aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/common
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/common')
-rw-r--r--kubernetes/common/cassandra/templates/servicemonitor.yaml19
-rw-r--r--kubernetes/common/cassandra/templates/statefulset.yaml46
-rw-r--r--kubernetes/common/cassandra/values.yaml62
-rwxr-xr-xkubernetes/common/cert-wrapper/resources/import-custom-certs.sh4
-rw-r--r--kubernetes/common/certInitializer/templates/job.yaml2
-rw-r--r--kubernetes/common/cmpv2Config/values.yaml2
-rw-r--r--kubernetes/common/common/templates/_dmaapProvisioning.tpl3
-rw-r--r--kubernetes/common/common/templates/_service.tpl5
-rw-r--r--kubernetes/common/common/templates/_serviceMesh.tpl33
-rw-r--r--kubernetes/common/mariadb-galera/values.yaml4
-rw-r--r--kubernetes/common/repositoryGenerator/templates/_repository.tpl4
-rw-r--r--kubernetes/common/repositoryGenerator/values.yaml17
-rw-r--r--kubernetes/common/timescaledb/values.yaml5
13 files changed, 186 insertions, 20 deletions
diff --git a/kubernetes/common/cassandra/templates/servicemonitor.yaml b/kubernetes/common/cassandra/templates/servicemonitor.yaml
new file mode 100644
index 0000000000..5297e692d2
--- /dev/null
+++ b/kubernetes/common/cassandra/templates/servicemonitor.yaml
@@ -0,0 +1,19 @@
+{{/*
+# Copyright © 2022 Amdocs, Bitnami, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if .Values.metrics.serviceMonitor.enabled }}
+{{ include "common.serviceMonitor" . }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/common/cassandra/templates/statefulset.yaml b/kubernetes/common/cassandra/templates/statefulset.yaml
index 840e95b490..43367ee542 100644
--- a/kubernetes/common/cassandra/templates/statefulset.yaml
+++ b/kubernetes/common/cassandra/templates/statefulset.yaml
@@ -1,5 +1,5 @@
{{/*
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright © 2022 Amdocs, AT&T, Bell Canada, Bitnami
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -26,6 +26,15 @@ spec:
type: {{ .Values.updateStrategy.type }}
template:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+ {{- if or .Values.podAnnotations (and .Values.metrics.serviceMonitor.enabled .Values.metrics.podAnnotations) }}
+ annotations:
+ {{- if .Values.podAnnotations }}
+ {{- include "common.tplValue" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }}
+ {{- end }}
+ {{- if and .Values.metrics.serviceMonitor.enabled .Values.metrics.podAnnotations }}
+ {{- include "common.tplValue" (dict "value" .Values.metrics.podAnnotations "context" $) | nindent 8 }}
+ {{- end }}
+ {{- end }}
spec:
hostNetwork: {{ .Values.hostNetwork }}
imagePullSecrets:
@@ -126,6 +135,41 @@ spec:
command: ["/bin/sh", "-c", "PID=$(pidof java) && kill $PID && while ps -p $PID > /dev/null; do sleep 1; done"]
{{- end }}
resources: {{ toYaml .Values.resources | nindent 10 }}
+ {{- if .Values.metrics.serviceMonitor.enabled }}
+ - name: {{ include "common.name" . }}-metrics
+ image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.metrics.image }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.metrics.pullPolicy | quote}}
+ {{- if (.Values.metrics.enabled) }}
+ ports:
+ {{- range $index, $metricPort := .Values.metrics.ports }}
+ - name: {{ $metricPort.name }}
+ containerPort: {{ $metricPort.port }}
+ protocol: TCP
+ {{- end }}
+ livenessProbe:
+ httpGet:
+ path: {{ .Values.metrics.livenessProbe.httpGet.path }}
+ port: {{ .Values.metrics.livenessProbe.httpGet.port }}
+ initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }}
+ periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }}
+ timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }}
+ successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }}
+ failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }}
+ readinessProbe:
+ httpGet:
+ path: {{ .Values.metrics.readinessProbe.httpGet.path }}
+ port: {{ .Values.metrics.readinessProbe.httpGet.port }}
+ initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }}
+ periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
+ timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }}
+ successThreshold: {{ .Values.metrics.readinessProbe.successThreshold }}
+ failureThreshold: {{ .Values.metrics.readinessProbe.failureThreshold }}
+ {{- end }}
+ {{ include "common.containerSecurityContext" . | indent 10 | trim }}
+ {{- if .Values.metrics.resources }}
+ resources: {{- toYaml .Values.metrics.resources | nindent 10 }}
+ {{- end }}
+ {{- end }}
{{- if .Values.nodeSelector }}
nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
{{- end -}}
diff --git a/kubernetes/common/cassandra/values.yaml b/kubernetes/common/cassandra/values.yaml
index 1d69993956..597174ee0a 100644
--- a/kubernetes/common/cassandra/values.yaml
+++ b/kubernetes/common/cassandra/values.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
+# Copyright © 2022 Amdocs, Bell Canada, AT&T, Bitnami
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -168,3 +168,63 @@ serviceAccount:
nameOverride: cassandra
roles:
- nothing
+
+# Cassandra Metrics
+metrics:
+ enabled: false
+ image: bitnami/cassandra-exporter:2.3.4-debian-10-r641
+ pullPolicy: IfNotPresent
+ ports:
+ - name: tcp-metrics
+ port: 8080
+ podAnnotations:
+ prometheus.io/scrape: 'true'
+ prometheus.io/port: '8080'
+ livenessProbe:
+ enabled: true
+ httpGet:
+ path: /metrics
+ port: 8080
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ timeoutSeconds: 5
+ successThreshold: 1
+ failureThreshold: 3
+ readinessProbe:
+ httpGet:
+ path: /metrics
+ port: 8080
+ enabled: true
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ timeoutSeconds: 5
+ successThreshold: 1
+ failureThreshold: 3
+ serviceMonitor:
+ enabled: false
+ targetPort: 8080
+ path: /metrics
+ basicAuth:
+ enabled: false
+ ## Namespace in which Prometheus is running
+ ##
+ # namespace: monitoring
+
+ ## Interval at which metrics should be scraped.
+ #interval: 30s
+
+ ## Timeout after which the scrape is ended
+ # scrapeTimeout: 10s
+
+ ## ServiceMonitor selector labels
+ selector:
+ app.kubernetes.io/name: '{{ include "common.name" . }}'
+ helm.sh/chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
+ app.kubernetes.io/instance: '{{ include "common.release" . }}'
+ app.kubernetes.io/managed-by: '{{ .Release.Service }}'
+
+ ## RelabelConfigs to apply to samples before scraping
+ relabelings: []
+
+ ## MetricRelabelConfigs to apply to samples before ingestion
+ metricRelabelings: []
diff --git a/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh
index fa3de03ece..96b0c0c0c8 100755
--- a/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh
+++ b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh
@@ -41,7 +41,7 @@ for f in $CERTS_DIR/*; do
if echo $f | grep '\.sh$' >/dev/null; then
continue
fi
- if echo $f | grep '\.b64$' >/dev/null; then
+ if echo $f | grep '\.b64$' >/dev/null
then
base64 -d $f > $WORK_DIR/`basename $f .b64`
else
@@ -87,4 +87,4 @@ if [ $? != 0 ]
exit 1
else
cp /etc/ssl/certs/ca-certificates.crt $WORK_DIR/.
