diff options
Diffstat (limited to 'kubernetes/dcaegen2-services')
10 files changed, 411 insertions, 0 deletions
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl index 10a63ebbcf..5de526288e 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl @@ -69,6 +69,83 @@ the the literal string "An example value". {{- end }} {{- end -}} {{/* +For internal use only! + +dcaegen2-services-common._externalVolumes: +This template generates a list of volumes associated with the pod, +based on information provided in .Values.externalVolumes. This +template works in conjunction with dcaegen2-services-common._externalVolumeMounts +to give the microservice access to data in volumes created else. +This initial implementation supports ConfigMaps only, as this is the only +external volume mounting required by current microservices. + +.Values.externalValues is a list of objects. Each object has 3 required fields and 1 optional field: + - name: the name of the resource (in the current implementation, it must be a ConfigMap) + that is to be set up as a volume. The value is a case sensitive string. Because the + names of resources are sometimes set at deployment time (for instance, to prefix the Helm + release to the name), the string can be a Helm template fragment that will be expanded at + deployment time. + - type: the type of the resource (in the current implementation, only "ConfigMap" is supported). + The value is a case-INsensitive string. + - mountPoint: the path to the mount point for the volume in the container file system. The + value is a case-sensitive string. + - readOnly: (Optional) Boolean flag. Set to true to mount the volume as read-only. + Defaults to false. + +Here is an example fragment from a values.yaml file for a microservice: + +externalVolumes: + - name: my-example-configmap + type: configmap + mountPath: /opt/app/config + - name: '{{ include "common.release" . }}-another-example' + type: configmap + mountPath: /opt/app/otherconfig +*/}} +{{- define "dcaegen2-services-common._externalVolumes" -}} + {{- $global := . -}} + {{- if .Values.externalVolumes }} + {{- range $vol := .Values.externalVolumes }} + {{- if eq (lower $vol.type) "configmap" }} + {{- $vname := (tpl $vol.name $global) }} +- configMap: + defaultMode: 420 + name: {{ $vname }} + name: {{ $vname }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} +{{/* +For internal use only! + +dcaegen2-services-common._externalVolumeMounts: +This template generates a list of volume mounts for the microservice container, +based on information provided in .Values.externalVolumes. This +template works in conjunction with dcaegen2-services-common._externalVolumes +to give the microservice access to data in volumes created else. +This initial implementation supports ConfigMaps only, as this is the only +external volume mounting required by current microservices. + +See the documentation for dcaegen2-services-common._externalVolumes for +details on how external volumes are specified in the values.yaml file for +the microservice. +*/}} +{{- define "dcaegen2-services-common._externalVolumeMounts" -}} + {{- $global := . -}} + {{- if .Values.externalVolumes }} + {{- range $vol := .Values.externalVolumes }} + {{- if eq (lower $vol.type) "configmap" }} + {{- $vname := (tpl $vol.name $global) -}} + {{- $readOnly := $vol.readOnly | default false }} +- mountPath: {{ $vol.mountPath }} + name: {{ $vname }} + readOnly: {{ $readOnly }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} +{{/* dcaegen2-services-common.microserviceDeployment: This template produces a Kubernetes Deployment for a DCAE microservice. @@ -255,6 +332,7 @@ spec: - name: policy-shared mountPath: /etc/policies {{- end }} + {{- include "dcaegen2-services-common._externalVolumeMounts" . | nindent 8 }} {{- if $logDir }} - image: {{ include "repositoryGenerator.image.logging" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -352,6 +430,7 @@ spec: - name: policy-shared emptyDir: {} {{- end }} + {{- include "dcaegen2-services-common._externalVolumes" . | nindent 6 }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" {{ end -}} diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/Chart.yaml new file mode 100644 index 0000000000..3d8c24b131 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/Chart.yaml @@ -0,0 +1,22 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (C) 2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +apiVersion: v1 +appVersion: "Honolulu" +description: A Helm chart for DCAE PMSH +name: dcae-pmsh +version: 8.0.0
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/requirements.yaml new file mode 100644 index 0000000000..13f9a6aedd --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/requirements.yaml @@ -0,0 +1,33 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (C) 2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: postgres + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: 'file://../../common/dcaegen2-services-common'
