fileNamePattern> - <maxHistory>60</maxHistory> - </rollingPolicy> - <encoder> - <pattern>${auditMetricPattern}</pattern> - </encoder> - </appender> - <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="EELFAudit" /> - </appender> - - <appender name="EELFMetrics" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${metricsLogName}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip - </fileNamePattern> - <maxHistory>60</maxHistory> - </rollingPolicy> - <encoder> - <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - - %msg%n"</pattern> --> - <pattern>${auditMetricPattern}</pattern> - </encoder> - </appender> - - <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="EELFMetrics"/> - </appender> - - <appender name="EELFDebug" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${debugLogName}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip - </fileNamePattern> - <maxHistory>60</maxHistory> - </rollingPolicy> - <encoder> - <pattern>${errorLogPattern}</pattern> - </encoder> - </appender> - - <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="EELFDebug" /> - <includeCallerData>false</includeCallerData> - </appender> - - <!-- ============================================================================ --> - <!-- EELF loggers --> - <!-- ============================================================================ --> - <logger name="com.att.eelf" level="info" additivity="false"> - <appender-ref ref="asyncEELF" /> - <appender-ref ref="asyncEELFDebug" /> - </logger> - - <logger name="com.att.eelf.audit" level="info" additivity="false"> - <appender-ref ref="asyncEELFAudit" /> - </logger> - <logger name="com.att.eelf.metrics" level="info" additivity="false"> - <appender-ref ref="asyncEELFMetrics" /> - </logger> - - <!-- Spring related loggers --> - <logger name="org.springframework" level="WARN" /> - <logger name="org.springframework.beans" level="WARN" /> - <logger name="org.springframework.web" level="WARN" /> - <logger name="com.blog.spring.jms" level="WARN" /> - - <!-- Data Router service loggers --> - <logger name="org.onap.aai.data-router" level="INFO" /> - - <!-- Other Loggers that may help troubleshoot --> - <logger name="net.sf" level="WARN" /> - <logger name="org.apache" level="WARN" /> - <logger name="org.apache.commons.httpclient" level="WARN" /> - <logger name="org.apache.commons" level="WARN" /> - <logger name="org.apache.coyote" level="WARN" /> - <logger name="org.apache.jasper" level="WARN" /> - - <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging. - May aid in troubleshooting) --> - <logger name="org.apache.camel" level="WARN" /> - <logger name="org.apache.cxf" level="WARN" /> - <logger name="org.apache.camel.processor.interceptor" level="WARN" /> - <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" /> - <logger name="org.apache.cxf.service" level="WARN" /> - <logger name="org.restlet" level="WARN" /> - <logger name="org.apache.camel.component.restlet" level="WARN" /> - - <!-- logback internals logging --> - <logger name="ch.qos.logback.classic" level="WARN" /> - <logger name="ch.qos.logback.core" level="WARN" /> - - <root> - <appender-ref ref="asyncEELF" /> - <!-- <appender-ref ref="asyncEELFDebug" /> --> - </root> - -</configuration> diff --git a/kubernetes/aai/components/aai-data-router/resources/config/schemaIngest.properties b/kubernetes/aai/components/aai-data-router/resources/config/schemaIngest.properties deleted file mode 100644 index 33f79fb810..0000000000 --- a/kubernetes/aai/components/aai-data-router/resources/config/schemaIngest.properties +++ /dev/null @@ -1,67 +0,0 @@ -{{/* -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. -# Copyright © 2017-2018 Amdocs -# Modifications Copyright © 2018 Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# - - -# Properties for the SchemaLocationsBean -# Files named aai_oxm_v*.xml are unpacked here: -*/}} -nodeDir=/opt/app/data-router/onap/oxm -# Dummy folder/directory: -edgeDir= - -# Properties required by the aai-common - aai-schema-ingest lib as of 1.3.0 -schema.configuration.location=N/A -schema.nodes.location=/opt/app/data-router/onap/oxm/ -schema.edges.location= -# These versions need to exist if they are included in the list -schema.version.list={{ .Values.config.schemaVersionList }} -# Decalares the oxm version to load -schema.version.api.default={{ .Values.config.schemaApiDefault }} - -# Don't use these properties in our application, need to be set to prevent an exception on startup (see SchemaVersions bean) -schema.version.depth.start={{.Values.global.config.schema.version.depth}} -schema.version.related.link.start={{.Values.global.config.schema.version.related.link}} -schema.version.app.root.start={{.Values.global.config.schema.version.app.root}} -schema.version.namespace.change.start={{.Values.global.config.schema.version.namespace.change}} -schema.version.edge.label.start={{.Values.global.config.schema.version.edge.label}} - -#This property is used to enable or disable schema service, possible values are: schema-service or config -schema.translator.list={{.Values.config.schemaTranslatorList}} - -#These properties are needed when schema service is enabled -schema.service.base.url=https://aai-schema-service:8452/aai/schema-service/v1/ -schema.service.nodes.endpoint=nodes?version= -schema.service.edges.endpoint=edgerules?version= -schema.service.versions.endpoint=versions -schema.local=true -schema.filename=mockrequests -#Default rest client is the two-way-ssl -#schema.service.client=two-way-ssl -#Replace the below with the A&AI client key store -schema.service.ssl.key-store=${CONFIG_HOME}/auth/{{.Values.global.config.keystore.filename}} -#Replace the below with the A&AI tomcat trust store -schema.service.ssl.trust-store=${CONFIG_HOME}/auth/{{.Values.global.config.truststore.filename}} -schema.service.ssl.key-store-password={{.Values.global.config.keystore.passwd}} -schema.service.ssl.trust-store-password={{.Values.global.config.truststore.passwd}} - -spring.application.name=datarouter diff --git a/kubernetes/aai/components/aai-data-router/resources/dynamic/conf/data-router-oxm.xml b/kubernetes/aai/components/aai-data-router/resources/dynamic/conf/data-router-oxm.xml deleted file mode 100644 index 2e3361d164..0000000000 --- a/kubernetes/aai/components/aai-data-router/resources/dynamic/conf/data-router-oxm.xml +++ /dev/null @@ -1,17 +0,0 @@ -<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xmlns="http://www.springframework.org/schema/beans" xmlns:context="http://www.springframework.org/schema/context" - xmlns:task="http://www.springframework.org/schema/task" - xsi:schemaLocation="http://www.springframework.org/schema/beans https://www.springframework.org/schema/beans/spring-beans.xsd - http://www.springframework.org/schema/context https://www.springframework.org/schema/context/spring-context.xsd - http://www.springframework.org/schema/task https://www.springframework.org/schema/task/spring-task.xsd"> - - <context:property-placeholder - location="file:${CONFIG_HOME}/schemaIngest.properties" - ignore-unresolvable="true" /> - - <bean id="nodeIngestor" class="org.onap.aai.nodes.NodeIngestor" autowire="byName"/> - <bean id="oxmModelLoader" class="org.onap.aai.schema.OxmModelLoader" > - <constructor-arg ref="nodeIngestor"/> - </bean> - -</beans> diff --git a/kubernetes/aai/components/aai-data-router/resources/dynamic/conf/entity-event-policy.xml b/kubernetes/aai/components/aai-data-router/resources/dynamic/conf/entity-event-policy.xml deleted file mode 100644 index 039738a50d..0000000000 --- a/kubernetes/aai/components/aai-data-router/resources/dynamic/conf/entity-event-policy.xml +++ /dev/null @@ -1,57 +0,0 @@ -{{/* -<!-- -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. ---> -*/}} -<beans xmlns="http://www.springframework.org/schema/beans" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation=" - http://www.springframework.org/schema/beans - http://www.springframework.org/schema/beans/spring-beans.xsd"> - - <bean id="eepConfig" class="org.onap.aai.datarouter.policy.EntityEventPolicyConfig" > - <property name="sourceDomain" value="dev" /> - <property name="searchBaseUrl" value="https://{{.Values.global.searchData.serviceName}}.{{.Release.Namespace}}:9509" /> - <property name="searchEndpoint" value="services/search-data-service/v1/search/indexes/" /> - <property name="searchEndpointDocuments" value = "documents" /> - <property name="searchEntitySearchIndex" value="entity-search-index" /> - <property name="searchTopographySearchIndex" value="topography-search-index" /> - <property name="searchEntityAutoSuggestIndex" value="entityautosuggestindex" /> - <property name="searchAggregationVnfIndex" value="aggregate_generic-vnf_index" /> - <property name="searchCertName" value="client-cert-onap.p12" /> - <property name="searchKeystorePwd" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10" /> - <property name="searchKeystore" value="tomcat_keystore" /> - <property name="schemaVersions" ref="schemaVersions" /> - <property name="schemaLocationsBean" ref="schemaLocationsBean" /> - </bean> - - <bean id="consumerBeanEntityEvent" class="org.onap.aai.event.client.DMaaPEventConsumer" > - <constructor-arg name="host" value="message-router.{{.Release.Namespace}}:{{.Values.event.port.dmaap}}" /> - <constructor-arg name="topic" value="{{.Values.event.consumer.topic}}" /> - <constructor-arg name="username" value="" /> - <constructor-arg name="password" value="" /> - <constructor-arg name="consumerGroup" value="datarouter" /> - <constructor-arg name="consumerId" value="datarouter" /> - <constructor-arg name="timeoutMs" value="1000" /> - <constructor-arg name="messageLimit" value="100" /> - <constructor-arg name="transportType" value="HTTPAUTH" /> - <constructor-arg name="protocol" value="{{.Values.event.protocol}}" /> - <constructor-arg name="filter"><null /></constructor-arg> - </bean> - - <bean id="entityEventPolicy" class="org.onap.aai.datarouter.policy.EntityEventPolicy" init-method="startup" > - <constructor-arg ref="eepConfig"/> - </bean> -</beans> diff --git a/kubernetes/aai/components/aai-data-router/resources/dynamic/routes/entity-event.route b/kubernetes/aai/components/aai-data-router/resources/dynamic/routes/entity-event.route deleted file mode 100644 index 14db6d6596..0000000000 --- a/kubernetes/aai/components/aai-data-router/resources/dynamic/routes/entity-event.route +++ /dev/null @@ -1,4 +0,0 @@ -<route xmlns="http://camel.apache.org/schema/spring" trace="true">
- <from uri="event-bus:mybus/?eventTopic=AAI-EVENT&consumer=#consumerBeanEntityEvent" />
- <to uri="bean:entityEventPolicy?method=process"/>
-</route>
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-data-router/templates/configmap.yaml b/kubernetes/aai/components/aai-data-router/templates/configmap.yaml deleted file mode 100644 index e6b31fcf97..0000000000 --- a/kubernetes/aai/components/aai-data-router/templates/configmap.yaml +++ /dev/null @@ -1,70 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-prop - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-dynamic - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/dynamic/routes/entity-event.route").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/dynamic/conf/data-router-oxm.xml").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/dynamic/conf/entity-event-policy.xml").AsConfig . | indent 2 }} - ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-log-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-filebeat-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }} diff --git a/kubernetes/aai/components/aai-data-router/templates/deployment.yaml b/kubernetes/aai/components/aai-data-router/templates/deployment.yaml deleted file mode 100644 index 55cf572b36..0000000000 --- a/kubernetes/aai/components/aai-data-router/templates/deployment.yaml +++ /dev/null @@ -1,191 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# Modifications Copyright © 2020 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - name: {{ include "common.name" . }} - spec: - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - initContainers: - - command: - - /bin/sh - - -c - - | - mkdir -p /logroot/data-router/logs - chmod -R 777 /logroot/data-router/logs - chown -R root:root /logroot - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - securityContext: - privileged: true - image: {{ include "repositoryGenerator.image.busybox" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: init-sysctl - volumeMounts: - - name: {{ include "common.fullname" . }}-logs - mountPath: /logroot/ - containers: - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: SERVICE_BEANS - value: /opt/app/data-router/dynamic/conf - - name: CONFIG_HOME - value: /opt/app/data-router/config/ - - name: KEY_STORE_PASSWORD - value: {{ .Values.config.keyStorePassword }} - - name: DYNAMIC_ROUTES - value: /opt/app/data-router/dynamic/routes - - name: KEY_MANAGER_PASSWORD - value: {{ .Values.config.keyManagerPassword }} - - name: PATH - value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin - - name: JAVA_HOME - value: usr/lib/jvm/java-8-openjdk-amd64 - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/app/data-router/config/auth - name: {{ include "common.fullname" . }}-auth - - mountPath: /opt/app/data-router/config/data-router.properties - subPath: data-router.properties - name: {{ include "common.fullname" . }}-properties - - mountPath: /opt/app/data-router/config/schemaIngest.properties - subPath: schemaIngest.properties - name: {{ include "common.fullname" . }}-properties - - mountPath: /opt/app/data-router/dynamic/routes/entity-event.route - subPath: entity-event.route - name: {{ include "common.fullname" . }}-dynamic-route - - mountPath: /opt/app/data-router/dynamic/conf/entity-event-policy.xml - subPath: entity-event-policy.xml - name: {{ include "common.fullname" . }}-dynamic-policy - - mountPath: /opt/app/data-router/dynamic/conf/data-router-oxm.xml - subPath: data-router-oxm.xml - name: {{ include "common.fullname" . }}-dynamic-oxm - - mountPath: /opt/app/data-router/bundleconfig/etc/logback.xml - name: {{ include "common.fullname" . }}-logback-config - subPath: logback.xml - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - mountPath: /logs - name: {{ include "common.fullname" . }}-logs - - ports: - - containerPort: {{ .Values.service.internalPort }} - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . }} - - # side car containers - - name: filebeat-onap - image: {{ include "repositoryGenerator.image.logging" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - subPath: filebeat.yml - name: filebeat-conf - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - mountPath: /logs - name: {{ include "common.fullname" . }}-logs - - mountPath: /usr/share/filebeat/data - name: aai-filebeat - resources: -{{ include "common.resources" . }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: filebeat-conf - configMap: - name: aai-filebeat - - name: aai-filebeat - emptyDir: {} - - name: {{ include "common.fullname" . }}-auth - secret: - secretName: {{ include "common.fullname" . }} - - name: {{ include "common.fullname" . }}-properties - configMap: - name: {{ include "common.fullname" . }}-prop - items: - - key: data-router.properties - path: data-router.properties - - key: schemaIngest.properties - path: schemaIngest.properties - - name: {{ include "common.fullname" . }}-dynamic-route - configMap: - name: {{ include "common.fullname" . }}-dynamic - - name: {{ include "common.fullname" . }}-dynamic-policy - configMap: - name: {{ include "common.fullname" . }}-dynamic - - name: {{ include "common.fullname" . }}-dynamic-oxm - configMap: - name: {{ include "common.fullname" . }}-dynamic - - name: {{ include "common.fullname" . }}-logs - emptyDir: {} - - name: {{ include "common.fullname" . }}-logback-config - configMap: - name: {{ include "common.fullname" . }}-log-configmap - items: - - key: logback.xml - path: logback.xml - restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/components/aai-data-router/values.yaml b/kubernetes/aai/components/aai-data-router/values.yaml deleted file mode 100644 index 68e2d32ebf..0000000000 --- a/kubernetes/aai/components/aai-data-router/values.yaml +++ /dev/null @@ -1,138 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# Modifications Copyright © 2020 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for data-router. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: # global defaults - nodePortPrefix: 302 - config: - schema: - version: - # Specifies which version the depth parameter is configurable - depth: v11 - # Specifies from which version related link should appear - related: - link: v11 - # Specifies from which version the app root change happened - app: - root: v11 - # Specifies from which version the xml namespace changed - namespace: - change: v12 - # Specifies from which version the edge label appeared in API - edge: - label: v12 - # Keystore configuration password and filename - keystore: - filename: aai_keystore - passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 - - # Truststore configuration password and filename - truststore: - filename: aai_keystore - passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 - - searchData: - serviceName: aai-search-data - -# application image -image: onap/data-router:1.7.0 -pullPolicy: Always -restartPolicy: Always -flavor: small -flavorOverride: small - -# application configuration -config: - keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - schemaTranslatorList: config - schemaVersionList: "v11,v12,v13,v14,v15,v16,v17,v18,v19" - schemaApiDefault: "v19" - - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 300 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 120 - periodSeconds: 10 - -service: - name: aai-data-router - internalPort: 9502 - -ingress: - enabled: false - -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: <storageClass> - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - ## storageClass: "-" - accessMode: ReadWriteMany - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: aai/data-router/logs - -resources: - small: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 0.25 - memory: 750Mi - large: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 0.5 - memory: 1536Mi - unlimited: {} - -# Entity Event route configuration -event: - port: - dmaap: 3905 - protocol: https - consumer: - topic: AAI-EVENT diff --git a/kubernetes/aai/components/aai-elasticsearch/.helmignore b/kubernetes/aai/components/aai-elasticsearch/.helmignore deleted file mode 100644 index daebc7da77..0000000000 --- a/kubernetes/aai/components/aai-elasticsearch/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/aai/components/aai-elasticsearch/Chart.yaml b/kubernetes/aai/components/aai-elasticsearch/Chart.yaml deleted file mode 100644 index 93c6b255a7..0000000000 --- a/kubernetes/aai/components/aai-elasticsearch/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP AAI elasticsearch -name: aai-elasticsearch -version: 7.0.0 diff --git a/kubernetes/aai/components/aai-elasticsearch/requirements.yaml b/kubernetes/aai/components/aai-elasticsearch/requirements.yaml deleted file mode 100644 index 42641a2e5c..0000000000 --- a/kubernetes/aai/components/aai-elasticsearch/requirements.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# Modifications Copyright © 2020 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: common - version: ~7.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' - - name: repositoryGenerator - version: ~7.x-0 - repository: '@local'
