diff options
Diffstat (limited to 'kubernetes/common')
35 files changed, 167 insertions, 174 deletions
diff --git a/kubernetes/common/cassandra/templates/backup/cronjob.yaml b/kubernetes/common/cassandra/templates/backup/cronjob.yaml index f536be5053..1d1e4594da 100644 --- a/kubernetes/common/cassandra/templates/backup/cronjob.yaml +++ b/kubernetes/common/cassandra/templates/backup/cronjob.yaml @@ -13,7 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -{{- $global := . }} {{- if .Values.backup.enabled }} apiVersion: batch/v1beta1 kind: CronJob @@ -36,7 +35,7 @@ spec: restartPolicy: Never initContainers: - command: - - /root/ready.py + - /app/ready.py args: - --container-name - {{ include "common.name" . }} @@ -46,21 +45,21 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness - name: "cassandra-backup-init" - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /bin/sh + - /bin/bash - -c - | clearSnapshot(){ curr_time=$1 echo "Clearing snapshots!!!" command="nodetool clearsnapshot -t $curr_time" - /root/exec.py -p "cassandra" -c "$command" + /app/exec.py -p "cassandra" -c "$command" } {{ $root := . }} curr_time=`date +%s` @@ -76,11 +75,11 @@ spec: echo "Executing cleanup!!" command="nodetool cleanup" - /root/exec.py -p "cassandra" -c "$command" + /app/exec.py -p "cassandra" -c "$command" echo "Cleaned Node!! Backing up database now!!!" command="nodetool snapshot -t $curr_time" - /root/exec.py -p "cassandra" -c "$command" + /app/exec.py -p "cassandra" -c "$command" retCode=$? if [ $retCode -ne 0 ]; then echo "Backup Failed!!!" @@ -96,7 +95,7 @@ spec: d=$(echo $d | sed 's:/*$::') keyspace_name=$(echo "$d" | awk -F/ '{ print $NF }') if [ 1 ] {{- range $t, $keyspace := $root.Values.backup.keyspacesToSkip }} && [ "{{ $keyspace.name }}" != "$keyspace_name" ] {{- end }}; then - /root/restore.sh -b $backup_dir/cassandra-{{ $i }}/data -s /onap-data/cassandra-{{ $i }}/data/$keyspace_name -k $keyspace_name -t $curr_time & + /app/restore.sh -b $backup_dir/cassandra-{{ $i }}/data -s /onap-data/cassandra-{{ $i }}/data/$keyspace_name -k $keyspace_name -t $curr_time & pids="$pids $!" fi done @@ -143,10 +142,10 @@ spec: - mountPath: /backup name: backup-dir - name: scripts - mountPath: /root/restore.sh + mountPath: /app/restore.sh subPath: restore.sh - name: scripts - mountPath: /root/exec.py + mountPath: /app/exec.py subPath: exec.py containers: - name: cassandra-backup-validate @@ -238,7 +237,7 @@ spec: {{- range $i := until (int .Values.replicaCount)}} - name: data-dir-{{ $i }} persistentVolumeClaim: - claimName: {{ include "common.fullname" $global }}-data-{{ include "common.fullname" $global }}-{{ $i }} + claimName: {{ include "common.fullname" . }}-data-{{ $i }} {{- end }} - name: backup-dir persistentVolumeClaim: diff --git a/kubernetes/common/cassandra/values.yaml b/kubernetes/common/cassandra/values.yaml index 090dbcc2a2..959e243638 100644 --- a/kubernetes/common/cassandra/values.yaml +++ b/kubernetes/common/cassandra/values.yaml @@ -22,8 +22,7 @@ global: # global defaults backup: mountPath: /dockerdata-nfs/backup repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 + readinessImage: onap/oom/readiness:3.0.1 # application image repository: nexus3.onap.org:10001 diff --git a/kubernetes/common/common/templates/_aafconfig.tpl b/kubernetes/common/common/templates/_aafconfig.tpl index e90f8aea5d..afc402f648 100644 --- a/kubernetes/common/common/templates/_aafconfig.tpl +++ b/kubernetes/common/common/templates/_aafconfig.tpl @@ -59,10 +59,10 @@ {{- $aafRoot := default $dot.Values.aafConfig .aafRoot -}} {{- if $dot.Values.global.aafEnabled -}} - name: {{ include "common.name" $dot }}-aaf-readiness - image: "{{ $dot.Values.global.readinessRepository }}/{{ $dot.Values.global.readinessImage }}" + image: "{{ include "common.repository" $dot }}/{{ $dot.Values.global.readinessImage }}" imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: - --container-name - aaf-locate diff --git a/kubernetes/common/common/templates/_createPassword.tpl