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/configmap.yaml new file mode 100644 index 0000000000..b4b8e59b2e --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/configmap.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 Nordix Foundation. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.configMap" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/deployment.yaml new file mode 100644 index 0000000000..60fce4a7be --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/deployment.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 Nordix Foundation. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/secret.yaml new file mode 100644 index 0000000000..0f1129cfb4 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/secret.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 Nordix Foundation. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.secretFast" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/service.yaml new file mode 100644 index 0000000000..fedb766524 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/service.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 Nordix Foundation. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.service" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml new file mode 100644 index 0000000000..0e79e5e554 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml @@ -0,0 +1,195 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (C) 2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &aafCredsUID aafcreds + type: basicAuth + login: '{{ .Values.aafCreds.identity }}' + password: '{{ .Values.aafCreds.password }}' + passwordPolicy: required + - uid: &pgUserCredsSecretUid pg-user-creds + name: &pgUserCredsSecretName '{{ include "common.release" . }}-pmsh-pg-user-creds' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "pmsh-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' + login: '{{ .Values.postgres.config.pgUserName }}' + password: '{{ .Values.postgres.config.pgUserPassword }}' + passwordPolicy: generate + +################################################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.services.pmsh:1.3.1 +pullPolicy: Always + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /var/log/ONAP/dcaegen2/services/pmsh + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +certDirectory: /opt/app/pmsh/etc/certs + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true + +# Dependencies +readinessCheck: + wait_for: + - dcae-config-binding-service + - aaf-cm + - &postgresName dcae-pmsh-postgres + +# Probe Configuration +readiness: + initialDelaySeconds: 10 + periodSeconds: 15 + timeoutSeconds: 1 + path: /healthcheck + scheme: HTTPS + port: 8443 + +# Service Configuration +service: + type: ClusterIP + name: dcae-pmsh + ports: + - name: https + port: 8443 + port_protocol: http + +# AAF Credentials +aafCreds: + identity: dcae@dcae.onap.org + password: demo123456! + +credentials: +- name: AAF_IDENTITY + uid: *aafCredsUID + key: login +- name: AAF_PASSWORD + uid: *aafCredsUID + key: password + +# Initial Application Configuration +applicationConfig: + enable_tls: true + aaf_identity: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + key_path: /opt/app/pmsh/etc/certs/key.pem + cert_path: /opt/app/pmsh/etc/certs/cert.pem + ca_cert_path: /opt/app/pmsh/etc/certs/cacert.pem + control_loop_name: pmsh-control-loop + operational_policy_name: pmsh-operational-policy + pmsh_policy: + subscription: + subscriptionName: ExtraPM-All-gNB-R2B + administrativeState: LOCKED + fileBasedGP: 15 + fileLocation: "/pm/pm.xml" + nfFilter: { "nfNames": [ "^pnf.*","^vnf.*" ],"modelInvariantIDs": [ ],"modelVersionIDs": [ ],"modelNames": [ ] } + measurementGroups: [ { "measurementGroup": { "measurementTypes": [ { "measurementType": "countera" },{ "measurementType": "counterb" } ],"managedObjectDNsBasic": [ { "DN": "dna" },{ "DN": "dnb" } ] } },{ "measurementGroup": { "measurementTypes": [ { "measurementType": "counterc" },{ "measurementType": "counterd" } ],"managedObjectDNsBasic": [ { "DN": "dnc" },{ "DN": "dnd" } ] } } ] + streams_publishes: + policy_pm_publisher: + type: message_router + dmaap_info: + topic_url: "https://message-router:3905/events/unauthenticated.DCAE_CL_OUTPUT" + streams_subscribes: + policy_pm_subscriber: + type: message_router + dmaap_info: + topic_url: "https://message-router:3905/events/unauthenticated.PMSH_CL_INPUT" + aai_subscriber: + type: message_router + dmaap_info: + topic_url: "https://message-router:3905/events/AAI-EVENT" + +applicationEnv: + PMSH_PG_URL: &dcaePmshPgPrimary dcae-pmsh-pg-primary + PMSH_PG_USERNAME: + secretUid: *pgUserCredsSecretUid + key: login + PMSH_PG_PASSWORD: + secretUid: *pgUserCredsSecretUid + key: password + +# Resource Limit Flavor -By Default Using Small +flavor: small + +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} + +################################################################# +# Application configuration Overriding Defaults in the Postgres. +################################################################# +postgres: + nameOverride: *postgresName + service: + name: *postgresName + name2: *dcaePmshPgPrimary + name3: dcae-pmsh-pg-replica + container: + name: + primary: dcae-pmsh-pg-primary + replica: dcae-pmsh-pg-replica + persistence: + mountSubPath: pmsh/data + mountInitPath: pmsh + config: + pgUserName: pmsh + pgDatabase: pmsh + pgUserExternalSecret: *pgUserCredsSecretName
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/requirements.yaml b/kubernetes/dcaegen2-services/requirements.yaml index a673a9783b..faf0b69875 100644 --- a/kubernetes/dcaegen2-services/requirements.yaml +++ b/kubernetes/dcaegen2-services/requirements.yaml @@ -20,6 +20,10 @@ dependencies: version: ~8.x-0 repository: 'file://components/dcae-ms-healthcheck' condition: dcae-ms-healthcheck.enabled + - name: dcae-pmsh + version: ~8.x-0 + repository: 'file://components/dcae-pmsh' + condition: dcae-pmsh.enabled - name: dcae-prh version: ~8.x-0 repository: 'file://components/dcae-prh' diff --git a/kubernetes/dcaegen2-services/values.yaml b/kubernetes/dcaegen2-services/values.yaml index 25df24de0a..5682ce7194 100644 --- a/kubernetes/dcaegen2-services/values.yaml +++ b/kubernetes/dcaegen2-services/values.yaml @@ -17,6 +17,8 @@ dcae-ms-healthcheck: enabled: true dcae-hv-ves-collector: enabled: true +dcae-pmsh: + enabled: false dcae-prh: enabled: true dcae-tcagen2: |