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-elasticsearch/resources/config/elasticsearch.yml b/kubernetes/aai/components/aai-elasticsearch/resources/config/elasticsearch.yml deleted file mode 100644 index 1cbe3c4a69..0000000000 --- a/kubernetes/aai/components/aai-elasticsearch/resources/config/elasticsearch.yml +++ /dev/null @@ -1,390 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -##################### Elasticsearch Configuration Example ##################### - -# This file contains an overview of various configuration settings, -# targeted at operations staff. Application developers should -# consult the guide at <http://elasticsearch.org/guide>. -# -# The installation procedure is covered at -# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/setup.html>. -# -# Elasticsearch comes with reasonable defaults for most settings, -# so you can try it out without bothering with configuration. -# -# Most of the time, these defaults are just fine for running a production -# cluster. If you're fine-tuning your cluster, or wondering about the -# effect of certain configuration option, please _do ask_ on the -# mailing list or IRC channel [http://elasticsearch.org/community]. - -# Any element in the configuration can be replaced with environment variables -# by placing them in ${...} notation. For example: -# -# node.rack: ${RACK_ENV_VAR} - -# For information on supported formats and syntax for the config file, see -# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/setup-configuration.html> -################################### Cluster ################################### - -# Cluster name identifies your cluster for auto-discovery. If you're running -# multiple clusters on the same network, make sure you're using unique names. -# -# cluster.name: elasticsearch -*/}} -cluster.name: ES_AAI - -#################################### Node ##################################### - -node.name: ES_ONAP -node.master: true -node.data: true - -{{/* -# Use the Cluster Health API [http://localhost:9200/_cluster/health], the -# Node Info API [http://localhost:9200/_nodes] or GUI tools -# such as <http://www.elasticsearch.org/overview/marvel/>, -# <http://github.com/karmi/elasticsearch-paramedic>, -# <http://github.com/lukas-vlcek/bigdesk> and -# <http://mobz.github.com/elasticsearch-head> to inspect the cluster state. - -# By default, multiple nodes are allowed to start from the same installation location -# to disable it, set the following: -*/}} -node.max_local_storage_nodes: 1 - -{{/* -#################################### Index #################################### -# You can set a number of options (such as shard/replica options, mapping -# or analyzer definitions, translog settings, ...) for indices globally, -# in this file. -# -# Note, that it makes more sense to configure index settings specifically for -# a certain index, either when creating it or by using the index templates API. -# -# See <http://elasticsearch.org/guide/en/elasticsearch/reference/current/index-modules.html> and -# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/indices-create-index.html> -# for more information. - -# Set the number of shards (splits) of an index (5 by default): - -#index.number_of_shards: 5 - -# Set the number of replicas (additional copies) of an index (1 by default): - -#index.number_of_replicas: 1 - -# These settings directly affect the performance of index and search operations -# in your cluster. Assuming you have enough machines to hold shards and -# replicas, the rule of thumb is: -# -# 1. Having more *shards* enhances the _indexing_ performance and allows to -# _distribute_ a big index across machines. -# 2. Having more *replicas* enhances the _search_ performance and improves the -# cluster _availability_. -# -# The "number_of_shards" is a one-time setting for an index. -# -# The "number_of_replicas" can be increased or decreased anytime, -# by using the Index Update Settings API. -# -# Elasticsearch takes care about load balancing, relocating, gathering the -# results from nodes, etc. Experiment with different settings to fine-tune -# your setup. - -# Use the Index Status API (<http://localhost:9200/A/_status>) to inspect -# the index status. - - -#################################### Paths #################################### - -# Path to directory containing configuration (this file and logging.yml): -#path.conf: /opt/app/elasticsearch/config - -# Path to directory where to store index data allocated for this node. -# Use swm auto link to redirect the data directory if necessary. -*/}} -path.data: /usr/share/elasticsearch/data - -# path.data: /path/to/data1,/path/to/data2 - -# path.work: /path/to/work - -path.logs: /usr/share/elasticsearch/logs - -#path.plugins: /opt/app/elasticsearch/plugins - -{{/* -#################################### Plugin ################################### - -# If a plugin listed here is not installed for current node, the node will not start. -# -# plugin.mandatory: mapper-attachments,lang-groovy - - -################################### Memory #################################### - -# Elasticsearch performs poorly when JVM starts swapping: you should ensure that -# it _never_ swaps. -# -# Set this property to true to lock the memory: default is true - -#bootstrap.memory_lock: true - -# Make sure that the ES_MIN_MEM and ES_MAX_MEM environment variables are set -# to the same value, and that the machine has enough memory to allocate -# for Elasticsearch, leaving enough memory for the operating system itself. -# -# You should also make sure that the Elasticsearch process is allowed to lock -# the memory, eg. by using `ulimit -l unlimited`. - -### Kernel Settings - -# Elasticsearch installs system call filters of various flavors depending on the -# operating system (e.g., seccomp on Linux). These system call filters are -# installed to prevent the ability to execute system calls related to forking -# as a defense mechanism against arbitrary code execution attacks on -# Elasticsearch The system call filter check ensures that if system call -# filters are enabled, then they were successfully installed. To pass the system -# call filter check you must either fix any configuration errors on your system -# that prevented system call filters from installing (check your logs), or at -# your own risk disable system call filters by setting -# bootstrap.system_call_filter to false. -# See: https://www.elastic.co/guide/en/elasticsearch/reference/current/system-call-filter-check.html -# -# seccomp is found in Linux kernels: 2.6.37�2.6.39, 3.0�3.19, 4.0�4.9, -# 4.10-rc+HEAD -# -# The default setting is to disable the filters assuming an older kernel -# version where seccomp is not available. -# See: https://discuss.elastic.co/t/elasticsearch-warn-unable-to-install-syscall-filter/42819 -*/}} -bootstrap.system_call_filter: false - -{{/* -############################## Network And HTTP ############################### -# Elasticsearch, by default, binds itself to the 0.0.0.0 address, and listens -# on port [9200-9300] for HTTP traffic and on port [9300-9400] for node-to-node -# communication. (the range means that if the port is busy, it will automatically -# try the next port). - -# Set the bind address specifically (IPv4 or IPv6): -*/}} -network.bind_host: 0.0.0.0 - -{{/* -# Set the address other nodes will use to communicate with this node. If not -# set, it is automatically derived. It must point to an actual IP address. - -# network.publish_host: 0.0.0.0 - -# Set both 'bind_host' and 'publish_host': -# network.host: 192.168.0.1 - - -# Set a custom port for the node to node communication (9300 by default): -*/}} -transport.tcp.port: {{ .Values.service.internalPort2 }} - -# Enable compression for all communication between nodes (disabled by default): -transport.tcp.compress: false - -# Set a custom port to listen for HTTP traffic: -# http.port: 9200 -http.port: {{ .Values.service.internalPort }} - -# Set a custom allowed content length: -# http.max_content_length: 100mb -http.max_content_length: 100mb - -# Disable HTTP completely: -# http.enabled: false -http.enabled: true - -# This is specifically useful for permitting which front end Kibana Url's are permitted to access elastic search. -http.cors.enabled: false -http.cors.allow-origin: "/.*/" -http.cors.allow-headers: X-Requested-With, Content-Type, Content-Length -http.cors.allow-credentials: false -{{/* -################################### Gateway ################################### - -# The gateway allows for persisting the cluster state between full cluster -# restarts. Every change to the state (such as adding an index) will be stored -# in the gateway, and when the cluster starts up for the first time, -# it will read its state from the gateway. -# There are several types of gateway implementations. For more information, see -# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/modules-gateway.html>. - -# The default gateway type is the "local" gateway (recommended): -# -#gateway.type: local -#gateway.type: local - -# Settings below control how and when to start the initial recovery process on -# a full cluster restart (to reuse as much local data as possible when using shared -# gateway). - -# Allow recovery process after N nodes in a cluster are up: -# -# gateway.recover_after_nodes: 1 -*/}} -gateway.recover_after_nodes: 1 - -# Set the timeout to initiate the recovery process, once the N nodes -# from previous setting are up (accepts time value): -# -#gateway.recover_after_time: 5m -gateway.recover_after_time: 5m - -# Set how many nodes are expected in this cluster. Once these N nodes -# are up (and recover_after_nodes is met), begin recovery process immediately -# (without waiting for recover_after_time to expire): -# -# gateway.expected_nodes: 2 -gateway.expected_nodes: 2 - -{{/* -############################# Recovery Throttling ############################# - -# These settings allow to control the process of shards allocation between -# nodes during initial recovery, replica allocation, rebalancing, -# or when adding and removing nodes. - -# Set the number of concurrent recoveries happening on a node: -# -# 1. During the initial recovery -# -# cluster.routing.allocation.node_initial_primaries_recoveries: 4 -# -# 2. During adding/removing nodes, rebalancing, etc -# -# cluster.routing.allocation.node_concurrent_recoveries: 2 - -# Set to throttle throughput when recovering (eg. 100mb, by default 20mb): -# indices.recovery.max_bytes_per_sec: 20mb -*/}} -indices.recovery.max_bytes_per_sec: 20mb - -{{/* -# Set to limit the number of open concurrent streams when -# recovering a shard from a peer: -# -# indices.recovery.concurrent_streams: 5 -#indices.recovery.concurrent_streams: 5 - -################################## Discovery ################################## - -# Discovery infrastructure ensures nodes can be found within a cluster -# and master node is elected. Multicast discovery is the default. - -# Set to ensure a node sees N other master eligible nodes to be considered -# operational within the cluster. Its recommended to set it to a higher value -# than 1 when running more than 2 nodes in the cluster. -# -*/}} -discovery.zen.minimum_master_nodes: 1 - -{{/* -# Set the time to wait for ping responses from other nodes when discovering. -# Set this option to a higher value on a slow or congested network -# to minimize discovery failures: -# -# discovery.zen.ping_timeout: 3s -*/}} -discovery.zen.ping_timeout: 3s - -{{/* -# For more information, see -# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/modules-discovery-zen.html> - -# Unicast discovery allows to explicitly control which nodes will be used -# to discover the cluster. It can be used when multicast is not present, -# or to restrict the cluster communication-wise. -# -# 1. Disable multicast discovery (enabled by default): -# discovery.zen.ping.multicast.enabled: false -#discovery.zen.ping.multicast.enabled: false - - -# 2. Configure an initial list of master nodes in the cluster -# to perform discovery when new nodes (master or data) are started: -# -# discovery.zen.ping.unicast.hosts: ["host1", "host2:port"] - -*/}} -discovery.zen.ping.unicast.hosts: ["0.0.0.0"] - -{{/* -# EC2 discovery allows to use AWS EC2 API in order to perform discovery. -# -# You have to install the cloud-aws plugin for enabling the EC2 discovery. -# -# For more information, see -# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/modules-discovery-ec2.html> -# -# -# See <http://elasticsearch.org/tutorials/elasticsearch-on-ec2/> -# for a step-by-step tutorial. - -# GCE discovery allows to use Google Compute Engine API in order to perform discovery. -# -# You have to install the cloud-gce plugin for enabling the GCE discovery. -# -# For more information, see <https://github.com/elasticsearch/elasticsearch-cloud-gce>. - -# Azure discovery allows to use Azure API in order to perform discovery. -# -# You have to install the cloud-azure plugin for enabling the Azure discovery. -# -# For more information, see <https://github.com/elasticsearch/elasticsearch-cloud-azure>. - -################################## Slow Log ################################## - -# Shard level query and fetch threshold logging. - -#index.search.slowlog.threshold.query.warn: 10s -#index.search.slowlog.threshold.query.info: 5s -#index.search.slowlog.threshold.query.debug: 2s -#index.search.slowlog.threshold.query.trace: 500ms - -#index.search.slowlog.threshold.fetch.warn: 1s -#index.search.slowlog.threshold.fetch.info: 800ms -#index.search.slowlog.threshold.fetch.debug: 500ms -#index.search.slowlog.threshold.fetch.trace: 200ms - -#index.indexing.slowlog.threshold.index.warn: 10s -#index.indexing.slowlog.threshold.index.info: 5s -#index.indexing.slowlog.threshold.index.debug: 2s -#index.indexing.slowlog.threshold.index.trace: 500ms - -################################## GC Logging ################################ - -#monitor.jvm.gc.young.warn: 1000ms -#monitor.jvm.gc.young.info: 700ms -#monitor.jvm.gc.young.debug: 400ms - -#monitor.jvm.gc.old.warn: 10s -#monitor.jvm.gc.old.info: 5s -#monitor.jvm.gc.old.debug: 2s - - -# x-pack security conflicts with searchguard -*/}} -xpack.security.enabled: false -xpack.ml.enabled: false -xpack.monitoring.enabled: false -xpack.watcher.enabled: false diff --git a/kubernetes/aai/components/aai-elasticsearch/resources/config/jvm.options b/kubernetes/aai/components/aai-elasticsearch/resources/config/jvm.options deleted file mode 100644 index db4d2f0779..0000000000 --- a/kubernetes/aai/components/aai-elasticsearch/resources/config/jvm.options +++ /dev/null @@ -1,122 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -## JVM configuration - -################################################################ -## IMPORTANT: JVM heap size -################################################################ -## -## You should always set the min and max JVM heap -## size to the same value. For example, to set -## the heap to 4 GB, set: -## -## -Xms4g -## -Xmx4g -## -## See https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html -## for more information -## -################################################################ - -# Xms represents the initial size of total heap space -# Xmx represents the maximum size of total heap space -*/}} --Xms1g --Xmx1g - -{{/* -################################################################ -## Expert settings -################################################################ -## -## All settings below this section are considered -## expert settings. Don't tamper with them unless -## you understand what you are doing -## -################################################################ - -## GC configuration -*/}} --XX:+UseConcMarkSweepGC --XX:CMSInitiatingOccupancyFraction=75 --XX:+UseCMSInitiatingOccupancyOnly - -## optimizations - -# pre-touch memory pages used by the JVM during initialization --XX:+AlwaysPreTouch - -## basic - -# force the server VM --server - -# explicitly set the stack size --Xss1m - -# set to headless, just in case --Djava.awt.headless=true - -# ensure UTF-8 encoding by default (e.g. filenames) --Dfile.encoding=UTF-8 - -# use our provided JNA always versus the system one --Djna.nosys=true - -# turn off a JDK optimization that throws away stack traces for common -# exceptions because stack traces are important for debugging --XX:-OmitStackTraceInFastThrow - -# flags to configure Netty --Dio.netty.noUnsafe=true --Dio.netty.noKeySetOptimization=true --Dio.netty.recycler.maxCapacityPerThread=0 - -# log4j 2 --Dlog4j.shutdownHookEnabled=false --Dlog4j2.disable.jmx=true - -## heap dumps - -# generate a heap dump when an allocation from the Java heap fails -# heap dumps are created in the working directory of the JVM --XX:+HeapDumpOnOutOfMemoryError - -{{/* -# specify an alternative path for heap dumps -# ensure the directory exists and has sufficient space -#-XX:HeapDumpPath=/heap/dump/path - -## GC logging - -#-XX:+PrintGCDetails -#-XX:+PrintGCTimeStamps -#-XX:+PrintGCDateStamps -#-XX:+PrintClassHistogram -#-XX:+PrintTenuringDistribution -#-XX:+PrintGCApplicationStoppedTime - -# log GC status to a file with time stamps -# ensure the directory exists -#-Xloggc:${loggc} - -# By default, the GC log file will not rotate. -# By uncommenting the lines below, the GC log file -# will be rotated every 128MB at most 32 times. -#-XX:+UseGCLogFileRotation -#-XX:NumberOfGCLogFiles=32 -#-XX:GCLogFileSize=128M -*/}}
