diff options
Diffstat (limited to 'kubernetes/dcaegen2')
88 files changed, 475 insertions, 795 deletions
diff --git a/kubernetes/dcaegen2/.helmignore b/kubernetes/dcaegen2/.helmignore index f0c1319444..7ddbad7ef4 100644 --- a/kubernetes/dcaegen2/.helmignore +++ b/kubernetes/dcaegen2/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +components/ diff --git a/kubernetes/dcaegen2/Makefile b/kubernetes/dcaegen2/Makefile index f10f2fc682..bf20455a5f 100644 --- a/kubernetes/dcaegen2/Makefile +++ b/kubernetes/dcaegen2/Makefile @@ -11,37 +11,36 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -make-dcaegen2: make-dcae-bootstrap make-dcae-cloudify-manager make-dcae-config-binding-service make-dcae-healthcheck make-dcae-redis make-dcae-servicechange-handler make-dcae-inventory-api make-dcae-deployment-handler make-dcae-policy-handler make-dcae-dashboard +HELM_BIN := helm + +make-dcaegen2: make-dcae-bootstrap make-dcae-cloudify-manager make-dcae-config-binding-service make-dcae-healthcheck make-dcae-servicechange-handler make-dcae-inventory-api make-dcae-deployment-handler make-dcae-policy-handler make-dcae-dashboard make-dcae-bootstrap: - cd components && helm dep up dcae-bootstrap && helm lint dcae-bootstrap + cd components && $(HELM_BIN) dep up dcae-bootstrap && $(HELM_BIN) lint dcae-bootstrap make-dcae-cloudify-manager: - cd components && helm dep up dcae-cloudify-manager && helm lint dcae-cloudify-manager + cd components && $(HELM_BIN) dep up dcae-cloudify-manager && $(HELM_BIN) lint dcae-cloudify-manager make-dcae-config-binding-service: - cd components && helm dep up dcae-config-binding-service && helm lint dcae-config-binding-service + cd components && $(HELM_BIN) dep up dcae-config-binding-service && $(HELM_BIN) lint dcae-config-binding-service make-dcae-healthcheck: - cd components && helm dep up dcae-healthcheck && helm lint dcae-healthcheck - -make-dcae-redis: - cd components && helm dep up dcae-redis && helm lint dcae-redis + cd components && $(HELM_BIN) dep up dcae-healthcheck && $(HELM_BIN) lint dcae-healthcheck make-dcae-servicechange-handler: - cd components && helm dep up dcae-servicechange-handler && helm lint dcae-servicechange-handler + cd components && $(HELM_BIN) dep up dcae-servicechange-handler && $(HELM_BIN) lint dcae-servicechange-handler make-dcae-inventory-api: - cd components && helm dep up dcae-inventory-api && helm lint dcae-inventory-api + cd components && $(HELM_BIN) dep up dcae-inventory-api && $(HELM_BIN) lint dcae-inventory-api make-dcae-deployment-handler: - cd components && helm dep up dcae-deployment-handler && helm lint dcae-deployment-handler + cd components && $(HELM_BIN) dep up dcae-deployment-handler && $(HELM_BIN) lint dcae-deployment-handler make-dcae-policy-handler: - cd components && helm dep up dcae-policy-handler && helm lint dcae-policy-handler + cd components && $(HELM_BIN) dep up dcae-policy-handler && $(HELM_BIN) lint dcae-policy-handler make-dcae-dashboard: - cd components && helm dep up dcae-dashboard && helm lint dcae-dashboard + cd components && $(HELM_BIN) dep up dcae-dashboard && $(HELM_BIN) lint dcae-dashboard clean: @find . -type f -name '*.tgz' -delete diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml index e917e900c7..a31aaf1106 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml @@ -31,3 +31,6 @@ dependencies: - name: cmpv2Config version: ~6.x-0 repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/dmaap-plugin.json b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/dmaap-plugin.json index c52a0a8606..44a345455a 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/dmaap-plugin.json +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/dmaap-plugin.json @@ -3,5 +3,5 @@ "username": "notused", "password": "doesnotmatter", "owner": "dcaecm" - } + } }
\ No newline at end of file diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json index 6de75c96d7..568d6f77c9 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== #================================================================================= # Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved. @@ -16,40 +17,44 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} { - "namespace" : "{{ if .Values.dcae_ns }}{{ .Values.dcae_ns}}{{ else }}{{include "common.namespace" . }}{{ end}}", - "consul_dns_name" : "{{ .Values.config.address.consul.host }}.{{ include "common.namespace" . }}", - "default_k8s_location" : "{{ .Values.default_k8s_location }}", - "image_pull_secrets" : ["{{ include "common.namespace" . }}-docker-registry-key"], - "filebeat": - { - "log_path": "/var/log/onap", - "data_path": "/usr/share/filebeat/data", - "config_path": "/usr/share/filebeat/filebeat.yml", - "config_subpath": "filebeat.yml", - "image" : "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}", - "config_map" : "{{ include "common.release" . }}-dcae-filebeat-configmap" - }, - "tls": - { - "cert_path": "/opt/app/osaaf", - "image": "{{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}", - "component_cert_dir": "/opt/dcae/cacert", - "component_ca_cert_path": "/opt/dcae/cacert/cacert.pem", - "ca_cert_configmap": "{{ include "common.fullname" . }}-dcae-cacert" - }, - "external_cert": - { - "image_tag": "{{ .Values.global.tlsRepository }}/{{ .Values.cmpv2Config.global.aaf.certServiceClient.image }}", - "request_url": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.requestURL }}", - "timeout": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.requestTimeout }}", - "country": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2Country }}", - "organization": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2Organization }}", - "state": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2State }}", - "organizational_unit": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2OrganizationalUnit }}", - "location": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2Location }}", - "keystore_password": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.keystorePassword }}", - "truststore_password": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.truststorePassword }}" - } -} + "namespace": "{{ if .Values.dcae_ns }}{{ .Values.dcae_ns}}{{ else }}{{include "common.namespace" . }}{{ end}}", + "consul_dns_name": "{{ .Values.config.address.consul.host }}.{{ include "common.namespace" . }}", + "default_k8s_location": "{{ .Values.default_k8s_location }}", + "image_pull_secrets": [ + "{{ include "common.namespace" . }}-docker-registry-key" + ], + "filebeat": { + "log_path": "/var/log/onap", + "data_path": "/usr/share/filebeat/data", + "config_path": "/usr/share/filebeat/filebeat.yml", + "config_subpath": "filebeat.yml", + "image": "{{ include "repositoryGenerator.image.logging" . }}", + "config_map": "{{ include "common.release" . }}-dcae-filebeat-configmap" + }, + "tls": { + "cert_path": "/opt/app/osaaf", + "image": "{{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tlsImage }}", + "component_cert_dir": "/opt/dcae/cacert", + "component_ca_cert_path": "/opt/dcae/cacert/cacert.pem", + "ca_cert_configmap": "{{ include "common.fullname" . }}-dcae-cacert" + }, + "external_cert": { + "image_tag": "{{ include "repositoryGenerator.repository" . }}/{{ .Values.cmpv2Config.global.platform.certServiceClient.image }}", + "request_url": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.requestURL }}", + "timeout": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.requestTimeout }}", + "country": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.cmpv2Country }}", + "organization": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.cmpv2Organization }}", + "state": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.cmpv2State }}", + "organizational_unit": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.cmpv2OrganizationalUnit }}", + "location": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.cmpv2Location }}", + "cert_secret_name": "{{ .Values.cmpv2Config.global.platform.certServiceClient.secretName }}", + "keystore_password": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.keystorePassword }}", + "truststore_password": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.truststorePassword }}" + }, + "truststore_merger": { + "image_tag": "{{ include "repositoryGenerator.repository" . }}/{{ .Values.cmpv2Config.global.platform.certPostProcessor.image }}" + } +}
\ No newline at end of file diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml index f330e647b4..8c2c0a217b 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== #================================================================================= # Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved. @@ -15,9 +16,10 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} {{ if .Values.componentImages.datafile_collector }} -tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.datafile_collector }} +tag_version: {{ include "repositoryGenerator.repository" . }}/{{ .Values.componentImages.datafile_collector }} {{ end }} host_port: {{ .Values.config.address.datafile_collector.port }} host_port_secure: {{ .Values.config.address.datafile_collector.portSecure }} diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-holmes_engine-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-holmes_engine-inputs.yaml index f6a4c7cf85..7aa1b8d03a 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-holmes_engine-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-holmes_engine-inputs.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== #================================================================================= # Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved. @@ -15,10 +16,11 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} { {{ if .Values.componentImages.holmes_engine }} - "he_image" : '{{ include "common.repository" . }}/{{ .Values.componentImages.holmes_engine }}', + "he_image" : '{{ include "repositoryGenerator.repository" . }}/{{ .Values.componentImages.holmes_engine }}', {{ end }} "msb_hostname": "{{ .Values.config.address.msb_iag }}.