diff options
Diffstat (limited to 'kubernetes/cps')
45 files changed, 1596 insertions, 186 deletions
diff --git a/kubernetes/cps/.helmignore b/kubernetes/cps/.helmignore index 80b47d2723..7ddbad7ef4 100644 --- a/kubernetes/cps/.helmignore +++ b/kubernetes/cps/.helmignore @@ -19,4 +19,4 @@ .project .idea/ *.tmproj -components/
\ No newline at end of file +components/ diff --git a/kubernetes/cps/Chart.yaml b/kubernetes/cps/Chart.yaml index 325f26dc38..0837c72dd9 100644 --- a/kubernetes/cps/Chart.yaml +++ b/kubernetes/cps/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright (C) 2021 Pantheon.tech +# Copyright (C) 2021 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: Configuration Persistance Service (CPS) +description: ONAP Configuration Persistance Service (CPS) name: cps version: 8.0.0 diff --git a/kubernetes/cps/Makefile b/kubernetes/cps/Makefile new file mode 100644 index 0000000000..70bb031af3 --- /dev/null +++ b/kubernetes/cps/Makefile @@ -0,0 +1,54 @@ +# Copyright © 2020 Samsung Electronics +# Copyright (c) 2021 AT&T. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) +OUTPUT_DIR := $(ROOT_DIR)/../dist +PACKAGE_DIR := $(OUTPUT_DIR)/packages +SECRET_DIR := $(OUTPUT_DIR)/secrets + +HELM_REPO := local + +EXCLUDES := +HELM_BIN := helm +HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) + +.PHONY: $(EXCLUDES) $(HELM_CHARTS) + +all: $(HELM_CHARTS) + +$(HELM_CHARTS): + @echo "\n[$@]" + @make package-$@ + +make-%: + @if [ -f $*/Makefile ]; then make -C $*; fi + +dep-%: make-% + @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi + +lint-%: dep-% + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi + +package-%: lint-% + @mkdir -p $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) push -f $$PACKAGE_NAME $(HELM_REPO); fi + @sleep 3 + +clean: + @rm -f */requirements.lock + @rm -f *tgz */charts/*tgz + @rm -rf $(PACKAGE_DIR) +%: + @: diff --git a/kubernetes/cps/README.md b/kubernetes/cps/README.md index 4b578c41c2..876da2ca57 100644 --- a/kubernetes/cps/README.md +++ b/kubernetes/cps/README.md @@ -19,4 +19,4 @@ ONAP Configuration Persistence Service (CPS) includes the following Kubernetes services: -1) Cps and xNF - Configuration Persistence Service together with Nf Configuration Persistence Service
\ No newline at end of file +1) cps-core - Configuration Persistence Service together with Nf Configuration Persistence Service
\ No newline at end of file diff --git a/kubernetes/cps/components/Makefile b/kubernetes/cps/components/Makefile new file mode 100644 index 0000000000..db8704c2ca --- /dev/null +++ b/kubernetes/cps/components/Makefile @@ -0,0 +1,67 @@ +# Copyright © 2020 Samsung Electronics +# Copyright (c) 2021 AT&T. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) +OUTPUT_DIR := $(ROOT_DIR)/../../dist +PACKAGE_DIR := $(OUTPUT_DIR)/packages +SECRET_DIR := $(OUTPUT_DIR)/secrets + +HELM_REPO := local + +EXCLUDES := +HELM_BIN := helm +# Helm v2 and helm v3 uses different version format so we first try in helm v3 format +# and if it fails then we fallback to helm v2 one +HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}" 2>/dev/null) +ifneq "$(findstring v3,$(HELM_VER))" "v3" + HELM_VER := $(shell $(HELM_BIN) version -c --template "{{.Client.SemVer}}") +endif + +HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) + +.PHONY: $(EXCLUDES) $(HELM_CHARTS) + +all: $(HELM_CHARTS) helm-repo-update + +$(HELM_CHARTS): + @echo "\n[$@]" + @make package-$@ + +make-%: + @if [ -f $*/Makefile ]; then make -C $*; fi + +dep-%: make-% + @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi + +lint-%: dep-% + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi + +package-%: lint-% + @mkdir -p $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) push -f $$PACKAGE_NAME $(HELM_REPO); fi + @sleep 3 + +clean: + @rm -f */requirements.lock + @rm -f *tgz */charts/*tgz + @rm -rf $(PACKAGE_DIR) + +helm-repo-update: +ifeq "$(findstring v3,$(HELM_VER))" "v3" + @$(HELM_BIN) repo update +endif + +%: + @: diff --git a/kubernetes/cps/components/cps-core/.helmignore b/kubernetes/cps/components/cps-core/.helmignore new file mode 100644 index 0000000000..80b47d2723 --- /dev/null +++ b/kubernetes/cps/components/cps-core/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +components/
\ No newline at end of file diff --git a/kubernetes/cps/components/cps-core/Chart.yaml b/kubernetes/cps/components/cps-core/Chart.yaml new file mode 100644 index 0000000000..710032896e --- /dev/null +++ b/kubernetes/cps/components/cps-core/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright (C) Pantheon.tech, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Configuration Persistance Service (CPS) - Core +name: cps-core +version: 8.0.0 diff --git a/kubernetes/cps/components/cps-core/requirements.yaml b/kubernetes/cps/components/cps-core/requirements.yaml new file mode 100644 index 0000000000..d6b6712852 --- /dev/null +++ b/kubernetes/cps/components/cps-core/requirements.yaml @@ -0,0 +1,30 @@ +# Copyright (C) 2021 Pantheon.tech, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: postgres + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/cps/resources/config/application-helm.yml b/kubernetes/cps/components/cps-core/resources/config/application-helm.yml index 5f19007231..f181b82fec 100755..100644 --- a/kubernetes/cps/resources/config/application-helm.yml +++ b/kubernetes/cps/components/cps-core/resources/config/application-helm.yml @@ -1,21 +1,21 @@ {{/* - # Copyright (C) 2021 Pantheon.tech - # Modifications Copyright (C) 2020 Bell Canada. All rights reserved. - # Modifications Copyright (C) 2021 Nordix Foundation. All rights reserved. - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. +# Copyright (C) 2021 Pantheon.tech +# Modifications Copyright (C) 2020 Bell Canada. +# Modifications Copyright (C) 2021 Nordix Foundation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. */}} ---- + server: port: 8080 diff --git a/kubernetes/cps/resources/config/logback.xml b/kubernetes/cps/components/cps-core/resources/config/logback.xml index 56ffc88220..8256cfa18d 100644 --- a/kubernetes/cps/resources/config/logback.xml +++ b/kubernetes/cps/components/cps-core/resources/config/logback.xml @@ -1,11 +1,13 @@ <!