diff options
Diffstat (limited to 'kubernetes/dcaegen2/charts')
12 files changed, 547 insertions, 0 deletions
diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/.helmignore b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/Chart.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/Chart.yaml new file mode 100644 index 0000000000..ff9cf89092 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/Chart.yaml @@ -0,0 +1,22 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +description: ONAP DCAE Cloudify Manager +name: dcae-cloudify-manager +version: 2.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/README.md b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/README.md new file mode 100644 index 0000000000..9194ef8332 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/README.md @@ -0,0 +1,49 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +# DCAE Cloudify Manager Chart + +This chart is used to deploy a containerized version of +[Cloudify Manager](http://docs.getcloudify.org/4.3.0/intro/cloudify-manager/), +the orchestration tool used by DCAE. DCAE uses Cloudify Manager ("CM") to +deploy the rest of the DCAE platform as well to deploy DCAE monitoring and +analytics services dynamically, in response to network events such as VNF startups. + +Deployment of CM is the first of two steps in deploying DCAE into ONAP. After this chart +brings up CM, a second chart (the "bootstrap" chart) installs some plugin extensions onto CM +and uses CM to deploy some DCAE components. + +## Prerequisites +The chart requires one Kubernetes secret to be available in the namespace where it is +being deployed: + - `<namespace_name>-docker-registry-key`, the docker registry secret needed to pull images + from the Docker repository. This is the same secret used by other OOM charts. + +## DCAE Namespace +DCAE will use CM deploy a number of containers into the ONAP Kubernetes cluster. In a production +environment, DCAE's dynamic deployment of monitoring and analytics services could result in dozens +of containers being launched. This chart allows the configuration, through the `dcae_ns` property +in the `values.yaml` of a separate namespace used by CM when it needs to deploy containers into +Kubernetes. If `dcae_ns` is set, this chart will: + - create the namespace. + - create the Docker registry key secret in the namespace. + - create some Kubernetes `Services` (of the `ExternalName` type) to map some addresses from the common namespace into the DCAE namespace. + +## Use of Consul +DCAE uses [Consul](http://consul.io) to store configuration data for DCAE components. In R1, DCAE +deployed its own Consul cluster. In R2, DCAE will use the Consul server deployed by OOM. diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/requirements.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/requirements.yaml new file mode 100644 index 0000000000..1e8f788318 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~2.0.0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/resources/config/config.txt b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/resources/config/config.txt new file mode 100644 index 0000000000..c33022d1a2 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/resources/config/config.txt @@ -0,0 +1,19 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +[consul] +address={{ .Values.config.address.consul.host }}:{{ .Values.config.address.consul.port }} diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/resources/config/log/filebeat.yml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/resources/config/log/filebeat.yml new file mode 100644 index 0000000000..43de4a25b9 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/resources/config/log/filebeat.yml @@ -0,0 +1,72 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +filebeat.prospectors: +#it is mandatory, in our case it's log +- input_type: log + #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. + paths: + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log + #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive + ignore_older: 48h + # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit + clean_inactive: 96h + + +# Name of the registry file. If a relative path is used, it is considered relative to the +# data path. Else full qualified file name. +#filebeat.registry_file: ${path.data}/registry + + +output.logstash: + #List of logstash server ip addresses with port number. + #But, in our case, this will be the loadbalancer IP address. + #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. + hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] + #If enable will do load balancing among availabe Logstash, automatically. + loadbalance: true + + #The list of root certificates for server verifications. + #If certificate_authorities is empty or not set, the trusted + #certificate authorities of the host system are used. + #ssl.certificate_authorities: $ssl.certificate_authorities + + #The path to the certificate for SSL client authentication. If the certificate is not specified, + #client authentication is not available. + #ssl.certificate: $ssl.certificate + + #The client certificate key used for client authentication. + #ssl.key: $ssl.key + + #The passphrase used to decrypt an encrypted key stored in the configured key file + #ssl.key_passphrase: $ssl.key_passphrase + +logging: + level: debug + + # enable file rotation with default configuration + to_files: true + + # do not log to syslog + to_syslog: false + + files: + path: /usr/share/filebeat/logs + name: mybeat.log + keepfiles: 7 diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/configmap.