{{include "common.namespace" . }}", "dcae_CL_publish_url": "http://{{ .Values.config.address.message_router }}.{{include "common.namespace" . }}:3904/events/unauthenticated.DCAE_CL_OUTPUT", diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-holmes_rules-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-holmes_rules-inputs.yaml index 7ede89e521..6c311ec47e 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-holmes_rules-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-holmes_rules-inputs.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== #================================================================================= # Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved. @@ -15,10 +16,11 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} { {{ if .Values.componentImages.holmes_rules }} - "hr_image" : '{{ include "common.repository" . }}/{{ .Values.componentImages.holmes_rules }}', + "hr_image" : '{{ include "repositoryGenerator.repository" . }}/{{ .Values.componentImages.holmes_rules }}', {{ end }} "msb_hostname": "{{ .Values.config.address.msb_iag }}.{{include "common.namespace" . }}", diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml index a0cbbbdba2..08a3c357ba 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml @@ -1,6 +1,8 @@ +{{/* #============LICENSE_START======================================================== #================================================================================= -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2020 Nokia. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,9 +16,15 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} {{ if .Values.componentImages.hv_ves }} -tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.hv_ves }} +tag_version: {{ include "repositoryGenerator.repository" . }}/{{ .Values.componentImages.hv_ves }} {{ end }} use_tls: true -security_ssl_disable: false
\ No newline at end of file +security_ssl_disable: false +external_cert_ca_name: "RA" +external_cert_common_name: "dcae-hv-ves-collector" +external_cert_sans: "dcae-hv-ves-collector:hv-ves-collector:hv-ves" +external_cert_cert_type: "JKS" +external_cert_use_external_tls: false diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-pgaas-initdb-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-pgaas-initdb-inputs.yaml index eb4cf252d4..71c91b4f77 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-pgaas-initdb-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-pgaas-initdb-inputs.yaml @@ -1,3 +1,4 @@ +{{/* #================================================================================= # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada @@ -14,6 +15,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} k8s_pgaas_instance_fqdn: {{ .Values.postgres.service.name2 }}.{{include "common.namespace" . }} k8s_initial_password: $PG_ROOT_PASSWORD diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-prh-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-prh-inputs.yaml index 1491e731d8..efc8c77366 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-prh-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-prh-inputs.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== #================================================================================= # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. @@ -14,7 +15,8 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} {{ if .Values.componentImages.prh }} -tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.prh }} +tag_version: {{ include "repositoryGenerator.repository" . }}/{{ .Values.componentImages.prh }} {{ end }} diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml index aa2b9a3f18..7c234243b0 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== #================================================================================= # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. @@ -15,8 +16,9 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} {{ if .Values.componentImages.snmptrap }} -tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.snmptrap }} +tag_version: {{ include "repositoryGenerator.repository" . }}/{{ .Values.componentImages.snmptrap }} {{ end }} external_port: {{ .Values.config.address.snmptrap.port }} diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tca-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tca-inputs.yaml deleted file mode 100644 index 9240094fa9..0000000000 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tca-inputs.yaml +++ /dev/null @@ -1,28 +0,0 @@ -#============LICENSE_START======================================================== -#================================================================================= -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -{{ if .Values.componentImages.tca }} -tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.tca }} -{{ end }} -dmaap_host: {{ .Values.config.address.message_router }}.{{include "common.namespace" . }} -consul_host: {{ .Values.config.address.consul.host }}.{{include "common.namespace" . }} -cbs_host: config-binding-service -enableRedisCaching: {{ .Values.config.redisCaching }} -{{ if .Values.config.redisHosts }} -redisHosts: {{ .Values.config.redisHosts }} -{{ end }} diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tcagen2-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tcagen2-inputs.yaml index 5074cb8a7f..eb7caf1eee 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tcagen2-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tcagen2-inputs.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== #================================================================================= # Copyright (c) 2020 AT&T Intellectual Property. All rights reserved. @@ -14,9 +15,10 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} {{ if .Values.componentImages.tcagen2 }} -tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.tcagen2 }} +tag_version: {{ include "repositoryGenerator.repository" . }}/{{ .Values.componentImages.tcagen2 }} {{ end }} tca_handle_in_subscribe_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT/" -tca_handle_out_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.TCAGEN2_OUTPUT/" +tca_handle_out_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.DCAE_CL_OUTPUT/" diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml index 5a2a595ca6..e09e37dd31 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== #================================================================================= # Copyright (c) 2020 Nokia. All rights reserved. @@ -14,15 +15,17 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} {{ if .Values.componentImages.ves }} -tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.ves }} +tag_version: {{ include "repositoryGenerator.repository" . }}/{{ .Values.componentImages.ves }} {{ end }} external_port: 0 external_port_tls: {{ .Values.config.address.ves.portSecure }} auth_method: "certBasicAuth" -component_name: "dcae-ves-collector" -dns_component_name: "dcae-ves-collector" +service_component_type: "dcae-ves-collector" +service_id: "dcae-ves-collector" +service_component_name_override: "dcae-ves-collector" enable_tls: true ves_other_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_OTHER_OUTPUT/" ves_heartbeat_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT/" @@ -30,4 +33,13 @@ ves_fault_publish_url: "http://{{ .Values.config.address.message_router }}:3904/ ves_measurement_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT/" ves_pnfRegistration_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_PNFREG_OUTPUT/" ves_notification_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT/" +ves_3gpp_fault_supervision_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT/" +ves_3gpp_provisioning_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT/" +ves_3gpp_hearbeat_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_HEARTBEAT_OUTPUT/" +ves_3gpp_performance_assurance_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT/" user_list: "sample1,$2a$10$0buh.2WeYwN868YMwnNNEuNEAMNYVU9.FSMJGyIKV3dGET/7oGOi6|demouser,$2a$10$1cc.COcqV/d3iT2N7BjPG.S6ZKv2jpb9a5MV.o7lMih/GpjJRX.Ce" +external_cert_ca_name: "RA" +external_cert_common_name: "dcae-ves-collector" +external_cert_sans: "dcae-ves-collector:ves-collector:ves" +external_cert_cert_type: "JKS" +external_cert_use_external_tls: false diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml index dda75dd874..349645bb7b 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== #================================================================================= # Copyright (c) 2017-2020 AT&T Intellectual Property. All rights reserved. @@ -16,18 +17,24 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} {{ if .Values.componentImages.ves }} -tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.ves }} +tag_version: {{ include "repositoryGenerator.repository" . }}/{{ .Values.componentImages.ves }} {{ end }} external_port_tls: 0 external_port: {{ .Values.config.address.ves.port }} auth_method: "noAuth" -component_name: "dcae-ves-collector-http" -dns_component_name: "dcae-ves-collector-http" +service_component_type: "dcae-http-ves-collector" +service_id: "dcae-http-ves-collector-http" +service_component_name_override: "dcae-http-ves-collector" ves_other_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_OTHER_OUTPUT/" ves_heartbeat_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT/" ves_fault_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_FAULT_OUTPUT/" ves_measurement_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT/" ves_pnfRegistration_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_PNFREG_OUTPUT/" ves_notification_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT/" +ves_3gpp_fault_supervision_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT/" +ves_3gpp_provisioning_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT/" +ves_3gpp_hearbeat_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_HEARTBEAT_OUTPUT/" +ves_3gpp_performance_assurance_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT/" diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/configmap.yaml index 21134ada9f..47db1753e0 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/templates/configmap.