diff options
Diffstat (limited to 'kubernetes/dcaegen2-services/components/dcae-son-handler')
7 files changed, 0 insertions, 511 deletions
diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml deleted file mode 100644 index b4bde7f0fe..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml +++ /dev/null @@ -1,45 +0,0 @@ -# ============= LICENSE_START ================================================ -# ============================================================================ -# Copyright (C) 2021 Wipro Limited. -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# Modifications Copyright © 2023 Deutsche Telekom AG. -# ============================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============= LICENSE_END ================================================== - -apiVersion: v2 -appVersion: "London" -description: DCAE Son-handler helm chart -name: dcae-son-handler -version: 13.0.0 - -dependencies: - - name: common - version: ~13.x-0 - repository: '@local' - - name: postgres - version: ~13.x-0 - repository: '@local' - - name: readinessCheck - version: ~13.x-0 - repository: '@local' - - name: repositoryGenerator - version: ~13.x-0 - repository: '@local' - - name: dcaegen2-services-common - version: ~13.x-0 - repository: '@local' - - name: serviceAccount - version: ~13.x-0 - repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/authorizationpolicy.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/authorizationpolicy.yaml deleted file mode 100644 index 30d173c2d8..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/authorizationpolicy.yaml +++ /dev/null @@ -1,136 +0,0 @@ -{{/* -# Copyright © 2023 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.authorizationPolicy" . }} ---- -{{- $dot := default . .dot -}} -{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}} -{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}} -{{- $defaultOperationPorts := list "5432" -}} -{{- $relName := include "common.release" . -}} -{{- $postgresName := $dot.Values.postgres.service.name -}} -{{- if (include "common.useAuthorizationPolicies" .) }} -apiVersion: security.istio.io/v1beta1 -kind: AuthorizationPolicy -metadata: - name: {{ $relName }}-{{ $postgresName }}-authz - namespace: {{ include "common.namespace" . }} -spec: - selector: - matchLabels: - app: {{ $postgresName }} - action: ALLOW - rules: -{{- if $authorizedPrincipalsPostgres }} -{{- range $principal := $authorizedPrincipalsPostgres }} - - from: - - source: - principals: -{{- $namespace := default "onap" $principal.namespace -}} -{{- if eq "onap" $namespace }} - - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}" -{{- else }} - - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}" -{{- end }} - to: - - operation: - ports: -{{- range $port := $defaultOperationPorts }} - - "{{ $port }}" -{{- end }} -{{- end }} -{{- end }} -{{- end }} ---- -{{- $dot := default . .dot -}} -{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}} -{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}} -{{- $defaultOperationPorts := list "5432" -}} -{{- $relName := include "common.release" . -}} -{{- $postgresName := $dot.Values.postgres.service.name -}} -{{- $pgHost := "primary" -}} -{{- if (include "common.useAuthorizationPolicies" .) }} -apiVersion: security.istio.io/v1beta1 -kind: AuthorizationPolicy -metadata: - name: {{ $relName }}-{{ $postgresName }}-{{ $pgHost }}-authz - namespace: {{ include "common.namespace" . }} -spec: - selector: - matchLabels: - app: {{ $postgresName }}-{{ $pgHost }} - action: ALLOW - rules: -{{- if $authorizedPrincipalsPostgres }} -{{- range $principal := $authorizedPrincipalsPostgres }} - - from: - - source: - principals: -{{- $namespace := default "onap" $principal.namespace -}} -{{- if eq "onap" $namespace }} - - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}" -{{- else }} - - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}" -{{- end }} - to: - - operation: - ports: -{{- range $port := $defaultOperationPorts }} - - "{{ $port }}" -{{- end }} -{{- end }} -{{- end }} -{{- end }} ---- -{{- $dot := default . .dot -}} -{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}} -{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}} -{{- $defaultOperationPorts := list "5432" -}} -{{- $relName := include "common.release" . -}} -{{- $postgresName := $dot.Values.postgres.service.name -}} -{{- $pgHost := "replica" -}} -{{- if (include "common.useAuthorizationPolicies" .) }} -apiVersion: security.istio.io/v1beta1 -kind: AuthorizationPolicy -metadata: - name: {{ $relName }}-{{ $postgresName }}-{{ $pgHost }}-authz - namespace: {{ include "common.namespace" . }} -spec: - selector: - matchLabels: - app: {{ $postgresName }}-{{ $pgHost }} - action: ALLOW - rules: -{{- if $authorizedPrincipalsPostgres }} -{{- range $principal := $authorizedPrincipalsPostgres }} - - from: - - source: - principals: -{{- $namespace := default "onap" $principal.namespace -}} -{{- if eq "onap" $namespace }} - - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}" -{{- else }} - - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}" -{{- end }} - to: - - operation: - ports: -{{- range $port := $defaultOperationPorts }} - - "{{ $port }}" -{{- end }} -{{- end }} -{{- end }} -{{- end }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/configmap.yaml deleted file mode 100644 index 48a203963e..