diff options
Diffstat (limited to 'kubernetes/dmaap/charts')
11 files changed, 314 insertions, 67 deletions
diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/config/dmaapbc.properties b/kubernetes/dmaap/charts/dmaap-bus-controller/resources/config/dmaapbc.properties new file mode 100644 index 0000000000..f2a6dd9648 --- /dev/null +++ b/kubernetes/dmaap/charts/dmaap-bus-controller/resources/config/dmaapbc.properties @@ -0,0 +1,214 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +##################################################### +# +# ONAP Casablanca oom configurable deployment params: +# +##################################################### + + +##################################################### +# +# Hooks for specific environment configurations +# +##################################################### +# Indicator for whether to use AAF +UseAAF: false + +# csit: stubs out some southbound APIs for csit +csit: No + +# name of this DMaaP instance (deprecated) +DmaapName: demo + +##################################################### +# +# Settings for Southbound API: Datarouter +# +##################################################### +# FQDN of DR Prov Server (deprecated) +DR.provhost: dcae-drps.domain.not.set + +# URI to retrieve dynamic DR configuration +ProvisioningURI: /internal/prov + +# indicator for handling feed delete: +# DeleteOnDR - means use the DR API to DELETE a feed. (default for backwards compatibility) +# SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL. Better for cfy environments. +Feed.deleteHandling: SimulateDelete + +##################################################### +# +# Settings for Soutbound API: Postgresql +# +##################################################### +# flag indieonapdemodbates if we are using postgresql +UsePGSQL: true + +# postgres host name +# Need to connect to PG primary service, designated by service.name2 +DB.host: {{ .Values.postgres.service.name2 }} + +# postgres schema name +#DB.schema: {{ .Values.postgres.config.pgDatabase }} + +# postgres user name +#DB.user: {{ .Values.postgres.config.pgUserName }} + +# postgres user password +DB.cred: {{ .Values.postgres.config.pgUserPassword }} + + +##################################################### +# +# Settings for Soutbound API: Message Router +# +##################################################### +# indicator for multi-site (locations) deployment. Give clue to buscontroller whether +# there is a need for message replication between edge and central. +# ONAP Casablanca is a single site deployment +MR.multisite: false + +# FQDN of primary message router. +# In ONAP Casablanca, there is only 1 message router service, so use that. +# In a multi-site, MR cluster deployment, use the CNAME DNS entry which resolves to the primary central MR +MR.CentralCname: {{ .Values.dmaapMessageRouterService }} + +# MR Client Delete Level thoroughness: +# 0 = don't delete +# 1 = delete from persistent store +# 2 = delete from persistent store (DB) and authorization store (AAF) +MR.ClientDeleteLevel: 1 + +# namespace of MR Topic Factory +MR.TopicFactoryNS: org.onap.dmaap.mr.topicFactory + +# AAF Role assigned to Topic Manager Identity +MR.TopicMgrRole: org.onap.dmaap-bc-topic-mgr.client + +# MR topic ProjectID (used in certain topic name generation formats) +MR.projectID: ONAP + + +##################################################### +# +# Settings for Southbound API: CADI +# +##################################################### +# path to cadi.properties +cadi.properties: /opt/app/osaaf/lcoal/org.onap.dmaap-bc.props + +##################################################### +# +# Settings for Southbound API: AAF proxy +# +##################################################### +# URL of the AAF server +aaf.URL: {{ .Values.aafURL }} + +# TopicMgr Identity +aaf.TopicMgrUser: {{ .Values.topicMgrUser }} + +# Password for TopicMgr identity +aaf.TopicMgrPassword: {{ .Values.topicMgrPwd }} + +# Buscontroller Admin Identity +aaf.AdminUser: {{ .Values.adminUser }} + +# Admin Password +aaf.AdminPassword: {{ .Values.adminPwd }} + +# location of the codec keyfile used to decrypt passwords in this properties file before they are passed to AAF +CredentialCodeKeyfile: etc/LocalKey + +# this overrides the Class used for Decryption. +# This allows for a plugin encryption/decryption method if needed. +# Call this Class for decryption at runtime. +#AafDecryption.Class: com.company.proprietaryDecryptor + + +##################################################### +# +# Settings for authorization of DBCAPI +# +##################################################### +# Namespace