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved. @@ -15,6 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml index 5c96138b03..15a2ad1212 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml @@ -1,6 +1,7 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2017-2019 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2017-2020 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); @@ -15,6 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: apps/v1 kind: Deployment @@ -51,15 +53,15 @@ spec: name: {{ include "common.fullname" . }}-dcae-inputs-input - mountPath: /config name: {{ include "common.fullname" . }}-dcae-inputs - image: "{{ .Values.global.envsubstImage }}" + image: {{ include "repositoryGenerator.image.envsubst" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-update-config - name: {{ include "common.name" . }}-readiness - image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }} + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: - --container-name - dcae-cloudify-manager @@ -92,14 +94,14 @@ spec: fieldPath: status.podIP - name: aaf_locator_fqdn value: dcae - image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tlsImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {} volumeMounts: - mountPath: /opt/app/osaaf name: tls-info - name: init-consul - image: {{ .Values.global.consulLoaderRepository }}/{{ .Values.global.consulLoaderImage }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.consulLoaderImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} args: - --service @@ -109,7 +111,7 @@ spec: resources: {} containers: - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {{ include "common.resources" . | indent 12 }} @@ -128,10 +130,7 @@ spec: - name: CMADDR value: {{ .Values.config.address.cm.host }} - name: CMPASS - valueFrom: - secretKeyRef: - name: {{ include "common.name" . }}-cmpass - key: password + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cm-pass" "key" "password") | indent 14}} - name: CMPROTO value: {{ .Values.config.address.cm.proto }} - name: CMPORT diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/templates/secret.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/secret.yaml index 44395e48e8..c8fbd04150 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/templates/secret.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/secret.yaml @@ -1,6 +1,7 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2017-2020 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); @@ -15,19 +16,6 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.name" . }}-cmpass - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -type: Opaque -data: - password: YWRtaW4= ---- {{ include "common.secretFast" . }} diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml index 33682e7dbe..668dcc7e18 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== #================================================================================= -# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); @@ -22,13 +22,8 @@ global: nodePortPrefix: 302 nodePortPrefixExt: 304 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 - envsubstImage: dibi/envsubst + consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 secrets: - uid: pg-root-pass @@ -37,6 +32,10 @@ secrets: externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "dcae-bootstrap-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}' password: '{{ .Values.postgres.config.pgRootpassword }}' policy: generate + - uid: 'cm-pass' + type: password + externalSecret: '{{ tpl (default "" .Values.config.cloudifyManagerPasswordExternalSecret) . }}' + password: '{{ .Values.config.cloudifyManagerPassword }}' config: logstashServiceName: log-ls @@ -70,8 +69,6 @@ config: ves: port: 30235 portSecure: 30417 - # redisCaching is a string not a boolean! - redisCaching: "false" # postgres values--overriding defaults in the postgres subchart postgres: @@ -106,21 +103,19 @@ mongo: disableNfsProvisioner: true # application image -repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:2.0.2 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:2.1.8 default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager # Use to override default setting in blueprints componentImages: - holmes_rules: onap/holmes/rule-management:1.2.7 - holmes_engine: onap/holmes/engine-management:1.2.6 - tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.2.2 - tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.0.1 - ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.7.1 + holmes_rules: onap/holmes/rule-management:1.2.9 + holmes_engine: onap/holmes/engine-management:1.2.9 + tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.2.1 + ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.7.9 snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0 - prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.2 - hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.4.0 + prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.4 + hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.5.0 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/requirements.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/requirements.yaml index caff1e5dc4..c2681fb217 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/requirements.yaml @@ -17,3 +17,6 @@ dependencies: - name: common version: ~6.x-0 repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/config.txt b/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/config.txt index 7606ba55ae..e079ec81c0 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/config.txt +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/config.txt @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. @@ -15,5 +16,6 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} [consul] address={{ .Values.config.address.consul.host }}:{{ .Values.config.address.consul.port }} diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/log/filebeat.yml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/log/filebeat.yml index 1a3f693a12..06e553d9d4 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/log/filebeat.yml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/log/filebeat.yml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. @@ -15,6 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} filebeat.prospectors: #it is mandatory, in our case it's log - input_type: log diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/configmap.yaml index f1add2dac1..6ec98b56c4 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/configmap.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. @@ -15,6 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml index b5bb66b8c0..6c7fa4d85c 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml @@ -1,7 +1,9 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada +# Copyright (c) 2020 J. F. Lucas. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,6 +17,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: apps/v1 kind: Deployment @@ -45,10 +48,10 @@ spec: - "dcae-cloudify-manager" initContainers: - name: {{ include "common.name" . }}-readiness - image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }} + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: - --container-name - aaf-cm @@ -61,14 +64,13 @@ spec: apiVersion: v1 fieldPath: metadata.namespace - name: {{ include "common.name" . }}-multisite-init - image: {{ include "common.repository" . }}/{{ .Values.multisiteInitImage }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.multisiteInitImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} args: - --namespace - {{ include "common.namespace" . }} - --configmap - {{ .Values.multisiteConfigMapName }} - restartPolicy: Never - name: init-tls env: - name: POD_IP @@ -78,7 +80,7 @@ spec: fieldPath: status.podIP - name: aaf_locator_fqdn value: dcae - image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tlsImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {} volumeMounts: @@ -86,7 +88,7 @@ spec: name: tls-info {{- if .Values.persistence.enabled }} - name: remove-lost-found - image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}" + image: {{ include "repositoryGenerator.image.busybox" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: /cfy-persist @@ -99,7 +101,7 @@ spec: {{- end }} containers: - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: REQUESTS_CA_BUNDLE @@ -116,6 +118,7 @@ spec: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end }} readinessProbe: exec: @@ -123,6 +126,7 @@ spec: - /scripts/readiness-check.sh initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} volumeMounts: - mountPath: /opt/onap/config.txt subPath: config.txt @@ -144,6 +148,9 @@ spec: name: cm-persistent - mountPath: /opt/onap/certs name: tls-info + - mountPath: /opt/onap/cm-secrets + name: cm-secrets + readOnly: true securityContext: privileged: True volumes: @@ -171,5 +178,8 @@ spec: {{- end }} - emptyDir: {} name: tls-info + - name: cm-secrets + secret: + secretName: {{ include "common.secret.getSecretNameFast" (dict "global" . "uid" "cm-pass") }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/job.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/job.yaml index 96d305a7a7..2e8b4cd4e8 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/job.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/job.