summaryrefslogtreecommitdiffstats
path: root/kubernetes/cds
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/cds')
-rw-r--r--kubernetes/cds/Chart.yaml16
-rwxr-xr-xkubernetes/cds/components/cds-blueprints-processor/Chart.yaml10
-rwxr-xr-xkubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties101
-rw-r--r--kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-topics.yaml68
-rw-r--r--kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-user.yaml49
-rwxr-xr-xkubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml13
-rwxr-xr-xkubernetes/cds/components/cds-blueprints-processor/templates/service.yaml2
-rwxr-xr-xkubernetes/cds/components/cds-blueprints-processor/values.yaml82
-rwxr-xr-xkubernetes/cds/components/cds-command-executor/Chart.yaml8
-rwxr-xr-xkubernetes/cds/components/cds-command-executor/values.yaml6
-rwxr-xr-xkubernetes/cds/components/cds-py-executor/Chart.yaml8
-rwxr-xr-xkubernetes/cds/components/cds-py-executor/values.yaml4
-rwxr-xr-xkubernetes/cds/components/cds-sdc-listener/Chart.yaml8
-rw-r--r--kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml7
-rw-r--r--kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml5
-rw-r--r--kubernetes/cds/components/cds-sdc-listener/templates/service.yaml2
-rw-r--r--kubernetes/cds/components/cds-sdc-listener/values.yaml2
-rw-r--r--kubernetes/cds/components/cds-ui/Chart.yaml10
-rw-r--r--kubernetes/cds/components/cds-ui/values.yaml4
-rw-r--r--kubernetes/cds/values.yaml3
20 files changed, 325 insertions, 83 deletions
diff --git a/kubernetes/cds/Chart.yaml b/kubernetes/cds/Chart.yaml
index 2659767929..7115e9e39f 100644
--- a/kubernetes/cds/Chart.yaml
+++ b/kubernetes/cds/Chart.yaml
@@ -17,32 +17,32 @@
apiVersion: v2
description: ONAP Controller Design Studio (CDS)
name: cds
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: mariadb-galera
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: cds-blueprints-processor
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/cds-blueprints-processor'
condition: cds-blueprints-processor.enabled
- name: cds-command-executor
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/cds-command-executor'
condition: cds-command-executor.enabled
- name: cds-py-executor
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/cds-py-executor'
condition: cds-py-executor.enabled
- name: cds-sdc-listener
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/cds-sdc-listener'
condition: cds-sdc-listener.enabled
- name: cds-ui
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/cds-ui'
condition: cds-ui.enabled
diff --git a/kubernetes/cds/components/cds-blueprints-processor/Chart.yaml b/kubernetes/cds/components/cds-blueprints-processor/Chart.yaml
index 4374926e40..2002e5695b 100755
--- a/kubernetes/cds/components/cds-blueprints-processor/Chart.yaml
+++ b/kubernetes/cds/components/cds-blueprints-processor/Chart.yaml
@@ -17,18 +17,18 @@
apiVersion: v2
description: ONAP CDS Blueprints Processor
name: cds-blueprints-processor
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
diff --git a/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties b/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties
index ea799e2119..2818fd99b4 100755
--- a/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties
+++ b/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties
@@ -1,6 +1,6 @@
{{/*
#
-# Copyright (c) 2017-2019 AT&T, IBM, Bell Canada, Nordix Foundation.
+# Copyright (c) 2017-2022 AT&T, IBM, Bell Canada, Nordix Foundation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -18,7 +18,7 @@
### START -Controller Blueprints Properties
# Load Resource Source Mappings
*/}}
-resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,sdnc=source-rest,aai-data=source-rest,capability=source-capability,rest=source-rest,vault-data=source-rest,script=source-capability
+resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,sdnc=source-rest,aai-data=source-rest,capability=source-capability,rest=source-rest,vault-data=source-rest,script=source-capability,cps-data=source-rest
# Blueprint Processor File Execution and Handling Properties
blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy
@@ -101,27 +101,90 @@ blueprintsprocessor.restclient.sdnc.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoG
# AAI Data REST Client settings
blueprintsprocessor.restclient.aai-data.type=basic-auth
-blueprintsprocessor.restclient.aai-data.url=https://aai:8443
+{{ if ( include "common.needTLS" .) }}
+blueprintsprocessor.restclient.aai-data.url=https://{{ .Values.global.aaiData.ServiceName }}:8443
+{{- else -}}
+blueprintsprocessor.restclient.aai-data.url=http://{{ .Values.global.aaiData.ServiceName }}:{{ .Values.global.aaiData.ExternalPlainPort }}
+{{- end }}
blueprintsprocessor.restclient.aai-data.username=aai@aai.onap.org
blueprintsprocessor.restclient.aai-data.password=demo123456!
