diff options
Diffstat (limited to 'kubernetes/common')
75 files changed, 344 insertions, 223 deletions
diff --git a/kubernetes/common/Makefile b/kubernetes/common/Makefile index 941c2f84df..0e923b7a75 100644 --- a/kubernetes/common/Makefile +++ b/kubernetes/common/Makefile @@ -22,6 +22,8 @@ COMMON_CHARTS_DIR := common EXCLUDES := HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) +HELM_VER := $(shell helm version --template "{{.Version}}") + .PHONY: $(EXCLUDES) $(HELM_CHARTS) all: $(COMMON_CHARTS_DIR) $(HELM_CHARTS) @@ -41,7 +43,11 @@ lint-%: dep-% package-%: lint-% @mkdir -p $(PACKAGE_DIR) +ifeq "$(findstring v3,$(HELM_VER))" "v3" + @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$(helm package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && helm push -f $$PACKAGE_NAME local; fi +else @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi +endif @helm repo index $(PACKAGE_DIR) clean: diff --git a/kubernetes/common/cassandra/templates/backup/cronjob.yaml b/kubernetes/common/cassandra/templates/backup/cronjob.yaml index f536be5053..1d1e4594da 100644 --- a/kubernetes/common/cassandra/templates/backup/cronjob.yaml +++ b/kubernetes/common/cassandra/templates/backup/cronjob.yaml @@ -13,7 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -{{- $global := . }} {{- if .Values.backup.enabled }} apiVersion: batch/v1beta1 kind: CronJob @@ -36,7 +35,7 @@ spec: restartPolicy: Never initContainers: - command: - - /root/ready.py + - /app/ready.py args: - --container-name - {{ include "common.name" . }} @@ -46,21 +45,21 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness - name: "cassandra-backup-init" - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /bin/sh + - /bin/bash - -c - | clearSnapshot(){ curr_time=$1 echo "Clearing snapshots!!!" command="nodetool clearsnapshot -t $curr_time" - /root/exec.py -p "cassandra" -c "$command" + /app/exec.py -p "cassandra" -c "$command" } {{ $root := . }} curr_time=`date +%s` @@ -76,11 +75,11 @@ spec: echo "Executing cleanup!!" command="nodetool cleanup" - /root/exec.py -p "cassandra" -c "$command" + /app/exec.py -p "cassandra" -c "$command" echo "Cleaned Node!! Backing up database now!!!" command="nodetool snapshot -t $curr_time" - /root/exec.py -p "cassandra" -c "$command" + /app/exec.py -p "cassandra" -c "$command" retCode=$? if [ $retCode -ne 0 ]; then echo "Backup Failed!!!" @@ -96,7 +95,7 @@ spec: d=$(echo $d | sed 's:/*$::') keyspace_name=$(echo "$d" | awk -F/ '{ print $NF }') if [ 1 ] {{- range $t, $keyspace := $root.Values.backup.keyspacesToSkip }} && [ "{{ $keyspace.name }}" != "$keyspace_name" ] {{- end }}; then - /root/restore.sh -b $backup_dir/cassandra-{{ $i }}/data -s /onap-data/cassandra-{{ $i }}/data/$keyspace_name -k $keyspace_name -t $curr_time & + /app/restore.sh -b $backup_dir/cassandra-{{ $i }}/data -s /onap-data/cassandra-{{ $i }}/data/$keyspace_name -k $keyspace_name -t $curr_time & pids="$pids $!" fi done @@ -143,10 +142,10 @@ spec: - mountPath: /backup name: backup-dir - name: scripts - mountPath: /root/restore.sh + mountPath: /app/restore.sh subPath: restore.sh - name: scripts - mountPath: /root/exec.py + mountPath: /app/exec.py subPath: exec.py containers: - name: cassandra-backup-validate @@ -238,7 +237,7 @@ spec: {{- range $i := until (int .Values.replicaCount)}} - name: data-dir-{{ $i }} persistentVolumeClaim: - claimName: {{ include "common.fullname" $global }}-data-{{ include "common.fullname" $global }}-{{ $i }} + claimName: {{ include "common.fullname" . }}-data-{{ $i }} {{- end }} - name: backup-dir persistentVolumeClaim: diff --git a/kubernetes/common/cassandra/templates/pv.yaml b/kubernetes/common/cassandra/templates/pv.yaml index 76a224ab5f..a0d998cd07 100644 --- a/kubernetes/common/cassandra/templates/pv.yaml +++ b/kubernetes/common/cassandra/templates/pv.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2018 Amdocs, Bell Canada, AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,5 +12,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "common.replicaPV" . }} diff --git a/kubernetes/common/cassandra/templates/service.yaml b/kubernetes/common/cassandra/templates/service.yaml index 0b91076f82..8934d41c33 100644 --- a/kubernetes/common/cassandra/templates/service.yaml +++ b/kubernetes/common/cassandra/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2018 Amdocs, AT&T, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,5 +12,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "common.headlessService" . }} diff --git a/kubernetes/common/cassandra/templates/statefulset.yaml b/kubernetes/common/cassandra/templates/statefulset.yaml index 96139ce988..2bcafd9ade 100644 --- a/kubernetes/common/cassandra/templates/statefulset.yaml +++ b/kubernetes/common/cassandra/templates/statefulset.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2018 Amdocs, AT&T, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: apps/v1 kind: StatefulSet diff --git a/kubernetes/common/cassandra/values.yaml b/kubernetes/common/cassandra/values.yaml index 090dbcc2a2..959e243638 100644 --- a/kubernetes/common/cassandra/values.yaml +++ b/kubernetes/common/cassandra/values.yaml @@ -22,8 +22,7 @@ global: # global defaults backup: mountPath: /dockerdata-nfs/backup repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 + readinessImage: onap/oom/readiness:3.0.1 # application image repository: nexus3.onap.org:10001 diff --git a/kubernetes/common/certInitializer/templates/_certInitializer.yaml b/kubernetes/common/certInitializer/templates/_certInitializer.yaml index c453f11c85..6734e0be81 100644 --- a/kubernetes/common/certInitializer/templates/_certInitializer.yaml +++ b/kubernetes/common/certInitializer/templates/_certInitializer.yaml @@ -144,7 +144,7 @@ {{- define "common.certInitializer._volumeMount" -}} {{- $dot := default . .dot -}} {{- $initRoot := default $dot.Values.certInitializer .initRoot -}} -- mountPath: {{ $initRoot.mountPath }} +- mountPath: {{ $initRoot.appMountPath }} name: {{ include "common.certInitializer._aafConfigVolumeName" $dot }} {{- end -}} diff --git a/kubernetes/common/certInitializer/values.yaml b/kubernetes/common/certInitializer/values.yaml index 271e410069..642fe7799b 100644 --- a/kubernetes/common/certInitializer/values.yaml +++ b/kubernetes/common/certInitializer/values.yaml @@ -51,6 +51,7 @@ cadi_latitude: "38.0" cadi_longitude: "-72.0" aaf_add_config: "" mountPath: "/opt/app/osaaf" +appMountPath: "/opt/app/osaaf" importCustomCertsEnabled: false truststoreMountpath: "" truststoreOutputFileName: truststore.jks diff --git a/kubernetes/common/cmpv2Config/values.yaml b/kubernetes/common/cmpv2Config/values.yaml index cf866571c7..f6feee6e06 100644 --- a/kubernetes/common/cmpv2Config/values.yaml +++ b/kubernetes/common/cmpv2Config/values.yaml @@ -12,9 +12,10 @@ # See the License for the specific language governing permissions and # limitations under the License. global: - aaf: + platform: certServiceClient: - image: onap/org.onap.aaf.certservice.aaf-certservice-client:1.2.0 + image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.0 + secretName: oom-cert-service-client-tls-secret envVariables: # Certificate related cmpv2Organization: "Linux-Foundation" @@ -23,7 +24,10 @@ global: cmpv2State: "California" cmpv2Country: "US" # Client configuration related - requestURL: "https://aaf-cert-service:8443/v1/certificate/" + requestURL: "https://oom-cert-service:8443/v1/certificate/" requestTimeout: "30000" keystorePassword: "secret" truststorePassword: "secret" + certPostProcessor: + image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.1.0 + diff --git a/kubernetes/common/common/templates/_aafconfig.tpl b/kubernetes/common/common/templates/_aafconfig.tpl index e90f8aea5d..b1021ab9d7 100644 --- a/kubernetes/common/common/templates/_aafconfig.tpl +++ b/kubernetes/common/common/templates/_aafconfig.tpl @@ -59,10 +59,10 @@ {{- $aafRoot := default $dot.Values.aafConfig .aafRoot -}} {{- if $dot.Values.global.aafEnabled -}} - name: {{ include "common.name" $dot }}-aaf-readiness - image: "{{ $dot.Values.global.readinessRepository }}/{{ $dot.Values.global.readinessImage }}" + image: "{{ include "common.repository" $dot }}/{{ $dot.Values.global.readinessImage }}" imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: - --container-name - aaf-locate @@ -117,9 +117,9 @@ - name: aaf_locator_app_ns value: "{{ $aafRoot.app_ns }}" - name: DEPLOY_FQI - {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" $aafRoot.secret_uid "key" "login") | indent 6 }} + {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" $aafRoot.secret_uid "key" "login") | indent 6 }} - name: DEPLOY_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" $aafRoot.secret_uid "key" "password") | indent 6 }} + {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" $aafRoot.secret_uid "key" "password") | indent 6 }} #Note: want to put this on Nodes, eventually - name: cadi_longitude value: "{{ default "52.3" $aafRoot.cadi_longitude }}" diff --git a/kubernetes/common/common/templates/_createPassword.tpl b/kubernetes/common/common/templates/_createPassword.tpl index 8b2f1e274d..bfd0999e16 100644 --- a/kubernetes/common/common/templates/_createPassword.tpl +++ b/kubernetes/common/common/templates/_createPassword.tpl @@ -32,11 +32,26 @@ {{ else if eq "testRelease" (include "common.release" .) }} {{/* Special case for chart liniting. DON"T NAME YOUR PRODUCTION RELEASE testRelease */}} {{- printf "testRelease" -}} + {{ else if eq "test-release" .Release.Name }} + {{/* Special case for chart linting in helm3. DON"T NAME YOUR PRODUCTION RELEASE test-release */}} + {{- printf "testRelease" -}} {{ else }} {{ fail "masterPassword not provided" }} {{ end }} {{- end -}} +{{- define "common._defaultPasswordStrength" -}} + {{ if .Values.passwordStrengthOverride }} + {{- printf "%s" .Values.passwordStrengthOverride -}} + {{ else if .Values.global.passwordStrength }} + {{- printf "%s" .Values.global.passwordStrength -}} + {{ else if .Values.passwordStrength }} + {{- printf "%s" .Values.passwordStrength -}} + {{ else }} + {{- printf "long" }} + {{ end }} +{{- end -}} + {{/* Generate a new password based on masterPassword. The new password is not random, it is derived from masterPassword, fully qualified chart name and @@ -59,7 +74,8 @@ {{- define "common.createPassword" -}} {{- $dot := default . .dot -}} {{- $uid := default "onap" .uid -}} - {{- $strength := default "long" .strength -}} + {{- $defaultStrength := include "common._defaultPasswordStrength" $dot | trim -}} + {{- $strength := default $defaultStrength .strength -}} {{- $mp := include "common.masterPassword" $dot -}} {{- derivePassword 1 $strength $mp (include "common.fullname" $dot) $uid -}} {{- end -}} diff --git a/kubernetes/common/common/templates/_name.tpl b/kubernetes/common/common/templates/_name.tpl index e918cc1dd8..adbe2b6cf9 100644 --- a/kubernetes/common/common/templates/_name.tpl +++ b/kubernetes/common/common/templates/_name.tpl @@ -51,6 +51,11 @@ {{- $dot := default . .dot -}} {{- $suffix := default "" .suffix -}} {{- $name := default $dot.Chart.Name $dot.Values.nameOverride -}} + {{/* when linted, the name must be lower cased. When used from a component, + name should be overriden in order to avoid collision so no need to do it */}} + {{- if eq (printf "common/%s/templates" $name) $dot.Template.BasePath -}} + {{- $name = lower $name -}} + {{- end -}} {{- include "common.fullnameExplicit" (dict "dot" $dot "chartName" $name "suffix" $suffix) }} {{- end -}} diff --git a/kubernetes/common/common/templates/_secret.tpl b/kubernetes/common/common/templates/_secret.tpl index 990c476f29..2490debffb 100644 --- a/kubernetes/common/common/templates/_secret.tpl +++ b/kubernetes/common/common/templates/_secret.tpl @@ -137,6 +137,10 @@ type: Opaque {{- $uid := (default "" .uid) }} {{- $name := (default "" .name) }} {{- $fullname := ne (default "" .chartName) "" | ternary (include "common.fullnameExplicit" (dict "dot" $global "chartName" .chartName)) (include "common.fullname" $global) }} + {{- if eq "test-release" $global.Release.Name -}} + {{/* Special case for chart liniting in helm3. DON"T NAME YOUR PRODUCTION RELEASE test-release */}} + {{- $uid = lower $uid -}} + {{- end -}} {{- default (printf "%s-%s" $fullname $uid) $name }} {{- end -}} diff --git a/kubernetes/common/dgbuilder/requirements.yaml b/kubernetes/common/dgbuilder/requirements.yaml index 4735901dfa..cf305d4bc9 100644 --- a/kubernetes/common/dgbuilder/requirements.yaml +++ b/kubernetes/common/dgbuilder/requirements.yaml @@ -16,3 +16,6 @@ dependencies: - name: common version: ~6.x-0 repository: 'file://../common' + - name: certInitializer + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/common/dgbuilder/resources/config/customSettings.js b/kubernetes/common/dgbuilder/resources/config/customSettings.js index 42c2e5728b..b6a1a8636a 100644 --- a/kubernetes/common/dgbuilder/resources/config/customSettings.js +++ b/kubernetes/common/dgbuilder/resources/config/customSettings.js @@ -54,6 +54,8 @@ module.exports={ }, "uiHost": "0.0.0.0", "version": "0.9.1", - "performGitPull": "N", - "enableHttps" : true + {{ if .Values.global.aafEnabled }} + "enableHttps" : true, + {{ end }} + "performGitPull": "N" } diff --git a/kubernetes/common/dgbuilder/templates/deployment.yaml b/kubernetes/common/dgbuilder/templates/deployment.yaml index d0e298b7b6..ec088e9274 100644 --- a/kubernetes/common/dgbuilder/templates/deployment.yaml +++ b/kubernetes/common/dgbuilder/templates/deployment.yaml @@ -70,8 +70,9 @@ spec: image: "{{ .Values.global.envsubstImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-update-config +{{ include "common.certInitializer.initContainer" . | indent 6 }} - command: - - /root/ready.py + - /app/ready.py args: - --container-name - {{ .Values.config.dbPodName }} @@ -81,7 +82,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness containers: @@ -89,7 +90,7 @@ spec: image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/bin/bash"] - args: ["-c", "cd /opt/onap/ccsdk/dgbuilder/ && ./start.sh sdnc1.0 && wait"] + args: ["-c", "cd /opt/onap/ccsdk/dgbuilder/ && {{ if .Values.global.aafEnabled}} cp /opt/app/osaaf/local/node-*.pem certs && {{end}}./start.sh sdnc1.0 && wait"] ports: - containerPort: {{ .Values.service.internalPort }} readinessProbe: @@ -101,6 +102,7 @@ spec: - name: SDNC_CONFIG_DIR value: /opt/onap/sdnc/data/properties volumeMounts: +{{ include "common.certInitializer.volumeMount" . | indent 10 }} - mountPath: /etc/localtime name: localtime readOnly: true @@ -127,6 +129,7 @@ spec: {{ toYaml .Values.affinity | indent 10 }} {{- end }} volumes: +{{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime hostPath: path: /etc/localtime diff --git a/kubernetes/common/dgbuilder/templates/ingress.yaml b/kubernetes/common/dgbuilder/templates/ingress.yaml index 0cd8cfbd36..4392308e38 100644 --- a/kubernetes/common/dgbuilder/templates/ingress.yaml +++ b/kubernetes/common/dgbuilder/templates/ingress.