-- ============LICENSE_START======================================================= - Copyright (C) 2020 Bell Canada. All rights reserved. + Copyright (C) 2020 Bell Canada. ================================================================================ Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 + Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. diff --git a/kubernetes/cps/templates/NOTES.txt b/kubernetes/cps/components/cps-core/templates/NOTES.txt index 09d22dfa7c..09d22dfa7c 100644 --- a/kubernetes/cps/templates/NOTES.txt +++ b/kubernetes/cps/components/cps-core/templates/NOTES.txt diff --git a/kubernetes/cps/templates/configmap.yaml b/kubernetes/cps/components/cps-core/templates/configmap.yaml index eeb057cbd8..eeb057cbd8 100644 --- a/kubernetes/cps/templates/configmap.yaml +++ b/kubernetes/cps/components/cps-core/templates/configmap.yaml diff --git a/kubernetes/cps/templates/deployment.yaml b/kubernetes/cps/components/cps-core/templates/deployment.yaml index 61877c38a0..2047a39497 100755..100644 --- a/kubernetes/cps/templates/deployment.yaml +++ b/kubernetes/cps/components/cps-core/templates/deployment.yaml @@ -1,7 +1,7 @@ {{/* # Copyright (C) 2021 Pantheon.tech, Orange # Modifications Copyright (C) 2021 Bell Canada. -# Modifications Copyright (C) 2021 Nordix Foundation. All rights reserved. +# Modifications Copyright (C) 2021 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -103,4 +103,4 @@ spec: - name: init-temp emptyDir: {} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/cps/templates/ingress.yaml b/kubernetes/cps/components/cps-core/templates/ingress.yaml index 16f9440aba..16f9440aba 100644 --- a/kubernetes/cps/templates/ingress.yaml +++ b/kubernetes/cps/components/cps-core/templates/ingress.yaml diff --git a/kubernetes/cps/components/cps-core/templates/secrets.yaml b/kubernetes/cps/components/cps-core/templates/secrets.yaml new file mode 100644 index 0000000000..f25044d339 --- /dev/null +++ b/kubernetes/cps/components/cps-core/templates/secrets.yaml @@ -0,0 +1,17 @@ +{{/* +# Copyright (C) 2021 Pantheon.tech +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/cps/components/cps-core/templates/service.yaml b/kubernetes/cps/components/cps-core/templates/service.yaml new file mode 100644 index 0000000000..97657bfc0b --- /dev/null +++ b/kubernetes/cps/components/cps-core/templates/service.yaml @@ -0,0 +1,17 @@ +{{/* +# Copyright (C) 2021 Pantheon.tech, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{ include "common.service" . }} diff --git a/kubernetes/cps/components/cps-core/values.yaml b/kubernetes/cps/components/cps-core/values.yaml new file mode 100644 index 0000000000..ae8bccd2a8 --- /dev/null +++ b/kubernetes/cps/components/cps-core/values.yaml @@ -0,0 +1,168 @@ +# Copyright (C) 2021 Pantheon.tech, Orange, Bell Canada. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Secrets. +################################################################# +secrets: + - uid: pg-root-pass + name: &pgRootPassSecretName '{{ include "common.release" . }}-cps-pg-root-pass' + type: password + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "cps-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}' + password: '{{ .Values.postgres.config.pgRootpassword }}' + policy: generate + - uid: pg-user-creds + name: &pgUserCredsSecretName '{{ include "common.release" . }}-cps-pg-user-creds' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "cps-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' + login: '{{ .Values.postgres.config.pgUserName }}' + password: '{{ .Values.postgres.config.pgUserPassword }}' + passwordPolicy: generate + - uid: app-user-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.appUserExternalSecret) . }}' + login: '{{ .Values.config.appUserName }}' + password: '{{ .Values.config.appUserPassword }}' + passwordPolicy: generate + +################################################################# +# Global configuration defaults. +################################################################# + +# bitnami image doesn't support well single quote in password +passwordStrengthOverride: basic +global: + ingress: + virtualhost: + baseurl: "simpledemo.onap.org" + +image: onap/cps-and-nf-proxy:1.0.1 +containerPort: &svc_port 8080 + +service: + type: ClusterIP + name: cps-core + ports: + - name: &port http + port: *svc_port + +pullPolicy: Always +# flag to enable debugging - application support required +debugEnabled: false +nodeSelector: {} +affinity: {} +# Resource Limit flavor -By Default using small +flavor: small +# default number of instances +replicaCount: 1 +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 4 + memory: 4Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} +# probe configuration parameters +liveness: + initialDelaySeconds: 20 + periodSeconds: 20 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + path: /manage/health + port: *port + +readiness: + initialDelaySeconds: 15 + periodSeconds: 15 + path: /manage/health + port: *port + +ingress: + enabled: true + service: + - baseaddr: "cps-core" + path: "/" + name: "cps-core" + port: *svc_port + +serviceAccount: + nameOverride: cps-core + roles: + - read + +securityContext: + user_id: 100 + group_id: 655533 + +################################################################# +# Application configuration defaults. +################################################################# + +config: + + # Set it for pre loading xnfdata, else set to null + liquibaseLabels: xnf-data-preload + + # REST API basic authentication credentials (passsword is generated if not provided) + appUserName: cpsuser + spring: + profile: helm + #appUserPassword: + +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format insead of yaml. +# additional: +# spring.config.max-size: 200 +# spring.config.min-size: 10 + +logging: + level: INFO + path: /tmp + +################################################################# +# Postgres overriding defaults in the postgres +################################################################# +postgres: + nameOverride: &postgresName cps-postgres + service: + name: *postgresName + name2: cps-pg-primary + name3: cps-pg-replica + container: + name: + primary: cps-pg-primary + replica: cps-pg-replica + persistence: + mountSubPath: cps/data + mountInitPath: cps + config: + pgUserName: cps + pgDatabase: cpsdb + pgUserExternalSecret: *pgUserCredsSecretName + pgRootPasswordExternalSecret: *pgRootPassSecretName + +readinessCheck: + wait_for: + - cps-postgres diff --git a/kubernetes/cps/components/cps-temporal/.helmignore b/kubernetes/cps/components/cps-temporal/.helmignore new file mode 100644 index 0000000000..80b47d2723 --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +components/
\ No newline at end of file diff --git a/kubernetes/cps/components/cps-temporal/Chart.yaml b/kubernetes/cps/components/cps-temporal/Chart.yaml new file mode 100644 index 0000000000..ab4bfe7e42 --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/Chart.yaml @@ -0,0 +1,22 @@ +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +description: ONAP Configuration Persistance Service (CPS) - Temporal +name: cps-temporal +version: 8.0.0 diff --git a/kubernetes/cps/components/cps-temporal/requirements.yaml b/kubernetes/cps/components/cps-temporal/requirements.yaml new file mode 100644 index 0000000000..b2293db9af --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/requirements.yaml @@ -0,0 +1,34 @@ +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: timescaledb + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/cps/components/cps-temporal/resources/config/application-helm.yml b/kubernetes/cps/components/cps-temporal/resources/config/application-helm.yml new file mode 100644 index 0000000000..6654b26556 --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/resources/config/application-helm.yml @@ -0,0 +1,47 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +spring: + datasource: + url: jdbc:postgresql://{{ .Values.timescaledb.service.name }}:5432/{{ .Values.timescaledb.config.pgDatabase }} + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + kafka: + bootstrap-servers: [{{ .Values.config.kafka.service }}:{{ .Values.config.kafka.port }}] + security: + protocol: {{ .Values.config.kafka.protocol }} + consumer: + group-id: {{ .Values.config.kafka.consumerGroupId }} + +security: + auth: + username: ${APP_USERNAME} + password: ${APP_PASSWORD} + +app: + listener: + data-updated: + topic: {{ .Values.config.kafka.listenerTopic }} + +{{- if .Values.config.additional }} +{{ toYaml .Values.config.additional | nindent 2 }} +{{- end }} + +# Last empty line is required otherwise the last property will be missing from application.yml file in the pod. diff --git a/kubernetes/cps/components/cps-temporal/resources/config/logback.xml b/kubernetes/cps/components/cps-temporal/resources/config/logback.xml new file mode 100644 index 0000000000..a64a58664b --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/resources/config/logback.xml @@ -0,0 +1,44 @@ +<!-- + ============LICENSE_START======================================================= + Copyright (C) 2020 Bell Canada. + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + SPDX-License-Identifier: Apache-2.0 + ============LICENSE_END========================================================= +--> + +<configuration> + + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>%d - %highlight(%-5level) [%-20.20thread] %cyan(%logger{36}) - %msg%n</pattern> + </encoder> + </appender> + + <!-- Logger for cps classes --> + <logger name="org.onap.cps" level="info"/> + + <!-- Logger for sql statements. Set to info to disable, debug to enable --> + <logger name="org.hibernate.SQL" level="info"/> + + <!-- Logger for sql bindings. Set to info to disable, to trace to enable --> + <logger name="org.hibernate.type.descriptor.sql.BasicBinder" level="info"/> + + <!-- Logger for hibernate statistics. Set to warn to disable, to info to enable --> + <logger name="org.hibernate.engine.internal.StatisticalLoggingSessionEventListener" level="warn"/> + + <root level="info"> + <appender-ref ref="STDOUT" /> + </root> + +</configuration>