blueprintsprocessor.restclient.aai-data.additionalHeaders.X-TransactionId=cds-transaction-id
blueprintsprocessor.restclient.aai-data.additionalHeaders.X-FromAppId=cds-app-id
blueprintsprocessor.restclient.aai-data.additionalHeaders.Accept=application/json
+# CPS Data
+blueprintsprocessor.restclient.cps-data.type=basic-auth
+blueprintsprocessor.restclient.cps-data.url=http://cps-core:8080
+blueprintsprocessor.restclient.cps-data.username=${CPS_USER}
+blueprintsprocessor.restclient.cps-data.password=${CPS_PASS_PLAIN}
+blueprintsprocessor.restclient.cps-data.additionalHeaders.Accept=application/json
+blueprintsprocessor.restclient.cps-data.additionalHeaders.Content-Type=application/json
+
# Self Service Request Kafka Message Consumer
-blueprintsprocessor.messageconsumer.self-service-api.kafkaEnable=false
-blueprintsprocessor.messageconsumer.self-service-api.type=kafka-basic-auth
-blueprintsprocessor.messageconsumer.self-service-api.bootstrapServers=message-router-kafka:9092
-blueprintsprocessor.messageconsumer.self-service-api.groupId=cds-consumer-group
-blueprintsprocessor.messageconsumer.self-service-api.topic=cds-consumer
-blueprintsprocessor.messageconsumer.self-service-api.clientId=cds-client
-blueprintsprocessor.messageconsumer.self-service-api.pollMillSec=1000
+blueprintsprocessor.messageconsumer.self-service-api.kafkaEnable={{ .Values.kafkaRequestConsumer.enabled }}
+blueprintsprocessor.messageconsumer.self-service-api.type={{ .Values.kafkaRequestConsumer.type }}
+{{ if eq .Values.useStrimziKafka true }}
+blueprintsprocessor.messageconsumer.self-service-api.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092
+{{- else -}}
+blueprintsprocessor.messageconsumer.self-service-api.bootstrapServers={{ .Values.kafkaRequestConsumer.bootstrapServers }}
+{{- end }}
+blueprintsprocessor.messageconsumer.self-service-api.groupId={{ .Values.kafkaRequestConsumer.groupId }}
+blueprintsprocessor.messageconsumer.self-service-api.topic={{ .Values.kafkaRequestConsumer.topic }}
+blueprintsprocessor.messageconsumer.self-service-api.clientId={{ .Values.kafkaRequestConsumer.clientId }}
+blueprintsprocessor.messageconsumer.self-service-api.pollMillSec={{ .Values.kafkaRequestConsumer.pollMillSec }}
+{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }}
+# SCRAM
+blueprintsprocessor.messageconsumer.self-service-api.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }}
+blueprintsprocessor.messageconsumer.self-service-api.scramPassword=${JAAS_PASS}
+{{ end }}
# Self Service Response Kafka Message Producer
-blueprintsprocessor.messageproducer.self-service-api.bootstrapServers=message-router-kafka:9092
-
-# Kafka Audit Service Configurations
-blueprintsprocessor.messageproducer.self-service-api.audit.kafkaEnable=false
+blueprintsprocessor.messageproducer.self-service-api.type={{ .Values.kafkaRequestProducer.type }}
+{{ if eq .Values.useStrimziKafka true }}
+blueprintsprocessor.messageproducer.self-service-api.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092
+{{- else -}}
+blueprintsprocessor.messageproducer.self-service-api.bootstrapServers={{ .Values.kafkaRequestProducer.bootstrapServers }}
+{{- end }}
+blueprintsprocessor.messageproducer.self-service-api.clientId={{ .Values.kafkaRequestProducer.clientId }}
+blueprintsprocessor.messageproducer.self-service-api.topic={{ .Values.kafkaRequestProducer.topic }}
+{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }}
+# SCRAM
+blueprintsprocessor.messageproducer.self-service-api.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }}
+blueprintsprocessor.messageproducer.self-service-api.scramPassword=${JAAS_PASS}
+{{ end }}
+
+# AUDIT KAFKA FEATURE CONFIGURATION
+# Audit feature dumps CDS request to a topic as well as a truncated response message to another topic.