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. @@ -14,6 +15,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: batch/v1 kind: Job metadata: @@ -38,5 +40,5 @@ spec: restartPolicy: Never containers: - name: dcae-cleanup - image: {{ include "common.repository" . }}/{{ .Values.cleanupImage }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.cleanupImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/namespace.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/namespace.yaml index 57cbe89cc1..960ec786b2 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/namespace.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/namespace.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. @@ -15,7 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= - +*/}} {{ if .Values.dcae_ns}} # Create the namespace apiVersion: v1 diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/pv.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/pv.yaml index 0dd128fd4d..95c841a9fd 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/pv.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/pv.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. @@ -15,6 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} {{- if eq "True" (include "common.needPV" .) }} diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/pvc.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/pvc.yaml index c4de971f39..3fbdc91d66 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/pvc.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/pvc.yaml @@ -1,3 +1,4 @@ +{{/* # ================================================================================ # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # ================================================================================ @@ -13,6 +14,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} kind: PersistentVolumeClaim diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/secret.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/secret.yaml index dee9200eff..91666c1422 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/secret.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/secret.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. @@ -15,6 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} {{ if .Values.dcae_ns}} apiVersion: v1 @@ -28,7 +30,7 @@ metadata: release: {{ include "common.release" . }} heritage: {{ .Release.Service }} data: - .dockercfg: {{ include "common.repository.secret" . }} + .dockercfg: {{ include "repositoryGenerator.secret" . }} type: kubernetes.io/dockercfg --- {{ end }} @@ -41,3 +43,5 @@ metadata: annotations: kubernetes.io/service-account.name: default type: kubernetes.io/service-account-token +--- +{{ include "common.secretFast" . }} diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/service.yaml index 525931e109..3a28616687 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/service.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. @@ -15,6 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: v1 kind: Service diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml index b7ea4c9e6f..fd4e1217c4 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml @@ -1,7 +1,8 @@ #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada +# Copyright (c) 2020 J. F. Lucas. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -22,17 +23,20 @@ global: nodePortPrefix: 302 persistence: {} - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 repositoryCred: user: docker password: docker +secrets: + - uid: 'cm-pass' + type: password + externalSecret: '{{ tpl (default "" .Values.config.cloudifyManagerPasswordExternalSecret) . }}' + password: '{{ .Values.config.cloudifyManagerPassword }}' + policy: required + config: + cloudifyManagerPassword: "override me" logstashServiceName: log-ls logstashPort: 5044 # Addresses of other ONAP entities @@ -45,8 +49,7 @@ config: # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.cm-container:3.0.0 +image: onap/org.onap.dcaegen2.deployments.cm-container:3.3.4 pullPolicy: Always # name of shared ConfigMap with kubeconfig for multiple clusters @@ -62,6 +65,7 @@ cleanupImage: onap/org.onap.dcaegen2.deployments.dcae-k8s-cleanup-container:1.0. liveness: initialDelaySeconds: 10 periodSeconds: 10 + timeoutSeconds: 5 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container # liveness not desirable for Cloudify Manager container @@ -69,7 +73,13 @@ liveness: readiness: initialDelaySeconds: 60 - periodSeconds: 10 + # In some environments we see CM coming up + # properly but readiness probe timing out. + # Increasing the timeout and adjusting the + # period so it's longer than the timeout. + # (DCAEGEN2-2465) + periodSeconds: 30 + timeoutSeconds: 10 service: type: ClusterIP @@ -80,21 +90,23 @@ service: # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) +# Due to memory issues in ONAP integration environment, +# we've increased the memory amounts for both flavors. resources: small: limits: cpu: 2 - memory: 2Gi + memory: 4Gi requests: cpu: 1 - memory: 1Gi + memory: 2Gi large: limits: cpu: 4 - memory: 4Gi + memory: 8Gi requests: cpu: 2 - memory: 2Gi + memory: 4Gi unlimited: {} # Kubernetes namespace for components deployed via Cloudify manager # If empty, use the common namespace diff --git a/kubernetes/dcaegen2/components/dcae-config-binding-service/requirements.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/requirements.yaml index caff1e5dc4..c2681fb217 100644 --- a/kubernetes/dcaegen2/components/dcae-config-binding-service/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-config-binding-service/requirements.yaml @@ -17,3 +17,6 @@ dependencies: - name: common version: ~6.x-0 repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dcaegen2/components/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml b/kubernetes/dcaegen2/components/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml index 1a3f693a12..06e553d9d4 100644 --- a/kubernetes/dcaegen2/components/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml +++ b/kubernetes/dcaegen2/components/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. @@ -15,6 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} filebeat.prospectors: #it is mandatory, in our case it's log - input_type: log diff --git a/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/configmap.yaml index af4948d925..67fcce4d53 100644 --- a/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/configmap.yaml +++ b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2019 AT&T # @@ -12,6 +13,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: ConfigMap metadata: diff --git a/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/deployment.yaml index 959c7f4826..65d0b36927 100644 --- a/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. @@ -14,6 +15,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: apps/v1 kind: Deployment @@ -38,10 +40,10 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-readiness - image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }} + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: - --container-name - consul-server @@ -65,7 +67,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: status.podIP - image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tlsImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {} volumeMounts: @@ -75,7 +77,7 @@ spec: containers: {{- if .Values.service.secure.enabled }} - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {{ include "common.resources" . | indent 12 }} @@ -89,7 +91,7 @@ spec: port: {{ .Values.service.secure.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} + {{ end }} readinessProbe: httpGet: scheme: "HTTPS" @@ -112,7 +114,7 @@ spec: - name: HTTPS_KEY_PATH value: "/opt/tls/key.pem" - name: {{ include "common.name" . }}-fb-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + image: {{ include "repositoryGenerator.image.logging" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - name: {{ include "common.fullname" . }}-fb-conf @@ -125,7 +127,7 @@ spec: {{ end }} {{- if .Values.service.insecure.enabled }} - name: {{ include "common.name" . }}-insecure - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {{ include "common.resources" . | indent 12 }} @@ -139,7 +141,7 @@ spec: port: {{ .Values.service.insecure.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} + {{ end }} readinessProbe: httpGet: scheme: "HTTP" @@ -154,7 +156,7 @@ spec: - name: CONSUL_HOST value: consul.{{ include "common.namespace" . }} - name: {{ include "common.name" . }}-fb-onap-i - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + image: {{ include "repositoryGenerator.image.logging" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - name: {{ include "common.fullname" . }}-fb-conf diff --git a/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/service.yaml index 5ca5035f87..c4cc0a9902 100644 --- a/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/service.yaml +++ b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. @@ -14,6 +15,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: v1 kind: Service diff --git a/kubernetes/dcaegen2/components/dcae-config-binding-service/values.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/values.yaml index a27fba52ae..63f96044fa 100644 --- a/kubernetes/dcaegen2/components/dcae-config-binding-service/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-config-binding-service/values.yaml @@ -21,15 +21,7 @@ global: nodePortPrefix: 302 nodePortPrefixExt: 304 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 - repositoryCred: - user: docker - password: docker config: logstashServiceName: log-ls @@ -44,8 +36,7 @@ config: # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.configbinding:2.5.2 +image: onap/org.onap.dcaegen2.platform.configbinding:2.5.3 pullPolicy: Always # probe configuration parameters diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/requirements.