\ No newline at end of file diff --git a/kubernetes/cps/components/cps-temporal/templates/configmap.yaml b/kubernetes/cps/components/cps-temporal/templates/configmap.yaml new file mode 100644 index 0000000000..6d9e30fe16 --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/templates/configmap.yaml @@ -0,0 +1,24 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +data: {{ tpl (.Files.Glob "resources/config/*").AsConfig . | nindent 2 }} diff --git a/kubernetes/cps/components/cps-temporal/templates/deployment.yaml b/kubernetes/cps/components/cps-temporal/templates/deployment.yaml new file mode 100644 index 0000000000..806e65a865 --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/templates/deployment.yaml @@ -0,0 +1,113 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +apiVersion: apps/v1 +kind: Deployment +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +spec: + replicas: {{ .Values.replicaCount }} + minReadySeconds: {{ index .Values.minReadySeconds }} + strategy: + type: {{ index .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ index .Values.updateStrategy.maxSurge }} + selector: {{- include "common.selectors" . | nindent 4 }} + template: + metadata: {{- include "common.templateMetadata" . | nindent 6 }} + spec: + {{ include "common.podSecurityContext" . | indent 6 | trim}} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . ) }} + initContainers: {{ include "common.readinessCheck.waitFor" . | nindent 6 }} + - name: {{ include "common.name" . }}-update-config + image: {{ include "repositoryGenerator.image.envsubst" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + args: + - -c + - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config/${PFILE}; done" + env: + - name: DB_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "login") | indent 12 }} + - name: DB_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "password") | indent 12 }} + - name: APP_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "login") | indent 12 }} + - name: APP_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "password") | indent 12 }} + volumeMounts: + - mountPath: /config-input + name: init-data-input + - mountPath: /config + name: init-data + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: {{ include "common.containerPorts" . | nindent 10 }} + {{ include "common.containerSecurityContext" . | indent 8 | trim }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + httpGet: + port: {{ .Values.liveness.port }} + path: {{ .Values.liveness.path }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + httpGet: + port: {{ .Values.readiness.port }} + path: {{ .Values.readiness.path }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: SPRING_PROFILES_ACTIVE + value: {{ .Values.config.spring.profile }} + resources: {{ include "common.resources" . | nindent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 12 }} + {{- end }} + {{- if .Values.affinity }} + affinity: {{ toYaml .Values.affinity | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /app/resources/application-helm.yml + subPath: application-helm.yml + name: init-data + - mountPath: /app/resources/logback.xml + subPath: logback.xml + name: init-data + - mountPath: /tmp + name: init-temp + volumes: + - name: init-data-input + configMap: + name: {{ include "common.fullname" . }} + - name: init-data + emptyDir: + medium: Memory + - name: init-temp + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + diff --git a/kubernetes/cps/components/cps-temporal/templates/ingress.yaml b/kubernetes/cps/components/cps-temporal/templates/ingress.yaml new file mode 100644 index 0000000000..0dc4d1ae47 --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/templates/ingress.yaml @@ -0,0 +1,21 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.ingress" . }} diff --git a/kubernetes/cps/components/cps-temporal/templates/secrets.yaml b/kubernetes/cps/components/cps-temporal/templates/secrets.yaml new file mode 100644 index 0000000000..2a492061a3 --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/templates/secrets.yaml @@ -0,0 +1,22 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/cps/components/cps-temporal/templates/service.yaml b/kubernetes/cps/components/cps-temporal/templates/service.yaml new file mode 100644 index 0000000000..c205ff4889 --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/templates/service.yaml @@ -0,0 +1,21 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.service" . }} diff --git a/kubernetes/cps/components/cps-temporal/templates/serviceMonitor.yaml b/kubernetes/cps/components/cps-temporal/templates/serviceMonitor.yaml new file mode 100644 index 0000000000..a49a662aed --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/templates/serviceMonitor.yaml @@ -0,0 +1,23 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{- if .Values.prometheus.enabled }} +{{ include "common.serviceMonitor" . }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/cps/components/cps-temporal/values.yaml b/kubernetes/cps/components/cps-temporal/values.yaml new file mode 100644 index 0000000000..1b8c3e1cf0 --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/values.yaml @@ -0,0 +1,185 @@ +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration defaults. +################################################################# +passwordStrengthOverride: basic +global: + ingress: + virtualhost: + baseurl: "simpledemo.temporal.onap.org" + +secrets: + - uid: pg-user-creds + name: &pgUserCredsSecretName '{{ include "common.release" . }}-cps-temporal-pg-user-creds' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" .Values.timescaledb.config.pgUserExternalSecret) .) (hasSuffix "cps-temporal-pg-user-creds" .Values.timescaledb.config.pgUserExternalSecret) }}' + login: '{{ .Values.timescaledb.config.pgUserName }}' + password: '{{ .Values.timescaledb.config.pgUserPassword }}' + passwordPolicy: generate + - uid: app-user-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.appUserExternalSecret) . }}' + login: '{{ .Values.config.appUserName }}' + password: '{{ .Values.config.appUserPassword }}' + passwordPolicy: generate + +image: onap/cps-temporal:0.0.1 +containerPort: &svc_port 8080 +managementPort: &mgt_port 8081 + +prometheus: + enabled: true + +service: + type: ClusterIP + name: cps-temporal + ports: + - name: http + port: *svc_port + targetPort: *svc_port + - name: management + port: *mgt_port + targetPort: *mgt_port + +metrics: + serviceMonitor: + enabled: true + port: management + ## specify target port if name is not given to the port in the service definition + ## + # targetPort: 8080 + path: /manage/prometheus + interval: 60s + basicAuth: + enabled: false + +pullPolicy: IfNotPresent +# flag to enable debugging - application support required +debugEnabled: false +nodeSelector: {} +affinity: {} +# Resource Limit flavor -By Default using small +flavor: small +# default number of instances +replicaCount: 1 +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 4 + memory: 4Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} +# probe configuration parameters +liveness: + initialDelaySeconds: 20 + periodSeconds: 20 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + path: /manage/health + port: *mgt_port + +readiness: + initialDelaySeconds: 15 + periodSeconds: 15 + path: /manage/health + port: *mgt_port + +ingress: + enabled: true + service: + - baseaddr: "cps-temporal" + path: "/" + name: "cps-temporal" + port: *svc_port + +serviceAccount: + nameOverride: cps-temporal + roles: + - read + +securityContext: + user_id: 100 + group_id: 655533 + +################################################################# +# Application configuration defaults. +################################################################# + +config: + # REST API basic authentication credentials (passsword is generated if not provided) + appUserName: cpstemporal + spring: + profile: helm + #appUserPassword: + +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format instead of yaml. +# additional: +# spring.config.max-size: 200 +# spring.config.min-size: 10 + + kafka: + service: message-router-kafka + port: 9092 + listenerTopic: cps.cfg-state-events + consumerGroupId: cps-temporal-group + protocol: PLAINTEXT + +logging: + level: INFO + path: /tmp + +timescaledb: + nameOverride: cps-temporal-db + container: + name: cps-temporal-db + name: cpstemporaldb + service: + name: cps-temporal-db + persistence: + mountSubPath: cps-temporal/data + mountInitPath: cps-temporal + config: + pgUserName: cpstemporaldb + pgDatabase: cpstemporaldb + pgUserExternalSecret: *pgUserCredsSecretName + serviceAccount: + nameOverride: cps-temporal-db + +readinessCheck: + wait_for: + - cps-temporal-db + +minReadySeconds: 10 +updateStrategy: + type: RollingUpdate + maxUnavailable: 0 + maxSurge: 1
\ No newline at end of file diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/.helmignore b/kubernetes/cps/components/ncmp-dmi-plugin/.helmignore new file mode 100644 index 0000000000..80b47d2723 --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +components/
\ No newline at end of file diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/Chart.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/Chart.yaml new file mode 100644 index 0000000000..e99111d859 --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/Chart.yaml @@ -0,0 +1,22 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +description: ONAP Configuration Persistance Service (CPS) - NCMP-DMI-Plugin +name: ncmp-dmi-plugin +version: 8.0.0 diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/requirements.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/requirements.yaml new file mode 100644 index 0000000000..d1fbdd3182 --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/requirements.yaml @@ -0,0 +1,31 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml b/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml new file mode 100644 index 0000000000..d388823f9e --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml @@ -0,0 +1,57 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +server: + port: 8080 + +cps-core: + baseUrl: http://${CPS_CORE_HOST:cps}:${CPS_CORE_PORT:8080} + dmiRegistrationUrl : /cps-ncmp/api/ncmp-dmi/v1/ch + auth: + username: ${CPS_CORE_USERNAME} + password: ${CPS_CORE_PASSWORD} + +sdnc: + baseUrl: http://${SDNC_HOST:sdnc}:${SDNC_PORT:8181} + topologyId: ${SDNC_TOPOLOGY_ID:topology-netconf} + auth: + username: ${SDNC_USERNAME} + password: ${SDNC_PASSWORD} + +security: + # comma-separated uri patterns which do not require authorization + permit-uri: /manage/**,/swagger-ui/**,/swagger-resources/**,/v3/api-docs + auth: + username: ${DMI_PLUGIN_USERNAME} + password: ${DMI_PLUGIN_PASSWORD} + +logging: + level: + org: + springframework: {{ .Values.logging.level }} + onap: + cps: {{ .Values.logging.cps }} + + +{{- if .Values.config.additional }} +{{ toYaml .Values.config.additional | nindent 2 }} +{{- end }} + +# Last empty line is required otherwise the last property will be missing from application.yml file in the pod. diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/logback.xml b/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/logback.xml new file mode 100644 index 0000000000..2a62c86e77 --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/logback.xml @@ -0,0 +1,36 @@ +<!