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/configmap.yaml new file mode 100644 index 0000000000..6bb02dbf44 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/configmap.yaml @@ -0,0 +1,44 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: dcae-filebeat-configmap + namespace: {{include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }} +{{ if .Values.dcae_ns }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: dcae-filebeat-configmap + namespace: {{ .Values.dcae_ns }} +data: +{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }} +{{ end }} + diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml new file mode 100644 index 0000000000..76c83af56b --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml @@ -0,0 +1,97 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: 1 + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /opt/onap/config.txt + subPath: config.txt + name: {{ include "common.fullname" .}}-config + readOnly: true + - mountPath: /secret + name: dcae-token + readOnly: true + - mountPath: /sys/fs/cgroup + name: {{ include "common.fullname" . }}-cgroup + readOnly: true + - mountPath: /etc/localtime + name: localtime + readOnly: true + securityContext: + privileged: True + lifecycle: + postStart: + exec: + command: + - bash + - "-c" + - | + set -ex + mkdir -p /var/run/secrets/kubernetes.io/ + ln -s /secret /var/run/secrets/kubernetes.io/serviceaccount + volumes: + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + - name: dcae-token + secret: + secretName: dcae-token + - name: {{ include "common.fullname" . }}-cgroup + hostPath: + path: /sys/fs/cgroup + - name: localtime + hostPath: + path: /etc/localtime + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/namespace.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/namespace.yaml new file mode 100644 index 0000000000..fd89aabbed --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/namespace.yaml @@ -0,0 +1,28 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +{{ if .Values.dcae_ns}} +# Create the namespace +apiVersion: v1 +kind: Namespace +metadata: + name: {{ .Values.dcae_ns }} +spec: + finalizers: + - kubernetes +{{ end }} diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/secret.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/secret.yaml new file mode 100644 index 0000000000..732110be6d --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/secret.yaml @@ -0,0 +1,44 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +{{ if .Values.dcae_ns}} +# Create the registry key secret in dcae namespace +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.namespace" . }}-docker-registry-key + namespace: {{ .Values.dcae_ns }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + .dockercfg: {{ .Values.global.repositorySecret | default .Values.repositorySecret }} +type: kubernetes.io/dockercfg +{{ end }} +--- +# Copy of the API token secret, needed to work around /var/run/secrets mount problem +apiVersion: v1 +kind: Secret +metadata: + name: dcae-token + namespace: {{ include "common.namespace" . }} + annotations: + kubernetes.io/service-account.name: default +type: kubernetes.io/service-account-token diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/service.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/service.yaml new file mode 100644 index 0000000000..c6b24ee22f --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/service.yaml @@ -0,0 +1,66 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} +{{ if .Values.dcae_ns}} +--- +# Make consul visible inside DCAE component namespace under a well-known name +apiVersion: v1 +kind: Service +metadata: + name: consul + namespace: {{ .Values.dcae_ns }} +spec: + type: ExternalName + externalName: {{ .Values.config.address.consul.host }}.{{ include "common.namespace" . }}.svc.cluster.local +--- +# Make Cloudify Manager visible inside DCAE component namespace under a well-known name +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ .Values.dcae_ns }} +spec: + type: ExternalName + externalName: {{ .Values.service.name }}.{{ include "common.namespace" . }}.svc.cluster.local +{{ end }} + diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml new file mode 100644 index 0000000000..6fc8870eb8 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml @@ -0,0 +1,67 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiZGNhZUBkY2FlLm9uYXAub3JnIiwiYXV0aCI6IlpHOWphMlZ5T21SdlkydGxjZz09In19 + readinessRepository: oomk8s + readinessImage: readiness-check:1.1.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +config: + logstashServiceName: log-ls + logstashPort: 5044 + # Addresses of other ONAP entities + address: + consul: + host: consul-server + port: 8500 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/org.onap.dcaegen2.deployments.cm-container:1.1.0 +pullPolicy: Always + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: ClusterIP + name: dcae-cloudify-manager + externalPort: 80 + internalPort: 80 + +# Kubernetes namespace for components deployed via Cloudify manager +# If empty, use the common namespace +dcae_ns: "dcae" |