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/requirements.yaml index 07787a8206..cbc9a739c5 100644 --- a/kubernetes/dcaegen2/components/dcae-dashboard/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/requirements.yaml @@ -19,3 +19,6 @@ dependencies: - name: postgres version: ~6.x-0 repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/resources/log/filebeat.yml b/kubernetes/dcaegen2/components/dcae-dashboard/resources/log/filebeat.yml index 0e5ee9bffa..1e33eb3684 100644 --- a/kubernetes/dcaegen2/components/dcae-dashboard/resources/log/filebeat.yml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/resources/log/filebeat.yml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved. @@ -15,6 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} filebeat.prospectors: #it is mandatory, in our case it's log - input_type: log diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/templates/configmap.yaml index 41d5826e13..958e810178 100644 --- a/kubernetes/dcaegen2/components/dcae-dashboard/templates/configmap.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2019 AT&T # @@ -12,6 +13,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: ConfigMap metadata: diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/templates/deployment.yaml index 9765b62ae2..e93f8d8fb9 100644 --- a/kubernetes/dcaegen2/components/dcae-dashboard/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/templates/deployment.yaml @@ -1,6 +1,7 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,6 +15,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: apps/v1 kind: Deployment @@ -38,10 +40,10 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-readiness - image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }} + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: - --container-name - dcae-cloudify-manager @@ -70,7 +72,7 @@ spec: fieldPath: status.podIP - name: aaf_locator_fqdn value: dcae - image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tlsImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {} volumeMounts: @@ -78,7 +80,7 @@ spec: name: tls-info containers: - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {{ include "common.resources" . | indent 12 }} @@ -105,7 +107,7 @@ spec: successThreshold: 1 timeoutSeconds: 1 volumeMounts: - - mountPath: /usr/local/share/ca-certificates/ + - mountPath: /opt/app/osaaf/ name: tls-info - mountPath: /opt/logs/dcae/dashboard name: component-log @@ -119,7 +121,7 @@ spec: - name: postgres_port value: "{{ .Values.postgres.config.pgPort }}" - name: cloudify_password - value: admin + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cm-pass" "key" "password") | indent 14 }} - name: dhandler_url value: {{ .Values.config.dhandler_url }} - name: cfy_url @@ -148,7 +150,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: status.podIP - image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }} + image: {{ include "repositoryGenerator.image.logging" . }} imagePullPolicy: IfNotPresent resources: {} volumeMounts: diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/templates/secret.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/templates/secret.yaml index b143034d8f..34932b713d 100644 --- a/kubernetes/dcaegen2/components/dcae-dashboard/templates/secret.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/templates/secret.yaml @@ -1,16 +1,17 @@ {{/* # Copyright © 2020 Samsung Electronics -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. */}} + {{ include "common.secretFast" . }} diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/templates/service.yaml index ce13081f2f..9cd3197f3b 100644 --- a/kubernetes/dcaegen2/components/dcae-dashboard/templates/service.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. @@ -14,6 +15,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: v1 kind: Service diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml index 8e3f94dc64..e92e415414 100644 --- a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml @@ -20,11 +20,6 @@ ################################################################# global: nodePortPrefixExt: 304 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 secrets: @@ -35,8 +30,14 @@ secrets: login: '{{ .Values.postgres.config.pgUserName }}' password: '{{ .Values.postgres.config.pgUserPassword }}' passwordPolicy: generate + - uid: 'cm-pass' + type: password + externalSecret: '{{ tpl (default "" .Values.config.cloudifyManagerPasswordExternalSecret) . }}' + password: '{{ .Values.config.cloudifyManagerPassword }}' + policy: required config: + cloudifyManagerPassword: "override me" logstashServiceName: log-ls logstashPort: 5044 dhandler_url: https://deployment-handler:8443 @@ -52,8 +53,7 @@ config: # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.3.2 +image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.4.0 pullPolicy: Always # probe configuration parameters diff --git a/kubernetes/dcaegen2/components/dcae-deployment-handler/requirements.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/requirements.yaml index c8d76a0823..8ba2ea88d3 100644 --- a/kubernetes/dcaegen2/components/dcae-deployment-handler/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/requirements.yaml @@ -17,3 +17,6 @@ dependencies: - name: common version: ~6.x-0 repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-deployment-handler/resources/log/filebeat.yml b/kubernetes/dcaegen2/components/dcae-deployment-handler/resources/log/filebeat.yml index 0e5ee9bffa..1e33eb3684 100644 --- a/kubernetes/dcaegen2/components/dcae-deployment-handler/resources/log/filebeat.yml +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/resources/log/filebeat.yml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved. @@ -15,6 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} filebeat.prospectors: #it is mandatory, in our case it's log - input_type: log diff --git a/kubernetes/dcaegen2/components/dcae-deployment-handler/resources/log4js/log4js.json b/kubernetes/dcaegen2/components/dcae-deployment-handler/resources/log4js/log4js.json new file mode 100644 index 0000000000..a93c8c5bbe --- /dev/null +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/resources/log4js/log4js.json @@ -0,0 +1,32 @@ +{ + "appenders": { + "out": {"type": "stdout"}, + "audit": { + "type": "file", + "filename": "log/audit.log", + "maxLogSize": 10240000, + "backups": 10, + "layout": { + "type": "messagePassThrough" + } + }, + "metrics": { + "type": "file", + "filename": "log/metrics.log", + "maxLogSize": 10240000, + "backups": 10, + "layout": { + "type": "messagePassThrough" + } + }, + "error": {"type": "stdout"}, + "debug": {"type": "stdout"} + }, + "categories": { + "default": {"appenders": ["out"], "level": "debug"}, + "audit": {"appenders": ["audit"], "level": "info"}, + "metrics": {"appenders": ["metrics"], "level": "info"}, + "error": {"appenders": ["error"], "level": "error"}, + "debug": {"appenders": ["debug"], "level": "debug"} + } +}
\ No newline at end of file diff --git a/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/configmap.yaml index 789c634956..cda7029319 100644..100755 --- a/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/configmap.yaml +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/configmap.yaml @@ -1,5 +1,7 @@ +{{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2019 AT&T +# Modifications Copyright © 2020 Nokia # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,6 +14,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: ConfigMap metadata: @@ -31,4 +34,12 @@ metadata: name: {{include "common.fullname" . }}-filebeat-configmap namespace: {{include "common.namespace" . }} data: -{{ tpl (.Files.Glob "resources/log/*").AsConfig . | indent 2 }}
\ No newline at end of file +{{ tpl (.Files.Glob "resources/log/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{include "common.fullname" . }}-log4js-configmap + namespace: {{include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/log4js/*").AsConfig . | indent 2 }} diff --git a/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/deployment.yaml index ec3c72d042..1b39dc6e2f 100644..100755 --- a/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/deployment.yaml @@ -1,6 +1,8 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2020 Nokia # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,6 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: apps/v1 kind: Deployment @@ -38,10 +41,10 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-readiness - image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }} + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: - --container-name - dcae-cloudify-manager @@ -66,14 +69,14 @@ spec: fieldPath: status.podIP - name: aaf_locator_fqdn value: dcae - image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tlsImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {} volumeMounts: - mountPath: /opt/app/osaaf name: tls-info - name: init-consul - image: {{ .Values.global.consulLoaderRepository }}/{{ .Values.global.consulLoaderImage }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.consulLoaderImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} args: - --service @@ -88,7 +91,7 @@ spec: name: dh-config containers: - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {{ include "common.resources" . | indent 12 }} @@ -115,13 +118,15 @@ spec: name: component-log - mountPath: /opt/app/dh/etc/cert/ name: tls-info + - mountPath: /opt/app/dh/etc/ + name: log4js-conf env: - name: CONSUL_HOST value: consul-server.