diff options
Diffstat (limited to 'kubernetes/dmaap/components/message-router')
13 files changed, 112 insertions, 795 deletions
diff --git a/kubernetes/dmaap/components/message-router/Chart.yaml b/kubernetes/dmaap/components/message-router/Chart.yaml index ba7beaf7f7..c221dff9a7 100644 --- a/kubernetes/dmaap/components/message-router/Chart.yaml +++ b/kubernetes/dmaap/components/message-router/Chart.yaml @@ -27,9 +27,6 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - - name: certInitializer - version: ~12.x-0 - repository: '@local' - name: repositoryGenerator version: ~12.x-0 repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties index a9b0a012a4..2dea84d289 100755 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties @@ -30,7 +30,7 @@ ## if you want to change request.required.acks it can take this one value #kafka.request.required.acks=-1 kafka.metadata.broker.list={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092 -config.zk.servers=127.0.0.1:{{ .Values.global.zkTunnelService.internalPort }} +config.zk.servers=127.0.0.1:{{ .Values.zkTunnelService.internalPort }} consumer.timeout.ms=100 zookeeper.connection.timeout.ms=6000 zookeeper.session.timeout.ms=20000 @@ -124,26 +124,10 @@ default.replicas=3 #100mb maxcontentlength=10000 - ############################################################################## -#AAF Properties -msgRtr.namespace.aaf=org.onap.dmaap.mr.topic -msgRtr.topicfactory.aaf=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic: -enforced.topic.name.AAF=org.onap.dmaap.mr +##AAF Properties forceAAF=false useCustomAcls=false -transidUEBtopicreqd=false -defaultNSforUEB=org.onap.dmaap.mr -############################################################################## -#Mirror Maker Agent - -msgRtr.mirrormakeradmin.aaf=org.onap.dmaap.mr.mirrormaker|*|admin -msgRtr.mirrormakeruser.aaf=org.onap.dmaap.mr.mirrormaker|*|user -msgRtr.mirrormakeruser.aaf.create=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic: -msgRtr.mirrormaker.timeout=15000 -msgRtr.mirrormaker.topic=org.onap.dmaap.mr.mirrormakeragent -msgRtr.mirrormaker.consumergroup=mmagentserver -msgRtr.mirrormaker.consumerid=1 kafka.max.poll.interval.ms=300000 kafka.heartbeat.interval.ms=60000 diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/jmx-mrservice-prometheus.yml b/kubernetes/dmaap/components/message-router/resources/config/dmaap/jmx-mrservice-prometheus.yml deleted file mode 100644 index 3ee9fc5fe6..0000000000 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/jmx-mrservice-prometheus.yml +++ /dev/null @@ -1,4 +0,0 @@ -jmxUrl: service:jmx:rmi:///jndi/rmi://localhost:{{ .Values.prometheus.jmx.targetPort }}/jmxrmi -lowercaseOutputName: true -lowercaseOutputLabelNames: true -ssl: false
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/sys-props.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/sys-props.properties deleted file mode 100644 index cd88565ed0..0000000000 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/sys-props.properties +++ /dev/null @@ -1,165 +0,0 @@ -############################################################################### -# ============LICENSE_START======================================================= -# org.onap.dmaap -# ================================================================================ -# Copyright (c) 2017-201 AT&T Intellectual Property. All rights reserved. -# Copyright (c) 2021 Orange Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# -# ECOMP is a trademark and service mark of AT&T Intellectual Property. -# -############################################################################### -#This file is used for defining AJSC system properties for different configuration schemes and is necessary for the AJSC to run properly. -#The sys-props.properties file is used for running locally. The template.sys-props.properties file will be used when deployed -#to a SOA/CSI Cloud node. For more