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Samsung, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,5 +12,5 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - +*/}} {{ include "common.ingress" . }} diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml index a1f637b199..6d1412ee39 100644 --- a/kubernetes/common/dgbuilder/values.yaml +++ b/kubernetes/common/dgbuilder/values.yaml @@ -24,8 +24,7 @@ global: repository: nexus3.onap.org:10001 # readiness check - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: onap/oom/readiness:3.0.1 # logging agent loggingRepository: docker.elastic.co @@ -84,7 +83,7 @@ secrets: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/ccsdk-dgbuilder-image:0.7.4 +image: onap/ccsdk-dgbuilder-image:1.0.1 pullPolicy: Always # flag to enable debugging - application support required @@ -159,21 +158,45 @@ ingress: config: ssl: "redirect" -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi + # dependency / sub-chart configuration +certInitializer: + nameOverride: dgbuilder-cert-initializer + truststoreMountpath: /opt/onap/ccsdk/dgbuilder/certs + fqdn: "sdnc" + app_ns: "org.osaaf.aaf" + fqi: "sdnc@sdnc.onap.org" + fqi_namespace: org.onap.sdnc + public_fqdn: "dgbuilder.onap.org" + aafDeployFqi: "deployer@people.osaaf.org" + aafDeployPass: demo123456! + cadi_latitude: "38.0" + cadi_longitude: "-72.0" + credsPath: /opt/app/osaaf/local + aaf_add_config: > + cd /opt/app/osaaf/local; + /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} | grep cadi_keystore_password= | cut -d= -f 2 > {{ .Values.credsPath }}/.pass 2>&1 ; + cp {{ .Values.fqi_namespace }}.crt node-cert.pem; + cp {{ .Values.fqi_namespace }}.key node-key.pem; + chmod go+r node-*.pem + +#Resource Limit flavor -By Default using small +flavor: small +#segregation for different envionment (Small and Large) + +resources: + small: + limits: + cpu: 2 + memory: 4Gi + requests: + cpu: 1 + memory: 2Gi + large: + limits: + cpu: 4 + memory: 8Gi + requests: + cpu: 2 + memory: 4Gi + unlimited: {} + diff --git a/kubernetes/common/elasticsearch/components/curator/hooks/job.install.yaml b/kubernetes/common/elasticsearch/components/curator/hooks/job.install.yaml index 7e73420e13..583c2d7429 100644 --- a/kubernetes/common/elasticsearch/components/curator/hooks/job.install.yaml +++ b/kubernetes/common/elasticsearch/components/curator/hooks/job.install.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{- if .Values.enabled }} {{- range $kind, $enabled := .Values.hooks }} {{- if $enabled }} @@ -45,7 +47,7 @@ spec: {{- end }} containers: - name: {{ template "common.fullname" . }}-curator - image: {{printf "%s/%s:%s" (include "common.repository" .) .Values.image.imageName .Values.image.tag }} + image: {{printf "%s/%s" (include "common.repository" .) .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - name: config-volume diff --git a/kubernetes/common/elasticsearch/components/curator/templates/configmap.yaml b/kubernetes/common/elasticsearch/components/curator/templates/configmap.yaml index dc2a430922..2af57aae77 100644 --- a/kubernetes/common/elasticsearch/components/curator/templates/configmap.yaml +++ b/kubernetes/common/elasticsearch/components/curator/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{- if .Values.enabled }} apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/common/elasticsearch/components/curator/templates/cronjob.yaml b/kubernetes/common/elasticsearch/components/curator/templates/cronjob.yaml index 901c0a5c06..b9e2c05d1a 100644 --- a/kubernetes/common/elasticsearch/components/curator/templates/cronjob.yaml +++ b/kubernetes/common/elasticsearch/components/curator/templates/cronjob.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{- if .Values.enabled }} {{ $role := "curator" -}} {{ $suffix := $role -}} @@ -74,7 +76,7 @@ spec: {{- end }} containers: - name: {{ template "common.fullname" . }}-curator - image: {{printf "%s/%s:%s" (include "common.repository" .) .Values.image.imageName .Values.image.tag }} + image: {{printf "%s/%s" (include "common.repository" .) .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - name: config-volume diff --git a/kubernetes/common/elasticsearch/components/curator/templates/podsecuritypolicy.yaml b/kubernetes/common/elasticsearch/components/curator/templates/podsecuritypolicy.yaml index 6fe032d818..628cdd1d73 100644 --- a/kubernetes/common/elasticsearch/components/curator/templates/podsecuritypolicy.yaml +++ b/kubernetes/common/elasticsearch/components/curator/templates/podsecuritypolicy.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{- if and .Values.enabled .Values.psp.create }} apiVersion: policy/v1beta1 kind: PodSecurityPolicy diff --git a/kubernetes/common/elasticsearch/components/curator/templates/role.yaml b/kubernetes/common/elasticsearch/components/curator/templates/role.yaml index 0d189f448b..f124a44c85 100644 --- a/kubernetes/common/elasticsearch/components/curator/templates/role.yaml +++ b/kubernetes/common/elasticsearch/components/curator/templates/role.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{- if and .Values.enabled .Values.rbac.enabled }} kind: Role apiVersion: rbac.authorization.k8s.io/v1 diff --git a/kubernetes/common/elasticsearch/components/curator/templates/rolebinding.yaml b/kubernetes/common/elasticsearch/components/curator/templates/rolebinding.yaml index b112468dc3..f10b14231f 100644 --- a/kubernetes/common/elasticsearch/components/curator/templates/rolebinding.yaml +++ b/kubernetes/common/elasticsearch/components/curator/templates/rolebinding.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{- if and .Values.enabled .Values.rbac.enabled }} kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/kubernetes/common/elasticsearch/components/curator/templates/serviceaccount.yaml b/kubernetes/common/elasticsearch/components/curator/templates/serviceaccount.yaml index 0bd4ae0999..a1732cfedc 100644 --- a/kubernetes/common/elasticsearch/components/curator/templates/serviceaccount.yaml +++ b/kubernetes/common/elasticsearch/components/curator/templates/serviceaccount.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{- if and .Values.enabled .Values.serviceAccount.create .Values.rbac.enabled }} apiVersion: v1 kind: ServiceAccount diff --git a/kubernetes/common/elasticsearch/components/curator/values.yaml b/kubernetes/common/elasticsearch/components/curator/values.yaml index 5e0d9668d3..addd52867e 100644 --- a/kubernetes/common/elasticsearch/components/curator/values.yaml +++ b/kubernetes/common/elasticsearch/components/curator/values.yaml @@ -31,16 +31,14 @@ repositoryOverride: docker.io ## enabled: false name: curator -image: - imageName: bitnami/elasticsearch-curator - tag: 5.8.1-debian-9-r74 - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName +image: bitnami/elasticsearch-curator:5.8.1-debian-9-r74 +pullPolicy: IfNotPresent +## Optionally specify an array of imagePullSecrets. +## Secrets must be manually created in the namespace. +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ +## +# pullSecrets: +# - myRegistryKeySecretName service: port: 9200 cronjob: diff --git a/kubernetes/common/elasticsearch/components/data/templates/pv.yaml b/kubernetes/common/elasticsearch/components/data/templates/pv.yaml index c713ec81ac..133984c800 100644 --- a/kubernetes/common/elasticsearch/components/data/templates/pv.yaml +++ b/kubernetes/common/elasticsearch/components/data/templates/pv.