{{ include "common.namespace" . }} - name: CLOUDIFY_USER value: admin - name: CLOUDIFY_PASSWORD - value: admin + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cm-pass" "key" "password") | indent 14 }} - name: CONFIG_BINDING_SERVICE value: config-binding-service - name: NODE_EXTRA_CA_CERTS @@ -138,7 +143,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: status.podIP - image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }} + image: {{ include "repositoryGenerator.image.logging" . }} imagePullPolicy: IfNotPresent resources: {} volumeMounts: @@ -164,5 +169,9 @@ spec: defaultMode: 422 name: {{ include "common.fullname" . }}-configmap name: dh-config + - configMap: + defaultMode: 420 + name: {{include "common.fullname" . }}-log4js-configmap + name: log4js-conf imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dcaegen2/components/dcae-redis/requirements.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/secrets.yaml index c593f60ae4..34932b713d 100644 --- a/kubernetes/dcaegen2/components/dcae-redis/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/secrets.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, AT&T, Bell Canada +{{/* +# Copyright © 2020 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,8 +12,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} -dependencies: - - name: common - version: ~6.x-0 - repository: '@local' +{{ include "common.secretFast" . }} diff --git a/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/service.yaml index 420c0ee96f..cca0b640bb 100644 --- a/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/service.yaml +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. @@ -14,6 +15,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: v1 kind: Service diff --git a/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml index 8a3440dae5..a32214faf3 100644 --- a/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml @@ -20,19 +20,18 @@ ################################################################# global: nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 - consulLoaderRepository: nexus3.onap.org:10001 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 - repositoryCred: - user: docker - password: docker + +secrets: + - uid: 'cm-pass' + type: password + externalSecret: '{{ tpl (default "" .Values.config.cloudifyManagerPasswordExternalSecret) . }}' + password: '{{ .Values.config.cloudifyManagerPassword }}' + policy: required config: + cloudifyManagerPassword: "override me" logstashServiceName: log-ls logstashPort: 5044 # Addresses of other ONAP entities @@ -45,8 +44,7 @@ config: # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.deployment-handler:4.3.0 +image: onap/org.onap.dcaegen2.platform.deployment-handler:4.4.1 pullPolicy: Always # probe configuration parameters diff --git a/kubernetes/dcaegen2/components/dcae-healthcheck/requirements.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/requirements.yaml index 6f858bda03..45dddcfbd1 100644 --- a/kubernetes/dcaegen2/components/dcae-healthcheck/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-healthcheck/requirements.yaml @@ -20,3 +20,6 @@ dependencies: - name: common version: ~6.x-0 repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-healthcheck/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/templates/deployment.yaml index d277c7a71e..9514f41b86 100644 --- a/kubernetes/dcaegen2/components/dcae-healthcheck/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-healthcheck/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved. @@ -15,6 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: apps/v1 kind: Deployment @@ -39,7 +41,7 @@ spec: spec: containers: - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {{ include "common.resources" . | indent 12 }} diff --git a/kubernetes/dcaegen2/components/dcae-healthcheck/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/templates/service.yaml index a71e084535..f0d1bbb3c7 100644 --- a/kubernetes/dcaegen2/components/dcae-healthcheck/templates/service.yaml +++ b/kubernetes/dcaegen2/components/dcae-healthcheck/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. @@ -15,6 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: v1 kind: Service diff --git a/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml index ca9486f715..a083694767 100644 --- a/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml @@ -2,6 +2,7 @@ #================================================================================= # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada +# Modifications Copyright © 2020 Nokia # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,10 +22,6 @@ ################################################################# global: nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 service: name: dcae-healthcheck @@ -44,8 +41,7 @@ readiness: initialDelaySeconds: 10 periodSeconds: 10 # application image -repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.0.0 +image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.1.0 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/requirements.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/requirements.yaml index 653d523472..f841401e7f 100644 --- a/kubernetes/dcaegen2/components/dcae-inventory-api/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/requirements.yaml @@ -20,4 +20,6 @@ dependencies: - name: postgres version: ~6.x-0 repository: '@local' - alias: postgres + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/resources/log/filebeat.yml b/kubernetes/dcaegen2/components/dcae-inventory-api/resources/log/filebeat.yml index 0e5ee9bffa..1e33eb3684 100644 --- a/kubernetes/dcaegen2/components/dcae-inventory-api/resources/log/filebeat.yml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/resources/log/filebeat.yml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved. @@ -15,6 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} filebeat.prospectors: #it is mandatory, in our case it's log - input_type: log diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/configmap.yaml index 5b7a244835..81bac5465e 100644 --- a/kubernetes/dcaegen2/components/dcae-inventory-api/templates/configmap.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2019 AT&T # @@ -12,6 +13,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: ConfigMap metadata: diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml index 29d6207c9b..d25d63c361 100644 --- a/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. @@ -14,6 +15,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: apps/v1 kind: Deployment @@ -52,15 +54,15 @@ spec: name: {{ include "common.fullname" . }}-inv-config-input - mountPath: /config name: {{ include "common.fullname" . }}-inv-config - image: "{{ .Values.global.envsubstImage }}" + image: {{ include "repositoryGenerator.image.envsubst" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-update-config - name: {{ include "common.name" . }}-readiness - image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }} + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: - --container-name - {{ .Values.postgres.nameOverride }} @@ -83,7 +85,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: status.podIP - image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tlsImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {} volumeMounts: @@ -91,7 +93,7 @@ spec: name: tls-info containers: - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} # Assumes that the Docker image is built with ENTRYPOINT set to # ["java", "-jar", "/opt/inventory-api-x.y.z.jar", "server"] @@ -139,7 +141,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: status.podIP - image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }} + image: {{ include "repositoryGenerator.image.logging" . }} imagePullPolicy: IfNotPresent resources: {} volumeMounts: diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/service.yaml index 420c0ee96f..cca0b640bb 100644 --- a/kubernetes/dcaegen2/components/dcae-inventory-api/templates/service.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. @@ -14,6 +15,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: v1 kind: Service diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml index a26ae5d196..7abf0ca745 100644 --- a/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml @@ -20,16 +20,7 @@ ################################################################# global: nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 - envsubstImage: dibi/envsubst - repositoryCred: - user: docker - password: docker secrets: - uid: pg-user-creds @@ -53,8 +44,7 @@ config: # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.inventory-api:3.4.1 +image: onap/org.onap.dcaegen2.platform.inventory-api:3.5.1 pullPolicy: Always diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/requirements.