information, - -#AJSC System Properties. The following properties are required for ALL AJSC services. If you are adding System Properties for your -#particular service, please add them AFTER all AJSC related System Properties. - -#For Cadi Authorization, use value="authentication-scheme-1 -CadiAuthN=authentication-scheme-1 - -#For Basic Authorization, use value="authentication-scheme-1 -authN=authentication-scheme-2 - -#Persistence used for AJSC meta-data storage. For most environments, "file" should be used. -ajscPersistence=file - -# If using hawtio for local development, these properties will allow for faster server startup and usage for local development -hawtio.authenticationEnabled=false -hawtio.config.pullOnStartup=false - -#Removes the extraneous restlet console output -org.restlet.engine.loggerFacadeClass=org.restlet.ext.slf4j.Slf4jLoggerFacade - -#server.host property to be enabled for local DME2 related testing -#server.host=<Your network IP address> - -#Enable/disable SSL (values=true/false). This property also determines which protocol to use (https if true, http otherwise), to register services into GRM through DME2. -enableSSL=false - -#Enable/disable csi logging (values=true/false). This can be disabled during local development -csiEnable=false - -#Enable/disable CAET This can be disabled during local development -isCAETEnable=true - -#Enable/disable EJB Container -ENABLE_EJB=false - -#Enable/disable OSGI -isOSGIEnable=false - -#Configure JMS Queue (WMQ/TIBCO) -JMS_BROKER=WMQ - -#Generate/Skip api docs -isApiDoc=false - - -#WMQ connectivity -JMS_WMQ_PROVIDER_URL=aftdsc://AFTUAT/34.07/-84.28 -JMS_WMQ_CONNECTION_FACTORY_NAME=aftdsc://AFTUAT/?service=CSILOG,version=1.0,bindingType=fusionBus,envContext=Q,Q30A=YES -JMS_WMQ_INITIAL_CONNECTION_FACTORY_NAME=com.att.aft.jms.FusionCtxFactory -JMS_WMQ_AUDIT_DESTINATION_NAME=queue:///CSILOGQL.M2E.DASHBOARD01.NOT.Q30A -JMS_WMQ_PERF_DESTINATION_NAME=queue:///CSILOGQL.M2E.PERFORMANCE01.NOT.Q30A - -#CSI related variables for CSM framework -csm.hostname=d1a-m2e-q112m2e1.edc.cingular.net - -#Enable/disable endpoint level logging (values=true/false). This can be disabled during local development -endpointLogging=false - -#Enable/disable trail logging and trail logging summary -enableTrailLogging=false -enableTrailLoggingSummary=false - -#SOA_CLOUD_ENV is used to register your service with dme2 and can be turned off for local development (values=true/false). -SOA_CLOUD_ENV=false - -#CONTINUE_ON_LISTENER_EXCEPTION will exit the application if there is a DME2 exception at the time of registration. -CONTINUE_ON_LISTENER_EXCEPTION=false - -#Jetty Container ThreadCount Configuration Variables -AJSC_JETTY_ThreadCount_MIN=1 -AJSC_JETTY_ThreadCount_MAX=200 -AJSC_JETTY_IDLETIME_MAX=3000 - -#Camel Context level default threadPool Profile configuration -CAMEL_POOL_SIZE=10 -CAMEL_MAX_POOL_SIZE=20 -CAMEL_KEEP_ALIVE_TIME=60 -CAMEL_MAX_QUEUE_SIZE=1000 - -#File Monitor configurations -ssf_filemonitor_polling_interval=5 -ssf_filemonitor_threadpool_size=10 - -#GRM/DME2 System Properties -AFT_DME2_CONN_IDLE_TIMEOUTMS=5000 -AJSC_ENV=SOACLOUD - -SOACLOUD_NAMESPACE=org.onap.dmaap.dev -SOACLOUD_ENV_CONTEXT=TEST -SOACLOUD_PROTOCOL=http -SOACLOUD_ROUTE_OFFER=DEFAULT - -AFT_LATITUDE=23.4 -AFT_LONGITUDE=33.6 -AFT_ENVIRONMENT=AFTUAT - -#Restlet Component Default Properties -RESTLET_COMPONENT_CONTROLLER_DAEMON=true -RESTLET_COMPONENT_CONTROLLER_SLEEP_TIME_MS=100 -RESTLET_COMPONENT_INBOUND_BUFFER_SIZE=8192 -RESTLET_COMPONENT_MIN_THREADS=1 -RESTLET_COMPONENT_MAX_THREADS=10 -RESTLET_COMPONENT_LOW_THREADS=8 -RESTLET_COMPONENT_MAX_QUEUED=0 -RESTLET_COMPONENT_MAX_CONNECTIONS_PER_HOST=-1 -RESTLET_COMPONENT_MAX_TOTAL_CONNECTIONS=-1 -RESTLET_COMPONENT_OUTBOUND_BUFFER_SIZE=8192 -RESTLET_COMPONENT_PERSISTING_CONNECTIONS=true -RESTLET_COMPONENT_PIPELINING_CONNECTIONS=false -RESTLET_COMPONENT_THREAD_MAX_IDLE_TIME_MS=60000 -RESTLET_COMPONENT_USE_FORWARDED_HEADER=false -RESTLET_COMPONENT_REUSE_ADDRESS=true - -#Externalized jar and properties file location. In CSI environments, there are a few libs that have been externalized to aid -#in CSTEM maintenance of the versions of these libs. The most important to the AJSC is the DME2 lib. Not only is this lib necessary -#for proper registration of your AJSC service on a node, but it is also necessary for running locally as well. Another framework -#used in CSI envs is the CSM framework. These 2 framework libs are shown as "provided" dependencies within the pom.xml. These -#dependencies will be copied into the target/commonLibs folder with the normal "mvn clean package" goal of the AJSC. They will -#then be added to the classpath via AJSC_EXTERNAL_LIB_FOLDERS system property. Any files (mainly property files) that need -#to be on the classpath should be added to the AJSC_EXTERNAL_PROPERTIES_FOLDERS system property. The default scenario when -#testing your AJSC service locally will utilize the target/commonLibs directory for DME2 and CSM related artifacts and 2 -#default csm properties files will be used for local testing with anything CSM knorelated. -#NOTE: we are using maven-replacer-plugin to replace "(doubleUnderscore)basedir(doubleUnderscore)" with ${basedir} within the -#target directory for running locally. Multiple folder locations can be separated by the pipe ("|") character. -#Please, NOTE: for running locally, we are setting this system property in the antBuild/build.xml "runLocal" target and in the -#"runAjsc" profile within the pom.xml. This is to most effectively use maven variables (${basedir}, most specifically. Therefore, -#when running locally, the following 2 properties should be set within the profile(s) themselves. -#Example: target/commonLibs|target/otherLibs -#AJSC_EXTERNAL_LIB_FOLDERS=__basedir__/target/commonLibs -#AJSC_EXTERNAL_PROPERTIES_FOLDERS=__basedir__/ajsc-shared-config/etc -#End of AJSC System Properties - -#Service System Properties. Please, place any Service related System Properties below. - -#msgrtr content length and error message -#100mb -maxcontentlength=10000 -msg_size_exceeds=Message size exceeds the default size. -forceAAF=false -cadi_prop_files={{.Values.certInitializer.appMountPath}}/local/{{.Values.certInitializer.fqi_namespace}}.properties
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/resources/config/etc/ajsc-jetty.xml b/kubernetes/dmaap/components/message-router/resources/config/etc/ajsc-jetty.xml deleted file mode 100644 index 49196e441b..0000000000 --- a/kubernetes/dmaap/components/message-router/resources/config/etc/ajsc-jetty.xml +++ /dev/null @@ -1,138 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- {{/* - ============LICENSE_START======================================================= - org.onap.dmaap - ================================================================================ - Copyright © 2017-2021 AT&T Intellectual Property. All rights reserved. - Copyright © 2021 Orange Intellectual Property. All rights reserved. - ================================================================================ - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ============LICENSE_END========================================================= - ECOMP is a trademark and service mark of AT&T Intellectual Property. -*/}} ---> - -<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd"> -<Configure id="ajsc-server" class="org.eclipse.jetty.server.Server"> - <!