+## Audit request
+blueprintsprocessor.messageproducer.self-service-api.audit.kafkaEnable={{ .Values.kafkaAuditRequest.enabled }}
+blueprintsprocessor.messageproducer.self-service-api.audit.request.type={{ .Values.kafkaAuditRequest.type }}
+{{ if eq .Values.useStrimziKafka true }}
+blueprintsprocessor.messageproducer.self-service-api.audit.request.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092
+{{- else -}}
+blueprintsprocessor.messageproducer.self-service-api.audit.request.bootstrapServers={{ .Values.kafkaAuditRequest.bootstrapServers }}
+{{- end }}
+blueprintsprocessor.messageproducer.self-service-api.audit.request.clientId={{ .Values.kafkaAuditRequest.clientId }}
+blueprintsprocessor.messageproducer.self-service-api.audit.request.topic={{ .Values.kafkaAuditRequest.topic }}
+{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }}
+# SCRAM
+blueprintsprocessor.messageproducer.self-service-api.audit.request.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }}
+blueprintsprocessor.messageproducer.self-service-api.audit.request.scramPassword=${JAAS_PASS}
+{{ end }}
+
+## Audit response
+blueprintsprocessor.messageproducer.self-service-api.audit.response.type={{ .Values.kafkaAuditResponse.type }}
+{{ if eq .Values.useStrimziKafka true }}
+blueprintsprocessor.messageproducer.self-service-api.audit.response.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092
+{{- else -}}
+blueprintsprocessor.messageproducer.self-service-api.audit.response.bootstrapServers={{ .Values.kafkaAuditRequest.bootstrapServers }}
+{{- end }}
+blueprintsprocessor.messageproducer.self-service-api.audit.response.clientId={{ .Values.kafkaAuditResponse.clientId }}
+blueprintsprocessor.messageproducer.self-service-api.audit.response.topic={{ .Values.kafkaAuditResponse.topic }}
+{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }}
+# SCRAM
+blueprintsprocessor.messageproducer.self-service-api.audit.response.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }}
+blueprintsprocessor.messageproducer.self-service-api.audit.response.scramPassword=${JAAS_PASS}
+{{ end }}
# Executor Options
blueprintsprocessor.resourceResolution.enabled=true
@@ -132,10 +195,10 @@ blueprintsprocessor.remoteScriptCommand.enabled=true
## Enable py-executor
blueprintsprocessor.streamingRemoteExecution.enabled=true
-# Used in Health Check
-blueprintsprocessor.messageproducer.self-service-api.type=kafka-basic-auth
-blueprintsprocessor.messageproducer.self-service-api.clientId=cds-client
-blueprintsprocessor.messageproducer.self-service-api.topic=cds-producer
+## Used in Health Check
+#blueprintsprocessor.messageproducer.self-service-api.type=kafka-basic-auth
+#blueprintsprocessor.messageproducer.self-service-api.clientId=cds-client
+#blueprintsprocessor.messageproducer.self-service-api.topic=cds-producer
#Encrypted username and password for health check service
@@ -143,7 +206,7 @@ endpoints.user.name=eHbVUbJAj4AG2522cSbrOQ==
endpoints.user.password=eHbVUbJAj4AG2522cSbrOQ==
#BaseUrls for health check blueprint processor services
-blueprintprocessor.healthcheck.baseUrl=http://localhost:8080/
+blueprintprocessor.healthcheck.baseUrl=http://cds-blueprints-processor-http:8080/
blueprintprocessor.healthcheck.mapping-service-name-with-service-link=[Execution service,/api/v1/execution-service/health-check],[Resources service,/api/v1/resources/health-check],[Template service,/api/v1/template/health-check]
#BaseUrls for health check Cds Listener services
diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-topics.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-topics.yaml
new file mode 100644
index 0000000000..555f4d4e60
--- /dev/null
+++ b/kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-topics.yaml
@@ -0,0 +1,68 @@
+{{/*
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{ if eq .Values.useStrimziKafka true }}
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: {{ .Values.kafkaRequestConsumer.topic }}
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ partitions: 10
+ replicas: 2
+ config:
+ retention.ms: 7200000