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/requirements.yaml index c8d76a0823..8ba2ea88d3 100644 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/requirements.yaml @@ -17,3 +17,6 @@ dependencies: - name: common version: ~6.x-0 repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/resources/log/filebeat.yml b/kubernetes/dcaegen2/components/dcae-policy-handler/resources/log/filebeat.yml index 1a3f693a12..06e553d9d4 100644 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/resources/log/filebeat.yml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/resources/log/filebeat.yml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. @@ -15,6 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} filebeat.prospectors: #it is mandatory, in our case it's log - input_type: log diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/configmap.yaml index 789c634956..1a3a7fd302 100644 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/configmap.yaml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2019 AT&T # @@ -12,6 +13,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: ConfigMap metadata: diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml index c39b12cd6c..a4becb5e4f 100644 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml @@ -1,6 +1,7 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,6 +15,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: apps/v1 kind: Deployment @@ -38,17 +40,17 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-readiness - image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }} + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: - --container-name - dcae-deployment-handler - --container-name - consul-server - --container-name - - pdp + - policy-xacml-pdp - "-t" - "45" env: @@ -66,14 +68,14 @@ spec: fieldPath: status.podIP - name: aaf_locator_fqdn value: dcae - image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tlsImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {} volumeMounts: - mountPath: /opt/app/osaaf name: tls-info - name: init-consul - image: {{ .Values.global.consulLoaderRepository }}/{{ .Values.global.consulLoaderImage }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.consulLoaderImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} args: - --key @@ -84,7 +86,7 @@ spec: name: ph-config containers: - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {{ include "common.resources" . | indent 12 }} @@ -117,7 +119,7 @@ spec: - name: CLOUDIFY_USER value: admin - name: CLOUDIFY_PASSWORD - value: admin + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cm-pass" "key" "password") | indent 14 }} - name: CONFIG_BINDING_SERVICE value: config-binding-service - name: POD_IP @@ -132,7 +134,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: status.podIP - image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }} + image: {{ include "repositoryGenerator.image.logging" . }} imagePullPolicy: IfNotPresent resources: {} volumeMounts: diff --git a/kubernetes/dcaegen2/components/dcae-redis/Chart.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/secrets.yaml index d4c264f713..34932b713d 100644 --- a/kubernetes/dcaegen2/components/dcae-redis/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/secrets.yaml @@ -1,5 +1,5 @@ -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# Modifications Copyright © 2018 AT&T +{{/* +# Copyright © 2020 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,8 +12,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} -apiVersion: v1 -description: ONAP DCAE Redis -name: dcae-redis -version: 6.0.0 +{{ include "common.secretFast" . }} diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/service.yaml index 420c0ee96f..cca0b640bb 100644 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/service.yaml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. @@ -14,6 +15,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: v1 kind: Service diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml index 717497f4d4..95bbe1e5ff 100644 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml @@ -20,19 +20,18 @@ ################################################################# global: nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 - consulLoaderRepository: nexus3.onap.org:10001 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 - repositoryCred: - user: docker - password: docker + +secrets: + - uid: 'cm-pass' + type: password + externalSecret: '{{ tpl (default "" .Values.config.cloudifyManagerPasswordExternalSecret) . }}' + password: '{{ .Values.config.cloudifyManagerPassword }}' + policy: required config: + cloudifyManagerPassword: "override me" logstashServiceName: log-ls logstashPort: 5044 # Addresses of other ONAP entities @@ -46,7 +45,6 @@ config: # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 image: onap/org.onap.dcaegen2.platform.policy-handler:5.1.0 pullPolicy: Always diff --git a/kubernetes/dcaegen2/components/dcae-redis/.helmignore b/kubernetes/dcaegen2/components/dcae-redis/.helmignore deleted file mode 100644 index f0c1319444..0000000000 --- a/kubernetes/dcaegen2/components/dcae-redis/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/dcaegen2/components/dcae-redis/resources/redis/scripts/redis-cluster-config.sh b/kubernetes/dcaegen2/components/dcae-redis/resources/redis/scripts/redis-cluster-config.sh deleted file mode 100755 index 49872863a9..0000000000 --- a/kubernetes/dcaegen2/components/dcae-redis/resources/redis/scripts/redis-cluster-config.sh +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash -# ================================================================================ -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -(if [[ "$HOSTNAME" == *{{.Chart.Name}}-0 ]]; then - echo "delay by 10 seconds for redis server starting" - sleep 10 - - NODES="" - echo "====> wait for all {{.Values.replicaCount}} redis pods up" - while [ "$(echo $NODES | wc -w)" -lt {{.Values.replicaCount}} ] - do - echo "======> $(echo $NODES |wc -w) / {{.Values.replicaCount}} pods up" - sleep 5 - RESP=$(wget -vO- --ca-certificate /var/run/secrets/kubernetes.io/serviceaccount/ca.crt --header "Authorization: Bearer $(</var/run/secrets/kubernetes.io/serviceaccount/token)" https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_PORT_443_TCP_PORT/api/v1/namespaces/{{.Release.Namespace}}/pods?labelSelector=app={{.Chart.Name}}) - - IPS=$(echo $RESP | jq -r '.items[].status.podIP') - IPS2=$(echo $IPS | sed -e 's/[a-zA-Z]*//g') - echo "======> IPs: ["$IPS2"]" - NODES="" - for I in $IPS2; do NODES="$NODES $I:{{.Values.service.externalPort}}"; done - echo "======> nodes: ["$NODES"]" - done - echo "====> all {{.Values.replicaCount}} redis cluster pods are up. wait 10 seconds before the next step"; echo - sleep 10 - - echo "====> Configure the cluster" - - # $NODES w/o quotes - echo "======> nodes: [$(echo $NODES |paste -s)]" - redis-trib create --replicas 1 $(echo $NODES |paste -s) -fi ) & - -redis-server /conf/redis.conf - diff --git a/kubernetes/dcaegen2/components/dcae-redis/templates/NOTES.txt b/kubernetes/dcaegen2/components/dcae-redis/templates/NOTES.txt deleted file mode 100644 index 0a386aa131..0000000000 --- a/kubernetes/dcaegen2/components/dcae-redis/templates/NOTES.txt +++ /dev/null @@ -1,34 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/dcaegen2/components/dcae-redis/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/configmap.yaml deleted file mode 100644 index 85ebee672b..0000000000 --- a/kubernetes/dcaegen2/components/dcae-redis/templates/configmap.yaml +++ /dev/null @@ -1,36 +0,0 @@ -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} -data: - redis.conf: |+ - cluster-enabled yes - cluster-require-full-coverage no - cluster-node-timeout 15000 - cluster-config-file /data/nodes.conf - cluster-migration-barrier 1 - appendonly yes - protected-mode no ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-scripts - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/redis/scripts/*").AsConfig . | indent 2 }} diff --git a/kubernetes/dcaegen2/components/dcae-redis/templates/ingress.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/ingress.yaml deleted file mode 100644 index 8f87c68f1e..0000000000 --- a/kubernetes/dcaegen2/components/dcae-redis/templates/ingress.yaml +++ /dev/null @@ -1 +0,0 @@ -{{ include "common.ingress" . }} diff --git a/kubernetes/dcaegen2/components/dcae-redis/templates/pv.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/pv.yaml deleted file mode 100644 index 72bad411db..0000000000 --- a/kubernetes/dcaegen2/components/dcae-redis/templates/pv.yaml +++ /dev/null @@ -1,45 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -{{- $global := . }} -{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} -{{- if eq "True" (include "common.needPV" .) }} -{{- range $i := until (int $global.Values.replicaCount)}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" $global }}-data-{{$i}} - namespace: {{ include "common.namespace" $global }} - labels: - app: {{ include "common.fullname" $global }} - chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" - release: "{{ include "common.release" $global }}" - heritage: "{{ $global.Release.Service }}" - name: {{ include "common.fullname" $global }} -spec: - capacity: - storage: {{ $global.Values.persistence.size}} - accessModes: - - {{ $global.Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} - storageClassName: "{{ include "common.fullname" $global }}-data" - hostPath: - path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} -{{if ne $i (int $global.Values.replicaCount) }} ---- -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/kubernetes/dcaegen2/components/dcae-redis/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/service.yaml deleted file mode 100644 index 31c1c22b17..0000000000 --- a/kubernetes/dcaegen2/components/dcae-redis/templates/service.yaml +++ /dev/null @@ -1,48 +0,0 @@ -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.externalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName2 }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/dcaegen2/components/dcae-redis/templates/statefulset.