-- DO NOT REMOVE!!!! This is setting up the AJSC Context --> - <New id="ajscContext" class="org.eclipse.jetty.webapp.WebAppContext"> - <Set name="contextPath"><SystemProperty name="AJSC_CONTEXT_PATH" /></Set> - <Set name="extractWAR">true</Set> - <Set name="tempDirectory"><SystemProperty name="AJSC_TEMP_DIR" /></Set> - <Set name="war"><SystemProperty name="AJSC_WAR_PATH" /></Set> - <Set name="descriptor"><SystemProperty name="AJSC_HOME" />/etc/runner-web.xml</Set> - <Set name="overrideDescriptor"><SystemProperty name="AJSC_HOME" />/etc/ajsc-override-web.xml</Set> - <Set name="throwUnavailableOnStartupException">true</Set> - <Set name="extraClasspath"><SystemProperty name="AJSC_HOME" />/extJars/json-20131018.jar</Set> - <Set name="servletHandler"> - <New class="org.eclipse.jetty.servlet.ServletHandler"> - <Set name="startWithUnavailable">false</Set> - </New> - </Set> - </New> - - <Set name="handler"> - <New id="Contexts" class="org.eclipse.jetty.server.handler.ContextHandlerCollection"> - <Set name="Handlers"> - <Array type="org.eclipse.jetty.webapp.WebAppContext"> - <Item> - <Ref refid="ajscContext" /> - </Item> - </Array> - </Set> - </New> - </Set> - - <Call name="addBean"> - <Arg> - <New id="DeploymentManager" class="org.eclipse.jetty.deploy.DeploymentManager"> - <Set name="contexts"> - <Ref refid="Contexts" /> - </Set> - <Call id="extAppHotDeployProvider" name="addAppProvider"> - <Arg> - <New class="org.eclipse.jetty.deploy.providers.WebAppProvider"> - <Set name="monitoredDirName"><SystemProperty name="AJSC_HOME" />/extApps</Set> - <Set name="scanInterval">10</Set> - <Set name="extractWars">true</Set> - </New> - </Arg> - </Call> - </New> - </Arg> - </Call> - - <Call name="addConnector"> - <Arg> - <New class="org.eclipse.jetty.server.ServerConnector"> - <Arg name="server"> - <Ref refid="ajsc-server" /> - </Arg> - <Set name="port"><SystemProperty name="AJSC_HTTP_PORT" default="8080" /></Set> - </New> - </Arg> - </Call> - - - <!-- SSL Keystore configuration --> - - <New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory"> - <Set name="KeyStorePath">{{.Values.certInitializer.appMountPath}}/local/{{.Values.certInitializer.fqi_namespace}}.jks</Set> - <Set name="KeyStorePassword">${KEYSTORE_PASSWORD}</Set> - <Set name="KeyManagerPassword">${KEYSTORE_PASSWORD}</Set> - <Set name="WantClientAuth">true</Set> - </New> - <Call id="sslConnector" name="addConnector"> - <Arg> - <New class="org.eclipse.jetty.server.ServerConnector"> - <Arg name="server"> - <Ref refid="ajsc-server" /> - </Arg> - <Arg name="factories"> - <Array type="org.eclipse.jetty.server.ConnectionFactory"> - <Item> - <New class="org.eclipse.jetty.server.SslConnectionFactory"> - <Arg name="next">http/1.1</Arg> - <Arg name="sslContextFactory"> - <Ref refid="sslContextFactory" /> - </Arg> - </New> - </Item> - <Item> - <New class="org.eclipse.jetty.server.HttpConnectionFactory"> - <Arg name="config"> - <New class="org.eclipse.jetty.server.HttpConfiguration"> - <Call name="addCustomizer"> - <Arg> - <New class="org.eclipse.jetty.server.SecureRequestCustomizer" /> - </Arg> - </Call> - </New> - </Arg> - </New> - </Item> - </Array> - </Arg> - <Set name="port"><SystemProperty name="AJSC_HTTPS_PORT" default="0" /></Set> - <Set name="idleTimeout">30000</Set> - </New> - </Arg> - </Call> - - - <Get name="ThreadPool"> - <Set name="minThreads"><SystemProperty name="AJSC_JETTY_ThreadCount_MIN" /></Set> - <Set name="maxThreads"><SystemProperty name="AJSC_JETTY_ThreadCount_MAX" /></Set> - <Set name="idleTimeout"><SystemProperty name="AJSC_JETTY_IDLETIME_MAX" /></Set> - <Set name="detailedDump">false</Set> - </Get> - -</Configure> diff --git a/kubernetes/dmaap/components/message-router/resources/config/etc/cadi.properties b/kubernetes/dmaap/components/message-router/resources/config/etc/cadi.properties deleted file mode 100644 index 596a316d77..0000000000 --- a/kubernetes/dmaap/components/message-router/resources/config/etc/cadi.properties +++ /dev/null @@ -1,19 +0,0 @@ -aaf_locate_url=https://aaf-locate.onap:8095 -aaf_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1 -aaf_env=DEV -aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm - -cadi_truststore={{ .Values.certInitializer.appMountPath }}/local/{{ .Values.certInitializer.fqi_namespace }}.trust.jks -cadi_truststore_password=${TRUSTSTORE_PASSWORD} - -cadi_keyfile={{ .Values.certInitializer.appMountPath }}/local/{{ .Values.certInitializer.fqi_namespace }}.keyfile - -cadi_alias={{ .Values.certInitializer.fqi }} -cadi_keystore={{ .Values.certInitializer.appMountPath }}/local/{{ .Values.certInitializer.fqi_namespace }}.p12 -cadi_keystore_password=${KEYSTORE_PASSWORD_P12} -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US - -cadi_loglevel=INFO -cadi_protocols=TLSv1.1,TLSv1.2 -cadi_latitude=37.78187 -cadi_longitude=-122.26147 diff --git a/kubernetes/dmaap/components/message-router/resources/config/etc/runner-web.xml b/kubernetes/dmaap/components/message-router/resources/config/etc/runner-web.xml deleted file mode 100644 index 116c52499f..0000000000 --- a/kubernetes/dmaap/components/message-router/resources/config/etc/runner-web.xml +++ /dev/null @@ -1,108 +0,0 @@ -<?xml version="1.0" encoding="ISO-8859-1"?> -<!--{{/* - ============LICENSE_START======================================================= - org.onap.dmaap - ================================================================================ - Copyright c 2017 AT&T Intellectual Property. All rights reserved. - Copyright c 2021 Orange Intellectual Property. All rights reserved. - ================================================================================ - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ============LICENSE_END========================================================= - - ECOMP is a trademark and service mark of AT&T Intellectual Property.*/}} ---> -<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" metadata-complete="false" version="3.0"> - - <context-param> - <param-name>contextConfigLocation</param-name> - <param-value>/WEB-INF/spring-servlet.xml, - classpath:applicationContext.xml -</param-value> - </context-param> - - <context-param> - <param-name>spring.profiles.default</param-name> - <param-value>nooauth</param-value> - </context-param> - - <listener> - <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> - </listener> - - <servlet> - <servlet-name>ManagementServlet</servlet-name> - <servlet-class>ajsc.ManagementServlet</servlet-class> - </servlet> - - <filter> - <filter-name>WriteableRequestFilter</filter-name> - <filter-class>com.att.ajsc.csi.writeablerequestfilter.WriteableRequestFilter</filter-class> - </filter> - - <filter> - <filter-name>InterceptorFilter</filter-name> - <filter-class>ajsc.filters.InterceptorFilter</filter-class> - <init-param> - <param-name>preProcessor_interceptor_config_file</param-name> - <param-value>/etc/PreProcessorInterceptors.properties</param-value> - </init-param> - <init-param> - <param-name>postProcessor_interceptor_config_file</param-name> - <param-value>/etc/PostProcessorInterceptors.properties</param-value> - </init-param> - - </filter> - - <!-- Content length filter for Msgrtr --> - <filter> - <display-name>DMaaPAuthFilter</display-name> - <filter-name>DMaaPAuthFilter</filter-name> - <filter-class>org.onap.dmaap.util.DMaaPAuthFilter</filter-class> - <init-param> - <param-name>cadi_prop_files</param-name> - <param-value>{{.Values.certInitializer.appMountPath}}/local/cadi.properties</param-value> - </init-param> - </filter> - - <!-- End Content length filter for Msgrtr --> - <servlet> - <servlet-name>RestletServlet</servlet-name> - <servlet-class>ajsc.restlet.RestletSpringServlet</servlet-class> - <init-param> - <param-name>org.restlet.component</param-name> - <param-value>restletComponent</param-value> - </init-param> - </servlet> - - <servlet> - <servlet-name>CamelServlet</servlet-name> - <servlet-class>ajsc.servlet.AjscCamelServlet</servlet-class> - </servlet> - - - <filter> - <filter-name>springSecurityFilterChain</filter-name> - <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> - </filter> - - <servlet> - <servlet-name>spring</servlet-name> - <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> - <load-on-startup>1</load-on-startup> - </servlet> - - <servlet-mapping> - <servlet-name>spring</servlet-name> - <url-pattern>/</url-pattern> - </servlet-mapping> - -</web-app> diff --git a/kubernetes/dmaap/components/message-router/templates/NOTES.txt b/kubernetes/dmaap/components/message-router/templates/NOTES.txt deleted file mode 100644 index a44d0f76ee..0000000000 --- a/kubernetes/dmaap/components/message-router/templates/NOTES.txt +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/dmaap/components/message-router/templates/configmap.yaml b/kubernetes/dmaap/components/message-router/templates/configmap.yaml index c999b79183..3f786ad950 100644 --- a/kubernetes/dmaap/components/message-router/templates/configmap.yaml +++ b/kubernetes/dmaap/components/message-router/templates/configmap.yaml @@ -40,45 +40,4 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/dmaap/logback.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-etc - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/etc/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-sys-props - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/dmaap/sys-props.properties").AsConfig . | indent 2 }} ---- -{{- if .Values.prometheus.jmx.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-prometheus-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/dmaap/jmx-mrservice-prometheus.yml").AsConfig . | indent 2 }} ---- -{{ end }} + diff --git a/kubernetes/dmaap/components/message-router/templates/ingress.yaml b/kubernetes/dmaap/components/message-router/templates/ingress.yaml new file mode 100644 index 0000000000..a90bf83c07 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/templates/ingress.yaml @@ -0,0 +1,18 @@ +{{/* +# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{ include "common.ingress" . }} diff --git a/kubernetes/dmaap/components/message-router/templates/secrets.yaml b/kubernetes/dmaap/components/message-router/templates/secrets.yaml deleted file mode 100644 index 50dda8a8f9..0000000000 --- a/kubernetes/dmaap/components/message-router/templates/secrets.yaml +++ /dev/null @@ -1,33 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# Modifications Copyright © 2021-2022 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-secret - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ (.Files.Glob "resources/config/dmaap/mykey").AsSecrets | indent 2 }} -type: Opaque ---- -{{ include "common.secretFast" . }} diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index 904c160c70..bb42561cbe 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -22,103 +22,14 @@ metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: selector: {{- include "common.selectors" . | nindent 4 }} serviceName: {{ include "common.servicename" . }} - replicas: {{ .Values.replicaCount }} + replicas: 1 template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: - initContainers: - {{ include "common.certInitializer.initContainer" . | indent 6 | trim }} - {{- if .Values.global.aafEnabled }} - - name: {{ include "common.name" . }}-update-config - command: - - sh - args: - - -c - - | - export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0); - cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done - volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} - - mountPath: /config - name: jetty - - mountPath: /config-input - name: etc - image: {{ include "repositoryGenerator.image.envsubst" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - {{- end }} containers: - {{- if .Values.prometheus.jmx.enabled }} - - name: prometheus-jmx-exporter - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.prometheus.jmx.image }}:{{ .Values.prometheus.jmx.imageTag }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - java - - -XX:+UnlockExperimentalVMOptions - - -XX:+UseCGroupMemoryLimitForHeap - - -XX:MaxRAMFraction=1 - - -XshowSettings:vm - - -jar - - jmx_prometheus_httpserver.jar - - {{ .Values.prometheus.jmx.port | quote }} - - /etc/jmx-kafka/jmx-mrservice-prometheus.yml - ports: - - containerPort: {{ .Values.prometheus.jmx.port }} - resources: - volumeMounts: - - name: jmx-config - mountPath: /etc/jmx-kafka - {{- end }} - - name: srimzi-zk-entrance - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.zookeeper.entrance.