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,5 +12,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "common.replicaPV" (dict "dot" . "suffix" .Values.persistence.suffix )}} diff --git a/kubernetes/common/elasticsearch/components/data/templates/serviceaccount.yaml b/kubernetes/common/elasticsearch/components/data/templates/serviceaccount.yaml index 2ac3880886..4a8ef08946 100644 --- a/kubernetes/common/elasticsearch/components/data/templates/serviceaccount.yaml +++ b/kubernetes/common/elasticsearch/components/data/templates/serviceaccount.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{- if .Values.serviceAccount.create }} apiVersion: v1 kind: ServiceAccount diff --git a/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml b/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml index 994b458e33..98d533d4e2 100644 --- a/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml +++ b/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: apps/v1 kind: StatefulSet {{ $role := "data" -}} @@ -85,8 +87,8 @@ spec: {{- end }} {{- end }} containers: - - name: {{ include "common.name" . }}-elasticsearch - image: {{ printf "%s/%s:%s" (include "common.repository" .) .Values.image.imageName .Values.image.tag }} + - name: {{ include "common.name" . }}-data + image: {{ printf "%s/%s" (include "common.repository" .) .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} {{- if .Values.securityContext.enabled }} securityContext: @@ -94,7 +96,7 @@ spec: {{- end }} env: - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" .Values.image.debug | quote }} + value: {{ ternary "true" "false" .Values.debug | quote }} - name: ELASTICSEARCH_CLUSTER_NAME value: {{include "elasticsearch.clustername" .}} - name: ELASTICSEARCH_CLUSTER_HOSTS diff --git a/kubernetes/common/elasticsearch/components/data/values.yaml b/kubernetes/common/elasticsearch/components/data/values.yaml index cfb7f51da3..a9e3d78ac1 100644 --- a/kubernetes/common/elasticsearch/components/data/values.yaml +++ b/kubernetes/common/elasticsearch/components/data/values.yaml @@ -46,24 +46,22 @@ service: - name: http-transport port: 9300 -image: - imageName: bitnami/elasticsearch - tag: 6.8.6-debian-9-r23 - ## Specify a imagePullPolicy - ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - ## Set to true if you would like to see extra information on logs - ## ref: https://github.com/bitnami/minideb-extras/#turn-on-bash-debugging - ## - debug: false +image: bitnami/elasticsearch:7.6.1 +## Specify a imagePullPolicy +## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' +## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images +## +pullPolicy: IfNotPresent +## Optionally specify an array of imagePullSecrets. +## Secrets must be manually created in the namespace. +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ +## +# pullSecrets: +# - myRegistryKeySecretName +## Set to true if you would like to see extra information on logs +## ref: https://github.com/bitnami/minideb-extras/#turn-on-bash-debugging +## +debug: false ## updateStrategy for ElasticSearch Data statefulset diff --git a/kubernetes/common/elasticsearch/components/master/templates/pv.yaml b/kubernetes/common/elasticsearch/components/master/templates/pv.yaml index c713ec81ac..133984c800 100644 --- a/kubernetes/common/elasticsearch/components/master/templates/pv.yaml +++ b/kubernetes/common/elasticsearch/components/master/templates/pv.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,5 +12,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "common.replicaPV" (dict "dot" . "suffix" .Values.persistence.suffix )}} diff --git a/kubernetes/common/elasticsearch/components/master/templates/serviceaccount.yaml b/kubernetes/common/elasticsearch/components/master/templates/serviceaccount.yaml index 05a3af37f2..323b9fc318 100644 --- a/kubernetes/common/elasticsearch/components/master/templates/serviceaccount.yaml +++ b/kubernetes/common/elasticsearch/components/master/templates/serviceaccount.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{- if .Values.serviceAccount.create }} diff --git a/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml b/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml index dfa3ccbacc..6744f75f26 100644 --- a/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml +++ b/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: apps/v1 kind: StatefulSet @@ -83,8 +85,8 @@ spec: {{- end }} {{- end }} containers: - - name: {{ include "common.name" . }}-elasticsearch - image: {{ printf "%s/%s:%s" (include "common.repository" .) .Values.image.imageName .Values.image.tag }} + - name: {{ include "common.name" . }}-master + image: {{ printf "%s/%s" (include "common.repository" .) .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} {{- if .Values.securityContext.enabled }} securityContext: @@ -92,7 +94,7 @@ spec: {{- end }} env: - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" .Values.image.debug | quote }} + value: {{ ternary "true" "false" .Values.debug | quote }} - name: ELASTICSEARCH_CLUSTER_NAME value: {{ include "elasticsearch.clustername" . }} - name: ELASTICSEARCH_CLUSTER_HOSTS diff --git a/kubernetes/common/elasticsearch/components/master/templates/svc.yaml b/kubernetes/common/elasticsearch/components/master/templates/svc.yaml index 8d66ef082e..ca94e242a4 100644 --- a/kubernetes/common/elasticsearch/components/master/templates/svc.yaml +++ b/kubernetes/common/elasticsearch/components/master/templates/svc.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,9 +12,10 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ $role := "master" -}} {{ $labels := (dict "role" $role) -}} {{ $matchLabels := (dict "role" $role) }} -{{ include "common.service" (dict "labels" $labels "matchLabels" $matchLabels "dot" . ) }}
\ No newline at end of file +{{ include "common.service" (dict "labels" $labels "matchLabels" $matchLabels "dot" . ) }} diff --git a/kubernetes/common/elasticsearch/components/master/values.yaml b/kubernetes/common/elasticsearch/components/master/values.yaml index 2862692eef..23302335ea 100644 --- a/kubernetes/common/elasticsearch/components/master/values.yaml +++ b/kubernetes/common/elasticsearch/components/master/values.yaml @@ -43,24 +43,22 @@ replicaCount: 3 ## master acts as master only node, choose 'no' if no further data nodes are deployed) dedicatednode: "yes" ## dedicatednode: "no" -image: - imageName: bitnami/elasticsearch - tag: 6.8.6-debian-9-r23 - ## Specify a imagePullPolicy - ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - ## Set to true if you would like to see extra information on logs - ## ref: https://github.com/bitnami/minideb-extras/#turn-on-bash-debugging - ## - debug: false +image: bitnami/elasticsearch:7.6.1 +## Specify a imagePullPolicy +## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' +## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images +## +pullPolicy: IfNotPresent +## Optionally specify