-- + ============LICENSE_START======================================================= + Copyright (C) 2021 Nordix Foundation + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + SPDX-License-Identifier: Apache-2.0 + ============LICENSE_END========================================================= +--> + +<configuration scan="true" scanPeriod="30 seconds" debug="false"> + + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>%d - %highlight(%-5level) [%-20.20thread] %cyan(%logger{36}) - %msg%n</pattern> + </encoder> + </appender> + <appender name="AsyncSysOut" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="STDOUT" /> + </appender> + + <root level="INFO"> + <appender-ref ref="AsyncSysOut" /> + </root> + +</configuration> + diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/templates/NOTES.txt b/kubernetes/cps/components/ncmp-dmi-plugin/templates/NOTES.txt new file mode 100644 index 0000000000..66f5302a11 --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/templates/NOTES.txt @@ -0,0 +1,39 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + export SERVICE_PORT=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.spec.ports[0].port}') + echo http://$SERVICE_IP:$SERVICE_PORT +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export POD_PORT=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:$POD_PORT +{{- end }} diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/templates/configmap.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/templates/configmap.yaml new file mode 100644 index 0000000000..7e8a0058ec --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/templates/configmap.yaml @@ -0,0 +1,24 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +data: {{ tpl (.Files.Glob "resources/config/*").AsConfig . | nindent 2 }} diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/templates/deployment.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/templates/deployment.yaml new file mode 100644 index 0000000000..d2fd5c9c49 --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/templates/deployment.yaml @@ -0,0 +1,119 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +apiVersion: apps/v1 +kind: Deployment +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: {{- include "common.selectors" . | nindent 4 }} + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "common.name" . }} + app.kubernetes.io/instance: {{ include "common.release" . }} + {{- if .Values.prometheus.enabled }} + annotations: + prometheus.io/scrape: "true" + prometheus.io/path: 'manage/prometheus' + prometheus.io/port: {{ .Values.managementPort | quote }} + {{- end }} + spec: + {{ include "common.podSecurityContext" . | indent 6 | trim}} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . ) }} + initContainers: {{ include "common.readinessCheck.waitFor" . | nindent 6 }} + - name: {{ include "common.name" . }}-update-config + image: {{ include "repositoryGenerator.image.envsubst" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + args: + - -c + - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config/${PFILE}; done" + env: + - name: DMI_PLUGIN_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "user-creds" "key" "login") | indent 12 }} + - name: DMI_PLUGIN_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "user-creds" "key" "password") | indent 12 }} + - name: SDNC_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdnc-creds" "key" "login") | indent 12 }} + - name: SDNC_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdnc-creds" "key" "password") | indent 12 }} + - name: CPS_CORE_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "core-creds" "key" "login") | indent 12 }} + - name: CPS_CORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "core-creds" "key" "password") | indent 12 }} + volumeMounts: + - mountPath: /config-input + name: init-data-input + - mountPath: /config + name: init-data + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: {{ include "common.containerPorts" . | nindent 10 }} + {{ include "common.containerSecurityContext" . | indent 8 | trim }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + httpGet: + port: {{ .Values.liveness.port }} + path: {{ .Values.liveness.path }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + httpGet: + port: {{ .Values.readiness.port }} + path: {{ .Values.readiness.path }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: SPRING_PROFILES_ACTIVE + value: {{ .Values.config.spring.profile }} + resources: {{ include "common.resources" . | nindent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 12 }} + {{- end }} + {{- if .Values.affinity }} + affinity: {{ toYaml .Values.affinity | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /app/resources/application-helm.yml + subPath: application-helm.yml + name: init-data + - mountPath: /app/resources/logback.xml + subPath: logback.xml + name: init-data + - mountPath: /tmp + name: init-temp + volumes: + - name: init-data-input + configMap: + name: {{ include "common.fullname" . }} + - name: init-data + emptyDir: + medium: Memory + - name: init-temp + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/templates/ingress.