for URI values for the API used to create AAF permissions +# e.g. if ApiNamespace is X.Y.dmaapbc.api then for URI /mr_clients we create AAF perm X.Y.dmaapbc.api.mr_clients +ApiNamespace: org.onap.dmaap-bc.api + +# If API authorization is required, then implement a class to enforce it. +# This overrides the Class used for API permission check. +#ApiPermission.Class: com.company.policy.DecisionPolicy + +##################################################### +# +# Settings for Southbound API: MirrorMaker provisioning +# +##################################################### +# AAF Role of client publishing MM prov cmds +MM.ProvRole: org.onap.dmaap-bc-mm-prov.prov + +# AAF identity when publishing MM prov cmds +MM.ProvUserMechId: dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org + +# pwd for Identity used to publish MM prov cmds +MM.ProvUserPwd: demo123456! + +# AAF Role of MirrorMaker agent subscribed to prov cmds +MM.AgentRole: org.onal.dmaap-bc-mm-prov.agent + +##################################################### +# +# HTTP Server Configuration +# +##################################################### + +# Allow http access to dbcapi +HttpAllowed: true + +# listen to http port within this container (server) +IntHttpPort: 8080 + +# listen to https port within this container (server) +# set to 0 if no certificates are available. +IntHttpsPort: 8443 + +# external port number for https taking port mapping into account +ExtHttpsPort: 443 + +# the type of keystore for https +KeyStoreType: jks + +# path to the keystore file +KeyStoreFile: etc/keystore + +# password for the https keystore +KeyStorePassword: *j&Z*Ma;.4My4M]W0eB*fal$ + +# password for the private key in the https keystore +KeyPassword: *j&Z*Ma;.4My4M]W0eB*fal$ + +# type of truststore for https +TrustStoreType: jks + +# path to the truststore for https +TrustStoreFile: etc/org.onap.dmaap-bc.trust.jks + +# password for the https truststore +TrustStorePassword: pi8HuuSbN03MtQQ7(5TcyQ6; + +# path to the file used to trigger an orderly shutdown +QuiesceFile: etc/SHUTDOWN + diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_READY.json b/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_READY.json index 0010f22cb4..8f4cf8bd64 100644 --- a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_READY.json +++ b/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_READY.json @@ -2,5 +2,16 @@ "topicName": "PNF_READY", "topicDescription": "This topic will be used to publish the PNF_READY events generated by the PNF REgistration Handler service in the DCAE platform.", "owner": "PNFRegistrationHandler", - "txenabled": false + "txenabled": false, + "clients": [ + { + "dcaeLocationName": "san-francisco", + "clientRole": "org.onap.dmaap.mr.PNF_READY.pub", + "action": [ + "pub", + "view" + ] + + } + ] } diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_REGISTRATION.json b/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_REGISTRATION.json index 2b5c8a523d..f0dd2c7829 100644 --- a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_REGISTRATION.json +++ b/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_REGISTRATION.json @@ -2,5 +2,16 @@ "topicName": "PNF_REGISTRATION", "topicDescription": "the VES collector will be publishing pnfRegistration events in this topic", "owner": "VEScollector", - "txenabled": false + "txenabled": false, + "clients": [ + { + "dcaeLocationName": "san-francisco", + "clientRole": "org.onap.dmaap.mr.PNF_REGISTRATION.sub", + "action": [ + "sub", + "view" + ] + + } + ] } diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/templates/deployment.yaml b/kubernetes/dmaap/charts/dmaap-bus-controller/templates/deployment.yaml index 8ef03d43a9..9cf147fdab 100644 --- a/kubernetes/dmaap/charts/dmaap-bus-controller/templates/deployment.yaml +++ b/kubernetes/dmaap/charts/dmaap-bus-controller/templates/deployment.yaml @@ -62,8 +62,9 @@ spec: periodSeconds: {{ .Values.liveness.periodSeconds }} readinessProbe: httpGet: - port: {{ .Values.service.internalPort }} - path: /webapi/info + host: {{ .Values.dmaapMessageRouterService }} + port: 3904 + path: /topics initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} {{ end -}} diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml b/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml index 372e1e45a2..2f6bef8059 100644 --- a/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml +++ b/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml @@ -31,7 +31,7 @@ pullPolicy: Always # application images repository: nexus3.onap.org:10001 -image: onap/dmaap/buscontroller:1.0.22 +image: onap/dmaap/buscontroller:1.0.23 # application configuration diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/values.yaml b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/values.yaml index f8600b5825..8062a33517 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/values.yaml @@ -26,7 +26,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/datarouter-node:1.0.2 +image: onap/dmaap/datarouter-node:1.0.