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-elasticsearch/resources/config/log4j2.properties b/kubernetes/aai/components/aai-elasticsearch/resources/config/log4j2.properties deleted file mode 100644 index 86200c6c10..0000000000 --- a/kubernetes/aai/components/aai-elasticsearch/resources/config/log4j2.properties +++ /dev/null @@ -1,91 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -status = error - -# log action execution errors for easier debugging -logger.action.name = org.elasticsearch.action -logger.action.level = INFO - -appender.console.type = Console -appender.console.name = console -appender.console.layout.type = PatternLayout -appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] %marker%m%n - -appender.rolling.type = RollingFile -appender.rolling.name = rolling -appender.rolling.fileName = ${sys:es.logs.base_path}.log -appender.rolling.layout.type = PatternLayout -appender.rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] %marker%.10000m%n -appender.rolling.filePattern = ${sys:es.logs.base_path}-%d{yyyy-MM-dd}.log -appender.rolling.policies.type = Policies -appender.rolling.policies.time.type = TimeBasedTriggeringPolicy -appender.rolling.policies.time.interval = 1 -appender.rolling.policies.time.modulate = true - -rootLogger.level = info -rootLogger.appenderRef.console.ref = console -rootLogger.appenderRef.rolling.ref = rolling - -{{/* -# appender.deprecation_rolling.type = RollingFile -# appender.deprecation_rolling.name = deprecation_rolling -# appender.deprecation_rolling.fileName = ${sys:es.logs.base_path}_deprecation.log -# appender.deprecation_rolling.layout.type = PatternLayout -# appender.deprecation_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] %marker%.10000m%n -# appender.deprecation_rolling.filePattern = ${sys:es.logs.base_path}_deprecation-%i.log.gz -# appender.deprecation_rolling.policies.type = Policies -# appender.deprecation_rolling.policies.size.type = SizeBasedTriggeringPolicy -# appender.deprecation_rolling.policies.size.size = 1GB -# appender.deprecation_rolling.strategy.type = DefaultRolloverStrategy -# appender.deprecation_rolling.strategy.max = 4 - -# logger.deprecation.name = org.elasticsearch.deprecation -# logger.deprecation.level = warn -# logger.deprecation.appenderRef.deprecation_rolling.ref = deprecation_rolling -# logger.deprecation.additivity = false -*/}} -appender.index_search_slowlog_rolling.type = RollingFile -appender.index_search_slowlog_rolling.name = index_search_slowlog_rolling -appender.index_search_slowlog_rolling.fileName = ${sys:es.logs.base_path}_index_search_slowlog.log -appender.index_search_slowlog_rolling.layout.type = PatternLayout -appender.index_search_slowlog_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c] %marker%.10000m%n -appender.index_search_slowlog_rolling.filePattern = ${sys:es.logs.base_path}_index_search_slowlog-%d{yyyy-MM-dd}.log -appender.index_search_slowlog_rolling.policies.type = Policies -appender.index_search_slowlog_rolling.policies.time.type = TimeBasedTriggeringPolicy -appender.index_search_slowlog_rolling.policies.time.interval = 1 -appender.index_search_slowlog_rolling.policies.time.modulate = true - -logger.index_search_slowlog_rolling.name = index.search.slowlog -logger.index_search_slowlog_rolling.level = trace -logger.index_search_slowlog_rolling.appenderRef.index_search_slowlog_rolling.ref = index_search_slowlog_rolling -logger.index_search_slowlog_rolling.additivity = false - -appender.index_indexing_slowlog_rolling.type = RollingFile -appender.index_indexing_slowlog_rolling.name = index_indexing_slowlog_rolling -appender.index_indexing_slowlog_rolling.fileName = ${sys:es.logs.base_path}_index_indexing_slowlog.log -appender.index_indexing_slowlog_rolling.layout.type = PatternLayout -appender.index_indexing_slowlog_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c] %marker%.10000m%n -appender.index_indexing_slowlog_rolling.filePattern = ${sys:es.logs.base_path}_index_indexing_slowlog-%d{yyyy-MM-dd}.log -appender.index_indexing_slowlog_rolling.policies.type = Policies -appender.index_indexing_slowlog_rolling.policies.time.type = TimeBasedTriggeringPolicy -appender.index_indexing_slowlog_rolling.policies.time.interval = 1 -appender.index_indexing_slowlog_rolling.policies.time.modulate = true - -logger.index_indexing_slowlog.name = index.indexing.slowlog.index -logger.index_indexing_slowlog.level = trace -logger.index_indexing_slowlog.appenderRef.index_indexing_slowlog_rolling.ref = index_indexing_slowlog_rolling -logger.index_indexing_slowlog.additivity = false diff --git a/kubernetes/aai/components/aai-elasticsearch/templates/configmap.yaml b/kubernetes/aai/components/aai-elasticsearch/templates/configmap.yaml deleted file mode 100644 index 63775038f4..0000000000 --- a/kubernetes/aai/components/aai-elasticsearch/templates/configmap.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-es-config - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/aai/components/aai-elasticsearch/templates/deployment.yaml b/kubernetes/aai/components/aai-elasticsearch/templates/deployment.yaml deleted file mode 100644 index 3a92d97ff7..0000000000 --- a/kubernetes/aai/components/aai-elasticsearch/templates/deployment.yaml +++ /dev/null @@ -1,123 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# Modifications Copyright © 2020 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - name: {{ include "common.name" . }} - spec: - hostname: {{ include "common.name" . }} - initContainers: - - command: - - /bin/sh - - -c - - | - sysctl -w vm.max_map_count=262144 - mkdir -p /logroot/elasticsearch/logs - mkdir -p /logroot/elasticsearch/data - chmod -R 777 /logroot/elasticsearch - chown -R 1000:1000 /logroot - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - securityContext: - privileged: true - image: {{ include "repositoryGenerator.image.busybox" . }} - imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} - name: init-sysctl - volumeMounts: - - name: elasticsearch-data - mountPath: /logroot/ - containers: - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.elasticRepository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - volumeMounts: - - name: localtime - mountPath: /etc/localtime - readOnly: true - - name: elasticsearch-config - subPath: elasticsearch.yml - mountPath: /usr/share/elasticsearch/config/elasticsearch.yml - - name: elasticsearch-config - subPath: jvm.options - mountPath: /usr/share/elasticsearch/config/jvm.options - - name: elasticsearch-config - subPath: log4j2.properties - mountPath: /usr/share/elasticsearch/config/log4j2.properties - - name: elasticsearch-data - mountPath: /usr/share/elasticsearch/data - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: elasticsearch-config - configMap: - name: {{ include "common.fullname" . }}-es-config - - name: elasticsearch-data - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-data - restartPolicy: {{ .Values.restartPolicy }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/components/aai-elasticsearch/templates/pv.yaml b/kubernetes/aai/components/aai-elasticsearch/templates/pv.yaml deleted file mode 100644 index 0838e3367b..0000000000 --- a/kubernetes/aai/components/aai-elasticsearch/templates/pv.yaml +++ /dev/null @@ -1,42 +0,0 @@ -{{/* -# Copyright ▒ 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if eq "True" (include "common.needPV" .) -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} - annotations: - "helm.sh/hook": pre-upgrade,pre-install - "helm.sh/hook-weight": "0" - "helm.sh/hook-delete-policy": before-hook-creation -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - storageClassName: "{{ include "common.fullname" . }}-data" - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }} -{{- end -}}
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-elasticsearch/templates/pvc.yaml b/kubernetes/aai/components/aai-elasticsearch/templates/pvc.yaml deleted file mode 100644 index 513a7e80f6..0000000000 --- a/kubernetes/aai/components/aai-elasticsearch/templates/pvc.yaml +++ /dev/null @@ -1,36 +0,0 @@ -{{/* -# Copyright ▒ 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-data - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} - storageClassName: {{ include "common.storageClass" . }} diff --git a/kubernetes/aai/components/aai-elasticsearch/templates/service.yaml b/kubernetes/aai/components/aai-elasticsearch/templates/service.yaml deleted file mode 100644 index 66dfd493dd..0000000000 --- a/kubernetes/aai/components/aai-elasticsearch/templates/service.yaml +++ /dev/null @@ -1,46 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName2 }} - {{- else -}} - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - clusterIP: None diff --git a/kubernetes/aai/components/aai-elasticsearch/values.yaml b/kubernetes/aai/components/aai-elasticsearch/values.yaml deleted file mode 100644 index c0ef11ce7b..0000000000 --- a/kubernetes/aai/components/aai-elasticsearch/values.yaml +++ /dev/null @@ -1,109 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# Modifications Copyright © 2020 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for elasticsearch. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: # global defaults - nodePortPrefix: 302 - persistence: - mountPath: /dockerdata-nfs - -# application image -image: elasticsearch/elasticsearch:6.1.2 -pullPolicy: Always -restartPolicy: Always - -flavor: small -flavorOverride: small - -# application configuration -config: - tcpPort: 8443 - nodeKeyStore: esaai-keystore.jks - nodeKeyStorePassword: b87b46d3da7d3d4aadfe - adminKeyStore: sgadmin-keystore.p12 - adminKeyStorePassword: 341274302a70ad691e12 - trustStore: truststore.jks - trustStorePassword: b200926e9da205487f63 - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - name: aai-elasticsearch - portName: aai-elasticsearch - internalPort: 9200 - portName2: aai-elasticsearch-tcp - internalPort2: 8443 - -ingress: - enabled: false - -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: <storageClass> - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - ## storageClass: "-" - accessMode: ReadWriteOnce - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: aai/elasticsearch/data - -resources: - small: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 0.5 - memory: 2Gi - large: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 1 - memory: 4Gi - unlimited: {} diff --git a/kubernetes/aai/components/aai-graphadmin/values.yaml b/kubernetes/aai/components/aai-graphadmin/values.yaml index 533826eb2c..63c668fb9e 100644 --- a/kubernetes/aai/components/aai-graphadmin/values.yaml +++ b/kubernetes/aai/components/aai-graphadmin/values.yaml @@ -118,7 +118,7 @@ global: # global defaults # application image -image: onap/aai-graphadmin:1.7.1 +image: onap/aai-graphadmin:1.8.0 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/components/aai-resources/requirements.yaml b/kubernetes/aai/components/aai-resources/requirements.yaml index 42641a2e5c..498f1b837d 100644 --- a/kubernetes/aai/components/aai-resources/requirements.yaml +++ b/kubernetes/aai/components/aai-resources/requirements.yaml @@ -21,6 +21,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: certInitializer + version: ~7.x-0 + repository: '@local' - name: repositoryGenerator version: ~7.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-resources/resources/config/aaf/org.onap.aai.keyfile b/kubernetes/aai/components/aai-resources/resources/config/aaf/org.onap.aai.keyfile deleted file mode 100644 index 4c14bc37f1..0000000000 --- a/kubernetes/aai/components/aai-resources/resources/config/aaf/org.onap.aai.keyfile +++ /dev/null @@ -1,27 +0,0 @@ -VoVoSXQrAveX2NBnoAGs7p5q5Zn5vWkVXC81HQrzers30k7OzSy5rfCRSUVO13wuo-wzJQ4GGn4e -ZSOZrtTCenFwunUX6mirkIlip8W2TLNVH6O3VN-F7JS6t_6EFF5z1y7amr9MCWQ8p72Ig9uHMUWC -uPLjD6GUWAEw0BIGtCbXgJDs6v2EOCv0TV8Mq1uYSaiAOZgMlehwt1tWcE3iSRfZscjIp4Kjpe4e -QsZ9Bc5ATTnY3Tc5Mtmubc-1cwGDQQWFIo5k_cWfxhtpMAsNSidwp-zBjCKEWC465BKSSiUHwp4M -YW_6xrmN1FobnFqLCNoUEoXH3Mcgeze74dXmaN8_JyQ6T5pT1EtETsitnktrfFh-XsLKGf8vE1m8 -pfAtq4hPeq1jMdG0D8SRVGFxJlHa9VsmYpbUj_4I3GGsaBt_EBl9ZUtL0b3Vnx5fnqS1OZ1amL0z -94rQfQMf2UAnbI1j2j5oV6Hy2eBmSiLft2aNxs1VPmmZLQsm5dXDKF1eJ6twNmaZvzmQaSHTpN4b -YqPonSwlYK1ZARaKzx1SivpRWzRP-nqqFazfAnPlLdvCBpCK0g_SjwLvlifozVmH2j0Vd6E9F9XE -NzJSfUY6NsX6_7t10yDYtBKbFKID3jIKmSj7yn5PKNbEWBwmgvkBh4PIKTRij11udR8S8PnYsfTT -PyC52LH37LL5Me3Y443zOUXtYWwN6wfCi9H4pDQGmg7mcnpKV0Z-Iw59AuLKypTriG3-9DxYgMSa -_GCDiCIXhcWSEYieRV45qHoeVdgrPGN8iy9leO_JmikGsjcIKl0-mGrojsV0zHrqeP-fyvgpFD1x -NXLKeqErqSw_KMFOxCa0-cUQHgrVvrs5wDYeetZ4TRafKEYkojZhq6mbM5V2zScQTxU_VEHK0PIs -BJ6xHzcw9DLUjPTVtHXXbag9ly9ReoHXRLD5O9RZUvLH9pGRIkn_tMrVD1scMiS4ln9QplyGRF1_ -AAXysVgCna3-xuOIYo8zG74d29eNcuEpejPR8CiSWKiKNqp0zMYB5Jpv2dlf0XMucMne-6WV1-gg -EETogBbymFC6rcc31TjPwqnqyLY0XP7Gy1trJ47aI9zBXS3IZLmGaKW1d12ELDRsWctujcjHyt1_ -Vp3hrny5w7BNWD8SIueUzke3-OuEhOmu0o84TGvfHc6fmKCggRBn_oXee4OeCnt2HzNSlLvOV9AZ -g5e1UKuzl2dODQCZHNNdj-7f25LIVSV44m0SVNsDwboQ4s7T5HOTn3NM2KpklwBnB6w5ze2FFBzb -5XNzyXOpDgHEnszN1U90WrpoFvJ0LFJ5XeX8mH0q9lpcKZXbOqP383_dBXyEd237m2OF6WVG4VVm -4dqB98pBLiGpCR1K6ocdcZE6mAMQn-OdDaLIJLcXt77i1j2MNlODeax-MJnxMW8EjPAzNJzrdq5e -21spFMZJT9vthdl0qqiiduuTazaXGrmvnB85uvRCXVqJOesVG3HebubWrQuuuePxVTSL18R_PhId -0hmqho-MOZUHHTxGzqFDR0iOO8Y4hZfiAipHAd49IkkmYJUrEAb258in8W4__vJ5UcIdq2Rd8L9l -vtIzf7AKcFCyx7Woi95GpEJ2Kr_f6aG1_04hbFY_LHP3EHPcOxsDHjz-8FYreze_LUdsYx-fBMft -mcFmbFAblk8Jz7GYQ7c4XwULt2BbMr9rsuGuZHL3Ap6lX1eI0-6d8ZZ3DIXIWubTTqHG_mRNd5XW -b0x5nlEbnvw4t4DdjGsEONpQfllnnmkr25tPQBncPjlsA3oso6h5QM4psvkkKi8yd0N6t-yyLwra -w1B3p9YQFzK2hGA24Seo83baLRgIK6YvEsNnXdI7fmVEOetIslQue__6S6GupdqgUFx9xrtDLN-d -TbdxpezKWfkjCxEBxXyAhOttb3qqP0-jtZV7OEsZmmz0T9DG4hYnNfs-clD7rrD3Va7znzDru2sq -PtgpapahbNjM9pbx9_fU7M35aEYnGtEwG9BVGVxsWmIBMTc05ncru4qE0fLkjsDSnCMQ54e0
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-resources/resources/config/aaf/org.onap.aai.p12 b/kubernetes/aai/components/aai-resources/resources/config/aaf/org.onap.aai.p12 Binary files differdeleted file mode 100644 index b2449c6a54..0000000000 --- a/kubernetes/aai/components/aai-resources/resources/config/aaf/org.onap.aai.p12 +++ /dev/null diff --git a/kubernetes/aai/components/aai-resources/resources/config/aaf/org.onap.aai.props b/kubernetes/aai/components/aai-resources/resources/config/aaf/org.onap.aai.props index d5a64750f4..f4bb9ee89c 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/aaf/org.onap.aai.props +++ b/kubernetes/aai/components/aai-resources/resources/config/aaf/org.onap.aai.props @@ -1,15 +1,15 @@ ############################################################ # Properties Generated by AT&T Certificate Manager # @copyright 2016, AT&T +# Modifications Copyright © 2020 Orange ############################################################ cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US -cadi_keyfile=/opt/app/aai-resources/resources/aaf/org.onap.aai.keyfile -cadi_keystore=/opt/app/aai-resources/resources/aaf/org.onap.aai.p12 -cadi_keystore_password=enc:dgVjUeXy3cuR7nJ3TFVrXFfAu19gn6rie-RsS96-0fmeZwMsXlNIgK_rHd2eRY_p +cadi_keyfile={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.keyfile +cadi_keystore={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 +cadi_keystore_password=${KEYSTORE_PASSWORD} -#cadi_key_password=enc:9xs_lJ9QQRDoMcHqLbGg40-gefGrw-sLMjWL40ejbyqdC7Jt_pQfY6ajBLGcbLuL cadi_alias=aai@aai.onap.org -cadi_truststore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks -cadi_truststore_password=enc:nF3CZ7w_swzgWJX8CtEOsKWA50x-Da_HbiYlXPWrQym +cadi_truststore={{ .Values.certInitializer.credsPath }}/truststoreONAPall.jks +cadi_truststore_password=${TRUSTSTORE_ALL_PASSWORD} cadi_loglevel=INFO cadi_bath_convert=/opt/app/aai-resources/resources/aaf/bath_config.csv diff --git a/kubernetes/aai/components/aai-resources/resources/config/aaiconfig.properties b/kubernetes/aai/components/aai-resources/resources/config/aaiconfig.properties index 70e8bec01a..0d51326f3b 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/aaiconfig.properties +++ b/kubernetes/aai/components/aai-resources/resources/config/aaiconfig.properties @@ -4,6 +4,7 @@ # org.onap.aai # ================================================================================ # Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2020 Orange # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -47,10 +48,10 @@ aai.tools.username={{ .Values.global.config.basic.auth.username }} aai.tools.password={{ .Values.global.config.basic.auth.passwd }} {{ end }} -aai.truststore.filename={{ .Values.global.config.truststore.filename }} -aai.truststore.passwd.x={{ .Values.global.config.truststore.passwd }} -aai.keystore.filename={{ .Values.global.config.keystore.filename }} -aai.keystore.passwd.x={{ .Values.global.config.keystore.passwd }} +aai.truststore.filename={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks +aai.truststore.passwd.x=${TRUSTSTORE_PASSWORD} +aai.keystore.filename={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 +aai.keystore.passwd.x=${KEYSTORE_PASSWORD} aai.notification.current.version={{ .Values.global.config.schema.version.api.default }} aai.notificationEvent.default.status=UNPROCESSED diff --git a/kubernetes/aai/components/aai-resources/resources/config/application-keycloak.properties b/kubernetes/aai/components/aai-resources/resources/config/application-keycloak.properties index 0aee21778c..4f480cb5d7 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/application-keycloak.properties +++ b/kubernetes/aai/components/aai-resources/resources/config/application-keycloak.properties @@ -3,7 +3,7 @@ spring.autoconfigure.exclude=\ org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,\ org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration - +multi.tenancy.enabled=true keycloak.auth-server-url=http://{{ .Values.config.keycloak.host }}:{{ .Values.config.keycloak.port }}/auth keycloak.realm=aai-resources keycloak.resource=aai-resources-app diff --git a/kubernetes/aai/components/aai-resources/resources/config/application.properties b/kubernetes/aai/components/aai-resources/resources/config/application.properties index 61410c551e..70ebd3ac54 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/application.properties +++ b/kubernetes/aai/components/aai-resources/resources/config/application.properties @@ -1,5 +1,6 @@ {{/* # Copyright © 2018 Amdocs, Bell Canada, AT&T +# Modifications Copyright © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -44,10 +45,10 @@ server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties server.port=8447 server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 -server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }} -server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) -server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }} -server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) +server.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 +server.ssl.key-store-password=${KEYSTORE_PASSWORD} +server.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks +server.ssl.trust-store-password=${TRUSTSTORE_PASSWORD} server.ssl.client-auth=want server.ssl.key-store-type=JKS @@ -92,7 +93,7 @@ schema.service.edges.endpoint=edgerules?version= schema.service.versions.endpoint=versions schema.service.client={{ .Values.global.config.schema.service.client }} -schema.service.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }} -schema.service.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }} -schema.service.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) -schema.service.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) +schema.service.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 +schema.service.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks +schema.service.ssl.key-store-password=${KEYSTORE_PASSWORD} +schema.service.ssl.trust-store-password=${TRUSTSTORE_PASSWORD} diff --git a/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml b/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml index 7f6a03168e..f5829a1dac 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml +++ b/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml @@ -25,22 +25,22 @@ -->