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/templates/ingress.yaml new file mode 100644 index 0000000000..b3d1cafe15 --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/templates/ingress.yaml @@ -0,0 +1,21 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.ingress" . }} diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/templates/secrets.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/templates/secrets.yaml new file mode 100644 index 0000000000..84e279d928 --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/templates/secrets.yaml @@ -0,0 +1,21 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/templates/service.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/templates/service.yaml new file mode 100644 index 0000000000..4825d55c12 --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/templates/service.yaml @@ -0,0 +1,21 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.service" . }} diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml new file mode 100644 index 0000000000..390a545cd2 --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml @@ -0,0 +1,157 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +################################################################# +# Secrets. +################################################################# +secrets: + - uid: user-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.appUserExternalSecret) . }}' + login: '{{ .Values.config.appUserName }}' + password: '{{ .Values.config.appUserPassword }}' + passwordPolicy: generate + - uid: sdnc-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.odlCredsExternalSecret) . }}' + login: '{{ .Values.config.sdncUser }}' + password: '{{ .Values.config.sdncPassword }}' + passwordPolicy: required + - uid: core-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.coreCredsExternalSecret) . }}' + login: '{{ .Values.config.coreUser }}' + password: '{{ .Values.config.corePassword }}' + passwordPolicy: generate + +################################################################# +# Global configuration defaults. +################################################################# +global: + ingress: + virtualhost: + baseurl: "simpledemo.onap.org" + +image: onap/ncmp-dmi-plugin:0.0.1 +containerPort: &svc_port 8080 +managementPort: &mgt_port 8081 + +prometheus: + enabled: true + interval: 60s + +service: + type: ClusterIP + name: ncmp-dmi-plugin + ports: + - name: &port http + port: *svc_port + - name: management + port: *mgt_port + targetPort: *mgt_port + +pullPolicy: IfNotPresent +# flag to enable debugging - application support required +debugEnabled: false +nodeSelector: {} +affinity: {} +# Resource Limit flavor -By Default using small +flavor: small +# default number of instances +replicaCount: 1 +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 4 + memory: 4Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} +# probe configuration parameters +liveness: + initialDelaySeconds: 20 + periodSeconds: 20 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + path: /manage/health + port: *mgt_port + +readiness: + initialDelaySeconds: 15 + periodSeconds: 15 + path: /manage/health + port: *mgt_port + +ingress: + enabled: true + service: + - baseaddr: "ncmp-dmi-plugin" + path: "/" + name: "ncmp-dmi-plugin" + port: *svc_port + +serviceAccount: + nameOverride: ncmp-dmi-plugin + roles: + - read + +securityContext: + user_id: 100 + group_id: 655533 + +################################################################# +# Application configuration defaults. +################################################################# + +config: + + # REST API basic authentication credentials (passsword is generated if not provided) + appUserName: ncmpuser + spring: + profile: helm + #appUserPassword: + + sdncUser: admin + sdncPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + + coreUser: cpsuser + +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format insead of yaml. +# additional: +# spring.config.max-size: 200 +# spring.config.min-size: 10 + +logging: + level: INFO + cps: DEBUG + path: /tmp + +readinessCheck: + wait_for: + - cps-postgres diff --git a/kubernetes/cps/requirements.yaml b/kubernetes/cps/requirements.yaml index d6b6712852..053723331a 100644 --- a/kubernetes/cps/requirements.yaml +++ b/kubernetes/cps/requirements.yaml @@ -1,4 +1,4 @@ -# Copyright (C) 2021 Pantheon.tech, Orange +# Copyright (C) 2021 Bell Canada. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,15 +16,15 @@ dependencies: - name: common version: ~8.x-0 repository: '@local' - - name: postgres + - name: cps-core version: ~8.x-0 repository: '@local' - - name: readinessCheck + condition: cps-core.enabled + - name: cps-temporal version: ~8.x-0 repository: '@local' - - name: repositoryGenerator - version: ~8.x-0 - repository: '@local' - - name: serviceAccount + condition: cps-temporal.enabled + - name: ncmp-dmi-plugin version: ~8.x-0 repository: '@local' + condition: ncmp-dmi-plugin.enabled