+ segment.bytes: 1073741824
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: {{ .Values.kafkaRequestProducer.topic }}
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ partitions: 10
+ replicas: 2
+ config:
+ retention.ms: 7200000
+ segment.bytes: 1073741824
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: {{ .Values.kafkaAuditRequest.topic }}
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ partitions: 10
+ replicas: 2
+ config:
+ retention.ms: 7200000
+ segment.bytes: 1073741824
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: {{ .Values.kafkaAuditResponse.topic }}
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ partitions: 10
+ replicas: 2
+ config:
+ retention.ms: 7200000
+ segment.bytes: 1073741824
+{{ end }} \ No newline at end of file
diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-user.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-user.yaml
new file mode 100644
index 0000000000..65ee1d2a96
--- /dev/null
+++ b/kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-user.yaml
@@ -0,0 +1,49 @@
+{{/*
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{ if eq .Values.useStrimziKafka true }}
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaUser
+metadata:
+ name: {{ include "common.release" . }}-{{ .Values.cdsKafkaUser }}
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ authentication:
+ type: scram-sha-512
+ authorization:
+ type: simple
+ acls:
+ - resource:
+ type: group
+ name: {{ .Values.kafkaRequestConsumer.groupId }}
+ operation: All
+ - resource:
+ type: topic
+ name: {{ .Values.kafkaRequestConsumer.topic }}
+ operation: All
+ - resource:
+ type: topic
+ name: {{ .Values.kafkaRequestProducer.topic }}
+ operation: All
+ - resource:
+ type: topic
+ name: {{ .Values.kafkaAuditRequest.topic }}
+ operation: All
+ - resource:
+ type: topic
+ name: {{ .Values.kafkaAuditResponse.topic }}
+ operation: All
+{{ end }} \ No newline at end of file
diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml
index d92f09a4c8..1e4f5e10a0 100755
--- a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml
+++ b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml
@@ -1,6 +1,7 @@
{{/*
# Copyright (c) 2019 IBM, Bell Canada
# Copyright (c) 2020 Samsung Electronics
+# Modification Copyright © 2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -78,10 +79,6 @@ spec:
args:
- --container-name
- cds-db
- {{- if .Values.dmaapEnabled }}
- - --container-name
- - message-router
- {{ end }}
env:
- name: NAMESPACE
valueFrom:
@@ -121,6 +118,14 @@ spec:
fieldPath: metadata.name
- name: CLUSTER_CONFIG_FILE
value: {{ .Values.config.appConfigDir }}/hazelcast.yaml
+ - name: CPS_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "login") | indent 12 }}
+ - name: CPS_PASS_PLAIN
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "password") | indent 12 }}
+ {{ if .Values.useStrimziKafka }}
+ - name: JAAS_PASS
+ value: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-kafka-secret" "key" "password") | indent 12 }}
+ {{ end }}
ports:
- containerPort: {{ .Values.service.http.internalPort }}
- containerPort: {{ .Values.service.grpc.internalPort }}
diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/service.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/service.yaml
index 5d2e438e1e..153740c553 100755
--- a/kubernetes/cds/components/cds-blueprints-processor/templates/service.yaml
+++ b/kubernetes/cds/components/cds-blueprints-processor/templates/service.yaml
@@ -33,7 +33,7 @@ spec:
{{- if eq .Values.service.http.type "NodePort"}}
nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.http.nodePort }}
{{- end}}
- name: {{ .Values.service.http.portName | default "http" }}
+ name: {{ .Values.service.http.portName | default "http" }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
selector:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
diff --git a/kubernetes/cds/components/cds-blueprints-processor/values.yaml b/kubernetes/cds/components/cds-blueprints-processor/values.yaml
index a5180c53c6..023bf4917b 100755