-fi \ No newline at end of file
+fi
diff --git a/kubernetes/common/certInitializer/templates/job.yaml b/kubernetes/common/certInitializer/templates/job.yaml
index 2acb423511..84a3e87098 100644
--- a/kubernetes/common/certInitializer/templates/job.yaml
+++ b/kubernetes/common/certInitializer/templates/job.yaml
@@ -25,6 +25,8 @@ spec:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers: {{ include "common.certInitializer.initContainer" (dict "dot" . "initRoot" .Values) | nindent 6 }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
containers:
- name: create-tls-secret
command:
diff --git a/kubernetes/common/cmpv2Config/values.yaml b/kubernetes/common/cmpv2Config/values.yaml
index 4b8438ace2..aeac9901a3 100644
--- a/kubernetes/common/cmpv2Config/values.yaml
+++ b/kubernetes/common/cmpv2Config/values.yaml
@@ -35,5 +35,5 @@ global:
truststorePasswordSecretName: oom-cert-service-truststore-password
truststorePasswordSecretKey: password
certPostProcessor:
- image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.4.0
+ image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.5.0
diff --git a/kubernetes/common/common/templates/_dmaapProvisioning.tpl b/kubernetes/common/common/templates/_dmaapProvisioning.tpl
index d28494aacd..eefd00d7bf 100644
--- a/kubernetes/common/common/templates/_dmaapProvisioning.tpl
+++ b/kubernetes/common/common/templates/_dmaapProvisioning.tpl
@@ -138,6 +138,7 @@
args:
- -c
- |
+ set -uex -o pipefail
if [ -d /opt/app/config/cache ]; then
cd /opt/app/config/cache
for file in $(ls feed*); do
@@ -147,8 +148,6 @@
done
for file in $(ls drpub*); do
NUM=$(echo "$file" | sed 's/drpubConfig-\([0-9]\+\)-resp.json/\1/')
- export DR_USERNAME_"$NUM"="$(grep -o '"username":"[^"]*' "$file" | cut -d '"' -f4)"
- export DR_PASSWORD_"$NUM"="$(grep -o '"userpwd":"[^"]*' "$file" | cut -d '"' -f4)"
export DR_FILES_PUBLISHER_ID_"$NUM"="$(grep -o '"pubId":"[^"]*' "$file" | cut -d '"' -f4)"
done
for file in $(ls drsub*); do
diff --git a/kubernetes/common/common/templates/_service.tpl b/kubernetes/common/common/templates/_service.tpl
index a488e0d5fa..f6a0f211a9 100644
--- a/kubernetes/common/common/templates/_service.tpl
+++ b/kubernetes/common/common/templates/_service.tpl
@@ -267,6 +267,11 @@ spec:
{{- $ports := $dot.Values.service.headlessPorts -}}
{{- $labels := default (dict) .labels -}}
{{- $matchLabels := default (dict) .matchLabels -}}
+{{- if ($dot.Values.metrics) }}
+{{- range $index, $metricPort := $dot.Values.metrics.ports }}
+{{- $ports = append $ports $metricPort }}
+{{- end }}
+{{- end }}
{{ include "common.genericService" (dict "suffix" $suffix "annotations" $annotations "dot" $dot "publishNotReadyAddresses" $publishNotReadyAddresses "ports" $ports "serviceType" "ClusterIP" "headless" true "labels" $labels "matchLabels" $matchLabels) }}
{{- end -}}
diff --git a/kubernetes/common/common/templates/_serviceMesh.tpl b/kubernetes/common/common/templates/_serviceMesh.tpl
index d4fc182b34..a685a73627 100644
--- a/kubernetes/common/common/templates/_serviceMesh.tpl
+++ b/kubernetes/common/common/templates/_serviceMesh.tpl
@@ -14,8 +14,7 @@
# limitations under the License.
*/}}
-
-{/*
+{{/*
Calculate if we are on service mesh.
*/}}
{{- define "common.onServiceMesh" -}}
@@ -26,6 +25,9 @@ true
{{- end -}}
{{- end -}}
+{{/*
+ Kills the sidecar proxy associated with a pod.
+*/}}
{{- define "common.serviceMesh.killSidecar" -}}
{{- if (include "common.onServiceMesh" .) }}
RCODE="$?";
@@ -37,3 +39,30 @@ echo "*** exiting with script exit code" ;
exit "$RCODE"
{{- end }}
{{- end -}}
+
+{{/*
+ Wait for job container.