an array of imagePullSecrets. +## Secrets must be manually created in the namespace. +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ +## +# pullSecrets: +# - myRegistryKeySecretName +## Set to true if you would like to see extra information on logs +## ref: https://github.com/bitnami/minideb-extras/#turn-on-bash-debugging +## +debug: false ## String to partially override common.fullname template (will maintain the release name) ## diff --git a/kubernetes/common/elasticsearch/templates/_helpers.tpl b/kubernetes/common/elasticsearch/templates/_helpers.tpl index fdbe82f855..6e745bd560 100644 --- a/kubernetes/common/elasticsearch/templates/_helpers.tpl +++ b/kubernetes/common/elasticsearch/templates/_helpers.tpl @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{/* vim: set filetype=mustache: */}} {{/* Expand the name of the chart. diff --git a/kubernetes/common/elasticsearch/templates/configmap-es.yaml b/kubernetes/common/elasticsearch/templates/configmap-es.yaml index 38234da0cf..7138e4e094 100644 --- a/kubernetes/common/elasticsearch/templates/configmap-es.yaml +++ b/kubernetes/common/elasticsearch/templates/configmap-es.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{- if .Values.config }} apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml b/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml index 1ab5b59855..cf9ef73e52 100644 --- a/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml +++ b/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: apps/v1 kind: Deployment {{ $role := "coordinating-only" -}} @@ -85,7 +87,7 @@ spec: {{- include "common.certInitializer.volumeMount" . | nindent 10 }} - name: {{ include "common.name" . }}-elasticsearch - image: {{ printf "%s/%s:%s" (include "common.repository" .) .Values.image.imageName .Values.image.tag }} + image: {{ printf "%s/%s" (include "common.repository" .) .Values.image }} {{- if .Values.securityContext.enabled }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} securityContext: @@ -93,7 +95,7 @@ spec: {{- end }} env: - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" .Values.image.debug | quote }} + value: {{ ternary "true" "false" .Values.debug | quote }} - name: ELASTICSEARCH_CLUSTER_NAME value: {{ include "elasticsearch.clustername" .}} - name: ELASTICSEARCH_CLUSTER_HOSTS diff --git a/kubernetes/common/elasticsearch/templates/coordinating-svc-https.yaml b/kubernetes/common/elasticsearch/templates/coordinating-svc-https.yaml index 610c7d68c1..d7fd447846 100644 --- a/kubernetes/common/elasticsearch/templates/coordinating-svc-https.yaml +++ b/kubernetes/common/elasticsearch/templates/coordinating-svc-https.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ $role := "coordinating-only" -}} {{ $labels := (dict "role" $role) -}} diff --git a/kubernetes/common/elasticsearch/templates/discovery-svc.yaml b/kubernetes/common/elasticsearch/templates/discovery-svc.yaml index fa79c29eca..9750be7b80 100644 --- a/kubernetes/common/elasticsearch/templates/discovery-svc.yaml +++ b/kubernetes/common/elasticsearch/templates/discovery-svc.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,5 +12,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{- $matchLabels := (dict "discovery" (include "elasticsearch.clustername" .) "nameNoMatch" "useDiscoveryService") }} {{ include "common.headlessService" (dict "matchLabels" $matchLabels "dot" .) }} diff --git a/kubernetes/common/elasticsearch/templates/secrets.yaml b/kubernetes/common/elasticsearch/templates/secrets.yaml index 359e8975e1..b8cd0686c4 100644 --- a/kubernetes/common/elasticsearch/templates/secrets.yaml +++ b/kubernetes/common/elasticsearch/templates/secrets.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2018 Amdocs, Bell Canada # Copyright © 2019 Samsung Electronics # @@ -12,4 +13,5 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "common.secretFast" . }} diff --git a/kubernetes/common/elasticsearch/templates/serviceaccount.yaml b/kubernetes/common/elasticsearch/templates/serviceaccount.yaml index 49ad504da6..a9b54882f1 100644 --- a/kubernetes/common/elasticsearch/templates/serviceaccount.yaml +++ b/kubernetes/common/elasticsearch/templates/serviceaccount.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{- if .Values.serviceAccount.create }} apiVersion: v1 kind: ServiceAccount diff --git a/kubernetes/common/elasticsearch/values.yaml b/kubernetes/common/elasticsearch/values.yaml index b1289431a5..31edcabfa1 100644 --- a/kubernetes/common/elasticsearch/values.yaml +++ b/kubernetes/common/elasticsearch/values.yaml @@ -18,8 +18,7 @@ global: aafEnabled: true nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 + readinessImage: onap/oom/readiness:3.0.1 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 busyboxRepository: registry.hub.docker.com @@ -41,24 +40,22 @@ sysctlImage: enabled: true # application image -image: - imageName: bitnami/elasticsearch - tag: 6.8.6-debian-9-r23 - ## Specify a imagePullPolicy - ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - ## Set to true if you would like to see extra information on logs - ## ref: https://github.com/bitnami/minideb-extras/#turn-on-bash-debugging - ## - debug: false +image: bitnami/elasticsearch:7.6.1 +## Specify a imagePullPolicy +## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' +## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images +## +pullPolicy: IfNotPresent +## Optionally specify an array of imagePullSecrets. +## Secrets must be manually created in the namespace. +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ +## +# pullSecrets: +# - myRegistryKeySecretName +## Set to true if you would like to see extra information on logs +## ref: https://github.com/bitnami/minideb-extras/#turn-on-bash-debugging +## +debug: false ## String to partially override common.fullname template (will maintain the release name) ## diff --git a/kubernetes/common/etcd/templates/pv.yaml b/kubernetes/common/etcd/templates/pv.yaml index ed1344d4c1..ac5b7b975d 100644 --- a/kubernetes/common/etcd/templates/pv.yaml +++ b/kubernetes/common/etcd/templates/pv.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2018 Amdocs, Bell Canada, AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{- $global := . }} {{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} diff --git a/kubernetes/common/etcd/templates/service.yaml b/kubernetes/common/etcd/templates/service.yaml index 4268dd6d2c..04fc93af00 100644 --- a/kubernetes/common/etcd/templates/service.yaml +++ b/kubernetes/common/etcd/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright 2019 Intel Corporation Inc # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: Service diff --git a/kubernetes/common/etcd/templates/statefulset.yaml b/kubernetes/common/etcd/templates/statefulset.yaml index fcab51cb59..c45648f757 100644 --- a/kubernetes/common/etcd/templates/statefulset.yaml +++ b/kubernetes/common/etcd/templates/statefulset.