b/kubernetes/common/common/templates/_createPassword.tpl index 8b2f1e274d..bfa96daf64 100644 --- a/kubernetes/common/common/templates/_createPassword.tpl +++ b/kubernetes/common/common/templates/_createPassword.tpl @@ -37,6 +37,18 @@ {{ end }} {{- end -}} +{{- define "common._defaultPasswordStrength" -}} + {{ if .Values.passwordStrengthOverride }} + {{- printf "%s" .Values.passwordStrengthOverride -}} + {{ else if .Values.global.passwordStrength }} + {{- printf "%s" .Values.global.passwordStrength -}} + {{ else if .Values.passwordStrength }} + {{- printf "%s" .Values.passwordStrength -}} + {{ else }} + {{- printf "long" }} + {{ end }} +{{- end -}} + {{/* Generate a new password based on masterPassword. The new password is not random, it is derived from masterPassword, fully qualified chart name and @@ -59,7 +71,8 @@ {{- define "common.createPassword" -}} {{- $dot := default . .dot -}} {{- $uid := default "onap" .uid -}} - {{- $strength := default "long" .strength -}} + {{- $defaultStrength := include "common._defaultPasswordStrength" $dot | trim -}} + {{- $strength := default $defaultStrength .strength -}} {{- $mp := include "common.masterPassword" $dot -}} {{- derivePassword 1 $strength $mp (include "common.fullname" $dot) $uid -}} {{- end -}} diff --git a/kubernetes/common/dgbuilder/templates/deployment.yaml b/kubernetes/common/dgbuilder/templates/deployment.yaml index d0e298b7b6..1c32e12204 100644 --- a/kubernetes/common/dgbuilder/templates/deployment.yaml +++ b/kubernetes/common/dgbuilder/templates/deployment.yaml @@ -71,7 +71,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-update-config - command: - - /root/ready.py + - /app/ready.py args: - --container-name - {{ .Values.config.dbPodName }} @@ -81,7 +81,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness containers: diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml index a1f637b199..a7e6e24265 100644 --- a/kubernetes/common/dgbuilder/values.yaml +++ b/kubernetes/common/dgbuilder/values.yaml @@ -24,8 +24,7 @@ global: repository: nexus3.onap.org:10001 # readiness check - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: onap/oom/readiness:3.0.1 # logging agent loggingRepository: docker.elastic.co diff --git a/kubernetes/common/elasticsearch/components/curator/hooks/job.install.yaml b/kubernetes/common/elasticsearch/components/curator/hooks/job.install.yaml index 7e73420e13..9e826ae311 100644 --- a/kubernetes/common/elasticsearch/components/curator/hooks/job.install.yaml +++ b/kubernetes/common/elasticsearch/components/curator/hooks/job.install.yaml @@ -45,7 +45,7 @@ spec: {{- end }} containers: - name: {{ template "common.fullname" . }}-curator - image: {{printf "%s/%s:%s" (include "common.repository" .) .Values.image.imageName .Values.image.tag }} + image: {{printf "%s/%s" (include "common.repository" .) .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - name: config-volume diff --git a/kubernetes/common/elasticsearch/components/curator/templates/cronjob.yaml b/kubernetes/common/elasticsearch/components/curator/templates/cronjob.yaml index 901c0a5c06..ea769d1291 100644 --- a/kubernetes/common/elasticsearch/components/curator/templates/cronjob.yaml +++ b/kubernetes/common/elasticsearch/components/curator/templates/cronjob.yaml @@ -74,7 +74,7 @@ spec: {{- end }} containers: - name: {{ template "common.fullname" . }}-curator - image: {{printf "%s/%s:%s" (include "common.repository" .) .Values.image.imageName .Values.image.tag }} + image: {{printf "%s/%s" (include "common.repository" .) .