+*/}}
+{{- define "common.waitForJobContainer" -}}
+{{- $dot := default . .dot -}}
+{{- $wait_for_job_container := default $dot.Values.wait_for_job_container .wait_for_job_container -}}
+{{- if (include "common.onServiceMesh" .) }}
+- name: {{ include "common.name" $dot }}{{ ternary "" (printf "-%s" $wait_for_job_container.name) (empty $wait_for_job_container.name) }}-service-mesh-wait-for-job-container
+ image: {{ include "repositoryGenerator.image.quitQuit" $dot }}
+ imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
+ command:
+ - /bin/sh
+ - "-c"
+ args:
+ - echo "waiting 10s for istio side cars to be up"; sleep 10s;
+ {{- range $container := $wait_for_job_container.containers }}
+ /app/ready.py --service-mesh-check {{ tpl $container $dot }} -t 45;
+ {{- end }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+{{- end }}
+{{- end }}
diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml
index f49a898818..9f7c882134 100644
--- a/kubernetes/common/mariadb-galera/values.yaml
+++ b/kubernetes/common/mariadb-galera/values.yaml
@@ -608,8 +608,8 @@ metrics:
## ServiceMonitor selector labels
## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration
##
- selector:
- prometheus: kube-prometheus
+ # selector:
+ # prometheus: kube-prometheus
## RelabelConfigs to apply to samples before scraping
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
diff --git a/kubernetes/common/repositoryGenerator/templates/_repository.tpl b/kubernetes/common/repositoryGenerator/templates/_repository.tpl
index 349bb4072a..f57d390477 100644
--- a/kubernetes/common/repositoryGenerator/templates/_repository.tpl
+++ b/kubernetes/common/repositoryGenerator/templates/_repository.tpl
@@ -141,6 +141,10 @@
{{- include "repositoryGenerator.image._helper" (merge (dict "image" "dbcClientImage") .) }}
{{- end -}}
+{{- define "repositoryGenerator.image.quitQuit" -}}
+ {{- include "repositoryGenerator.image._helper" (merge (dict "image" "quitQuitImage") .) }}
+{{- end -}}
+
{{/*
Resolve the image repository secret token.
The value for .Values.global.repositoryCred is used if provided:
diff --git a/kubernetes/common/repositoryGenerator/values.yaml b/kubernetes/common/repositoryGenerator/values.yaml
index a05bc13ae6..34ce466f48 100644
--- a/kubernetes/common/repositoryGenerator/values.yaml
+++ b/kubernetes/common/repositoryGenerator/values.yaml
@@ -1,6 +1,6 @@
# Copyright © 2020 Orange
# Copyright © 2021 Nokia, AT&T
-# Modifications Copyright (C) 2021 Nordix Foundation.
+# Modifications Copyright (c) 2022 Nordix Foundation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -23,21 +23,25 @@ global:
githubContainerRegistry: ghcr.io
# common global images
- busyboxImage: busybox:1.32
+ busyboxImage: busybox:1.34.1
curlImage: curlimages/curl:7.80.0
envsubstImage: dibi/envsubst:1
# there's only latest image for htpasswd
htpasswdImage: xmartlabs/htpasswd:latest
- jettyImage: jetty:9-jdk11-slim
+ # if you change jetty image, you'll also need to update jar file which is
+ # "hardcoded" to the value...
+ # (/usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar) for 9.4.45
+ jettyImage: jetty:9.4.45-jdk11-slim
jreImage: onap/integration-java11:10.0.0
- kubectlImage: bitnami/kubectl:1.19
+ kubectlImage: bitnami/kubectl:1.22.4
loggingImage: beats/filebeat:5.5.0
mariadbImage: bitnami/mariadb:10.6.5-debian-10-r28
- nginxImage: bitnami/nginx:1.18-debian-10
+ nginxImage: bitnami/nginx:1.21.4
postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1
readinessImage: onap/oom/readiness:3.0.1
dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1
- dbcClientImage: onap/dmaap/dbc-client:2.0.7
+ dbcClientImage: onap/dmaap/dbc-client:2.0.9
+ quitQuitImage: onap/oom/readiness:4.1.0
# Default credentials
# they're optional. If the target repository doesn't need them, comment them
@@ -71,3 +75,4 @@ imageRepoMapping:
readinessImage: repository
dcaePolicySyncImage: repository
dbcClientImage: repository
+ quitQuitImage: repository
diff --git a/kubernetes/common/timescaledb/values.yaml b/kubernetes/common/timescaledb/values.yaml
index 258f516ff0..72a4b6ffd0 100644
--- a/kubernetes/common/timescaledb/values.yaml
+++ b/kubernetes/common/timescaledb/values.yaml
@@ -1,5 +1,5 @@
# ============LICENSE_START=======================================================
-# Copyright (c) 2021 Bell Canada.
+# Copyright (c) 2021 2022 Bell Canada.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -23,7 +23,7 @@ global:
#################################################################
# Secrets.
##############################################################
-image: timescale/timescaledb:2.1.1-pg13
+image: timescale/timescaledb:2.5.1-pg14
pullPolicy: Always
containerPorts: 5432
@@ -125,4 +125,3 @@ secrets:
externalSecret: '{{ tpl (default "" .Values.config.pgUserExternalSecret) . }}'
login: '{{ .Values.config.pgUserName }}'
password: '{{ .Values.config.pgUserPassword }}'
-