--- a/kubernetes/cds/components/cds-blueprints-processor/values.yaml
+++ b/kubernetes/cds/components/cds-blueprints-processor/values.yaml
@@ -1,5 +1,6 @@
# Copyright (c) 2019 IBM, Bell Canada
# Copyright (c) 2020 Samsung Electronics
+# Modification Copyright © 2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -27,10 +28,17 @@ global:
persistence:
mountPath: /dockerdata-nfs
- #This configuration specifies Service and port for SDNC OAM interface
+ # This configuration specifies Service and port for SDNC OAM interface
sdncOamService: sdnc-oam
sdncOamPort: 8282
+ # This concerns CDS/AAI communication through HTTP when TLS is not being needed
+ # Port value should match the one in aai/values.yml : service.externalPlainPort
+ aaiData:
+ ExternalPlainPort: 80 # when TLS is not needed
+ ServiceName: aai # domain
+ # http://aai:80 or https://aai:443
+
#AAF is enabled by default
#aafEnabled: true
@@ -57,6 +65,19 @@ secrets:
externalSecret: '{{ tpl (default "" .Values.config.sdncDB.dbRootPassExternalSecret) . }}'
password: '{{ .Values.config.sdncDB.dbRootPass }}'
passwordPolicy: required
+ - uid: cds-kafka-secret
+ externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
+ type: genericKV
+ envs:
+ - name: password
+ value: '{{ .Values.config.someConfig }}'
+ policy: generate
+ - uid: cps-creds
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.cps.cpsUserExternalSecret) . }}'
+ login: '{{ .Values.config.cps.cpsUsername }}'
+ password: '{{ .Values.config.cps.cpsPassword }}'
+ passwordPolicy: required
#################################################################
# AAF part
@@ -100,7 +121,7 @@ config:
dbService: mariadb-galera
dbPort: 3306
dbName: sdnctl
- #dbRootPass: Custom root password
+ # dbRootPass: Custom root password
dbRootPassExternalSecret: '{{ include "common.mariadb.secret.rootPassSecretName" ( dict "dot" . "chartName" .Values.config.sdncDB.dbService ) }}'
cdsDB:
dbServer: cds-db
@@ -111,6 +132,11 @@ config:
# dbCredsExternalSecret: <some secret name>
# dbRootPassword: password
# dbRootPassExternalSecret
+ someConfig: blah
+ cps:
+ cpsUsername: ''
+ cpsPassword: ''
+ cpsUserExternalSecret: '{{ include "common.release" . }}-cps-core-app-user-creds'
# default number of instances
replicaCount: 1
@@ -119,10 +145,40 @@ nodeSelector: {}
affinity: {}
-# flag for kafka-listener dependency. Set to true if you are using message-router otherwise set to false if you are using
-# custom kafka cluster.
-dmaapEnabled: true
+# If useStrimziKafka is true, the following also applies:
+# strimzi will create an associated kafka user and the topics defined for Request and Audit elements below.
+# The connection type must be kafka-scram-plain-text-auth
+# The bootstrapServers will target the strimzi kafka cluster by default
+useStrimziKafka: false
+cdsKafkaUser: cds-kafka-user
+kafkaRequestConsumer:
+ enabled: false
+ type: kafka-scram-plain-text-auth
+ bootstrapServers: host:port
+ groupId: cds-consumer
+ topic: cds.blueprint-processor.self-service-api.request
+ clientId: request-receiver-client-id
+ pollMillSec: 1000
+kafkaRequestProducer:
+ type: kafka-scram-plain-text-auth
+ bootstrapServers: host:port
+ clientId: request-producer-client-id
+ topic: cds.blueprint-processor.self-service-api.response
+ enableIdempotence: false
+kafkaAuditRequest:
+ enabled: false
+ type: kafka-scram-plain-text-auth
+ bootstrapServers: host:port
+ clientId: audit-request-producer-client-id
+ topic: cds.blueprint-processor.self-service-api.audit.request
+ enableIdempotence: false
+kafkaAuditResponse:
+ type: kafka-scram-plain-text-auth
+ bootstrapServers: host:port
+ clientId: audit-response-producer-client-id
+ topic: cds.blueprint-processor.self-service-api.audit.response
+ enableIdempotence: false
# probe configuration parameters
startup:
@@ -131,12 +187,12 @@ startup:
periodSeconds: 10
liveness:
- initialDelaySeconds: 0
+ initialDelaySeconds: 1
periodSeconds: 20
- timeoutSeconds: 20
+ timeoutSeconds: 30
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
- enabled: true
+ enabled: false
readiness:
initialDelaySeconds: 120
@@ -146,17 +202,17 @@ readiness:
service:
http:
type: ClusterIP
- portName: blueprints-processor-http
+ portName: http
internalPort: 8080
externalPort: 8080
grpc:
type: ClusterIP
- portName: blueprints-processor-grpc
+ portName: grpc
internalPort: 9111
externalPort: 9111
cluster:
type: ClusterIP
- portName: blueprints-processor-cluster
+ portName: tcp-cluster
internalPort: 5701
externalPort: 5701
@@ -184,8 +240,8 @@ ingress:
- baseaddr: "blueprintsprocessorhttp"
name: "cds-blueprints-processor-http"
port: 8080
- config:
- ssl: "none"
+ config:
+ ssl: "none"
logback:
rootLogLevel: INFO
diff --git a/kubernetes/cds/components/cds-command-executor/Chart.yaml b/kubernetes/cds/components/cds-command-executor/Chart.yaml
index e6b87930e3..6749d8d9e8 100755
--- a/kubernetes/cds/components/cds-command-executor/Chart.yaml
+++ b/kubernetes/cds/components/cds-command-executor/Chart.yaml
@@ -17,15 +17,15 @@
apiVersion: v2
description: ONAP CDS Command Executor
name: cds-command-executor
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local' \ No newline at end of file
diff --git a/kubernetes/cds/components/cds-command-executor/values.yaml b/kubernetes/cds/components/cds-command-executor/values.yaml
index b0c1e35cba..e2511401f3 100755
--- a/kubernetes/cds/components/cds-command-executor/values.yaml
+++ b/kubernetes/cds/components/cds-command-executor/values.yaml
@@ -63,11 +63,11 @@ readiness:
service:
type: ClusterIP
grpc:
- portName: command-executor-grpc
+ portName: grpc
internalPort: 50051
externalPort: 50051
metrics:
- portName: command-executor-metrics
+ portName: tcp-metrics
internalPort: 10005
externalPort: 10005
@@ -105,7 +105,7 @@ serviceAccount:
metrics:
serviceMonitor:
enabled: false
- port: command-executor-metrics
+ port: tcp-metrics
path: /actuator/prometheus
basicAuth:
enabled: false
diff --git a/kubernetes/cds/components/cds-py-executor/Chart.yaml b/kubernetes/cds/components/cds-py-executor/Chart.yaml
index 702d183555..cf09b56b96 100755
--- a/kubernetes/cds/components/cds-py-executor/Chart.yaml
+++ b/kubernetes/cds/components/cds-py-executor/Chart.yaml
@@ -17,15 +17,15 @@
apiVersion: v2
description: ONAP CDS Py Executor
name: cds-py-executor
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
diff --git a/kubernetes/cds/components/cds-py-executor/values.yaml b/kubernetes/cds/components/cds-py-executor/values.yaml
index 9dc4a3181e..a1eb0a0818 100755
--- a/kubernetes/cds/components/cds-py-executor/values.yaml
+++ b/kubernetes/cds/components/cds-py-executor/values.yaml
@@ -60,9 +60,9 @@ service:
type: ClusterIP
ports:
- port: 50052
- name: executor-grpc
+ name: grpc-executor
- port: 50053
- name: manager-grpc
+ name: grpc-manager
secrets:
- uid: api-credentials
diff --git a/kubernetes/cds/components/cds-sdc-listener/Chart.yaml b/kubernetes/cds/components/cds-sdc-listener/Chart.yaml
index 3c547b9c76..14cd147255 100755
--- a/kubernetes/cds/components/cds-sdc-listener/Chart.yaml
+++ b/kubernetes/cds/components/cds-sdc-listener/Chart.yaml
@@ -17,15 +17,15 @@
apiVersion: v2
description: ONAP CDS SDC listener microservice
name: cds-sdc-listener
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local' \ No newline at end of file
diff --git a/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml b/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml
index 7ef5959a1b..3710f5f510 100644
--- a/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml
+++ b/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml
@@ -1,6 +1,6 @@
listenerservice:
config:
- asdcAddress: sdc-be.{{include "common.namespace" .}}:8443 #SDC-BE
+ asdcAddress: sdc-be.{{include "common.namespace" .}}:{{ (eq "true" (include "common.needTLS" .)) | ternary 8443 8080 }} #SDC-BE
messageBusAddress: message-router.{{include "common.namespace" .}} #Message-Router
user: cds #SDC-username
password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U #SDC-password
@@ -14,7 +14,7 @@ listenerservice:
keyStorePath:
activateServerTLSAuth : false
isUseHttpsWithDmaap: false
- isUseHttpsWithSDC: true