\ No newline at end of file diff --git a/kubernetes/cps/templates/secrets.yaml b/kubernetes/cps/templates/secrets.yaml index f25044d339..84e279d928 100644 --- a/kubernetes/cps/templates/secrets.yaml +++ b/kubernetes/cps/templates/secrets.yaml @@ -1,6 +1,7 @@ {{/* -# Copyright (C) 2021 Pantheon.tech -# +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -12,6 +13,9 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= */}} {{ include "common.secretFast" . }} diff --git a/kubernetes/cps/templates/service.yaml b/kubernetes/cps/templates/service.yaml deleted file mode 100644 index bfcaabc178..0000000000 --- a/kubernetes/cps/templates/service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{/* - # Copyright (C) 2021 Pantheon.tech, Orange - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - */}} - -{{ include "common.service" . }} diff --git a/kubernetes/cps/values.yaml b/kubernetes/cps/values.yaml index 2312a4994d..cda726d0d3 100755 --- a/kubernetes/cps/values.yaml +++ b/kubernetes/cps/values.yaml @@ -1,4 +1,4 @@ -# Copyright (C) 2021 Pantheon.tech, Orange, Bell Canada. +# Copyright (C) 2021 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,156 +13,36 @@ # limitations under the License. ################################################################# -# Secrets. +# Global configuration defaults. ################################################################# secrets: - - uid: pg-root-pass - name: &pgRootPassSecretName '{{ include "common.release" . }}-cps-pg-root-pass' - type: password - externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "cps-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}' - password: '{{ .Values.postgres.config.pgRootpassword }}' - policy: generate - - uid: pg-user-creds - name: &pgUserCredsSecretName '{{ include "common.release" . }}-cps-pg-user-creds' - type: basicAuth - externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "cps-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' - login: '{{ .Values.postgres.config.pgUserName }}' - password: '{{ .Values.postgres.config.pgUserPassword }}' - passwordPolicy: generate - - uid: app-user-creds + - uid: core-app-user-creds + name: &core-creds-secret '{{ include "common.release" . }}-cps-core-app-user-creds' type: basicAuth - externalSecret: '{{ tpl (default "" .Values.config.appUserExternalSecret) . }}' - login: '{{ .Values.config.appUserName }}' - password: '{{ .Values.config.appUserPassword }}' + externalSecret: '{{ tpl (default "" .Values.config.coreUserExternalSecret) . }}' + login: '{{ .Values.config.coreUserName }}' + password: '{{ .Values.config.coreUserPassword }}' passwordPolicy: generate -################################################################# -# Global configuration defaults. -################################################################# - -# bitnami image doesn't support well single quote in password passwordStrengthOverride: basic global: ingress: virtualhost: baseurl: "simpledemo.onap.org" -image: onap/cps-and-nf-proxy:1.0.1 -containerPort: &svc_port 8080 - -service: - type: ClusterIP - name: cps - ports: - - name: &port http - port: *svc_port +config: + coreUserName: cpsuser -pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false -nodeSelector: {} -affinity: {} -# Resource Limit flavor -By Default using small -flavor: small -# default number of instances -replicaCount: 1 -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 2 - memory: 2Gi - requests: - cpu: 1 - memory: 1Gi - large: - limits: - cpu: 4 - memory: 4Gi - requests: - cpu: 2 - memory: 2Gi - unlimited: {} -# probe configuration parameters -liveness: - initialDelaySeconds: 20 - periodSeconds: 20 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container +# Enable all CPS components by default +cps-core: enabled: true - path: /manage/health - port: *port - -readiness: - initialDelaySeconds: 15 - periodSeconds: 15 - path: /manage/health - port: *port + config: + appUserExternalSecret: *core-creds-secret -ingress: +cps-temporal: enabled: true - service: - - baseaddr: "cps" - path: "/" - name: "cps" - port: *svc_port - -serviceAccount: - nameOverride: cps - roles: - - read - -securityContext: - user_id: 100 - group_id: 655533 -################################################################# -# Application configuration defaults. -################################################################# - -config: - - # Set it for pre loading xnfdata, else set to null - liquibaseLabels: xnf-data-preload - - # REST API basic authentication credentials (passsword is generated if not provided) - appUserName: cpsuser - spring: - profile: helm - #appUserPassword: - -# Any new property can be added in the env by setting in overrides in the format mentioned below -# All the added properties must be in "key: value" format insead of yaml. -# additional: -# spring.config.max-size: 200 -# spring.config.min-size: 10 - -logging: - level: INFO - path: /tmp - -################################################################# -# Postgres overriding defaults in the postgres -################################################################# -postgres: - nameOverride: &postgresName cps-postgres - service: - name: *postgresName - name2: cps-pg-primary - name3: cps-pg-replica - container: - name: - primary: cps-pg-primary - replica: cps-pg-replica - persistence: - mountSubPath: cps/data - mountInitPath: cps +ncmp-dmi-plugin: + enabled: true config: - pgUserName: cps - pgDatabase: cpsdb - pgUserExternalSecret: *pgUserCredsSecretName - pgRootPasswordExternalSecret: *pgRootPassSecretName - -readinessCheck: - wait_for: - - cps-postgres + coreCredsExternalSecret: *core-creds-secret |