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/statefulset.yaml deleted file mode 100644 index d4ac832e09..0000000000 --- a/kubernetes/dcaegen2/components/dcae-redis/templates/statefulset.yaml +++ /dev/null @@ -1,125 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - serviceName: {{ .Values.service.name }} - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /bin/sh - - -c - - | - /opt/scripts/redis-cluster-config.sh - ports: - - containerPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} - - containerPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.name2 }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - exec: - command: - - sh - - -c - - "redis-cli -h $(hostname) ping" - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - {{end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /conf - name: {{ include "common.fullname" . }}-config - - mountPath: /data - name: {{ include "common.fullname" . }}-data - - mountPath: /opt/scripts - name: {{ include "common.fullname" . }}-scripts - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: {{ include "common.fullname" . }}-config - configMap: - name: {{ include "common.fullname" . }} - items: - - key: redis.conf - path: redis.conf - - name: {{ include "common.fullname" . }}-scripts - configMap: - name: {{ include "common.fullname" . }}-scripts - defaultMode: 0755 - - name: localtime - hostPath: - path: /etc/localtime - {{- if not .Values.persistence.enabled }} - - name: {{ include "common.fullname" . }}-data - emptyDir: {} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" - {{- if .Values.persistence.enabled }} - volumeClaimTemplates: - - metadata: - name: {{ include "common.fullname" . }}-data - labels: - name: {{ include "common.fullname" . }} - spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - storageClassName: {{ include "common.storageClass" . }} - resources: - requests: - storage: {{ .Values.persistence.size | quote}} - {{- end }} diff --git a/kubernetes/dcaegen2/components/dcae-redis/values.yaml b/kubernetes/dcaegen2/components/dcae-redis/values.yaml deleted file mode 100644 index 3daa740312..0000000000 --- a/kubernetes/dcaegen2/components/dcae-redis/values.yaml +++ /dev/null @@ -1,121 +0,0 @@ -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - persistence: {} - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.redis-cluster-container:1.0.0 -pullPolicy: Always - -# application configuration -# Example: -config: {} - -# default number of instances -replicaCount: 3 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 15 - periodSeconds: 10 - -service: - #Example service definition with external, internal and node ports. - #Services may use any combination of ports depending on the 'type' of - #service being defined. - type: ClusterIP - name: dcae-redis - portName: client - externalPort: 6379 - internalPort: 6379 - portName2: gossip - externalPort2: 16379 - internalPort2: 16379 - -## Persist data to a persitent volume -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: <storageClass> - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - accessMode: ReadWriteOnce - size: 10Mi - mountPath: /dockerdata-nfs - mountSubPath: redis/data - -ingress: - enabled: false - service: - - baseaddr: "dcaeredis" - name: "dcae-redis" - port: 6379 - - baseaddr: "dcaeredisgossip" - name: "dcae-redis" - port: 16379 - config: - ssl: "none" -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 2 - memory: 2Gi - requests: - cpu: 1 - memory: 1Gi - large: - limits: - cpu: 4 - memory: 4Gi - requests: - cpu: 2 - memory: 2Gi - unlimited: {} diff --git a/kubernetes/dcaegen2/components/dcae-servicechange-handler/requirements.yaml b/kubernetes/dcaegen2/components/dcae-servicechange-handler/requirements.yaml index caff1e5dc4..bdc19209e7 100644 --- a/kubernetes/dcaegen2/components/dcae-servicechange-handler/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-servicechange-handler/requirements.yaml @@ -17,3 +17,6 @@ dependencies: - name: common version: ~6.x-0 repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-servicechange-handler/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-servicechange-handler/templates/configmap.yaml index 96ba64f945..a2da32d051 100644 --- a/kubernetes/dcaegen2/components/dcae-servicechange-handler/templates/configmap.yaml +++ b/kubernetes/dcaegen2/components/dcae-servicechange-handler/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2019 AT&T # @@ -12,6 +13,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: ConfigMap metadata: diff --git a/kubernetes/dcaegen2/components/dcae-servicechange-handler/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-servicechange-handler/templates/deployment.yaml index d880433ef3..7c55628f25 100644 --- a/kubernetes/dcaegen2/components/dcae-servicechange-handler/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-servicechange-handler/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. @@ -14,6 +15,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: apps/v1 kind: Deployment @@ -38,17 +40,17 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-readiness - image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }} + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: - --container-name - "dcae-inventory-api" - --container-name - "message-router" - --container-name - - "sdc-dcae-be" + - "sdc-be" - "-t" - "45" env: @@ -64,7 +66,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: status.podIP - image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tlsImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {} volumeMounts: @@ -72,7 +74,7 @@ spec: name: tls-info containers: - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {{ include "common.resources" . | indent 12 }} diff --git a/kubernetes/dcaegen2/components/dcae-servicechange-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-servicechange-handler/values.yaml index 63ce3db3fc..c363626666 100644 --- a/kubernetes/dcaegen2/components/dcae-servicechange-handler/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-servicechange-handler/values.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -20,15 +20,7 @@ ################################################################# global: nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 - repositoryCred: - user: docker - password: docker config: logstashServiceName: log-ls @@ -41,8 +33,7 @@ config: # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.servicechange-handler:1.3.2 +image: onap/org.onap.dcaegen2.platform.servicechange-handler:1.4.0 pullPolicy: Always @@ -94,4 +85,4 @@ resources: unlimited: {} # Kubernetes namespace for components deployed via Cloudify manager # If empty, use the common namespace -# dcae_ns: "dcae" +# dcae_ns: "dcae"
\ No newline at end of file diff --git a/kubernetes/dcaegen2/requirements.yaml b/kubernetes/dcaegen2/requirements.yaml index 55931dc331..82629f7e21 100644 --- a/kubernetes/dcaegen2/requirements.yaml +++ b/kubernetes/dcaegen2/requirements.yaml @@ -32,10 +32,6 @@ dependencies: version: ~6.x-0 repository: 'file://components/dcae-healthcheck' condition: dcae-healthcheck.enabled - - name: dcae-redis - version: ~6.x-0 - repository: 'file://components/dcae-redis' - condition: dcae-redis.enabled - name: dcae-servicechange-handler version: ~6.x-0 repository: 'file://components/dcae-servicechange-handler' diff --git a/kubernetes/dcaegen2/resources/expected-components.json b/kubernetes/dcaegen2/resources/expected-components.json index fd3d04fcb8..d89203b070 100644 --- a/kubernetes/dcaegen2/resources/expected-components.json +++ b/kubernetes/dcaegen2/resources/expected-components.json @@ -1,10 +1,10 @@ [ {{- $ctx := . }} -{{- $components := tuple "dcae-cloudify-manager" "dcae-config-binding-service" "dcae-dashboard" "dcae-deployment-handler" "dcae-inventory-api" "dcae-policy-handler" "dcae-redis" "dcae-servicechange-handler" }} +{{- $components := tuple "dcae-cloudify-manager" "dcae-config-binding-service" "dcae-dashboard" "dcae-deployment-handler" "dcae-inventory-api" "dcae-policy-handler" "dcae-servicechange-handler" }} {{- range $i, $v := $components }} {{- if index $ctx.Values . "enabled" }} {{- if $i }},{{ end }} {{ $v | quote | indent 2 }} {{- end -}} {{- end }} -]
\ No newline at end of file +] diff --git a/kubernetes/dcaegen2/templates/configmap.yaml b/kubernetes/dcaegen2/templates/configmap.yaml index b315443c70..4a1877f02e 100644 --- a/kubernetes/dcaegen2/templates/configmap.yaml +++ b/kubernetes/dcaegen2/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2020 AT&T Intellectual Property. All rights reserved. @@ -14,6 +15,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= +*/}} apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/dcaegen2/templates/secrets.yaml b/kubernetes/dcaegen2/templates/secrets.yaml new file mode 100644 index 0000000000..34932b713d --- /dev/null +++ b/kubernetes/dcaegen2/templates/secrets.yaml @@ -0,0 +1,17 @@ +{{/* +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/dcaegen2/values.yaml b/kubernetes/dcaegen2/values.yaml index c66a786537..d4007ad0f6 100644 --- a/kubernetes/dcaegen2/values.yaml +++ b/kubernetes/dcaegen2/values.yaml @@ -1,5 +1,6 @@ # Copyright © 2018 Amdocs, Bell Canada # Modifications Copyright © 2018-2019 AT&T +# Modifications Copyright © 2020 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,33 +19,50 @@ ################################################################# global: nodePortPrefix: 302 - tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 - consulLoaderRepository: nexus3.onap.org:10001 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 - busyboxRepository: docker.io - busyboxImage: library/busybox:1.30 -redis: - replicaCount: 6 -# Enable all DCAE components except redis by default +################################################################# +# Secrets metaconfig +################################################################# +secrets: +- name: &cmPassSecretName '{{ include "common.release" . }}-dcaegen2-cm-pass' + type: password + externalSecret: '{{ tpl (default "" .Values.config.cloudifyManagerPasswordExternalSecret) . }}' + password: '{{ .Values.config.cloudifyManagerPassword }}' + +config: {} + +# To work around DCAEGEN2-2450, set password strength to "basic" +# to ensure password contains only alphanumerics +passwordStrengthOverride: basic + +# Enable all DCAE components by default dcae-bootstrap: enabled: true + config: + cloudifyManagerPasswordExternalSecret: *cmPassSecretName dcae-cloudify-manager: enabled: true + config: + cloudifyManagerPasswordExternalSecret: *cmPassSecretName dcae-config-binding-service: enabled: true dcae-dashboard: enabled: true + config: + cloudifyManagerPasswordExternalSecret: *cmPassSecretName dcae-deployment-handler: enabled: true + config: + cloudifyManagerPasswordExternalSecret: *cmPassSecretName dcae-healthcheck: enabled: true dcae-inventory-api: enabled: true dcae-policy-handler: enabled: true -dcae-redis: - enabled: false + config: + cloudifyManagerPasswordExternalSecret: *cmPassSecretName dcae-servicechange-handler: - enabled: true
\ No newline at end of file + enabled: true |