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/configmap.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{/* -# ============= LICENSE_START ================================================ -# ============================================================================ -# Copyright (C) 2021 Wipro Limited. -# ============================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============= LICENSE_END ================================================== -*/}} - -{{ include "dcaegen2-services-common.configMap" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/deployment.yaml deleted file mode 100644 index c8cd4d40e5..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/deployment.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{/* -# ============= LICENSE_START ================================================ -# ============================================================================ -# Copyright (C) 2021 Wipro Limited. -# ============================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============= LICENSE_END ================================================== -*/}} - -{{ include "dcaegen2-services-common.microserviceDeployment" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/secret.yaml deleted file mode 100644 index 26b7b5dbdd..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/secret.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{/* -# ============= LICENSE_START ================================================ -# ============================================================================ -# Copyright (C) 2021 Wipro Limited. -# ============================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============= LICENSE_END ================================================== -*/}} - -{{ include "common.secretFast" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/service.yaml deleted file mode 100644 index 41133e5abc..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/service.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{/* -# ============= LICENSE_START ================================================ -# ============================================================================ -# Copyright (C) 2021 Wipro Limited. -# ============================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============= LICENSE_END ================================================== -*/}} - -{{ include "common.service" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml deleted file mode 100644 index 5e16967203..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml +++ /dev/null @@ -1,250 +0,0 @@ -# ============= LICENSE_START ================================================ -# ============================================================================ -# Copyright (C) 2021-2022 Wipro Limited. -# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved. -# Copyright (c) 2023 Deutsche Telekom AG. All rights reserved. -# ============================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============= LICENSE_END ================================================== - -################################################################# -# Global Configuration Defaults. -################################################################# -global: - nodePortPrefix: 302 - nodePortPrefixExt: 304 - centralizedLoggingEnabled: true - -################################################################# -# Filebeat Configuration Defaults. -################################################################# -filebeatConfig: - logstashServiceName: log-ls - logstashPort: 5044 - -################################################################# -# Secrets Configuration. -################################################################# -secrets: - - uid: &cpsCredsUID cpscreds - type: basicAuth - login: '{{ .Values.cpsCreds.identity }}' - password: '{{ .Values.cpsCreds.password }}' - passwordPolicy: required - - uid: &pgUserCredsSecretUid pg-user-creds - name: &pgUserCredsSecretName '{{ include "common.release" . }}-sonhms-pg-user-creds' - type: basicAuth - externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "sonhms-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' - login: '{{ .Values.postgres.config.pgUserName }}' - password: '{{ .Values.postgres.config.pgUserPassword }}' - passwordPolicy: generate - -################################################################# -# Application Configuration Defaults. -################################################################# -# Application Image -image: onap/org.onap.dcaegen2.services.son-handler:2.2.1 -pullPolicy: Always - -# Log directory where logging sidecar should look for log files -# if path is set to null sidecar won't be deployed in spite of -# global.centralizedLoggingEnabled setting. -log: - path: /var/log/ONAP/dcaegen2/services/sonhms -logConfigMapNamePrefix: '{{ include "common.fullname" . }}' - -# Optional Policy configuration properties -# if present, policy-sync side car will be deployed -#dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 -#policies: -# policyID: | -# '["com.Config_PCIMS_CONFIG_POLICY"]' - -# Probe Configuration -readiness: - initialDelaySeconds: 10 - periodSeconds: 15 - timeoutSeconds: 1 - path: /healthcheck - scheme: HTTP - port: 8080 - -# Service Configuration -service: - type: ClusterIP - name: dcae-son-handler - ports: - - name: http - port: 8080 - port_protocol: http - -serviceMesh: - authorizationPolicy: - authorizedPrincipals: - - serviceAccount: message-router-read - authorizedPrincipalsPostgres: - - serviceAccount: dcae-son-handler-read - -# Credentials -cpsCreds: - identity: cps - password: cpsr0cks! - -credentials: -- name: CPS_IDENTITY - uid: *cpsCredsUID - key: login -- name: CPS_PASSWORD - uid: *cpsCredsUID - key: password -- name: PG_USERNAME - uid: *pgUserCredsSecretUid - key: login -- name: PG_PASSWORD - uid: *pgUserCredsSecretUid - key: password - - -# Initial Application Configuration -applicationConfig: - postgres.host: &dcaeSonhmsPgPrimary dcae-sonhms-pg-primary - postgres.port: 5432 - postgres.username: ${PG_USERNAME} - postgres.password: ${PG_PASSWORD} - cps.username: ${CPS_IDENTITY} - cps.password: ${CPS_PASSWORD} - sonhandler.pollingInterval: 20 - sonhandler.pollingTimeout: 60 - cbsPollingInterval: 60 - sonhandler.numSolutions: 5 - sonhandler.minCollision: 5 - sonhandler.minConfusion: 5 - sonhandler.maximumClusters: 5 - sonhandler.badThreshold: 50 - sonhandler.poorThreshold: 70 - sonhandler.namespace: onap - sonhandler.sourceId: SONHMS - sonhandler.dmaap.server: ["message-router"] - sonhandler.bufferTime: 60 - sonhandler.cg: sonhms-cg - sonhandler.cid: sonhms-cid - sonhandler.clientType: cps - sonhandler.nearRtricUrl: "https://a1-policy-management:30294/a1-policy/v2/policies" - cps.service.url: http://cps-tbdmt:8080 - cps.get.celldata: execute/cps-ran-schemaset/get-cell-data - cps.get.nbr.list.url: execute/cps-ran-schemaset/get-nbr-list - cps.get.pci.url: execute/ran-network-schemaset/get-pci - cps.get.pnf.url: execute/ran-network-schemaset/get-pnf - sonhandler.configDb.service: http://configdb:8080 - sonhandler.oof.service: https://oof-osdf:8698 - sonhandler.oof.endpoint: /api/oof/v1/pci - sonhandler.pciOptimizer: pci - sonhandler.pciAnrOptimizer: pci_anr - sonhandler.poorCountThreshold: 3 - sonhandler.badCountThreshold: 3 - sonhandler.oofTriggerCountTimer: 30 - sonhandler.oofTriggerCountThreshold: 5 - sonhandler.policyRespTimer: 10 - sonhandler.policyNegativeAckThreshold: 3 - sonhandler.policyFixedPciTimeInterval: 30000 - sonhandler.nfNamingCode: RansimAgent - streams_publishes: - CL_topic: - type: message-router - dmaap_info: - topic_url: http://message-router:3904/events/unauthenticated.DCAE_CL_OUTPUT - streams_subscribes: - performance_management_topic: - type: message-router - dmaap_info: - topic_url: http://message-router:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT - fault_management_topic: - type: message-router - dmaap_info: - topic_url: http://message-router:3904/events/unauthenticated.SEC_FAULT_OUTPUT - nbr_list_change_topic: - type: message-router - dmaap_info: - topic_url: http://message-router:3904/events/PCI-NOTIF-TOPIC-NGHBR-LIST-CHANGE-INFO - dcae_cl_response_topic: - type: message-router - dmaap_info: - topic_url: http://message-router:3904/events/DCAE_CL_RSP - service_calls: - sdnr-getpnfname: [] - sdnr-getpci: [] - sdnr-getnbrlist: [] - sdnr-getcelllist: [] - oof-req: [] - policy-req: [] - -applicationEnv: - CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml' - #Temporary Dummy CBS Port Value until internal SDK library is updated - CONFIG_BINDING_SERVICE_SERVICE_PORT: '0000' - STANDALONE: 'false' - -# Resource Limit Flavor -By Default Using Small -flavor: small - -# Segregation for Different Environment (Small and Large) -resources: - small: - limits: - cpu: "2" - memory: "1Gi" - requests: - cpu: "1" - memory: "1Gi" - large: - limits: - cpu: "4" - memory: "2Gi" - requests: - cpu: "2" - memory: "2Gi" - unlimited: {} - -################################################################# -# Application configuration Overriding Defaults in the Postgres. -################################################################# -postgres: - nameOverride: &postgresName dcae-sonhms-postgres - service: - name: *postgresName - name2: *dcaeSonhmsPgPrimary - name3: dcae-sonhms-pg-replica - container: - name: - primary: dcae-sonhms-pg-primary - replica: dcae-sonhms-pg-replica - persistence: - mountSubPath: sonhms/data - mountInitPath: sonhms - config: - pgUserName: sonhms - pgDatabase: sonhms - pgUserExternalSecret: *pgUserCredsSecretName - -# Dependencies -readinessCheck: - wait_for: - services: - - '{{ .Values.postgres.service.name2 }}' - - message-router - -#Pods Service Account -serviceAccount: - nameOverride: dcae-son-handler - roles: - - read |