*/}}
<configuration>
- <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
- <appender name="ACCESS"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
- </encoder>
- </appender>
- <appender-ref ref="ACCESS" />
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <appender name="ACCESS"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
+ </encoder>
+ </appender>
+ <appender-ref ref="ACCESS" />
</configuration>
{{/*
-<!--
+<!--
%a - Remote IP address
%A - Local IP address
%b - Bytes sent, excluding HTTP headers, or '-' if no bytes were sent
@@ -62,5 +62,6 @@ %z - Custom pattern that parses the cert for the subject
%y - Custom pattern determines rest or dme2
- -->
-*/}}
\ No newline at end of file +-->
+*/}}
+
diff --git a/kubernetes/aai/components/aai-resources/resources/config/logback.xml b/kubernetes/aai/components/aai-resources/resources/config/logback.xml index df35aaa0ed..287b59f535 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/logback.xml +++ b/kubernetes/aai/components/aai-resources/resources/config/logback.xml @@ -11,7 +11,7 @@ you may not use this file except in compliance with the License. You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 + http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, @@ -25,322 +25,322 @@ --> */}} <configuration scan="true" scanPeriod="60 seconds" debug="false"> - <statusListener class="ch.qos.logback.core.status.NopStatusListener" /> + <statusListener class="ch.qos.logback.core.status.NopStatusListener" /> - <property resource="application.properties" /> + <property resource="application.properties" /> - <property name="namespace" value="aai-resources"/> + <property name="namespace" value="aai-resources"/> - <property name="AJSC_HOME" value="${AJSC_HOME:-.}" /> - <jmxConfigurator /> - <property name="logDirectory" value="${AJSC_HOME}/logs" /> - <!-- Old patterns - <property name="eelfLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> - <property name="eelfAuditLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> - <property name="eelfMetricLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{targetVirtualEntity}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> - <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%ecompServiceName|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%ecompResponseCode|%ecompResponseDescription|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> + <property name="AJSC_HOME" value="${AJSC_HOME:-.}" /> + <jmxConfigurator /> + <property name="logDirectory" value="${AJSC_HOME}/logs" /> + <!-- Old patterns + <property name="eelfLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> + <property name="eelfAuditLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> + <property name="eelfMetricLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{targetVirtualEntity}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> + <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%ecompServiceName|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%ecompResponseCode|%ecompResponseDescription|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> <property name="eelfTransLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{partnerName}:%m%n"/> --> - <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> - <property name="p_lvl" value="%level"/> - <property name="p_log" value="%logger"/> - <property name="p_mdc" value="%replace(%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}){'\\|', '!'}"/> - <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_thr" value="%thread"/> - <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> - <!-- Patterns from onap demo --> - <property name="errorPattern" value="%X{LogTimestamp}|%X{RequestID}|%thread|%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{TargetEntity}|%replace(%X{TargetServiceName}){'\\|', '!'}|%.-5level|%X{ErrorCode}|%X{ErrorDesc}|%msg%n" /> - <property name="debugPattern" value="%X{LogTimestamp}|%X{RequestID}|%msg\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t|^%n" /> - <property name="auditPattern" value="%X{EntryTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceID}|%thread||%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}||||${p_mak}|${p_mdc}|||%msg%n" /> - <property name="metricPattern" value="%X{InvokeTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceID}|%thread||%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{TargetEntity}|%replace(%X{TargetServiceName}){'\\|', '!'}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}||||%X{TargetVirtualEntity}|${p_mak}|${p_mdc}|||%msg%n" /> - <property name="transLogPattern" value="%X{LogTimestamp}|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{RequestID}|%X{ServiceInstanceID}|%-10t|%X{ServerFQDN}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%replace(%replace(%X{ResponseDesc}){'\\|', '!'}){'\r|\n', '^'}|%X{InstanceUUID}|%level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{clientIpAddress}||%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{PartnerName}:%m%n"/> - <conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" /> + <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> + <property name="p_lvl" value="%level"/> + <property name="p_log" value="%logger"/> + <property name="p_mdc" value="%replace(%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}){'\\|', '!'}"/> + <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_thr" value="%thread"/> + <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> + <!-- Patterns from onap demo --> + <property name="errorPattern" value="%X{LogTimestamp}|%X{RequestID}|%thread|%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{TargetEntity}|%replace(%X{TargetServiceName}){'\\|', '!'}|%.-5level|%X{ErrorCode}|%X{ErrorDesc}|%msg%n" /> + <property name="debugPattern" value="%X{LogTimestamp}|%X{RequestID}|%msg\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t|^%n" /> + <property name="auditPattern" value="%X{EntryTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceID}|%thread||%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}||||${p_mak}|${p_mdc}|||%msg%n" /> + <property name="metricPattern" value="%X{InvokeTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceID}|%thread||%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{TargetEntity}|%replace(%X{TargetServiceName}){'\\|', '!'}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}||||%X{TargetVirtualEntity}|${p_mak}|${p_mdc}|||%msg%n" /> + <property name="transLogPattern" value="%X{LogTimestamp}|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{RequestID}|%X{ServiceInstanceID}|%-10t|%X{ServerFQDN}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%replace(%replace(%X{ResponseDesc}){'\\|', '!'}){'\r|\n', '^'}|%X{InstanceUUID}|%level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{clientIpAddress}||%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{PartnerName}:%m%n"/> + <conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" /> <conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" /> <conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" /> - <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> - <encoder> - <pattern> - %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx} - </pattern> - </encoder> - </appender> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern> + %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx} + </pattern> + </encoder> + </appender> - <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/rest/sane.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n - </pattern> - </encoder> - </appender> + <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/rest/sane.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + </pattern> + </encoder> + </appender> - <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <includeCallerData>true</includeCallerData> - <appender-ref ref="SANE" /> - </appender> - <appender name="METRIC" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/rest/metrics.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}</fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${metricPattern}</pattern> - </encoder> - </appender> + <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>1000</queueSize> + <includeCallerData>true</includeCallerData> + <appender-ref ref="SANE" /> + </appender> + <appender name="METRIC" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/rest/metrics.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}</fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>${metricPattern}</pattern> + </encoder> + </appender> - <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <includeCallerData>true</includeCallerData> - <appender-ref ref="METRIC"/> - </appender> + <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>1000</queueSize> + <includeCallerData>true</includeCallerData> + <appender-ref ref="METRIC"/> + </appender> - <appender name="DEBUG" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>DEBUG</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <file>${logDirectory}/rest/debug.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}</fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${debugPattern}</pattern> - </encoder> - </appender> + <appender name="DEBUG" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>DEBUG</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <file>${logDirectory}/rest/debug.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}</fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>${debugPattern}</pattern> + </encoder> + </appender> - <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <appender-ref ref="DEBUG" /> - <includeCallerData>true</includeCallerData> - </appender> - <appender name="ERROR" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/rest/error.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}</fileNamePattern> - </rollingPolicy> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>WARN</level> - </filter> - <encoder> - <pattern>${errorPattern}</pattern> - </encoder> - </appender> + <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>1000</queueSize> + <appender-ref ref="DEBUG" /> + <includeCallerData>true</includeCallerData> + </appender> + <appender name="ERROR" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/rest/error.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}</fileNamePattern> + </rollingPolicy> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>WARN</level> + </filter> + <encoder> + <pattern>${errorPattern}</pattern> + </encoder> + </appender> - <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <appender-ref ref="ERROR"/> - </appender> + <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>1000</queueSize> + <appender-ref ref="ERROR"/> + </appender> - <appender name="AUDIT" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/rest/audit.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${auditPattern}</pattern> - </encoder> - </appender> + <appender name="AUDIT" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/rest/audit.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd} + </fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>${auditPattern}</pattern> + </encoder> + </appender> - <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <includeCallerData>true</includeCallerData> - <appender-ref ref="AUDIT" /> - </appender> + <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>1000</queueSize> + <includeCallerData>true</includeCallerData> + <appender-ref ref="AUDIT" /> + </appender> - <appender name="translog" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>DEBUG</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <file>${logDirectory}/rest/translog.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${transLogPattern}</pattern> - </encoder> - </appender> + <appender name="translog" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>DEBUG</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <file>${logDirectory}/rest/translog.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd} + </fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>${transLogPattern}</pattern> + </encoder> + </appender> - <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <includeCallerData>true</includeCallerData> - <appender-ref ref="translog" /> - </appender> + <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>1000</queueSize> + <includeCallerData>true</includeCallerData> + <appender-ref ref="translog" /> + </appender> - <appender name="dmaapAAIEventConsumer" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>WARN</level> - </filter> - <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${errorPattern}</pattern> - </encoder> + <appender name="dmaapAAIEventConsumer" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>WARN</level> + </filter> + <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd} + </fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>${errorPattern}</pattern> + </encoder> - </appender> + </appender> - <appender name="dmaapAAIEventConsumerDebug" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>DEBUG</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${debugPattern}</pattern> - </encoder> - </appender> - <appender name="dmaapAAIEventConsumerInfo" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>INFO</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <File>${logDirectory}/dmaapAAIEventConsumer/dmaap-transaction.log</File> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/dmaap-transaction.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${auditPattern}</pattern> - </encoder> - </appender> - <appender name="dmaapAAIEventConsumerMetric" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>INFO</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${metricPattern}</pattern> - </encoder> - </appender> - <appender name="external" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>WARN</level> - </filter> - <file>${logDirectory}/external/external.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${debugPattern}</pattern> - </encoder> - </appender> - <appender name="auth" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>DEBUG</level> - </filter> - <file>${logDirectory}/auth/auth.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/auth/auth.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>%d{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}[%thread] %-5level %logger{1024} - %msg%n</pattern> - </encoder> - </appender> - <appender name="asyncAUTH" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <includeCallerData>true</includeCallerData> - <appender-ref ref="auth" /> - </appender> - <!-- logback internals logging --> + <appender name="dmaapAAIEventConsumerDebug" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>DEBUG</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd} + </fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>${debugPattern}</pattern> + </encoder> + </appender> + <appender name="dmaapAAIEventConsumerInfo" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>INFO</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <File>${logDirectory}/dmaapAAIEventConsumer/dmaap-transaction.log</File> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/dmaap-transaction.log.%d{yyyy-MM-dd} + </fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>${auditPattern}</pattern> + </encoder> + </appender> + <appender name="dmaapAAIEventConsumerMetric" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>INFO</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd} + </fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>${metricPattern}</pattern> + </encoder> + </appender> + <appender name="external" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>WARN</level> + </filter> + <file>${logDirectory}/external/external.