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/values.yaml index dfdd38bfbf..25e058d4f6 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/datarouter-prov:1.0.2 +image: onap/dmaap/datarouter-prov:1.0.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/dmaap/charts/message-router/resources/config/dmaap/MsgRtrApi.properties b/kubernetes/dmaap/charts/message-router/resources/config/dmaap/MsgRtrApi.properties index 4015e941a6..9d1febe27d 100755 --- a/kubernetes/dmaap/charts/message-router/resources/config/dmaap/MsgRtrApi.properties +++ b/kubernetes/dmaap/charts/message-router/resources/config/dmaap/MsgRtrApi.properties @@ -1,17 +1,24 @@ -# Copyright © 2017 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################### +# ============LICENSE_START======================================================= +# org.onap.dmaap +# ================================================================================ +# Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= # -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - +# ECOMP is a trademark and service mark of AT&T Intellectual Property. +# +############################################################################### ############################################################################### ## ## Cambria API Server config @@ -19,7 +26,7 @@ ## - Default values are shown as commented settings. ## -############################################################################## +############################################################################### ## ## HTTP service ## @@ -29,7 +36,9 @@ ## ## Both Cambria and Kafka make use of Zookeeper. ## +#config.zk.servers=172.18.1.1 config.zk.servers={{.Values.zookeeper.name}}:{{.Values.zookeeper.port}} +#config.zk.root=/fe3c/cambria/config ############################################################################### @@ -39,17 +48,22 @@ config.zk.servers={{.Values.zookeeper.name}}:{{.Values.zookeeper.port}} ## Items below are passed through to Kafka's producer and consumer ## configurations (after removing "kafka.") ## if you want to change request.required.acks it can take this one value +#kafka.metadata.broker.list=localhost:9092,localhost:9093 kafka.metadata.broker.list={{.Values.kafka.name}}:{{.Values.kafka.port}} ##kafka.request.required.acks=-1 #kafka.client.zookeeper=${config.zk.servers} consumer.timeout.ms=100 zookeeper.connection.timeout.ms=6000 -zookeeper.session.timeout.ms=6000 +zookeeper.session.timeout.ms=20000 zookeeper.sync.time.ms=2000 auto.commit.interval.ms=1000 fetch.message.max.bytes =1000000 auto.commit.enable=false +#(backoff*retries > zksessiontimeout) +kafka.rebalance.backoff.ms=10000 +kafka.rebalance.max.retries=6 + ############################################################################### ## @@ -86,7 +100,7 @@ authentication.adminSecret=fe3cCompound ## which would substantially impact a high volume consumer's performance. ## ## This complicates Cambria server failover, because we often need server -## A to close its connection before server B brings up the replacement. +## A to close its connection before server B brings up the replacement. ## ## The consumer cache is normally enabled. @@ -96,8 +110,8 @@ authentication.adminSecret=fe3cCompound ## consumers every sweepFreqSeconds and will clean up any connections that are ## dormant for touchFreqMs. #cambria.consumer.cache.sweepFreqSeconds=15 -#cambria.consumer.cache.touchFreqMs=120000 - +cambria.consumer.cache.touchFreqMs=120000 +##stickforallconsumerrequests=false ## The cache is managed through ZK. The default value for the ZK connection ## string is the same as config.zk.servers. #cambria.consumer.cache.zkConnect=${config.zk.servers} @@ -110,6 +124,9 @@ authentication.adminSecret=fe3cCompound ## #cambria.api.node.identifier=<use-something-unique-to-this-instance> +#cambria.rateLimit.maxEmptyPollsPerMinute=30 +#cambria.rateLimitActual.delay.ms=10 + ############################################################################### ## ## Metrics Reporting @@ -117,7 +134,7 @@ authentication.adminSecret=fe3cCompound ## This server can report its metrics periodically on a topic. ## #metrics.send.cambria.enabled=true -#metrics.send.cambria.topic=cambria.apinode.metrics #msgrtr.apinode.metrics.dmaap +#metrics.send.cambria.topic=cambria.apinode.metrics #msgrtr.apinode.metrics.dmaap #metrics.send.cambria.sendEverySeconds=60 cambria.consumer.cache.zkBasePath=/fe3c/cambria/consumerCache @@ -129,18 +146,23 @@ maxcontentlength=10000 ############################################################################## #AAF Properties -msgRtr.namespace.aaf=org.openecomp.dcae.dmaap.mtnje2.mr.topic -msgRtr.topicfactory.aaf=org.openecomp.dcae.dmaap.topicFactory|:org.openecomp.dcae.dmaap.mtnje2.mr.topic: -enforced.topic.name.AAF=org.openecomp +msgRtr.namespace.aaf=org.onap.dmaap.mr.topic +msgRtr.topicfactory.aaf=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic: +enforced.topic.name.AAF=org.onap forceAAF=false transidUEBtopicreqd=false -defaultNSforUEB=org.openecomp.dmaap.mr.ueb +defaultNSforUEB=org.onap.dmaap.mr ############################################################################## #Mirror Maker Agent -msgRtr.mirrormakeradmin.aaf=org.openecomp.dmaap.mr.dev.mirrormaker|*|admin -msgRtr.mirrormakeruser.aaf=org.openecomp.dmaap.mr.dev.mirrormaker|*|user -msgRtr.mirrormakeruser.aaf.create=org.openecomp.dmaap.mr.dev.topicFactory|:org.openecomp.dmaap.mr.dev.topic: +msgRtr.mirrormakeradmin.aaf=com.onap.dmaap.mr.dev.mirrormaker|*|admin +msgRtr.mirrormakeruser.aaf=com.onap.dmaap.mr.dev.mirrormaker|*|user +msgRtr.mirrormakeruser.aaf.create=com.onap.dmaap.mr.dev.topicFactory|:com.onap.dmaap.mr.dev.topic: msgRtr.mirrormaker.timeout=15000 -msgRtr.mirrormaker.topic=org.openecomp.dmaap.mr.prod.mm.agent +msgRtr.mirrormaker.topic=com.onap.dmaap.mr.prod.mm.agent msgRtr.mirrormaker.consumergroup=mmagentserver msgRtr.mirrormaker.consumerid=1 + +kafka.max.poll.interval.ms=300000 +kafka.heartbeat.interval.ms=60000 +kafka.session.timeout.ms=240000 +kafka.max.poll.records=1000
\ No newline at end of file diff --git a/kubernetes/dmaap/charts/message-router/resources/config/dmaap/cadi.properties b/kubernetes/dmaap/charts/message-router/resources/config/dmaap/cadi.properties index 9079794517..a79bb8d40a 100755 --- a/kubernetes/dmaap/charts/message-router/resources/config/dmaap/cadi.properties +++ b/kubernetes/dmaap/charts/message-router/resources/config/dmaap/cadi.properties @@ -1,35 +1,20 @@ -# Copyright © 2017 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +aaf_locate_url=https://aaf-onap-test.osaaf.org:8095 +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 +aaf_env=DEV +aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm -basic_realm=openecomp.org -basic_warn=TRUE +cadi_truststore=/appl/dmaapMR1/etc/truststoreONAPall.jks +cadi_truststore_password=changeit -cadi_loglevel=DEBUG -#cadi_keyfile=target/swm/package/nix/dist_files/appl/${artifactId}/etc/keyfile2 -cadi_keyfile=/appl/dmaapMR1/etc/keyfile -# Configure AAF -aaf_url=https://DME2RESOLVE/service=org.openecomp.authz.AuthorizationService/version=2.0/envContext=DEV/routeOffer=BAU_SE +cadi_keyfile=/appl/dmaapMR1/etc/keyfilenew -aaf_id=dgl@openecomp.org -aaf_password=enc:f2u5br1mh29M02- -aaf_timeout=5000 -aaf_clean_interval=1200000 -aaf_user_expires=60000 -aaf_high_count=1000000 +cadi_alias=dmaapmr@mr.dmaap.onap.org +cadi_keystore=/appl/dmaapMR1/etc/org.onap.dmaap.mr.p12 +cadi_keystore_password=Messaging for All +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US -# The following properties are being set by the AJSC Container and should NOT need to be set here. -AFT_LATITUDE=33.823589 -AFT_LONGITUDE=-84.366982 -AFT_ENVIRONMENT=AFTUAT +cadi_loglevel=INFO +cadi_protocols=TLSv1.1,TLSv1.2 +cadi_latitude=37.78187 +cadi_longitude=-122.26147
\ No newline at end of file diff --git a/kubernetes/dmaap/charts/message-router/templates/deployment.yaml b/kubernetes/dmaap/charts/message-router/templates/deployment.yaml index 1798092eb4..4e12ded493 100644 --- a/kubernetes/dmaap/charts/message-router/templates/deployment.yaml +++ b/kubernetes/dmaap/charts/message-router/templates/deployment.yaml @@ -66,6 +66,9 @@ spec: port: {{ .Values.service.externalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: enableCadi + value: "false" volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/dmaap/charts/message-router/values.yaml b/kubernetes/dmaap/charts/message-router/values.yaml index 94b7a44c51..9ba34884da 100644 --- a/kubernetes/dmaap/charts/message-router/values.yaml +++ b/kubernetes/dmaap/charts/message-router/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/dmaap-mr:1.1.6 +image: onap/dmaap/dmaap-mr:1.1.7 pullPolicy: Always kafka: @@ -53,14 +53,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 120 periodSeconds: 10 service: |