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2019 Intel Corporation Inc # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: apps/v1 kind: StatefulSet metadata: diff --git a/kubernetes/common/mariadb-galera/resources/config/configure-mysql.sh b/kubernetes/common/mariadb-galera/resources/config/configure-mysql.sh index 42c5c89726..678761736a 100755 --- a/kubernetes/common/mariadb-galera/resources/config/configure-mysql.sh +++ b/kubernetes/common/mariadb-galera/resources/config/configure-mysql.sh @@ -32,8 +32,9 @@ if [ -z "$MYSQL_INITDB_SKIP_TZINFO" ]; then mysql_tzinfo_to_sql /usr/share/zoneinfo | sed 's/Local time zone must be set--see zic manual page/FCTY/' | "${mysql[@]}" mysql fi -function prepare_password { - echo -n $1 | sed -e "s/'/''/g" +prepare_password() +{ + echo "$1" | sed -e "s/'/\\\\'/g; s/\"/\\\\\"/g" } mysql_root_password=`prepare_password $MYSQL_ROOT_PASSWORD` diff --git a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml index 29d96748a3..bce0eb9c43 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml @@ -35,7 +35,7 @@ spec: restartPolicy: Never initContainers: - command: - - /root/ready.py + - /app/ready.py args: - --container-name - {{ include "common.name" . }} @@ -45,7 +45,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness - name: mariadb-galera-backup-init @@ -90,6 +90,8 @@ spec: volumeMounts: - name: backup-dir mountPath: /backup + - name: db-data + mountPath: /var/lib/mysql containers: - name: mariadb-backup-validate image: "{{ include "common.repository" . }}/{{ .Values.backupImage }}" @@ -164,4 +166,7 @@ spec: - name: backup-dir persistentVolumeClaim: claimName: {{ include "common.fullname" . }}-backup-data + - name: db-data + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-data-{{ include "common.fullname" . }}-{{ sub .Values.replicaCount 1 }} {{- end }} diff --git a/kubernetes/common/mariadb-galera/templates/job.yaml b/kubernetes/common/mariadb-galera/templates/job.yaml index db56f3e046..5dc822a66f 100644 --- a/kubernetes/common/mariadb-galera/templates/job.yaml +++ b/kubernetes/common/mariadb-galera/templates/job.yaml @@ -49,7 +49,7 @@ spec: fsGroup: 1001 runAsUser: 0 initContainers: - - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" name: mariadb-galera-upgrade-readiness env: - name: NAMESPACE @@ -58,7 +58,7 @@ spec: apiVersion: v1 fieldPath: metadata.namespace command: - - /root/ready.py + - /app/ready.py args: - --container-name - mariadb-galera diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index 4ccb0e5c6e..afd6c547ea 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -40,8 +40,7 @@ global: repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 + readinessImage: onap/oom/readiness:3.0.1 busyboxImage: busybox:1.30 busyboxRepository: docker.io # kubeclt image diff --git a/kubernetes/common/mariadb-init/templates/_mariadb.tpl b/kubernetes/common/mariadb-init/templates/_mariadb.tpl index af9a4f5f02..5563fe714d 100644 --- a/kubernetes/common/mariadb-init/templates/_mariadb.tpl +++ b/kubernetes/common/mariadb-init/templates/_mariadb.tpl @@ -1,5 +1,6 @@ {{/* # Copyright © 2019 Orange +# Copyright © 2020 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -20,3 +21,15 @@ {{- define "mariadbInit.mariadbClusterSecret" -}} {{- include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride)) -}} {{- end -}} + +{{- define "mariadbInit._updateSecrets" -}} + {{- if not .Values.secretsUpdated }} + {{- $global := . }} + {{- range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases }} + {{- $item := dict "uid" $db "type" "basicAuth" "externalSecret" (default "" $dbInfos.externalSecret) "login" (default "" $dbInfos.user) "password" (default "" $dbInfos.password) "passwordPolicy" "required" }} + {{- $newList := append $global.Values.secrets $item }} + {{- $_ := set $global.Values "secrets" $newList }} + {{- end -}} + {{ $_ := set $global.Values "secretsUpdated" true }} + {{- end -}} +{{- end -}} diff --git a/kubernetes/common/mariadb-init/templates/configmap.yaml b/kubernetes/common/mariadb-init/templates/configmap.yaml index 0144ec1907..d021d60b8d 100644 --- a/kubernetes/common/mariadb-init/templates/configmap.yaml +++ b/kubernetes/common/mariadb-init/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2019 Orange # Modifications Copyright © 2018 AT&T # @@ -12,6 +13,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/common/mariadb-init/templates/job.yaml b/kubernetes/common/mariadb-init/templates/job.yaml index 5202d572a2..cccb118787 100644 --- a/kubernetes/common/mariadb-init/templates/job.yaml +++ b/kubernetes/common/mariadb-init/templates/job.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2019 Orange # Copyright © 2020 Samsung Electronics # @@ -12,6 +13,9 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} + +{{ include "mariadbInit._updateSecrets" . -}} apiVersion: batch/v1 kind: Job @@ -35,17 +39,17 @@ spec: initContainers: - name: {{ include "common.name" . }}-readiness command: - - /root/ready.py + - /app/ready.py args: - --container-name - - {{ .Values.global.mariadbGalera.nameOverride }} + - {{ default .Values.global.mariadbGalera.nameOverride .Values.mariadbGalera.containerName }} env: - name: NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} @@ -56,21 +60,21 @@ spec: - /db_init/db_init.sh env: - name: DB_HOST - value: "{{ .Values.global.mariadbGalera.nameOverride }}" + value: "{{ default .Values.global.mariadbGalera.nameOverride .Values.mariadbGalera.serviceName }}" - name: DB_PORT - value: "{{ .Values.global.mariadbGalera.servicePort }}" + value: "{{ default .Values.global.mariadbGalera.servicePort .Values.mariadbGalera.servicePort }}" - name: MYSQL_ROOT_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "root-password" "key" (default "password" .Values.global.mariadbGalera.userRootSecretKey)) | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "root-password" "key" (default "password" .Values.global.mariadbGalera.userRootSecretKey)) | indent 10 }} - name: {{ printf "MYSQL_USER_%s" .Values.config.mysqlDatabase | upper }} - {{- include "common.secret.envFromSecret" (dict "global" . "uid" .Values.config.mysqlDatabase "key" "login") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" .Values.config.mysqlDatabase "key" "login") | indent 10 }} - name: {{ printf "MYSQL_PASSWORD_%s" .Values.config.mysqlDatabase | upper }} - {{- include "common.secret.envFromSecret" (dict "global" . "uid" .Values.config.mysqlDatabase "key" "password") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" .Values.config.mysqlDatabase "key" "password") | indent 10 }} {{- $root := . }} {{ range $db, $_values := .Values.config.mysqlAdditionalDatabases }} - name: {{ printf "MYSQL_USER_%s" $db | upper }} - {{- include "common.secret.envFromSecret" (dict "global" $root "uid" $db "key" "login") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" $root "uid" $db "key" "login") | indent 10 }} - name: {{ printf "MYSQL_PASSWORD_%s" $db | upper }} - {{- include "common.secret.envFromSecret" (dict "global" $root "uid" $db "key" "password") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" $root "uid" $db "key" "password") | indent 10 }} {{ end }} volumeMounts: - mountPath: /etc/localtime diff --git a/kubernetes/common/mariadb-init/templates/secret.yaml b/kubernetes/common/mariadb-init/templates/secret.yaml index 71a89d019b..a9d9e0b704 100644 --- a/kubernetes/common/mariadb-init/templates/secret.yaml +++ b/kubernetes/common/mariadb-init/templates/secret.yaml @@ -1,4 +1,6 @@ +{{/* # Copyright © 2017 Amdocs, Bell Canada, Orange +# Copyright © 2020 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,27 +13,8 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} -{{- define "mariadb-init._update-secrets" -}} - {{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases }} -{{ printf "- uid: %s" $db }} -{{ printf " type: basicAuth" }} - {{- if $dbInfos.externalSecret }} -{{ printf " externalSecret: %s" $dbInfos.externalSecret }} - {{- end }} -{{ printf " login: %s" $dbInfos.user }} -{{ printf " password: %s" $dbInfos.password }} -{{ printf " passwordPolicy: required" }} - {{- end -}} -{{- end -}} +{{ include "mariadbInit._updateSecrets" . -}} -{{ $global := . }} -{{ $secretsString := .Values.secrets | toYaml | indent 2 }} -{{ $additionalSecretsString := (include "mariadb-init._update-secrets" .) | indent 2 }} -{{ $finalSecretsString := (cat "\nsecrets:\n" $secretsString $additionalSecretsString) | replace " -" " -" }} -{{ $finalSecrets := ($finalSecretsString | fromYaml).secrets }} - -{{ $newValues := set $global.Values "secrets" $finalSecrets }} -{{ $tmpGlobal := set $global "Values" $newValues }} - -{{ include "common.secret" $tmpGlobal }} +{{ include "common.secretFast" . }} diff --git a/kubernetes/common/mariadb-init/tests/job_test.yaml b/kubernetes/common/mariadb-init/tests/job_test.yaml index 7523ee1c6e..170eaf3c96 100644 --- a/kubernetes/common/mariadb-init/tests/job_test.yaml +++ b/kubernetes/common/mariadb-init/tests/job_test.yaml @@ -36,7 +36,7 @@ tests: content: mariadb-galera - equal: path: spec.template.spec.initContainers[0].image - value: oomk8s/readiness-check:2.0.2 + value: nexus3.onap.org:10001/onap/oom/readiness:3.0.1 - equal: path: spec.template.spec.initContainers[0].imagePullPolicy value: IfNotPresent diff --git a/kubernetes/common/mariadb-init/values.yaml b/kubernetes/common/mariadb-init/values.yaml index f6ce95a65f..dd5d208190 100644 --- a/kubernetes/common/mariadb-init/values.yaml +++ b/kubernetes/common/mariadb-init/values.yaml @@ -17,8 +17,7 @@ ################################################################# global: repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 + readinessImage: onap/oom/readiness:3.0.1 mariadbGalera: nameOverride: mariadb-galera servicePort: 3306 @@ -33,8 +32,8 @@ global: secrets: - uid: root-password type: password - externalSecret: '{{ tpl (default (include "mariadbInit.mariadbClusterSecret" .) .Values.global.mariadbGalera.userRootSecret) . }}' - password: '{{ tpl (default "" .global.mariadbGalera.userRootPassword) . }}' + externalSecret: '{{ tpl (ternary (default "" .Values.mariadbGalera.userRootSecret) (default (include "mariadbInit.mariadbClusterSecret" .) .Values.global.mariadbGalera.userRootSecret) (not (empty (default "" .Values.mariadbGalera.serviceName)))) . }}' + password: '{{ tpl (ternary (default "" .Values.mariadbGalera.userRootPassword) (default "" .Values.global.mariadbGalera.userRootPassword) (not (empty (default "" .Values.mariadbGalera.serviceName)))) . }}' - uid: '{{ .Values.config.mysqlDatabase }}' type: basicAuth externalSecret: '{{ tpl (default "" .Values.config.userCredentialsExternalSecret) . }}' @@ -52,6 +51,15 @@ pullPolicy: IfNotPresent # Set it if you want to change the name of the different components # nameOverride: +mariadbGalera: {} +# serviceName: some-name +# containerName: some-name +# servicePort: 3306 +# userRootPassword: some-password +# userRootSecret: some-secret-name +# userRootSecretKey: password + + config: userPassword: Ci@shsOd3pky1Vji userName: u5WZ1GMSIS1wHZF diff --git a/kubernetes/common/mongo/templates/statefulset.yaml b/kubernetes/common/mongo/templates/statefulset.yaml index 111bc80586..abc71b3133 100644 --- a/kubernetes/common/mongo/templates/statefulset.yaml +++ b/kubernetes/common/mongo/templates/statefulset.yaml @@ -36,10 +36,15 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: +{{ include "common.podSecurityContext" . | indent 6 }} containers: - name: {{ include "common.name" . }} image: "{{ .Values.dockerHubRepository }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - docker-entrypoint.sh + args: + - --nounixsocket env: - name: MONGO_INITDB_DATABASE value: "{{ .Values.config.dbName }}" @@ -68,6 +73,7 @@ spec: mountPath: /var/lib/mongo resources: {{ include "common.resources" . | indent 12 }} +{{ include "common.containerSecurityContext" . | indent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/common/mongo/values.yaml b/kubernetes/common/mongo/values.yaml index 3c04b429cd..d8988c3ae7 100644 --- a/kubernetes/common/mongo/values.yaml +++ b/kubernetes/common/mongo/values.yaml @@ -18,8 +18,7 @@ global: nodePortPrefix: 302 persistence: {} - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: onap/oom/readiness:3.0.1 ################################################################# @@ -84,6 +83,10 @@ service: rpcbindPort: 111 rpcbindUdpPort: 111 +securityContext: + user_id: 999 + group_id: 999 + ingress: enabled: false diff --git a/kubernetes/common/music/charts/music-cassandra-job/templates/job.yaml b/kubernetes/common/music/charts/music-cassandra-job/templates/job.yaml index 46310fb0fb..2c6c3379c2 100644 --- a/kubernetes/common/music/charts/music-cassandra-job/templates/job.yaml +++ b/kubernetes/common/music/charts/music-cassandra-job/templates/job.yaml @@ -34,10 +34,10 @@ spec: restartPolicy: Never initContainers: - name: {{ include "common.name" . }}-readiness - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: - --timeout - "{{ .Values.global.readinessTimeout }}" diff --git a/kubernetes/common/music/charts/music-cassandra-job/values.yaml b/kubernetes/common/music/charts/music-cassandra-job/values.yaml index ac18195939..eee1a3a522 100644 --- a/kubernetes/common/music/charts/music-cassandra-job/values.yaml +++ b/kubernetes/common/music/charts/music-cassandra-job/values.yaml @@ -20,9 +20,8 @@ global: repository: nexus3.onap.org:10001 # readiness check - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - # Set default to 4 hrs. + readinessImage: onap/oom/readiness:3.0.1 + # Set default to 4 hrs. # On slow environments dealys this long have been seen. readinessTimeout: 240 # logging agent @@ -34,9 +33,9 @@ global: job: host: music-cassandra port: 9042 - busybox: + busybox: image: library/busybox:latest - cassandra: + cassandra: image: onap/music/cassandra_job:3.0.24 timeout: 30 delay: 120 @@ -45,10 +44,10 @@ cql: replicationClass: "SimpleStrategy" replicationFactor: 3 adminUser: - username: nelson24 - password: nelson24 + username: nelson24 + password: nelson24 passwordReplace: A2C4E6G8I0J2L4O6Q8S0U2W4Y6 - + podManagementPolicy: OrderedReady updateStrategy: type: OnDelete diff --git a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml index fbdac61a9e..5ae944a568 100644 --- a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml +++ b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml @@ -26,17 +26,6 @@ metadata: release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 1 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - {{ .Chart.Name }} - topologyKey: kubernetes.io/hostname serviceName: {{ include "common.servicename" . }} replicas: {{ .Values.replicaCount }} selector: @@ -133,5 +122,3 @@ spec: requests: storage: {{ .Values.persistence.size | quote }} {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/common/music/charts/music-cassandra/values.yaml b/kubernetes/common/music/charts/music-cassandra/values.yaml index 460671d839..0402a3207c 100644 --- a/kubernetes/common/music/charts/music-cassandra/values.yaml +++ b/kubernetes/common/music/charts/music-cassandra/values.yaml @@ -21,8 +21,7 @@ global: repository: nexus3.onap.org:10001 # readiness check - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: onap/oom/readiness:3.0.1 # logging agent loggingRepository: docker.elastic.co diff --git a/kubernetes/common/music/charts/music/templates/configmap.yaml b/kubernetes/common/music/charts/music/templates/configmap.yaml index 4023f343df..d42cf2e7e0 100644 --- a/kubernetes/common/music/charts/music/templates/configmap.yaml +++ b/kubernetes/common/music/charts/music/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017-2020 AT&T, Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/common/music/charts/music/templates/deployment.yaml b/kubernetes/common/music/charts/music/templates/deployment.yaml index c3b30b22b7..63b5ab0974 100644 --- a/kubernetes/common/music/charts/music/templates/deployment.yaml +++ b/kubernetes/common/music/charts/music/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017-2020 AT&T, Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: apps/v1 kind: Deployment @@ -23,10 +25,10 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-cassandra-readiness - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /root/job_complete.py + - /app/ready.py args: - -j - "{{ include "common.release" . }}-music-cassandra-job-config" @@ -77,7 +79,7 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: -{{ toYaml .Values.resources | indent 12 }} +{{ include "common.resources" . | indent 12 }} env: - name: SPRING_OPTS value: "{{ .Values.springOpts }}" diff --git a/kubernetes/common/music/charts/music/templates/secrets.yaml b/kubernetes/common/music/charts/music/templates/secrets.yaml index 5d5f5bb397..15791a85d7 100644 --- a/kubernetes/common/music/charts/music/templates/secrets.yaml +++ b/kubernetes/common/music/charts/music/templates/secrets.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 AT&T, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,5 +12,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "common.secretFast" . }} diff --git a/kubernetes/common/music/charts/music/templates/service.yaml b/kubernetes/common/music/charts/music/templates/service.yaml index ca774c9b5b..3bd32a9419 100644 --- a/kubernetes/common/music/charts/music/templates/service.yaml +++ b/kubernetes/common/music/charts/music/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017-2020 AT&T, Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,5 +12,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "common.service" . }} diff --git a/kubernetes/common/music/charts/music/values.yaml b/kubernetes/common/music/charts/music/values.yaml index faa5a6223d..bf3ad2279c 100644 --- a/kubernetes/common/music/charts/music/values.yaml +++ b/kubernetes/common/music/charts/music/values.yaml @@ -23,8 +23,7 @@ global: envsubstImage: dibi/envsubst # readiness check - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: onap/oom/readiness:3.0.1 # logging agent loggingRepository: docker.elastic.co diff --git a/kubernetes/common/music/values.yaml b/kubernetes/common/music/values.yaml index fe4cbaee9c..7e89b02e02 100644 --- a/kubernetes/common/music/values.yaml +++ b/kubernetes/common/music/values.yaml @@ -19,8 +19,7 @@ global: nodePortPrefix: 302 repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: onap/oom/readiness:3.0.1 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 diff --git a/kubernetes/common/network-name-gen/templates/deployment.yaml b/kubernetes/common/network-name-gen/templates/deployment.yaml index 87dd622c35..c97c0488ac 100644 --- a/kubernetes/common/network-name-gen/templates/deployment.yaml +++ b/kubernetes/common/network-name-gen/templates/deployment.yaml @@ -36,16 +36,14 @@ spec: release: {{ include "common.release" . }} spec: initContainers: -{{- if .Values.global.mariadbGalera.localCluster }} - - command: - - /root/ready.py + - name: {{ include "common.name" . }}-readiness + command: + - /app/ready.py args: +{{- if .Values.global.mariadbGalera.localCluster }} - --container-name - {{ index .Values "mariadb-galera" "nameOverride" }} {{- else }} - - command: - - /root/job_complete.py - args: - --job-name - {{ include "common.release" . }}-{{ index .Values "mariadb-init" "nameOverride" }}-config-job {{- end }} @@ -55,9 +53,8 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - name: {{ include "common.name" . }} command: diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml index 81c596c6c9..cfa7171a7d 100644 --- a/kubernetes/common/network-name-gen/values.yaml +++ b/kubernetes/common/network-name-gen/values.yaml @@ -26,8 +26,7 @@ global: # readiness check - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: onap/oom/readiness:3.0.1 # image pull policy pullPolicy: IfNotPresent diff --git a/kubernetes/common/postgres/templates/_deployment.tpl b/kubernetes/common/postgres/templates/_deployment.tpl index 456aa32bc0..9ce9b88644 100644 --- a/kubernetes/common/postgres/templates/_deployment.tpl +++ b/kubernetes/common/postgres/templates/_deployment.tpl @@ -30,7 +30,6 @@ metadata: heritage: {{ $dot.Release.Service }} name: "{{ index $dot.Values "container" "name" $pgMode }}" spec: - serviceName: {{ $dot.Values.service.name }} replicas: 1 selector: matchLabels: diff --git a/kubernetes/common/postgres/templates/configmap.yaml b/kubernetes/common/postgres/templates/configmap.yaml index 26ba390040..e8bfd1194a 100644 --- a/kubernetes/common/postgres/templates/configmap.yaml +++ b/kubernetes/common/postgres/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2019 Amdocs, Bell Canada, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/common/postgres/values.yaml b/kubernetes/common/postgres/values.yaml index a5a416329b..fbc43c0768 100644 --- a/kubernetes/common/postgres/values.yaml +++ b/kubernetes/common/postgres/values.yaml @@ -18,8 +18,7 @@ global: nodePortPrefix: 302 persistence: {} - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: onap/oom/readiness:3.0.1 # envsusbt envsubstImage: dibi/envsubst diff --git a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl index 3cdf13a362..6a1a1eb82a 100644 --- a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl +++ b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl @@ -56,10 +56,10 @@ {{- $containers := index (ternary (dict "containers" $wait_for) $wait_for (kindIs "slice" $wait_for)) "containers" -}} {{- $namePart := index (ternary (dict) $wait_for (kindIs "slice" $wait_for)) "name" -}} - name: {{ include "common.name" $dot }}{{ ternary "" (printf "-%s" $namePart) (empty $namePart) }}-readiness - image: "{{ $subchartDot.Values.global.readinessRepository }}/{{ $subchartDot.Values.global.readinessImage }}" + image: "{{ include "common.repository" $subchartDot }}/{{ $subchartDot.Values.global.readinessImage }}" imagePullPolicy: {{ $subchartDot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: {{- range $container := $containers }} - --container-name diff --git a/kubernetes/common/readinessCheck/values.yaml b/kubernetes/common/readinessCheck/values.yaml index 8417407a99..7bd0c3d679 100644 --- a/kubernetes/common/readinessCheck/values.yaml +++ b/kubernetes/common/readinessCheck/values.yaml @@ -13,8 +13,7 @@ # limitations under the License. global: - readinessRepository: oomk8s - readinessImage: readiness-check:2.2.1 + readinessImage: onap/oom/readiness:3.0.1 pullPolicy: Always limits: |