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - name: config-volume diff --git a/kubernetes/common/elasticsearch/components/curator/values.yaml b/kubernetes/common/elasticsearch/components/curator/values.yaml index 5e0d9668d3..addd52867e 100644 --- a/kubernetes/common/elasticsearch/components/curator/values.yaml +++ b/kubernetes/common/elasticsearch/components/curator/values.yaml @@ -31,16 +31,14 @@ repositoryOverride: docker.io ## enabled: false name: curator -image: - imageName: bitnami/elasticsearch-curator - tag: 5.8.1-debian-9-r74 - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName +image: bitnami/elasticsearch-curator:5.8.1-debian-9-r74 +pullPolicy: IfNotPresent +## Optionally specify an array of imagePullSecrets. +## Secrets must be manually created in the namespace. +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ +## +# pullSecrets: +# - myRegistryKeySecretName service: port: 9200 cronjob: diff --git a/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml b/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml index e1a56e3e14..aeb14a1b61 100644 --- a/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml +++ b/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml @@ -86,7 +86,7 @@ spec: {{- end }} containers: - name: {{ include "common.name" . }}-data - image: {{ printf "%s/%s:%s" (include "common.repository" .) .Values.image.imageName .Values.image.tag }} + image: {{ printf "%s/%s" (include "common.repository" .) .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} {{- if .Values.securityContext.enabled }} securityContext: @@ -94,7 +94,7 @@ spec: {{- end }} env: - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" .Values.image.debug | quote }} + value: {{ ternary "true" "false" .Values.debug | quote }} - name: ELASTICSEARCH_CLUSTER_NAME value: {{include "elasticsearch.clustername" .}} - name: ELASTICSEARCH_CLUSTER_HOSTS diff --git a/kubernetes/common/elasticsearch/components/data/values.yaml b/kubernetes/common/elasticsearch/components/data/values.yaml index cfb7f51da3..5624bee78b 100644 --- a/kubernetes/common/elasticsearch/components/data/values.yaml +++ b/kubernetes/common/elasticsearch/components/data/values.yaml @@ -46,24 +46,22 @@ service: - name: http-transport port: 9300 -image: - imageName: bitnami/elasticsearch - tag: 6.8.6-debian-9-r23 - ## Specify a imagePullPolicy - ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - ## Set to true if you would like to see extra information on logs - ## ref: https://github.com/bitnami/minideb-extras/#turn-on-bash-debugging - ## - debug: false +image: bitnami/elasticsearch:6.8.6-debian-9-r23 +## Specify a imagePullPolicy +## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' +## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images +## +pullPolicy: IfNotPresent +## Optionally specify an array of imagePullSecrets. +## Secrets must be manually created in the namespace. +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ +## +# pullSecrets: +# - myRegistryKeySecretName +## Set to true if you would like to see extra information on logs +## ref: https://github.com/bitnami/minideb-extras/#turn-on-bash-debugging +## +debug: false ## updateStrategy for ElasticSearch Data statefulset diff --git a/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml b/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml index 1b5e305f25..626747f075 100644 --- a/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml +++ b/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml @@ -84,7 +84,7 @@ spec: {{- end }} containers: - name: {{ include "common.name" . }}-master - image: {{ printf "%s/%s:%s" (include "common.repository" .) .Values.image.imageName .Values.image.tag }} + image: {{ printf "%s/%s" (include "common.repository" .) .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} {{- if .Values.securityContext.enabled }} securityContext: @@ -92,7 +92,7 @@ spec: {{- end }} env: - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" .Values.image.debug | quote }} + value: {{ ternary "true" "false" .Values.debug | quote }} - name: ELASTICSEARCH_CLUSTER_NAME value: {{ include "elasticsearch.clustername" . }} - name: ELASTICSEARCH_CLUSTER_HOSTS diff --git a/kubernetes/common/elasticsearch/components/master/values.yaml b/kubernetes/common/elasticsearch/components/master/values.yaml index 2862692eef..22c4987a98 100644 --- a/kubernetes/common/elasticsearch/components/master/values.yaml +++ b/kubernetes/common/elasticsearch/components/master/values.yaml @@ -43,24 +43,22 @@ replicaCount: 3 ## master acts as master only node, choose 'no' if no further data nodes are deployed) dedicatednode: "yes" ## dedicatednode: "no" -image: - imageName: bitnami/elasticsearch - tag: 6.8.6-debian-9-r23 - ## Specify a imagePullPolicy - ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - ## Set to true if you would like to see extra information on logs - ## ref: https://github.com/bitnami/minideb-extras/#turn-on-bash-debugging - ## - debug: false +image: bitnami/elasticsearch:6.8.6-debian-9-r23 +## Specify a imagePullPolicy +## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' +## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images +## +pullPolicy: IfNotPresent +## Optionally specify an array of imagePullSecrets. +## Secrets must be manually created in the namespace. +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ +## +# pullSecrets: +# - myRegistryKeySecretName +## Set to true if you would like to see extra information on logs +## ref: https://github.com/bitnami/minideb-extras/#turn-on-bash-debugging +## +debug: false ## String to partially override common.fullname template (will maintain the release name) ## diff --git a/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml b/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml index 1ab5b59855..8ec38626e6 100644 --- a/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml +++ b/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml @@ -85,7 +85,7 @@ spec: {{- include "common.certInitializer.volumeMount" . | nindent 10 }} - name: {{ include "common.name" . }}-elasticsearch - image: {{ printf "%s/%s:%s" (include "common.repository" .) .Values.image.imageName .Values.image.tag }} + image: {{ printf "%s/%s" (include "common.repository" .) .Values.image }} {{- if .Values.securityContext.enabled }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} securityContext: @@ -93,7 +93,7 @@ spec: {{- end }} env: - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" .Values.image.debug | quote }} + value: {{ ternary "true" "false" .Values.debug | quote }} - name: ELASTICSEARCH_CLUSTER_NAME value: {{ include "elasticsearch.clustername" .}} - name: ELASTICSEARCH_CLUSTER_HOSTS diff --git a/kubernetes/common/elasticsearch/values.yaml b/kubernetes/common/elasticsearch/values.yaml index b1289431a5..e6e532d168 100644 --- a/kubernetes/common/elasticsearch/values.yaml +++ b/kubernetes/common/elasticsearch/values.yaml @@ -18,8 +18,7 @@ global: aafEnabled: true nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 + readinessImage: onap/oom/readiness:3.0.1 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 busyboxRepository: registry.hub.docker.com @@ -41,24 +40,22 @@ sysctlImage: enabled: true # application image -image: - imageName: bitnami/elasticsearch - tag: 6.8.6-debian-9-r23 - ## Specify a imagePullPolicy - ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - ## Set to true if you would like to see extra information on logs - ## ref: https://github.com/bitnami/minideb-extras/#turn-on-bash-debugging - ## - debug: false +image: bitnami/elasticsearch:6.8.6-debian-9-r23 +## Specify a imagePullPolicy +## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' +## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images +## +pullPolicy: IfNotPresent +## Optionally specify an array of imagePullSecrets. +## Secrets must be manually created in the namespace. +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ +## +# pullSecrets: +# - myRegistryKeySecretName +## Set to true if you would like to see extra information on logs +## ref: https://github.com/bitnami/minideb-extras/#turn-on-bash-debugging +## +debug: false ## String to partially override common.fullname template (will maintain the release name) ## diff --git a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml index 0c05977322..bce0eb9c43 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml @@ -35,7 +35,7 @@ spec: restartPolicy: Never initContainers: - command: - - /root/ready.py + - /app/ready.py args: - --container-name - {{ include "common.name" . }} @@ -45,7 +45,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness - name: mariadb-galera-backup-init diff --git a/kubernetes/common/mariadb-galera/templates/job.yaml b/kubernetes/common/mariadb-galera/templates/job.yaml index db56f3e046..5dc822a66f 100644 --- a/kubernetes/common/mariadb-galera/templates/job.yaml +++ b/kubernetes/common/mariadb-galera/templates/job.yaml @@ -49,7 +49,7 @@ spec: fsGroup: 1001 runAsUser: 0 initContainers: - - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" name: mariadb-galera-upgrade-readiness env: - name: NAMESPACE @@ -58,7 +58,7 @@ spec: apiVersion: v1 fieldPath: metadata.namespace command: - - /root/ready.py + - /app/ready.py args: - --container-name - mariadb-galera diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index 4ccb0e5c6e..afd6c547ea 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -40,8 +40,7 @@ global: repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 + readinessImage: onap/oom/readiness:3.0.1 busyboxImage: busybox:1.30 busyboxRepository: docker.io # kubeclt image diff --git a/kubernetes/common/mariadb-init/templates/_mariadb.tpl b/kubernetes/common/mariadb-init/templates/_mariadb.tpl index af9a4f5f02..5563fe714d 100644 --- a/kubernetes/common/mariadb-init/templates/_mariadb.tpl +++ b/kubernetes/common/mariadb-init/templates/_mariadb.tpl @@ -1,5 +1,6 @@ {{/* # Copyright © 2019 Orange +# Copyright © 2020 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -20,3 +21,15 @@ {{- define "mariadbInit.mariadbClusterSecret" -}} {{- include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride)) -}} {{- end -}} + +{{- define "mariadbInit._updateSecrets" -}} + {{- if not .Values.secretsUpdated }} + {{- $global := . }} + {{- range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases }} + {{- $item := dict "uid" $db "type" "basicAuth" "externalSecret" (default "" $dbInfos.externalSecret) "login" (default "" $dbInfos.user) "password" (default "" $dbInfos.password) "passwordPolicy" "required" }} + {{- $newList := append $global.Values.secrets $item }} + {{- $_ := set $global.Values "secrets" $newList }} + {{- end -}} + {{ $_ := set $global.Values "secretsUpdated" true }} + {{- end -}} +{{- end -}} diff --git a/kubernetes/common/mariadb-init/templates/job.yaml b/kubernetes/common/mariadb-init/templates/job.yaml index 5202d572a2..7de0a9182b 100644 --- a/kubernetes/common/mariadb-init/templates/job.yaml +++ b/kubernetes/common/mariadb-init/templates/job.yaml @@ -13,6 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. +{{ include "mariadbInit._updateSecrets" . -}} + apiVersion: batch/v1 kind: Job metadata: @@ -35,17 +37,17 @@ spec: initContainers: - name: {{ include "common.name" . }}-readiness command: - - /root/ready.py + - /app/ready.py args: - --container-name - - {{ .Values.global.mariadbGalera.nameOverride }} + - {{ default .Values.global.mariadbGalera.nameOverride .Values.mariadbGalera.containerName }} env: - name: NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} @@ -56,21 +58,21 @@ spec: - /db_init/db_init.sh env: - name: DB_HOST - value: "{{ .Values.global.mariadbGalera.nameOverride }}" + value: "{{ default .Values.global.mariadbGalera.nameOverride .Values.mariadbGalera.serviceName }}" - name: DB_PORT - value: "{{ .Values.global.mariadbGalera.servicePort }}" + value: "{{ default .Values.global.mariadbGalera.servicePort .Values.mariadbGalera.servicePort }}" - name: MYSQL_ROOT_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "root-password" "key" (default "password" .Values.global.mariadbGalera.userRootSecretKey)) | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "root-password" "key" (default "password" .Values.global.mariadbGalera.userRootSecretKey)) | indent 10 }} - name: {{ printf "MYSQL_USER_%s" .Values.config.mysqlDatabase | upper }} - {{- include "common.secret.envFromSecret" (dict "global" . "uid" .Values.config.mysqlDatabase "key" "login") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" .Values.config.mysqlDatabase "key" "login") | indent 10 }} - name: {{ printf "MYSQL_PASSWORD_%s" .Values.config.mysqlDatabase | upper }} - {{- include "common.secret.envFromSecret" (dict "global" . "uid" .Values.config.mysqlDatabase "key" "password") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" .Values.config.mysqlDatabase "key" "password") | indent 10 }} {{- $root := . }} {{ range $db, $_values := .Values.config.mysqlAdditionalDatabases }} - name: {{ printf "MYSQL_USER_%s" $db | upper }} - {{- include "common.secret.envFromSecret" (dict "global" $root "uid" $db "key" "login") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" $root "uid" $db "key" "login") | indent 10 }} - name: {{ printf "MYSQL_PASSWORD_%s" $db | upper }} - {{- include "common.secret.envFromSecret" (dict "global" $root "uid" $db "key" "password") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" $root "uid" $db "key" "password") | indent 10 }} {{ end }} volumeMounts: - mountPath: /etc/localtime diff --git a/kubernetes/common/mariadb-init/templates/secret.yaml b/kubernetes/common/mariadb-init/templates/secret.yaml index 71a89d019b..2db326f163 100644 --- a/kubernetes/common/mariadb-init/templates/secret.yaml +++ b/kubernetes/common/mariadb-init/templates/secret.yaml @@ -1,4 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada, Orange +# Copyright © 2020 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,26 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -{{- define "mariadb-init._update-secrets" -}} - {{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases }} -{{ printf "- uid: %s" $db }} -{{ printf " type: basicAuth" }} - {{- if $dbInfos.externalSecret }} -{{ printf " externalSecret: %s" $dbInfos.externalSecret }} - {{- end }} -{{ printf " login: %s" $dbInfos.user }} -{{ printf " password: %s" $dbInfos.password }} -{{ printf " passwordPolicy: required" }} - {{- end -}} -{{- end -}} +{{ include "mariadbInit._updateSecrets" . -}} -{{ $global := . }} -{{ $secretsString := .Values.secrets | toYaml | indent 2 }} -{{ $additionalSecretsString := (include "mariadb-init._update-secrets" .) | indent 2 }} -{{ $finalSecretsString := (cat "\nsecrets:\n" $secretsString $additionalSecretsString) | replace " -" " -" }} -{{ $finalSecrets := ($finalSecretsString | fromYaml).secrets }} - -{{ $newValues := set $global.Values "secrets" $finalSecrets }} -{{ $tmpGlobal := set $global "Values" $newValues }} - -{{ include "common.secret" $tmpGlobal }} +{{ include "common.secretFast" . }} diff --git a/kubernetes/common/mariadb-init/tests/job_test.yaml b/kubernetes/common/mariadb-init/tests/job_test.yaml index 7523ee1c6e..170eaf3c96 100644 --- a/kubernetes/common/mariadb-init/tests/job_test.yaml +++ b/kubernetes/common/mariadb-init/tests/job_test.yaml @@ -36,7 +36,7 @@ tests: content: mariadb-galera - equal: path: spec.template.spec.initContainers[0].image - value: oomk8s/readiness-check:2.0.2 + value: nexus3.onap.org:10001/onap/oom/readiness:3.0.1 - equal: path: spec.template.spec.initContainers[0].imagePullPolicy value: IfNotPresent diff --git a/kubernetes/common/mariadb-init/values.yaml b/kubernetes/common/mariadb-init/values.yaml index f6ce95a65f..dd5d208190 100644 --- a/kubernetes/common/mariadb-init/values.yaml +++ b/kubernetes/common/mariadb-init/values.yaml @@ -17,8 +17,7 @@ ################################################################# global: repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 + readinessImage: onap/oom/readiness:3.0.1 mariadbGalera: nameOverride: mariadb-galera servicePort: 3306 @@ -33,8 +32,8 @@ global: secrets: - uid: root-password type: password - externalSecret: '{{ tpl (default (include "mariadbInit.mariadbClusterSecret" .) .Values.global.mariadbGalera.userRootSecret) . }}' - password: '{{ tpl (default "" .global.mariadbGalera.userRootPassword) . }}' + externalSecret: '{{ tpl (ternary (default "" .Values.mariadbGalera.userRootSecret) (default (include "mariadbInit.mariadbClusterSecret" .) .Values.global.mariadbGalera.userRootSecret) (not (empty (default "" .Values.mariadbGalera.serviceName)))) . }}' + password: '{{ tpl (ternary (default "" .Values.mariadbGalera.userRootPassword) (default "" .Values.global.mariadbGalera.userRootPassword) (not (empty (default "" .Values.mariadbGalera.serviceName)))) . }}' - uid: '{{ .Values.config.mysqlDatabase }}' type: basicAuth externalSecret: '{{ tpl (default "" .Values.config.userCredentialsExternalSecret) . }}' @@ -52,6 +51,15 @@ pullPolicy: IfNotPresent # Set it if you want to change the name of the different components # nameOverride: +mariadbGalera: {} +# serviceName: some-name +# containerName: some-name +# servicePort: 3306 +# userRootPassword: some-password +# userRootSecret: some-secret-name +# userRootSecretKey: password + + config: userPassword: Ci@shsOd3pky1Vji userName: u5WZ1GMSIS1wHZF diff --git a/kubernetes/common/mongo/values.yaml b/kubernetes/common/mongo/values.yaml index 3c04b429cd..d272f706ea 100644 --- a/kubernetes/common/mongo/values.yaml +++ b/kubernetes/common/mongo/values.yaml @@ -18,8 +18,7 @@ global: nodePortPrefix: 302 persistence: {} - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: onap/oom/readiness:3.0.1 ################################################################# diff --git a/kubernetes/common/music/charts/music-cassandra-job/templates/job.yaml b/kubernetes/common/music/charts/music-cassandra-job/templates/job.yaml index 46310fb0fb..2c6c3379c2 100644 --- a/kubernetes/common/music/charts/music-cassandra-job/templates/job.yaml +++ b/kubernetes/common/music/charts/music-cassandra-job/templates/job.yaml @@ -34,10 +34,10 @@ spec: restartPolicy: Never initContainers: - name: {{ include "common.name" . }}-readiness - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: - --timeout - "{{ .Values.global.readinessTimeout }}" diff --git a/kubernetes/common/music/charts/music-cassandra-job/values.yaml b/kubernetes/common/music/charts/music-cassandra-job/values.yaml index ac18195939..eee1a3a522 100644 --- a/kubernetes/common/music/charts/music-cassandra-job/values.yaml +++ b/kubernetes/common/music/charts/music-cassandra-job/values.yaml @@ -20,9 +20,8 @@ global: repository: nexus3.onap.org:10001 # readiness check - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - # Set default to 4 hrs. + readinessImage: onap/oom/readiness:3.0.1 + # Set default to 4 hrs. # On slow environments dealys this long have been seen. readinessTimeout: 240 # logging agent @@ -34,9 +33,9 @@ global: job: host: music-cassandra port: 9042 - busybox: + busybox: image: library/busybox:latest - cassandra: + cassandra: image: onap/music/cassandra_job:3.0.24 timeout: 30 delay: 120 @@ -45,10 +44,10 @@ cql: replicationClass: "SimpleStrategy" replicationFactor: 3 adminUser: - username: nelson24 - password: nelson24 + username: nelson24 + password: nelson24 passwordReplace: A2C4E6G8I0J2L4O6Q8S0U2W4Y6 - + podManagementPolicy: OrderedReady updateStrategy: type: OnDelete diff --git a/kubernetes/common/music/charts/music-cassandra/values.yaml b/kubernetes/common/music/charts/music-cassandra/values.yaml index 460671d839..0402a3207c 100644 --- a/kubernetes/common/music/charts/music-cassandra/values.yaml +++ b/kubernetes/common/music/charts/music-cassandra/values.yaml @@ -21,8 +21,7 @@ global: repository: nexus3.onap.org:10001 # readiness check - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: onap/oom/readiness:3.0.1 # logging agent loggingRepository: docker.elastic.co diff --git a/kubernetes/common/music/charts/music/templates/deployment.yaml b/kubernetes/common/music/charts/music/templates/deployment.yaml index c3b30b22b7..81c3c2049d 100644 --- a/kubernetes/common/music/charts/music/templates/deployment.yaml +++ b/kubernetes/common/music/charts/music/templates/deployment.yaml @@ -23,10 +23,10 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-cassandra-readiness - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /root/job_complete.py + - /app/ready.py args: - -j - "{{ include "common.release" . }}-music-cassandra-job-config" diff --git a/kubernetes/common/music/charts/music/values.yaml b/kubernetes/common/music/charts/music/values.yaml index faa5a6223d..bf3ad2279c 100644 --- a/kubernetes/common/music/charts/music/values.yaml +++ b/kubernetes/common/music/charts/music/values.yaml @@ -23,8 +23,7 @@ global: envsubstImage: dibi/envsubst # readiness check - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: onap/oom/readiness:3.0.1 # logging agent loggingRepository: docker.elastic.co diff --git a/kubernetes/common/music/values.yaml b/kubernetes/common/music/values.yaml index fe4cbaee9c..7e89b02e02 100644 --- a/kubernetes/common/music/values.yaml +++ b/kubernetes/common/music/values.yaml @@ -19,8 +19,7 @@ global: nodePortPrefix: 302 repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: onap/oom/readiness:3.0.1 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 diff --git a/kubernetes/common/network-name-gen/templates/deployment.yaml b/kubernetes/common/network-name-gen/templates/deployment.yaml index 87dd622c35..c97c0488ac 100644 --- a/kubernetes/common/network-name-gen/templates/deployment.yaml +++ b/kubernetes/common/network-name-gen/templates/deployment.yaml @@ -36,16 +36,14 @@ spec: release: {{ include "common.release" . }} spec: initContainers: -{{- if .Values.global.mariadbGalera.localCluster }} - - command: - - /root/ready.py + - name: {{ include "common.name" . }}-readiness + command: + - /app/ready.py args: +{{- if .Values.global.mariadbGalera.localCluster }} - --container-name - {{ index .Values "mariadb-galera" "nameOverride" }} {{- else }} - - command: - - /root/job_complete.py - args: - --job-name - {{ include "common.release" . }}-{{ index .Values "mariadb-init" "nameOverride" }}-config-job {{- end }} @@ -55,9 +53,8 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - name: {{ include "common.name" . }} command: diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml index 81c596c6c9..cfa7171a7d 100644 --- a/kubernetes/common/network-name-gen/values.yaml +++ b/kubernetes/common/network-name-gen/values.yaml @@ -26,8 +26,7 @@ global: # readiness check - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: onap/oom/readiness:3.0.1 # image pull policy pullPolicy: IfNotPresent diff --git a/kubernetes/common/postgres/values.yaml b/kubernetes/common/postgres/values.yaml index a5a416329b..fbc43c0768 100644 --- a/kubernetes/common/postgres/values.yaml +++ b/kubernetes/common/postgres/values.yaml @@ -18,8 +18,7 @@ global: nodePortPrefix: 302 persistence: {} - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: onap/oom/readiness:3.0.1 # envsusbt envsubstImage: dibi/envsubst diff --git a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl index 3cdf13a362..6a1a1eb82a 100644 --- a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl +++ b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl @@ -56,10 +56,10 @@ {{- $containers := index (ternary (dict "containers" $wait_for) $wait_for (kindIs "slice" $wait_for)) "containers" -}} {{- $namePart := index (ternary (dict) $wait_for (kindIs "slice" $wait_for)) "name" -}} - name: {{ include "common.name" $dot }}{{ ternary "" (printf "-%s" $namePart) (empty $namePart) }}-readiness - image: "{{ $subchartDot.Values.global.readinessRepository }}/{{ $subchartDot.Values.global.readinessImage }}" + image: "{{ include "common.repository" $subchartDot }}/{{ $subchartDot.Values.global.readinessImage }}" imagePullPolicy: {{ $subchartDot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: {{- range $container := $containers }} - --container-name diff --git a/kubernetes/common/readinessCheck/values.yaml b/kubernetes/common/readinessCheck/values.yaml index 8417407a99..7bd0c3d679 100644 --- a/kubernetes/common/readinessCheck/values.yaml +++ b/kubernetes/common/readinessCheck/values.yaml @@ -13,8 +13,7 @@ # limitations under the License. global: - readinessRepository: oomk8s - readinessImage: readiness-check:2.2.1 + readinessImage: onap/oom/readiness:3.0.1 pullPolicy: Always limits: |