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd} + </fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>${debugPattern}</pattern> + </encoder> + </appender> + <appender name="auth" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>DEBUG</level> + </filter> + <file>${logDirectory}/auth/auth.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/auth/auth.log.%d{yyyy-MM-dd} + </fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>%d{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}[%thread] %-5level %logger{1024} - %msg%n</pattern> + </encoder> + </appender> + <appender name="asyncAUTH" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>1000</queueSize> + <includeCallerData>true</includeCallerData> + <appender-ref ref="auth" /> + </appender> + <!-- logback internals logging --> - <logger name="ch.qos.logback.classic" level="WARN" /> - <logger name="ch.qos.logback.core" level="WARN" /> + <logger name="ch.qos.logback.classic" level="WARN" /> + <logger name="ch.qos.logback.core" level="WARN" /> - <logger name="com.att.aft.dme2" level="WARN" /> - <logger name="com.jayway.jsonpath" level="WARN" /> + <logger name="com.att.aft.dme2" level="WARN" /> + <logger name="com.jayway.jsonpath" level="WARN" /> - <logger name="org.apache" level="OFF" /> - <logger name="org.apache.commons" level="WARN" /> - <logger name="org.apache.zookeeper" level="OFF" /> - <logger name="org.codehaus.groovy" level="WARN" /> - <logger name="org.eclipse.jetty" level="WARN" /> - <!-- Spring related loggers --> - <logger name="org.springframework" level="WARN" /> - <logger name="org.springframework.beans" level="WARN" /> - <logger name="org.springframework.web" level="WARN" /> - <logger name="org.janusgraph" level="WARN" /> - <logger name="org.zookeeper" level="OFF" /> + <logger name="org.apache" level="OFF" /> + <logger name="org.apache.commons" level="WARN" /> + <logger name="org.apache.zookeeper" level="OFF" /> + <logger name="org.codehaus.groovy" level="WARN" /> + <logger name="org.eclipse.jetty" level="WARN" /> + <!-- Spring related loggers --> + <logger name="org.springframework" level="WARN" /> + <logger name="org.springframework.beans" level="WARN" /> + <logger name="org.springframework.web" level="WARN" /> + <logger name="org.janusgraph" level="WARN" /> + <logger name="org.zookeeper" level="OFF" /> - <logger name="org.onap.aai" level="DEBUG" additivity="false"> - <appender-ref ref="asyncDEBUG" /> - <appender-ref ref="asyncSANE" /> - <appender-ref ref="STDOUT" /> - </logger> - <logger name="org.onap.aai.aaf.auth" level="DEBUG" additivity="false"> - <appender-ref ref="asyncAUTH" /> - <appender-ref ref="STDOUT" /> - </logger> - <logger name="org.onap.aai.aailog.logs.AaiScheduledTaskAuditLog" level="INFO"> - <appender-ref ref="asyncAUDIT"/> - </logger> - <logger name="org.onap.logging.filter.base.AbstractAuditLogFilter" level="INFO"> - <appender-ref ref="asyncAUDIT"/> - </logger> - <logger name="org.onap.aai.aailog.logs.AaiDBMetricLog" level="INFO"> - <appender-ref ref="asyncMETRIC"/> - </logger> - <logger name="org.onap.aai.aailog.logs.AaiDmaapMetricLog" level="INFO"> - <appender-ref ref="dmaapAAIEventConsumerMetric"/> - </logger> - <logger name="org.onap.aai.logging.ErrorLogHelper" level="WARN"> - <appender-ref ref="asyncERROR"/> - </logger> - <logger name="org.onap.aai.interceptors.post" level="DEBUG" additivity="false"> - <appender-ref ref="asynctranslog" /> - <appender-ref ref="STDOUT" /> - </logger> + <logger name="org.onap.aai" level="DEBUG" additivity="false"> + <appender-ref ref="asyncDEBUG" /> + <appender-ref ref="asyncSANE" /> + <appender-ref ref="STDOUT" /> + </logger> + <logger name="org.onap.aai.aaf.auth" level="DEBUG" additivity="false"> + <appender-ref ref="asyncAUTH" /> + <appender-ref ref="STDOUT" /> + </logger> + <logger name="org.onap.aai.aailog.logs.AaiScheduledTaskAuditLog" level="INFO"> + <appender-ref ref="asyncAUDIT"/> + </logger> + <logger name="org.onap.logging.filter.base.AbstractAuditLogFilter" level="INFO"> + <appender-ref ref="asyncAUDIT"/> + </logger> + <logger name="org.onap.aai.aailog.logs.AaiDBMetricLog" level="INFO"> + <appender-ref ref="asyncMETRIC"/> + </logger> + <logger name="org.onap.aai.aailog.logs.AaiDmaapMetricLog" level="INFO"> + <appender-ref ref="dmaapAAIEventConsumerMetric"/> + </logger> + <logger name="org.onap.aai.logging.ErrorLogHelper" level="WARN"> + <appender-ref ref="asyncERROR"/> + </logger> + <logger name="org.onap.aai.interceptors.post" level="DEBUG" additivity="false"> + <appender-ref ref="asynctranslog" /> + <appender-ref ref="STDOUT" /> + </logger> - <logger name="org.onap.aai.dmaap" level="DEBUG" additivity="false"> - <appender-ref ref="dmaapAAIEventConsumer" /> - <appender-ref ref="dmaapAAIEventConsumerDebug" /> - </logger> + <logger name="org.onap.aai.dmaap" level="DEBUG" additivity="false"> + <appender-ref ref="dmaapAAIEventConsumer" /> + <appender-ref ref="dmaapAAIEventConsumerDebug" /> + </logger> - <logger name="com.att.nsa.mr" level="INFO" > - <appender-ref ref="dmaapAAIEventConsumerInfo" /> - </logger> + <logger name="com.att.nsa.mr" level="INFO" > + <appender-ref ref="dmaapAAIEventConsumerInfo" /> + </logger> - <root level="DEBUG"> - <appender-ref ref="external" /> - <appender-ref ref="STDOUT" /> - </root> + <root level="DEBUG"> + <appender-ref ref="external" /> + <appender-ref ref="STDOUT" /> + </root> </configuration> diff --git a/kubernetes/aai/components/aai-resources/templates/configmap.yaml b/kubernetes/aai/components/aai-resources/templates/configmap.yaml index f173916104..99973565f8 100644 --- a/kubernetes/aai/components/aai-resources/templates/configmap.yaml +++ b/kubernetes/aai/components/aai-resources/templates/configmap.yaml @@ -18,7 +18,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-configmap + name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} diff --git a/kubernetes/aai/components/aai-resources/templates/deployment.yaml b/kubernetes/aai/components/aai-resources/templates/deployment.yaml index 6fbbf1c089..7dc79a774f 100644 --- a/kubernetes/aai/components/aai-resources/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-resources/templates/deployment.yaml @@ -72,30 +72,28 @@ spec: {{- end }} spec: hostname: aai-resources - initContainers: - - command: - {{- if .Values.global.jobs.migration.enabled }} + initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }} + - name: {{ include "common.name" . }}-readiness + command: - /app/ready.py args: + {{- if .Values.global.jobs.migration.enabled }} - --job-name - {{ include "common.release" . }}-aai-graphadmin-migration - {{- else }} - {{- if .Values.global.jobs.createSchema.enabled }} - - /app/ready.py - args: + {{- else }} + {{- if .Values.global.jobs.createSchema.enabled }} - --job-name - {{ include "common.release" . }}-aai-graphadmin-create-db-schema - {{- else }} - - /app/ready.py - args: + {{- else }} - --container-name - {{- if .Values.global.cassandra.localCluster }} + {{- if .Values.global.cassandra.localCluster }} - aai-cassandra - {{- else }} + {{- else }} - cassandra - {{- end }} + {{- end }} - --container-name - aai-schema-service + {{- end }} {{- end }} env: - name: NAMESPACE @@ -105,20 +103,29 @@ spec: fieldPath: metadata.namespace image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - {{- end }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + args: + - -c + - | + echo "*** retrieve Truststore and Keystore password" + export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0) + echo "*** actual launch of AAI Resources" + /bin/bash /opt/app/aai-resources/docker-entrypoint.sh env: - name: LOCAL_USER_ID value: {{ .Values.global.config.userId | quote }} - name: LOCAL_GROUP_ID value: {{ .Values.global.config.groupId | quote }} - name: POST_JAVA_OPTS - value: '-Djavax.net.ssl.trustStore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword=changeit' - volumeMounts: + value: '-Djavax.net.ssl.trustStore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword={{ .Values.certInitializer.truststoreAllPassword }}' + - name: TRUSTORE_ALL_PASSWORD + value: {{ .Values.certInitializer.truststoreAllPassword }} + volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} - mountPath: /etc/localtime name: localtime readOnly: true @@ -142,9 +149,6 @@ spec: - mountPath: /opt/app/aai-resources/resources/etc/auth/realm.properties name: {{ include "common.fullname" . }}-config subPath: realm.properties - - mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.keyfile - name: {{ include "common.fullname" . }}-aaf-certs - subPath: org.onap.aai.keyfile - mountPath: /opt/app/aai-resources/resources/aaf/bath_config.csv name: {{ include "common.fullname" . }}-aaf-certs subPath: bath_config.csv @@ -160,24 +164,12 @@ spec: - mountPath: /opt/app/aai-resources/resources/cadi.properties name: {{ include "common.fullname" . }}-aaf-properties subPath: cadi.properties - - mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.p12 - name: {{ include "common.fullname" . }}-aaf-certs - subPath: org.onap.aai.p12 - - mountPath: /opt/app/aai-resources/resources/aaf/truststoreONAPall.jks - name: aai-common-aai-auth-mount - subPath: truststoreONAPall.jks - mountPath: /opt/app/aai-resources/resources/application.properties name: {{ include "common.fullname" . }}-config subPath: application.properties - mountPath: /opt/app/aai-resources/resources/application-keycloak.properties name: {{ include "common.fullname" . }}-config subPath: application-keycloak.properties - {{- $global := . }} - {{- range $job := .Values.global.config.auth.files }} - - mountPath: /opt/app/aai-resources/resources/etc/auth/{{ . }} - name: {{ include "common.fullname" $global }}-auth-truststore-sec - subPath: {{ . }} - {{- end }} ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} @@ -215,10 +207,7 @@ spec: - mountPath: /usr/share/filebeat/data name: {{ include "common.fullname" . }}-filebeat resources: {{ include "common.resources" . | nindent 12 }} - volumes: - - name: aai-common-aai-auth-mount - secret: - secretName: aai-common-aai-auth + volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: path: /etc/localtime @@ -231,21 +220,13 @@ spec: emptyDir: {} - name: {{ include "common.fullname" . }}-config configMap: - name: {{ include "common.fullname" . }}-configmap + name: {{ include "common.fullname" . }} - name: {{ include "common.fullname" . }}-aaf-properties configMap: name: {{ include "common.fullname" . }}-aaf-props - name: {{ include "common.fullname" . }}-aaf-certs secret: secretName: {{ include "common.fullname" . }}-aaf-keys - - name: {{ include "common.fullname" . }}-auth-truststore-sec - secret: - secretName: aai-common-truststore - items: - {{- range $job := .Values.global.config.auth.files }} - - key: {{ . }} - path: {{ . }} - {{- end }} restartPolicy: {{ .Values.restartPolicy }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/components/aai-resources/templates/secret.yaml b/kubernetes/aai/components/aai-resources/templates/secret.yaml index d24149086e..a0d8629459 100644 --- a/kubernetes/aai/components/aai-resources/templates/secret.yaml +++ b/kubernetes/aai/components/aai-resources/templates/secret.yaml @@ -26,6 +26,6 @@ metadata: heritage: {{ .Release.Service }} type: Opaque data: -{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }}
\ No newline at end of file +{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }} +--- +{{ include "common.secretFast" . }} diff --git a/kubernetes/aai/components/aai-resources/templates/service.yaml b/kubernetes/aai/components/aai-resources/templates/service.yaml index 460e0d5b93..e4f84a963d 100644 --- a/kubernetes/aai/components/aai-resources/templates/service.yaml +++ b/kubernetes/aai/components/aai-resources/templates/service.yaml @@ -43,4 +43,3 @@ spec: selector: app: {{ include "common.name" . }} release: {{ include "common.release" . }} - clusterIP: None diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml index 5210a249d2..37af7a7142 100644 --- a/kubernetes/aai/components/aai-resources/values.yaml +++ b/kubernetes/aai/components/aai-resources/values.yaml @@ -24,9 +24,6 @@ global: # global defaults #Override it to aai-cassandra if localCluster is enabled. serviceName: cassandra - initContainers: - enabled: true - # Specifies a list of jobs to be run jobs: # When enabled, it will create the schema based on oxm and edge rules @@ -95,21 +92,6 @@ global: # global defaults edge: label: v12 - # Keystore configuration password and filename - keystore: - filename: aai_keystore - passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 - - # Truststore configuration password and filename - truststore: - filename: aai_keystore - passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 - - # Specifies a list of files to be included in auth volume - auth: - files: - - aai_keystore - # Specifies which clients should always default to realtime graph connection realtime: clients: SDNC,MSO,SO,robot-ete @@ -138,9 +120,41 @@ aai_enpoints: url: network - name: aai-externalSystem url: external-system +################################################################# +# Certificate configuration +################################################################# +certInitializer: + nameOverride: aai-resources-cert-initializer + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + fqdn: aai-resources + fqi: aai-resources@aai-resources.onap.org + public_fqdn: aai-resources.onap.org + cadi_longitude: "0.0" + cadi_latitude: "0.0" + app_ns: org.osaaf.aaf + credsPath: /opt/app/osaaf/local + fqi_namespace: org.onap.aai-resources + aaf_add_config: | + echo "*** retrieving password for keystore and trustore" + export $(/opt/app/aaf_config/bin/agent.sh local showpass \ + {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c' | xargs -0) + if [ -z "$cadi_keystore_password_p12" ] + then + echo " /!\ certificates retrieval wasn't good" + exit 1 + else + echo "*** writing passwords into prop file" + echo "KEYSTORE_PASSWORD=${cadi_keystore_password_p12}" > {{ .Values.credsPath }}/mycreds.prop + echo "TRUSTSTORE_PASSWORD=${cadi_truststore_password}" >> {{ .Values.credsPath }}/mycreds.prop + echo "*** change ownership of certificates to targeted user" + chown -R 1000 {{ .Values.credsPath }} + fi + truststoreAllPassword: changeit # application image -image: onap/aai-resources:1.7.2 +image: onap/aai-resources:1.8.2 pullPolicy: Always restartPolicy: Always flavor: small @@ -190,12 +204,6 @@ readiness: initialDelaySeconds: 60 periodSeconds: 10 -# application configuration -sidecar: - keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - service: type: ClusterIP portName: aai-resources-8447 diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml index 04d5342955..50bd6c38b8 100644 --- a/kubernetes/aai/components/aai-schema-service/values.yaml +++ b/kubernetes/aai/components/aai-schema-service/values.yaml @@ -40,11 +40,11 @@ global: # global defaults version: # Current version of the REST API api: - default: v21 + default: v23 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API - list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21 + list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23 # Specifies from which version related link should appear related: link: v11 @@ -74,7 +74,7 @@ global: # global defaults - aai_keystore # application image -image: onap/aai-schema-service:1.7.13 +image: onap/aai-schema-service:1.8.6 pullPolicy: Always restartPolicy: Always flavorOverride: small diff --git a/kubernetes/aai/components/aai-search-data/.helmignore b/kubernetes/aai/components/aai-search-data/.helmignore deleted file mode 100644 index daebc7da77..0000000000 --- a/kubernetes/aai/components/aai-search-data/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/aai/components/aai-search-data/Chart.yaml b/kubernetes/aai/components/aai-search-data/Chart.yaml deleted file mode 100644 index b05b354512..0000000000 --- a/kubernetes/aai/components/aai-search-data/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP AAI search-data -name: aai-search-data -version: 7.0.0 diff --git a/kubernetes/aai/components/aai-search-data/requirements.yaml b/kubernetes/aai/components/aai-search-data/requirements.yaml deleted file mode 100644 index 42641a2e5c..0000000000 --- a/kubernetes/aai/components/aai-search-data/requirements.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T -# Modifications Copyright © 2018 Bell Canada -# Modifications Copyright © 2020 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: common - version: ~7.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' - - name: repositoryGenerator - version: ~7.x-0 - repository: '@local'
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-search-data/resources/config/analysis-config.json b/kubernetes/aai/components/aai-search-data/resources/config/analysis-config.json deleted file mode 100644 index 5fc135df5a..0000000000 --- a/kubernetes/aai/components/aai-search-data/resources/config/analysis-config.json +++ /dev/null @@ -1,32 +0,0 @@ -[
- {
- "name": "whitespace_analyzer",
- "description": "A standard whitespace analyzer.",
- "behaviours": [
- "Tokenize the text using white space characters as delimeters.",
- "Convert all characters to lower case.",
- "Convert all alphanumeric and symbolic Unicode characters above the first 127 ASCII characters into their ASCII equivalents."
- ],
- "tokenizer": "whitespace",
- "filters": [
- "lowercase",
- "asciifolding"
- ]
- },
- {
- "name": "ngram_analyzer",
- "description": "An analyzer which performs ngram filtering on the data stream.",
- "behaviours": [
- "Tokenize the text using white space characters as delimeters.",
- "Convert all characters to lower case.",
- "Convert all alphanumeric and symbolic Unicode characters above the first 127 ASCII characters into their ASCII equivalents.",
- "Apply ngram filtering using the following values for minimum and maximum size in codepoints of a single n-gram: minimum = 1, maximum = 2."