+ isUseHttpsWithSDC: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
archivePath: /opt/app/onap/sdc-listener/
grpcAddress: cds-blueprints-processor-grpc
grpcPort: 9111
@@ -24,14 +24,11 @@ listenerservice:
httpsProxyPort: 0
httpProxyPort: 0
-
-
cdslistener:
healthcheck:
baseUrl: http://localhost:9000/
mapping-service-name-with-service-link: "[SDC Listener service,/api/v1/sdclistener/healthcheck]"
-
management:
endpoint:
health:
diff --git a/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml b/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml
index 4ac847005e..3a6d76165b 100644
--- a/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml
+++ b/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml
@@ -63,18 +63,19 @@ spec:
value: {{ .Values.config.appConfigDir }}
ports:
- containerPort: {{ .Values.service.http.internalPort }}
+ name: {{ .Values.service.http.portName }}
{{ if .Values.liveness.enabled }}
livenessProbe:
httpGet:
path: /api/v1/sdclistener/healthcheck
- port: {{ .Values.service.http.internalPort }}
+ port: {{ .Values.service.http.portName }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{end}}
readinessProbe:
httpGet:
path: /api/v1/sdclistener/healthcheck
- port: {{ .Values.service.http.internalPort }}
+ port: {{ .Values.service.http.portName }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
diff --git a/kubernetes/cds/components/cds-sdc-listener/templates/service.yaml b/kubernetes/cds/components/cds-sdc-listener/templates/service.yaml
index af837f2b3a..42bd2b33e9 100644
--- a/kubernetes/cds/components/cds-sdc-listener/templates/service.yaml
+++ b/kubernetes/cds/components/cds-sdc-listener/templates/service.yaml
@@ -31,7 +31,7 @@ spec:
{{- if eq .Values.service.type "NodePort"}}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
{{- end}}
- name: {{ .Values.service.http.portName | default "http" }}
+ name: {{ .Values.service.http.portName | default "http" }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
selector:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
diff --git a/kubernetes/cds/components/cds-sdc-listener/values.yaml b/kubernetes/cds/components/cds-sdc-listener/values.yaml
index ac1e3b4dde..1499ad5b04 100644
--- a/kubernetes/cds/components/cds-sdc-listener/values.yaml
+++ b/kubernetes/cds/components/cds-sdc-listener/values.yaml
@@ -62,7 +62,7 @@ readiness:
service:
type: ClusterIP
http:
- portName: cds-sdc-listener-http
+ portName: http
internalPort: 8080
externalPort: 8080
diff --git a/kubernetes/cds/components/cds-ui/Chart.yaml b/kubernetes/cds/components/cds-ui/Chart.yaml
index e220b0ceab..c356a0f9b0 100644
--- a/kubernetes/cds/components/cds-ui/Chart.yaml
+++ b/kubernetes/cds/components/cds-ui/Chart.yaml
@@ -17,18 +17,18 @@
apiVersion: v2
description: ONAP CDS UI
name: cds-ui
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
diff --git a/kubernetes/cds/components/cds-ui/values.yaml b/kubernetes/cds/components/cds-ui/values.yaml
index 05f766e186..14fc014920 100644
--- a/kubernetes/cds/components/cds-ui/values.yaml
+++ b/kubernetes/cds/components/cds-ui/values.yaml
@@ -105,8 +105,8 @@ ingress:
- baseaddr: "cdsui"
name: "cds-ui"
port: 3000
- config:
- ssl: "redirect"
+ config:
+ ssl: "redirect"
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/cds/values.yaml b/kubernetes/cds/values.yaml
index edac066f6f..58e6b65c6f 100644
--- a/kubernetes/cds/values.yaml
+++ b/kubernetes/cds/values.yaml
@@ -1,6 +1,7 @@
# Copyright © 2020 Samsung Electronics
# Copyright © 2019 Orange, Bell Canada
# Copyright © 2017 Amdocs, Bell Canada
+# Modification Copyright © 2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -22,6 +23,7 @@ global:
nodePortPrefixExt: 304
persistence:
mountPath: /dockerdata-nfs
+ cdsKafkaUser: cds-kafka-user
#################################################################
# Secrets metaconfig
@@ -212,6 +214,7 @@ cds-blueprints-processor:
dbPort: 3306
dbName: *mysqlDbName
dbCredsExternalSecret: *dbUserSecretName
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.kafkaUser }}'
cds-command-executor:
enabled: true