- ],
- "tokenizer": "whitespace",
- "filters": [
- "lowercase",
- "asciifolding",
- "ngram_filter"
- ]
- }
-]
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-search-data/resources/config/auth/search_policy.json b/kubernetes/aai/components/aai-search-data/resources/config/auth/search_policy.json deleted file mode 100644 index bbbe52f5b5..0000000000 --- a/kubernetes/aai/components/aai-search-data/resources/config/auth/search_policy.json +++ /dev/null @@ -1,18 +0,0 @@ -{
- "roles": [
- {
- "name": "admin",
- "functions": [
- {
- "name": "search", "methods": [ { "name": "GET" },{ "name": "DELETE" }, { "name": "PUT" }, { "name": "POST" } ]
- }
- ],
-
- "users": [
- {
- "username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA"
- }
- ]
- }
- ]
-}
diff --git a/kubernetes/aai/components/aai-search-data/resources/config/auth/tomcat_keystore b/kubernetes/aai/components/aai-search-data/resources/config/auth/tomcat_keystore Binary files differdeleted file mode 100644 index e280b3181a..0000000000 --- a/kubernetes/aai/components/aai-search-data/resources/config/auth/tomcat_keystore +++ /dev/null diff --git a/kubernetes/aai/components/aai-search-data/resources/config/dynamic-custom-template.json b/kubernetes/aai/components/aai-search-data/resources/config/dynamic-custom-template.json deleted file mode 100644 index 2dac8f75c7..0000000000 --- a/kubernetes/aai/components/aai-search-data/resources/config/dynamic-custom-template.json +++ /dev/null @@ -1,12 +0,0 @@ -"dynamic_templates":[ - { - "strings":{ - "match_mapping_type":"string", - "match": "*", - "mapping":{ - "type":"text", - "fielddata":true - } - } - } -], diff --git a/kubernetes/aai/components/aai-search-data/resources/config/elastic-search.properties b/kubernetes/aai/components/aai-search-data/resources/config/elastic-search.properties deleted file mode 100644 index e3ebbfac39..0000000000 --- a/kubernetes/aai/components/aai-search-data/resources/config/elastic-search.properties +++ /dev/null @@ -1,26 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# ElasticSearch Configuration -*/}} -es.cluster-name=ES_AAI -es.ip-address=aai-elasticsearch.{{.Release.Namespace}} -es.http-port={{ .Values.config.elasticsearchHttpPort }} -es.uri-scheme=http -es.auth-user=admin -es.auth-password=OBF:1u2a1toa1w8v1tok1u30 -es.trust-store=auth/tomcat_keystore -es.trust-store-password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - diff --git a/kubernetes/aai/components/aai-search-data/resources/config/es-payload-translation.json b/kubernetes/aai/components/aai-search-data/resources/config/es-payload-translation.json deleted file mode 100644 index 8a29863bf3..0000000000 --- a/kubernetes/aai/components/aai-search-data/resources/config/es-payload-translation.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "attr-translations": [ - { - "query": "$..[?(@.type=='string' && @.index=='analyzed')]", - "update": {"type": "text", "index": true, "fielddata": true} - }, - { - "query": "$..[?(@.type=='string' && @.index=='not_analyzed')]", - "update": {"type": "keyword", "index": true} - }, - { - "query": "$..[?(@.type=='string' && !@.index)]", - "update": {"type": "text", "fielddata": true} - } - ] -} - diff --git a/kubernetes/aai/components/aai-search-data/resources/config/filter-config.json b/kubernetes/aai/components/aai-search-data/resources/config/filter-config.json deleted file mode 100644 index a27f75b000..0000000000 --- a/kubernetes/aai/components/aai-search-data/resources/config/filter-config.json +++ /dev/null @@ -1,7 +0,0 @@ -[
- {
- "name": "ngram_filter",
- "description": "Custom NGram Filter.",
- "configuration": " \"type\": \"nGram\", \"min_gram\": 1, \"max_gram\": 50, \"token_chars\": [ \"letter\", \"digit\", \"punctuation\", \"symbol\" ]"
- }
-]
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-search-data/resources/config/log/logback.xml b/kubernetes/aai/components/aai-search-data/resources/config/log/logback.xml deleted file mode 100644 index 58bff2a02d..0000000000 --- a/kubernetes/aai/components/aai-search-data/resources/config/log/logback.xml +++ /dev/null @@ -1,194 +0,0 @@ -{{/* -<!-- -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. ---> -*/}} -<configuration scan="true" scanPeriod="3 seconds" debug="false"> - <!--<jmxConfigurator /> --> - <!-- directory path for all other type logs --> - - <property name="logDir" value="/var/log/onap" /> - - - <!-- specify the component name - <ECOMP-component-name>::= "MSO" | "DCAE" | "ASDC " | "AAI" |"Policy" | "SDNC" | "AC" --> - <property name="componentName" value="AAI-SDB"></property> - - <!-- default eelf log file names --> - <property name="generalLogName" value="error" /> - <property name="metricsLogName" value="metrics" /> - <property name="auditLogName" value="audit" /> - <property name="debugLogName" value="debug" /> - - <property name="errorLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|SearchDataService|%mdc{PartnerName}|%logger||%.-5level|%msg%n" /> - <property name="auditMetricPattern" value="%m%n" /> - - <property name="logDirectory" value="${logDir}/${componentName}" /> - - <!-- Example evaluator filter applied against console appender --> - <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> - <encoder> - <pattern>${errorLogPattern}</pattern> - </encoder> - </appender> - - <!-- ============================================================================ --> - <!-- EELF Appenders --> - <!-- ============================================================================ --> - - <!-- The EELFAppender is used to record events to the general application - log --> - - <appender name="EELF" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${generalLogName}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip - </fileNamePattern> - <maxHistory>60</maxHistory> - </rollingPolicy> - <encoder> - <pattern>${errorLogPattern}</pattern> - </encoder> - </appender> - <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender"> - <!-- deny all events with a level below INFO, that is TRACE and DEBUG --> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>INFO</level> - </filter> - <queueSize>256</queueSize> - <appender-ref ref="EELF" /> - </appender> - - - <!-- EELF Audit Appender. This appender is used to record audit engine - related logging events. The audit logger and appender are specializations - of the EELF application root logger and appender. This can be used to segregate - Policy engine events from other components, or it can be eliminated to record - these events as part of the application root log. --> - - <appender name="EELFAudit" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${auditLogName}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip - </fileNamePattern> - <maxHistory>60</maxHistory> - </rollingPolicy> - <encoder> - <pattern>${auditMetricPattern}</pattern> - </encoder> - </appender> - <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="EELFAudit" /> - </appender> - - <appender name="EELFMetrics" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${metricsLogName}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip - </fileNamePattern> - <maxHistory>60</maxHistory> - </rollingPolicy> - <encoder> - <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - - %msg%n"</pattern> --> - <pattern>${auditMetricPattern}</pattern> - </encoder> - </appender> - - - <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="EELFMetrics"/> - </appender> - - <appender name="EELFDebug" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${debugLogName}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip - </fileNamePattern> - <maxHistory>60</maxHistory> - </rollingPolicy> - <encoder> - <pattern>${errorLogPattern}</pattern> - </encoder> - </appender> - - <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="EELFDebug" /> - <includeCallerData>false</includeCallerData> - </appender> - - - <!-- ============================================================================ --> - <!-- EELF loggers --> - <!-- ============================================================================ --> - <logger name="com.att.eelf" level="info" additivity="false"> - <appender-ref ref="asyncEELF" /> - <appender-ref ref="asyncEELFDebug" /> - </logger> - - <logger name="com.att.eelf.audit" level="info" additivity="false"> - <appender-ref ref="asyncEELFAudit" /> - </logger> - <logger name="com.att.eelf.metrics" level="info" additivity="false"> - <appender-ref ref="asyncEELFMetrics" /> - </logger> - - <!-- Spring related loggers --> - <logger name="org.springframework" level="WARN" /> - <logger name="org.springframework.beans" level="WARN" /> - <logger name="org.springframework.web" level="WARN" /> - <logger name="com.blog.spring.jms" level="WARN" /> - - <!-- SearchDB loggers --> - <logger name="org.openecomp.sa" level="INFO" /> - - <!-- Other Loggers that may help troubleshoot --> - <logger name="net.sf" level="WARN" /> - <logger name="org.apache.commons.httpclient" level="WARN" /> - <logger name="org.apache.commons" level="WARN" /> - <logger name="org.apache.coyote" level="WARN" /> - <logger name="org.apache.jasper" level="WARN" /> - - <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging. - May aid in troubleshooting) --> - <logger name="org.apache.camel" level="WARN" /> - <logger name="org.apache.cxf" level="WARN" /> - <logger name="org.apache.camel.processor.interceptor" level="WARN" /> - <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" /> - <logger name="org.apache.cxf.service" level="WARN" /> - <logger name="org.restlet" level="WARN" /> - <logger name="org.apache.camel.component.restlet" level="WARN" /> - - <!-- logback internals logging --> - <logger name="ch.qos.logback.classic" level="WARN" /> - <logger name="ch.qos.logback.core" level="WARN" /> - - <root> - <appender-ref ref="asyncEELF" /> - <!-- <appender-ref ref="asyncEELFDebug" /> --> - </root> - -</configuration> diff --git a/kubernetes/aai/components/aai-search-data/templates/configmap.yaml b/kubernetes/aai/components/aai-search-data/templates/configmap.yaml deleted file mode 100644 index 0d76239ef9..0000000000 --- a/kubernetes/aai/components/aai-search-data/templates/configmap.yaml +++ /dev/null @@ -1,42 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# Modifications Copyright (c) 2021 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-service-log - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/log/logback.xml").AsConfig . | indent 2 }} diff --git a/kubernetes/aai/components/aai-search-data/templates/deployment.yaml b/kubernetes/aai/components/aai-search-data/templates/deployment.yaml deleted file mode 100644 index eaa90870b0..0000000000 --- a/kubernetes/aai/components/aai-search-data/templates/deployment.yaml +++ /dev/null @@ -1,146 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# Modifications Copyright © 2020,2021 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - name: {{ include "common.name" . }} - spec: - containers: - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: CONFIG_HOME - value: /opt/app/search-data-service/config/ - - name: KEY_STORE_PASSWORD - value: {{ .Values.config.keyStorePassword }} - - name: KEY_MANAGER_PASSWORD - value: {{ .Values.config.keyManagerPassword }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/app/search-data-service/config/filter-config.json - subPath: filter-config.json - name: {{ include "common.fullname" . }}-service-config - - mountPath: /opt/app/search-data-service/config/elastic-search.properties - subPath: elastic-search.properties - name: {{ include "common.fullname" . }}-service-config - - mountPath: /opt/app/search-data-service/config/analysis-config.json - subPath: analysis-config.json - name: {{ include "common.fullname" . }}-service-config - - mountPath: /opt/app/search-data-service/config/es-payload-translation.json - subPath: es-payload-translation.json - name: {{ include "common.fullname" . }}-service-config - - mountPath: /opt/app/search-data-service/config/dynamic-custom-template.json - subPath: dynamic-custom-template.json - name: {{ include "common.fullname" . }}-service-config - - mountPath: /opt/app/search-data-service/config/auth/tomcat_keystore - subPath: tomcat_keystore - name: {{ include "common.fullname" . }}-service-auth-config - - mountPath: /opt/app/search-data-service/config/auth/search_policy.json - subPath: search_policy.json - name: {{ include "common.fullname" . }}-search-policy-config - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-service-logs - - mountPath: /opt/app/search-data-service/bundleconfig/etc/logback.xml - name: {{ include "common.fullname" . }}-service-log-conf - subPath: logback.xml - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - - # side car containers - - name: filebeat-onap - image: {{ include "repositoryGenerator.image.logging" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - subPath: filebeat.yml - name: filebeat-conf - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-service-logs - - mountPath: /usr/share/filebeat/data - name: {{ include "common.fullname" . }}-service-filebeat - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }}-service-config - configMap: - name: {{ include "common.fullname" . }} - - name: {{ include "common.fullname" . }}-service-auth-config - secret: - secretName: {{ include "common.fullname" . }}-keystone - - name: {{ include "common.fullname" . }}-search-policy-config - secret: - secretName: {{ include "common.fullname" . }}-policy - - name: filebeat-conf - configMap: - name: aai-filebeat - - name: {{ include "common.fullname" . }}-service-logs - emptyDir: {} - - name: {{ include "common.fullname" . }}-service-filebeat - emptyDir: {} - - name: {{ include "common.fullname" . }}-service-log-conf - configMap: - name: {{ include "common.fullname" . }}-service-log - restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/components/aai-search-data/templates/secret.yaml b/kubernetes/aai/components/aai-search-data/templates/secret.yaml deleted file mode 100644 index 3135df6f07..0000000000 --- a/kubernetes/aai/components/aai-search-data/templates/secret.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# Modifications Copyright (c) 2021 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-keystone - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/auth/tomcat_keystore").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-policy - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/auth/search_policy.json").AsSecrets . | indent 2 }} diff --git a/kubernetes/aai/components/aai-search-data/templates/service.yaml b/kubernetes/aai/components/aai-search-data/templates/service.yaml deleted file mode 100644 index e031410737..0000000000 --- a/kubernetes/aai/components/aai-search-data/templates/service.yaml +++ /dev/null @@ -1,42 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# Modifications Copyright (c) 2021 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{- if eq .Values.service.type "NodePort" }} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else }} - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end }} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - clusterIP: None diff --git a/kubernetes/aai/components/aai-search-data/values.yaml b/kubernetes/aai/components/aai-search-data/values.yaml deleted file mode 100644 index 4bd535a475..0000000000 --- a/kubernetes/aai/components/aai-search-data/values.yaml +++ /dev/null @@ -1,78 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# Modifications Copyright © 2020 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for search-data. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: # global defaults - nodePortPrefix: 302 - - -# application image -image: onap/search-data-service:1.6.2 -pullPolicy: Always -restartPolicy: Always -flavor: small -flavorOverride: small -# application configuration -config: - elasticsearchHttpPort: 9200 - keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - portName: aai-search-data - internalPort: "9509" - -ingress: - enabled: false - -resources: - small: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 0.25 - memory: 750Mi - large: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 0.5 - memory: 1Gi - unlimited: {} diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application.properties index 7f0fe8aa0f..1269f25355 100644 --- a/kubernetes/aai/components/aai-sparky-be/resources/config/application.properties +++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application.properties @@ -22,7 +22,7 @@ spring.mvc.favicon.enabled=false # and in the values.yaml change the internalPort to 9517 # -spring.profiles.active=camel,ssl,fe-prod,oxm-schema-prod,oxm-default,resources,sync,portal +spring.profiles.active=camel,ssl,fe-prod,oxm-schema-prod,oxm-default,resources,aai-proxy portal.cadiFileLocation={{.Values.config.cadiFileLocation}} portal.cadiFileLocation={{.Values.config.cadiFileLocation}} diff --git a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml index c441a49732..6e74526ddc 100644 --- a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml @@ -43,10 +43,6 @@ spec: - /app/ready.py args: - --container-name - - aai-elasticsearch - - --container-name - - aai-search-data - - --container-name - aai env: - name: NAMESPACE diff --git a/kubernetes/aai/components/aai-sparky-be/values.yaml b/kubernetes/aai/components/aai-sparky-be/values.yaml index 92b8d7a025..ed21030dc8 100644 --- a/kubernetes/aai/components/aai-sparky-be/values.yaml +++ b/kubernetes/aai/components/aai-sparky-be/values.yaml @@ -28,7 +28,7 @@ global: # global defaults serviceName: aai-search-data # application image -image: onap/sparky-be:1.6.2 +image: onap/sparky-be:2.0.2 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/components/aai-traversal/requirements.yaml b/kubernetes/aai/components/aai-traversal/requirements.yaml index 42641a2e5c..498f1b837d 100644 --- a/kubernetes/aai/components/aai-traversal/requirements.yaml +++ b/kubernetes/aai/components/aai-traversal/requirements.yaml @@ -21,6 +21,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: certInitializer + version: ~7.x-0 + repository: '@local' - name: repositoryGenerator version: ~7.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-traversal/resources/config/aaf/org.onap.aai.keyfile b/kubernetes/aai/components/aai-traversal/resources/config/aaf/org.onap.aai.keyfile deleted file mode 100644 index 4c14bc37f1..0000000000 --- a/kubernetes/aai/components/aai-traversal/resources/config/aaf/org.onap.aai.keyfile +++ /dev/null @@ -1,27 +0,0 @@ -VoVoSXQrAveX2NBnoAGs7p5q5Zn5vWkVXC81HQrzers30k7OzSy5rfCRSUVO13wuo-wzJQ4GGn4e -ZSOZrtTCenFwunUX6mirkIlip8W2TLNVH6O3VN-F7JS6t_6EFF5z1y7amr9MCWQ8p72Ig9uHMUWC -uPLjD6GUWAEw0BIGtCbXgJDs6v2EOCv0TV8Mq1uYSaiAOZgMlehwt1tWcE3iSRfZscjIp4Kjpe4e -QsZ9Bc5ATTnY3Tc5Mtmubc-1cwGDQQWFIo5k_cWfxhtpMAsNSidwp-zBjCKEWC465BKSSiUHwp4M -YW_6xrmN1FobnFqLCNoUEoXH3Mcgeze74dXmaN8_JyQ6T5pT1EtETsitnktrfFh-XsLKGf8vE1m8 -pfAtq4hPeq1jMdG0D8SRVGFxJlHa9VsmYpbUj_4I3GGsaBt_EBl9ZUtL0b3Vnx5fnqS1OZ1amL0z -94rQfQMf2UAnbI1j2j5oV6Hy2eBmSiLft2aNxs1VPmmZLQsm5dXDKF1eJ6twNmaZvzmQaSHTpN4b -YqPonSwlYK1ZARaKzx1SivpRWzRP-nqqFazfAnPlLdvCBpCK0g_SjwLvlifozVmH2j0Vd6E9F9XE -NzJSfUY6NsX6_7t10yDYtBKbFKID3jIKmSj7yn5PKNbEWBwmgvkBh4PIKTRij11udR8S8PnYsfTT -PyC52LH37LL5Me3Y443zOUXtYWwN6wfCi9H4pDQGmg7mcnpKV0Z-Iw59AuLKypTriG3-9DxYgMSa -_GCDiCIXhcWSEYieRV45qHoeVdgrPGN8iy9leO_JmikGsjcIKl0-mGrojsV0zHrqeP-fyvgpFD1x -NXLKeqErqSw_KMFOxCa0-cUQHgrVvrs5wDYeetZ4TRafKEYkojZhq6mbM5V2zScQTxU_VEHK0PIs -BJ6xHzcw9DLUjPTVtHXXbag9ly9ReoHXRLD5O9RZUvLH9pGRIkn_tMrVD1scMiS4ln9QplyGRF1_ -AAXysVgCna3-xuOIYo8zG74d29eNcuEpejPR8CiSWKiKNqp0zMYB5Jpv2dlf0XMucMne-6WV1-gg -EETogBbymFC6rcc31TjPwqnqyLY0XP7Gy1trJ47aI9zBXS3IZLmGaKW1d12ELDRsWctujcjHyt1_ -Vp3hrny5w7BNWD8SIueUzke3-OuEhOmu0o84TGvfHc6fmKCggRBn_oXee4OeCnt2HzNSlLvOV9AZ -g5e1UKuzl2dODQCZHNNdj-7f25LIVSV44m0SVNsDwboQ4s7T5HOTn3NM2KpklwBnB6w5ze2FFBzb -5XNzyXOpDgHEnszN1U90WrpoFvJ0LFJ5XeX8mH0q9lpcKZXbOqP383_dBXyEd237m2OF6WVG4VVm -4dqB98pBLiGpCR1K6ocdcZE6mAMQn-OdDaLIJLcXt77i1j2MNlODeax-MJnxMW8EjPAzNJzrdq5e -21spFMZJT9vthdl0qqiiduuTazaXGrmvnB85uvRCXVqJOesVG3HebubWrQuuuePxVTSL18R_PhId -0hmqho-MOZUHHTxGzqFDR0iOO8Y4hZfiAipHAd49IkkmYJUrEAb258in8W4__vJ5UcIdq2Rd8L9l -vtIzf7AKcFCyx7Woi95GpEJ2Kr_f6aG1_04hbFY_LHP3EHPcOxsDHjz-8FYreze_LUdsYx-fBMft -mcFmbFAblk8Jz7GYQ7c4XwULt2BbMr9rsuGuZHL3Ap6lX1eI0-6d8ZZ3DIXIWubTTqHG_mRNd5XW -b0x5nlEbnvw4t4DdjGsEONpQfllnnmkr25tPQBncPjlsA3oso6h5QM4psvkkKi8yd0N6t-yyLwra -w1B3p9YQFzK2hGA24Seo83baLRgIK6YvEsNnXdI7fmVEOetIslQue__6S6GupdqgUFx9xrtDLN-d -TbdxpezKWfkjCxEBxXyAhOttb3qqP0-jtZV7OEsZmmz0T9DG4hYnNfs-clD7rrD3Va7znzDru2sq -PtgpapahbNjM9pbx9_fU7M35aEYnGtEwG9BVGVxsWmIBMTc05ncru4qE0fLkjsDSnCMQ54e0
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-traversal/resources/config/aaf/org.onap.aai.p12 b/kubernetes/aai/components/aai-traversal/resources/config/aaf/org.onap.aai.p12 Binary files differdeleted file mode 100644 index b2449c6a54..0000000000 --- a/kubernetes/aai/components/aai-traversal/resources/config/aaf/org.onap.aai.p12 +++ /dev/null diff --git a/kubernetes/aai/components/aai-traversal/resources/config/aaf/org.onap.aai.props b/kubernetes/aai/components/aai-traversal/resources/config/aaf/org.onap.aai.props index ef78622641..b46defa6b7 100644 --- a/kubernetes/aai/components/aai-traversal/resources/config/aaf/org.onap.aai.props +++ b/kubernetes/aai/components/aai-traversal/resources/config/aaf/org.onap.aai.props @@ -1,15 +1,16 @@ ############################################################ # Properties Generated by AT&T Certificate Manager # @copyright 2016, AT&T +# Modifications Copyright (c) 2020 Orange ############################################################ cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US -cadi_keyfile=/opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile -cadi_keystore=/opt/app/aai-traversal/resources/aaf/org.onap.aai.p12 -cadi_keystore_password=enc:dgVjUeXy3cuR7nJ3TFVrXFfAu19gn6rie-RsS96-0fmeZwMsXlNIgK_rHd2eRY_p +cadi_keyfile={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.keyfile +cadi_keystore={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 +cadi_keystore_password=${KEYSTORE_PASSWORD} #cadi_key_password=enc:9xs_lJ9QQRDoMcHqLbGg40-gefGrw-sLMjWL40ejbyqdC7Jt_pQfY6ajBLGcbLuL cadi_alias=aai@aai.onap.org -cadi_truststore=/opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks -cadi_truststore_password=enc:nF3CZ7w_swzgWJX8CtEOsKWA50x-Da_HbiYlXPWrQym +cadi_truststore={{ .Values.certInitializer.credsPath }}/truststoreONAPall.jks +cadi_truststore_password=${TRUSTSTORE_ALL_PASSWORD} cadi_loglevel=INFO cadi_bath_convert=/opt/app/aai-traversal/resources/aaf/bath_config.csv diff --git a/kubernetes/aai/components/aai-traversal/resources/config/aaiconfig.properties b/kubernetes/aai/components/aai-traversal/resources/config/aaiconfig.properties index c7771e1133..843a90bbcd 100644 --- a/kubernetes/aai/components/aai-traversal/resources/config/aaiconfig.properties +++ b/kubernetes/aai/components/aai-traversal/resources/config/aaiconfig.properties @@ -4,6 +4,7 @@ # org.onap.aai # ================================================================================ # Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2020 Orange # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -37,10 +38,10 @@ aai.tools.username={{ .Values.global.config.basic.auth.username }} aai.tools.password={{ .Values.global.config.basic.auth.passwd }} {{ end }} -aai.truststore.filename={{ .Values.global.config.truststore.filename }} -aai.truststore.passwd.x={{ .Values.global.config.truststore.passwd }} -aai.keystore.filename={{ .Values.global.config.keystore.filename }} -aai.keystore.passwd.x={{ .Values.global.config.keystore.passwd }} +aai.truststore.filename={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks +aai.truststore.passwd.x=${TRUSTSTORE_PASSWORD} +aai.keystore.filename={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 +aai.keystore.passwd.x=${KEYSTORE_PASSWORD} aai.notification.current.version={{ .Values.global.config.schema.version.api.default }} aai.notificationEvent.default.status=UNPROCESSED diff --git a/kubernetes/aai/components/aai-traversal/resources/config/application.properties b/kubernetes/aai/components/aai-traversal/resources/config/application.properties index 31ed2be3fe..a5e92c5a61 100644 --- a/kubernetes/aai/components/aai-traversal/resources/config/application.properties +++ b/kubernetes/aai/components/aai-traversal/resources/config/application.properties @@ -1,5 +1,6 @@ {{/* # Copyright © 2018 Amdocs, Bell Canada, AT&T +# Modifications Copyright © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -44,10 +45,10 @@ server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties server.port=8446 server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 -server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }} -server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) -server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }} -server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) +server.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 +server.ssl.key-store-password=${KEYSTORE_PASSWORD} +server.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks +server.ssl.trust-store-password=${TRUSTSTORE_PASSWORD} server.ssl.client-auth=want server.ssl.key-store-type=JKS @@ -95,7 +96,7 @@ schema.service.versions.endpoint=versions schema.service.custom.queries.endpoint=stored-queries schema.service.client={{ .Values.global.config.schema.service.client }} -schema.service.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }} -schema.service.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }} -schema.service.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) -schema.service.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) +schema.service.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 +schema.service.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks +schema.service.ssl.key-store-password=${KEYSTORE_PASSWORD} +schema.service.ssl.trust-store-password=${TRUSTSTORE_PASSWORD} diff --git a/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml b/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml index 7f6a03168e..b801a7ae5f 100644 --- a/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml +++ b/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml @@ -1,17 +1,16 @@ -{{/*
-<!--
-
+{{/*<!--
============LICENSE_START=======================================================
org.onap.aai
================================================================================
Copyright © 2017 AT&T Intellectual Property. All rights reserved.
Modifications Copyright © 2018 Amdocs, Bell Canada
+ Modifications Copyright © 2020 Orange
================================================================================
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
- http://www.apache.org/licenses/LICENSE-2.0
+ http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
@@ -19,28 +18,21 @@ See the License for the specific language governing permissions and
limitations under the License.
============LICENSE_END=========================================================
-
- ECOMP is a trademark and service mark of AT&T Intellectual Property.
-
-->
-*/}}
-<configuration>
- <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
- <appender name="ACCESS"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
- </encoder>
- </appender>
- <appender-ref ref="ACCESS" />
-</configuration>
-{{/*
-<!--
+*/}}<configuration>
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <appender name="ACCESS" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
+</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
+ </encoder>
+ </appender>
+ <appender-ref ref="ACCESS" />
+</configuration>{{/*<!--
%a - Remote IP address
%A - Local IP address
%b - Bytes sent, excluding HTTP headers, or '-' if no bytes were sent
@@ -62,5 +54,4 @@ %z - Custom pattern that parses the cert for the subject
%y - Custom pattern determines rest or dme2
- -->
-*/}}
\ No newline at end of file +-->*/}}
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-traversal/resources/config/logback.xml b/kubernetes/aai/components/aai-traversal/resources/config/logback.xml index df35aaa0ed..96bb197519 100644 --- a/kubernetes/aai/components/aai-traversal/resources/config/logback.xml +++ b/kubernetes/aai/components/aai-traversal/resources/config/logback.xml @@ -1,17 +1,16 @@ -{{/* -<!-- - +{{/*<!-- ============LICENSE_START======================================================= org.onap.aai ================================================================================ Copyright © 2017 AT&T Intellectual Property. All rights reserved. Modifications Copyright © 2018 Amdocs, Bell Canada + Modifications Copyright © 2020 Orange ================================================================================ Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 + http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, @@ -19,328 +18,311 @@ See the License for the specific language governing permissions and limitations under the License. ============LICENSE_END========================================================= - - ECOMP is a trademark and service mark of AT&T Intellectual Property. - --> -*/}} -<configuration scan="true" scanPeriod="60 seconds" debug="false"> - <statusListener class="ch.qos.logback.core.status.NopStatusListener" /> +*/}}<configuration scan="true" scanPeriod="60 seconds" debug="false"> + <statusListener class="ch.qos.logback.core.status.NopStatusListener" /> - <property resource="application.properties" /> + <property resource="application.properties" /> - <property name="namespace" value="aai-resources"/> + <property name="namespace" value="aai-resources" /> - <property name="AJSC_HOME" value="${AJSC_HOME:-.}" /> - <jmxConfigurator /> - <property name="logDirectory" value="${AJSC_HOME}/logs" /> - <!-- Old patterns + <property name="AJSC_HOME" value="${AJSC_HOME:-.}" /> + <jmxConfigurator /> + <property name="logDirectory" value="${AJSC_HOME}/logs" /> + <!-- Old patterns <property name="eelfLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> <property name="eelfAuditLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> <property name="eelfMetricLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{targetVirtualEntity}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%ecompServiceName|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%ecompResponseCode|%ecompResponseDescription|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> <property name="eelfTransLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{partnerName}:%m%n"/> --> - <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> - <property name="p_lvl" value="%level"/> - <property name="p_log" value="%logger"/> - <property name="p_mdc" value="%replace(%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}){'\\|', '!'}"/> - <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_thr" value="%thread"/> - <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> - <!-- Patterns from onap demo --> - <property name="errorPattern" value="%X{LogTimestamp}|%X{RequestID}|%thread|%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{TargetEntity}|%replace(%X{TargetServiceName}){'\\|', '!'}|%.-5level|%X{ErrorCode}|%X{ErrorDesc}|%msg%n" /> - <property name="debugPattern" value="%X{LogTimestamp}|%X{RequestID}|%msg\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t|^%n" /> - <property name="auditPattern" value="%X{EntryTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceID}|%thread||%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}||||${p_mak}|${p_mdc}|||%msg%n" /> - <property name="metricPattern" value="%X{InvokeTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceID}|%thread||%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{TargetEntity}|%replace(%X{TargetServiceName}){'\\|', '!'}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}||||%X{TargetVirtualEntity}|${p_mak}|${p_mdc}|||%msg%n" /> - <property name="transLogPattern" value="%X{LogTimestamp}|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{RequestID}|%X{ServiceInstanceID}|%-10t|%X{ServerFQDN}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%replace(%replace(%X{ResponseDesc}){'\\|', '!'}){'\r|\n', '^'}|%X{InstanceUUID}|%level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{clientIpAddress}||%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{PartnerName}:%m%n"/> - <conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" /> - <conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" /> - <conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" /> - <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> - <encoder> - <pattern> + <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}" /> + <property name="p_lvl" value="%level" /> + <property name="p_log" value="%logger" /> + <property name="p_mdc" value="%replace(%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}){'\\|', '!'}" /> + <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}" /> + <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}" /> + <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}" /> + <property name="p_thr" value="%thread" /> + <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n" /> + <!-- Patterns from onap demo --> + <property name="errorPattern" value="%X{LogTimestamp}|%X{RequestID}|%thread|%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{TargetEntity}|%replace(%X{TargetServiceName}){'\\|', '!'}|%.-5level|%X{ErrorCode}|%X{ErrorDesc}|%msg%n" /> + <property name="debugPattern" value="%X{LogTimestamp}|%X{RequestID}|%msg\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t|^%n" /> + <property name="auditPattern" value="%X{EntryTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceID}|%thread||%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}||||${p_mak}|${p_mdc}|||%msg%n" /> + <property name="metricPattern" value="%X{InvokeTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceID}|%thread||%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{TargetEntity}|%replace(%X{TargetServiceName}){'\\|', '!'}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}||||%X{TargetVirtualEntity}|${p_mak}|${p_mdc}|||%msg%n" /> + <property name="transLogPattern" value="%X{LogTimestamp}|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{RequestID}|%X{ServiceInstanceID}|%-10t|%X{ServerFQDN}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%replace(%replace(%X{ResponseDesc}){'\\|', '!'}){'\r|\n', '^'}|%X{InstanceUUID}|%level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{clientIpAddress}||%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{PartnerName}:%m%n" /> + <conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" /> + <conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" /> + <conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" /> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern> %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx} - </pattern> - </encoder> - </appender> +</pattern> + </encoder> + </appender> - <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/rest/sane.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n - </pattern> - </encoder> - </appender> + <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/rest/sane.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n +</pattern> + </encoder> + </appender> - <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <includeCallerData>true</includeCallerData> - <appender-ref ref="SANE" /> - </appender> - <appender name="METRIC" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/rest/metrics.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}</fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${metricPattern}</pattern> - </encoder> - </appender> + <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>1000</queueSize> + <includeCallerData>true</includeCallerData> + <appender-ref ref="SANE" /> + </appender> + <appender name="METRIC" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/rest/metrics.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}</fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>${metricPattern}</pattern> + </encoder> + </appender> - <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <includeCallerData>true</includeCallerData> - <appender-ref ref="METRIC"/> - </appender> + <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>1000</queueSize> + <includeCallerData>true</includeCallerData> + <appender-ref ref="METRIC" /> + </appender> - <appender name="DEBUG" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>DEBUG</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <file>${logDirectory}/rest/debug.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}</fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${debugPattern}</pattern> - </encoder> - </appender> + <appender name="DEBUG" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>DEBUG</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <file>${logDirectory}/rest/debug.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}</fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>${debugPattern}</pattern> + </encoder> + </appender> - <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <appender-ref ref="DEBUG" /> - <includeCallerData>true</includeCallerData> - </appender> - <appender name="ERROR" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/rest/error.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}</fileNamePattern> - </rollingPolicy> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>WARN</level> - </filter> - <encoder> - <pattern>${errorPattern}</pattern> - </encoder> - </appender> + <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>1000</queueSize> + <appender-ref ref="DEBUG" /> + <includeCallerData>true</includeCallerData> + </appender> + <appender name="ERROR" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/rest/error.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}</fileNamePattern> + </rollingPolicy> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>WARN</level> + </filter> + <encoder> + <pattern>${errorPattern}</pattern> + </encoder> + </appender> - <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <appender-ref ref="ERROR"/> - </appender> + <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>1000</queueSize> + <appender-ref ref="ERROR" /> + </appender> - <appender name="AUDIT" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/rest/audit.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${auditPattern}</pattern> - </encoder> - </appender> + <appender name="AUDIT" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/rest/audit.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd} +</fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>${auditPattern}</pattern> + </encoder> + </appender> - <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <includeCallerData>true</includeCallerData> - <appender-ref ref="AUDIT" /> - </appender> + <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>1000</queueSize> + <includeCallerData>true</includeCallerData> + <appender-ref ref="AUDIT" /> + </appender> - <appender name="translog" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>DEBUG</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <file>${logDirectory}/rest/translog.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${transLogPattern}</pattern> - </encoder> - </appender> + <appender name="translog" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>DEBUG</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <file>${logDirectory}/rest/translog.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd} +</fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>${transLogPattern}</pattern> + </encoder> + </appender> - <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <includeCallerData>true</includeCallerData> - <appender-ref ref="translog" /> - </appender> + <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>1000</queueSize> + <includeCallerData>true</includeCallerData> + <appender-ref ref="translog" /> + </appender> - <appender name="dmaapAAIEventConsumer" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>WARN</level> - </filter> - <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${errorPattern}</pattern> - </encoder> + <appender name="dmaapAAIEventConsumer" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>WARN</level> + </filter> + <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd} +</fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>${errorPattern}</pattern> + </encoder> - </appender> + </appender> - <appender name="dmaapAAIEventConsumerDebug" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>DEBUG</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${debugPattern}</pattern> - </encoder> - </appender> - <appender name="dmaapAAIEventConsumerInfo" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>INFO</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <File>${logDirectory}/dmaapAAIEventConsumer/dmaap-transaction.log</File> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/dmaap-transaction.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${auditPattern}</pattern> - </encoder> - </appender> - <appender name="dmaapAAIEventConsumerMetric" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>INFO</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${metricPattern}</pattern> - </encoder> - </appender> - <appender name="external" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>WARN</level> - </filter> - <file>${logDirectory}/external/external.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${debugPattern}</pattern> - </encoder> - </appender> - <appender name="auth" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>DEBUG</level> - </filter> - <file>${logDirectory}/auth/auth.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/auth/auth.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>%d{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}[%thread] %-5level %logger{1024} - %msg%n</pattern> - </encoder> - </appender> - <appender name="asyncAUTH" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <includeCallerData>true</includeCallerData> - <appender-ref ref="auth" /> - </appender> - <!-- logback internals logging --> + <appender name="dmaapAAIEventConsumerDebug" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>DEBUG</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd} +</fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>${debugPattern}</pattern> + </encoder> + </appender> + <appender name="dmaapAAIEventConsumerInfo" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>INFO</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <File>${logDirectory}/dmaapAAIEventConsumer/dmaap-transaction.log</File> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/dmaap-transaction.log.%d{yyyy-MM-dd} +</fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>${auditPattern}</pattern> + </encoder> + </appender> + <appender name="dmaapAAIEventConsumerMetric" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>INFO</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd} +</fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>${metricPattern}</pattern> + </encoder> + </appender> + <appender name="external" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>WARN</level> + </filter> + <file>${logDirectory}/external/external.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd} +</fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>${debugPattern}</pattern> + </encoder> + </appender> + <appender name="auth" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>DEBUG</level> + </filter> + <file>${logDirectory}/auth/auth.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/auth/auth.log.%d{yyyy-MM-dd} +</fileNamePattern> + </rollingPolicy> + <encoder> + <pattern>%d{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}[%thread] %-5level %logger{1024} - %msg%n</pattern> + </encoder> + </appender> + <appender name="asyncAUTH" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>1000</queueSize> + <includeCallerData>true</includeCallerData> + <appender-ref ref="auth" /> + </appender> + <!-- logback internals logging --> - <logger name="ch.qos.logback.classic" level="WARN" /> - <logger name="ch.qos.logback.core" level="WARN" /> + <logger name="ch.qos.logback.classic" level="WARN" /> + <logger name="ch.qos.logback.core" level="WARN" /> - <logger name="com.att.aft.dme2" level="WARN" /> - <logger name="com.jayway.jsonpath" level="WARN" /> + <logger name="com.att.aft.dme2" level="WARN" /> + <logger name="com.jayway.jsonpath" level="WARN" /> - <logger name="org.apache" level="OFF" /> - <logger name="org.apache.commons" level="WARN" /> - <logger name="org.apache.zookeeper" level="OFF" /> - <logger name="org.codehaus.groovy" level="WARN" /> - <logger name="org.eclipse.jetty" level="WARN" /> - <!-- Spring related loggers --> - <logger name="org.springframework" level="WARN" /> - <logger name="org.springframework.beans" level="WARN" /> - <logger name="org.springframework.web" level="WARN" /> - <logger name="org.janusgraph" level="WARN" /> - <logger name="org.zookeeper" level="OFF" /> + <logger name="org.apache" level="OFF" /> + <logger name="org.apache.commons" level="WARN" /> + <logger name="org.apache.zookeeper" level="OFF" /> + <logger name="org.codehaus.groovy" level="WARN" /> + <logger name="org.eclipse.jetty" level="WARN" /> + <!-- Spring related loggers --> + <logger name="org.springframework" level="WARN" /> + <logger name="org.springframework.beans" level="WARN" /> + <logger name="org.springframework.web" level="WARN" /> + <logger name="org.janusgraph" level="WARN" /> + <logger name="org.zookeeper" level="OFF" /> - <logger name="org.onap.aai" level="DEBUG" additivity="false"> - <appender-ref ref="asyncDEBUG" /> - <appender-ref ref="asyncSANE" /> - <appender-ref ref="STDOUT" /> - </logger> - <logger name="org.onap.aai.aaf.auth" level="DEBUG" additivity="false"> - <appender-ref ref="asyncAUTH" /> - <appender-ref ref="STDOUT" /> - </logger> - <logger name="org.onap.aai.aailog.logs.AaiScheduledTaskAuditLog" level="INFO"> - <appender-ref ref="asyncAUDIT"/> - </logger> - <logger name="org.onap.logging.filter.base.AbstractAuditLogFilter" level="INFO"> - <appender-ref ref="asyncAUDIT"/> - </logger> - <logger name="org.onap.aai.aailog.logs.AaiDBMetricLog" level="INFO"> - <appender-ref ref="asyncMETRIC"/> - </logger> - <logger name="org.onap.aai.aailog.logs.AaiDmaapMetricLog" level="INFO"> - <appender-ref ref="dmaapAAIEventConsumerMetric"/> - </logger> - <logger name="org.onap.aai.logging.ErrorLogHelper" level="WARN"> - <appender-ref ref="asyncERROR"/> - </logger> - <logger name="org.onap.aai.interceptors.post" level="DEBUG" additivity="false"> - <appender-ref ref="asynctranslog" /> - <appender-ref ref="STDOUT" /> - </logger> + <logger name="org.onap.aai" level="DEBUG" additivity="false"> + <appender-ref ref="asyncDEBUG" /> + <appender-ref ref="asyncSANE" /> + <appender-ref ref="STDOUT" /> + </logger> + <logger name="org.onap.aai.aaf.auth" level="DEBUG" additivity="false"> + <appender-ref ref="asyncAUTH" /> + <appender-ref ref="STDOUT" /> + </logger> + <logger name="org.onap.aai.aailog.logs.AaiScheduledTaskAuditLog" level="INFO"> + <appender-ref ref="asyncAUDIT" /> + </logger> + <logger name="org.onap.logging.filter.base.AbstractAuditLogFilter" level="INFO"> + <appender-ref ref="asyncAUDIT" /> + </logger> + <logger name="org.onap.aai.aailog.logs.AaiDBMetricLog" level="INFO"> + <appender-ref ref="asyncMETRIC" /> + </logger> + <logger name="org.onap.aai.aailog.logs.AaiDmaapMetricLog" level="INFO"> + <appender-ref ref="dmaapAAIEventConsumerMetric" /> + </logger> + <logger name="org.onap.aai.logging.ErrorLogHelper" level="WARN"> + <appender-ref ref="asyncERROR" /> + </logger> + <logger name="org.onap.aai.interceptors.post" level="DEBUG" additivity="false"> + <appender-ref ref="asynctranslog" /> + <appender-ref ref="STDOUT" /> + </logger> - <logger name="org.onap.aai.dmaap" level="DEBUG" additivity="false"> - <appender-ref ref="dmaapAAIEventConsumer" /> - <appender-ref ref="dmaapAAIEventConsumerDebug" /> - </logger> + <logger name="org.onap.aai.dmaap" level="DEBUG" additivity="false"> + <appender-ref ref="dmaapAAIEventConsumer" /> + <appender-ref ref="dmaapAAIEventConsumerDebug" /> + </logger> - <logger name="com.att.nsa.mr" level="INFO" > - <appender-ref ref="dmaapAAIEventConsumerInfo" /> - </logger> + <logger name="com.att.nsa.mr" level="INFO"> + <appender-ref ref="dmaapAAIEventConsumerInfo" /> + </logger> - <root level="DEBUG"> - <appender-ref ref="external" /> - <appender-ref ref="STDOUT" /> - </root> -</configuration> + <root level="DEBUG"> + <appender-ref ref="external" /> + <appender-ref ref="STDOUT" /> + </root> +</configuration>
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-traversal/templates/configmap.yaml b/kubernetes/aai/components/aai-traversal/templates/configmap.yaml index 5c6dc7293d..c0bcb3b491 100644 --- a/kubernetes/aai/components/aai-traversal/templates/configmap.yaml +++ b/kubernetes/aai/components/aai-traversal/templates/configmap.yaml @@ -1,5 +1,6 @@ {{/* # Copyright © 2018 Amdocs, Bell Canada, AT&T +# Copyright © 2021 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,7 +18,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-configmap + name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -48,19 +49,3 @@ data: {{ tpl (.Files.Glob "resources/config/aaf/permissions.properties").AsConfig . | indent 2 }} {{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.props").AsConfig . | indent 2 }} {{ tpl (.Files.Glob "resources/config/aaf/cadi.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-aaf-keys - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }} diff --git a/kubernetes/aai/components/aai-traversal/templates/deployment.yaml b/kubernetes/aai/components/aai-traversal/templates/deployment.yaml index 6f5ac8263b..23621491e7 100644 --- a/kubernetes/aai/components/aai-traversal/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-traversal/templates/deployment.yaml @@ -91,31 +91,28 @@ spec: {{- end }} spec: hostname: aai-traversal - {{ if .Values.global.initContainers.enabled }} - initContainers: + initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }} - command: - {{ if .Values.global.jobs.migration.enabled }} - /app/ready.py args: + {{- if .Values.global.jobs.migration.enabled }} - --job-name - {{ include "common.release" . }}-aai-graphadmin-migration - {{ else if .Values.global.jobs.createSchema.enabled }} - - /app/ready.py - args: + {{- else }} + {{- if .Values.global.jobs.createSchema.enabled }} - --job-name - {{ include "common.release" . }}-aai-graphadmin-create-db-schema - {{ else }} - - /app/ready.py - args: + {{- else }} - --container-name - {{- if .Values.global.cassandra.localCluster }} + {{- if .Values.global.cassandra.localCluster }} - aai-cassandra - {{- else }} + {{- else }} - cassandra - {{- end }} + {{- end }} - --container-name - aai-schema-service - {{ end }} + {{- end }} + {{- end }} env: - name: NAMESPACE valueFrom: @@ -125,19 +122,29 @@ spec: image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness - {{ end }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + args: + - -c + - | + echo "*** retrieve Truststore and Keystore password" + export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0) + echo "*** actual launch of AAI Resources" + /bin/bash /opt/app/aai-traversal/docker-entrypoint.sh env: + - name: TRUSTORE_ALL_PASSWORD + value: {{ .Values.certInitializer.truststoreAllPassword }} - name: DISABLE_UPDATE_QUERY value: {{ .Values.config.disableUpdateQuery | quote }} - name: LOCAL_USER_ID value: {{ .Values.global.config.userId | quote }} - name: LOCAL_GROUP_ID value: {{ .Values.global.config.groupId | quote }} - volumeMounts: + volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} - mountPath: /etc/localtime name: localtime readOnly: true @@ -163,9 +170,6 @@ spec: - mountPath: /opt/app/aai-traversal/resources/etc/auth/realm.properties name: {{ include "common.fullname" . }}-config subPath: realm.properties - - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile - name: {{ include "common.fullname" . }}-aaf-certs - subPath: org.onap.aai.keyfile - mountPath: /opt/app/aai-traversal/resources/aaf/bath_config.csv name: {{ include "common.fullname" . }}-aaf-certs subPath: bath_config.csv @@ -181,21 +185,9 @@ spec: - mountPath: /opt/app/aai-traversal/resources/cadi.properties name: {{ include "common.fullname" . }}-aaf-properties subPath: cadi.properties - - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.p12 - name: {{ include "common.fullname" . }}-aaf-certs - subPath: org.onap.aai.p12 - - mountPath: /opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks - name: aai-common-aai-auth-mount - subPath: truststoreONAPall.jks - mountPath: /opt/app/aai-traversal/resources/application.properties name: {{ include "common.fullname" . }}-config subPath: application.properties - {{ $global := . }} - {{ range $job := .Values.global.config.auth.files }} - - mountPath: /opt/app/aai-traversal/resources/etc/auth/{{ . }} - name: {{ include "common.fullname" $global }}-auth-truststore-sec - subPath: {{ . }} - {{ end }} ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} @@ -218,7 +210,7 @@ spec: {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} + {{- end }} {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | indent 8 }} @@ -238,7 +230,7 @@ spec: name: {{ include "common.fullname" . }}-filebeat resources: {{ include "common.resources" . }} - volumes: + volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: path: /etc/localtime @@ -253,24 +245,16 @@ spec: emptyDir: {} - name: {{ include "common.fullname" . }}-config configMap: - name: {{ include "common.fullname" . }}-configmap + name: {{ include "common.fullname" . }} - name: {{ include "common.fullname" . }}-aaf-properties configMap: name: {{ include "common.fullname" . }}-aaf-props - name: {{ include "common.fullname" . }}-aaf-certs secret: - secretName: {{ include "common.fullname" . }}-aaf-keys + secretName: {{ include "common.fullname" . }}-aaf - name: aai-common-aai-auth-mount secret: secretName: aai-common-aai-auth - - name: {{ include "common.fullname" . }}-auth-truststore-sec - secret: - secretName: aai-common-truststore - items: - {{ range $job := .Values.global.config.auth.files }} - - key: {{ . }} - path: {{ . }} - {{ end }} restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/components/aai-traversal/templates/job.yaml b/kubernetes/aai/components/aai-traversal/templates/job.yaml index 16e7022c0d..2eac7fe722 100644 --- a/kubernetes/aai/components/aai-traversal/templates/job.yaml +++ b/kubernetes/aai/components/aai-traversal/templates/job.yaml @@ -106,12 +106,6 @@ spec: - mountPath: /opt/app/aai-traversal/resources/application.properties name: {{ include "common.fullname" . }}-config subPath: application.properties - {{ $global := . }} - {{ range $job := .Values.global.config.auth.files }} - - mountPath: /opt/app/aai-traversal/resources/etc/auth/{{ . }} - name: {{ include "common.fullname" $global }}-auth-truststore-sec - subPath: {{ . }} - {{ end }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container volumes: @@ -129,15 +123,7 @@ spec: emptyDir: {} - name: {{ include "common.fullname" . }}-config configMap: - name: {{ include "common.fullname" . }}-configmap - - name: {{ include "common.fullname" . }}-auth-truststore-sec - secret: - secretName: aai-common-truststore - items: - {{ range $job := .Values.global.config.auth.files }} - - key: {{ . }} - path: {{ . }} - {{ end }} + name: {{ include "common.fullname" . }} restartPolicy: OnFailure imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/components/aai-data-router/templates/secret.yaml b/kubernetes/aai/components/aai-traversal/templates/secret.yaml index d6013c832e..8e022fe6b0 100644 --- a/kubernetes/aai/components/aai-data-router/templates/secret.yaml +++ b/kubernetes/aai/components/aai-traversal/templates/secret.yaml @@ -1,5 +1,6 @@ {{/* # Copyright © 2018 Amdocs, Bell Canada, AT&T +# Copyright © 2021 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,7 +18,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-aaf namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -26,4 +27,4 @@ metadata: heritage: {{ .Release.Service }} type: Opaque data: -{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }}
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-traversal/templates/service.yaml b/kubernetes/aai/components/aai-traversal/templates/service.yaml index 66dfd493dd..fad857bb41 100644 --- a/kubernetes/aai/components/aai-traversal/templates/service.yaml +++ b/kubernetes/aai/components/aai-traversal/templates/service.yaml @@ -43,4 +43,3 @@ spec: selector: app: {{ include "common.name" . }} release: {{ include "common.release" . }} - clusterIP: None diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml index 0242cedd0b..1e3a9629f6 100644 --- a/kubernetes/aai/components/aai-traversal/values.yaml +++ b/kubernetes/aai/components/aai-traversal/values.yaml @@ -26,8 +26,6 @@ global: # global defaults #Override it to aai-cassandra if localCluster is enabled. serviceName: cassandra - initContainers: - enabled: true # Specifies a list of jobs to be run jobs: # When enabled, it will create the schema based on oxm and edge rules @@ -104,28 +102,45 @@ global: # global defaults edge: label: v12 - # Keystore configuration password and filename - keystore: - filename: aai_keystore - passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 - - # Truststore configuration password and filename - truststore: - filename: aai_keystore - passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 - - # Specifies a list of files to be included in auth volume - auth: - files: - - aai_keystore - # Specifies which clients should always default to realtime graph connection realtime: clients: SDNC,MSO,SO,robot-ete +################################################################# +# Certificate configuration +################################################################# +certInitializer: + nameOverride: aai-traversal-cert-initializer + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + fqdn: aai-traversal + fqi: aai-traversal@aai-traversal.onap.org + public_fqdn: aai-traversal.onap.org + cadi_longitude: "0.0" + cadi_latitude: "0.0" + app_ns: org.osaaf.aaf + credsPath: /opt/app/osaaf/local + fqi_namespace: org.onap.aai-traversal + aaf_add_config: | + echo "*** retrieving password for keystore and trustore" + export $(/opt/app/aaf_config/bin/agent.sh local showpass \ + {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c' | xargs -0) + if [ -z "$cadi_keystore_password_p12" ] + then + echo " /!\ certificates retrieval wasn't good" + exit 1 + else + echo "*** writing passwords into prop file" + echo "KEYSTORE_PASSWORD=${cadi_keystore_password_p12}" > {{ .Values.credsPath }}/mycreds.prop + echo "TRUSTSTORE_PASSWORD=${cadi_truststore_password}" >> {{ .Values.credsPath }}/mycreds.prop + echo "*** change ownership of certificates to targeted user" + chown -R 1000 {{ .Values.credsPath }} + fi + truststoreAllPassword: changeit # application image -image: onap/aai-traversal:1.7.2 +image: onap/aai-traversal:1.8.0 pullPolicy: Always restartPolicy: Always flavor: small |