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /opt/stunnel/stunnel_run.sh - ports: - - containerPort: {{ .Values.global.zkTunnelService.internalPort }} - name: zoo - protocol: TCP - env: - - name: LOG_LEVEL - value: debug - - name: STRIMZI_ZOOKEEPER_CONNECT - value: '{{ include "common.release" . }}-strimzi-zookeeper-client:{{ .Values.global.zkTunnelService.internalPort }}' - livenessProbe: - exec: - command: - - /opt/stunnel/stunnel_healthcheck.sh - - '{{ .Values.global.zkTunnelService.internalPort }}' - failureThreshold: 3 - initialDelaySeconds: 15 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - readinessProbe: - exec: - command: - - /opt/stunnel/stunnel_healthcheck.sh - - '{{ .Values.global.zkTunnelService.internalPort }}' - failureThreshold: 3 - initialDelaySeconds: 15 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - volumeMounts: - - mountPath: /etc/cluster-operator-certs/ - name: cluster-operator-certs - - mountPath: /etc/cluster-ca-certs/ - name: cluster-ca-certs - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - {{- if .Values.global.aafEnabled }} - command: - - sh - args: - - -c - - | - cp /jetty-config/ajsc-jetty.xml /appl/dmaapMR1/etc/ - cp /jetty-config/cadi.properties {{ .Values.certInitializer.appMountPath }}/local/cadi.properties - /bin/sh /appl/startup.sh - {{- end }} ports: {{ include "common.containerPorts" . | nindent 10 }} {{- if eq .Values.liveness.enabled true }} livenessProbe: @@ -148,58 +59,78 @@ spec: failureThreshold: {{ .Values.startup.failureThreshold }} env: - name: JAASLOGIN - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "mr-kafka-admin-secret" "key" "sasl.jaas.config") | indent 12 }} + valueFrom: + secretKeyRef: + name: strimzi-kafka-admin + key: sasl.jaas.config - name: SASLMECH value: scram-sha-512 - name: enableCadi - value: "{{ .Values.global.aafEnabled }}" + value: "true" - name: useZkTopicStore value: "false" - volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /appl/dmaapMR1/bundleconfig/etc/appprops/MsgRtrApi.properties - subPath: MsgRtrApi.properties - name: appprops - - mountPath: /appl/dmaapMR1/bundleconfig/etc/logback.xml - subPath: logback.xml - name: logback - {{- if .Values.global.aafEnabled }} - - mountPath: /appl/dmaapMR1/etc/runner-web.xml - subPath: runner-web.xml - name: etc - - mountPath: /appl/dmaapMR1/bundleconfig/etc/sysprops/sys-props.properties - subPath: sys-props.properties - name: sys-props - - mountPath: /jetty-config - name: jetty - {{- end }} - resources: {{ include "common.resources" . | nindent 12 }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /appl/dmaapMR1/bundleconfig/etc/appprops/MsgRtrApi.properties + subPath: MsgRtrApi.properties + name: appprops + - mountPath: /appl/dmaapMR1/bundleconfig/etc/logback.xml + subPath: logback.xml + name: logback + resources: +{{ include "common.resources" . }} + - name: {{ .Values.zkTunnelService.name }} + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.zkTunnelService.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /opt/stunnel/stunnel_run.sh + ports: + - containerPort: {{ .Values.zkTunnelService.internalPort }} + name: {{ .Values.zkTunnelService.portName }} + protocol: {{ .Values.zkTunnelService.protocol }} + env: + - name: LOG_LEVEL + value: {{ .Values.zkTunnelService.logLevel }} + - name: STRIMZI_ZOOKEEPER_CONNECT + value: '{{ include "common.release" . }}-strimzi-zookeeper-client:{{ .Values.zkTunnelService.internalPort }}' + livenessProbe: + exec: + command: + - /opt/stunnel/stunnel_healthcheck.sh + - '{{ .Values.zkTunnelService.internalPort }}' + failureThreshold: 3 + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + readinessProbe: + exec: + command: + - /opt/stunnel/stunnel_healthcheck.sh + - '{{ .Values.zkTunnelService.internalPort }}' + failureThreshold: 3 + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + volumeMounts: + - mountPath: /etc/cluster-operator-certs/ + name: cluster-operator-certs + - mountPath: /etc/cluster-ca-certs/ + name: cluster-ca-certs serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} + volumes: - name: localtime hostPath: path: /etc/localtime - name: appprops configMap: name: {{ include "common.fullname" . }}-msgrtrapi-prop-configmap - - name: etc - configMap: - name: {{ include "common.fullname" . }}-etc - name: logback configMap: name: {{ include "common.fullname" . }}-logback-xml-configmap - {{- if .Values.prometheus.jmx.enabled }} - - name: jmx-config - configMap: - name: {{ include "common.fullname" . }}-prometheus-configmap - {{- end }} - - name: sys-props - configMap: - name: {{ include "common.fullname" . }}-sys-props - - name: jetty - emptyDir: {} - name: cluster-operator-certs secret: defaultMode: 288 @@ -226,7 +157,7 @@ spec: matchLabels: app.kubernetes.io/name: {{ include "common.name" . }} ports: - - port: {{ .Values.global.zkTunnelService.internalPort }} - protocol: TCP + - port: {{ .Values.zkTunnelService.internalPort }} + protocol: {{ .Values.zkTunnelService.protocol }} policyTypes: - Ingress diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index 80460ba570..c68a91c689 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -18,52 +18,7 @@ # Global configuration defaults. ################################################################# global: - nodePortPrefix: 302 - zkTunnelService: - type: ClusterIP - name: zk-tunnel-svc - portName: tcp-zk-tunnel - internalPort: 2181 - -zookeeper: - entrance: - image: scholzj/zoo-entrance:latest - -################################################################# -# AAF part -################################################################# -certInitializer: - nameOverride: dmaap-mr-cert-initializer - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - # aafDeployCredsExternalSecret: some secret - fqdn: dmaap-mr - fqi: dmaapmr@mr.dmaap.onap.org - public_fqdn: mr.dmaap.onap.org - cadi_longitude: "-122.26147" - cadi_latitude: "37.78187" - app_ns: org.osaaf.aaf - credsPath: /opt/app/osaaf/local - appMountPath: /appl/dmaapMR1/bundleconfig/etc/sysprops - fqi_namespace: org.onap.dmaap.mr - aaf_add_config: | - cd {{ .Values.credsPath }} - echo "*** change jks password into shell safe one" - export KEYSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) - keytool -storepasswd -new "${KEYSTORE_PASSWD}" \ - -storepass "${cadi_keystore_password_jks}" \ - -keystore {{ .Values.fqi_namespace }}.jks - echo "*** set key password as same password as jks keystore password" - keytool -keypasswd -new "${KEYSTORE_PASSWD}" \ - -keystore {{ .Values.fqi_namespace }}.jks \ - -keypass "${cadi_keystore_password_jks}" \ - -storepass "${KEYSTORE_PASSWD}" -alias {{ .Values.fqi }} - echo "*** store the passwords" - echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWD}" > mycreds.prop - echo "KEYSTORE_PASSWORD_P12=${cadi_keystore_password_p12}" >> mycreds.prop - echo "TRUSTSTORE_PASSWORD=${cadi_truststore_password}" >> mycreds.prop - echo "*** give ownership of files to the user" - chown -R 1000 . + persistence: {} ################################################################# # Application configuration defaults. @@ -72,28 +27,38 @@ certInitializer: image: onap/dmaap/dmaap-mr:1.4.3 pullPolicy: Always -secrets: - - uid: mr-kafka-admin-secret - externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' - type: genericKV - envs: - - name: sasl.jaas.config - value: '{{ .Values.config.someConfig }}' - policy: generate +#Strimzi zookeeper_tunnel config +zkTunnelService: + type: ClusterIP + name: zk-tunnel-svc + portName: tcp-zk-tunnel + protocol: TCP + internalPort: 2181 + logLevel: debug + image: scholzj/zoo-entrance:latest -# flag to enable debugging - application support required -debugEnabled: false +nodeSelector: {} -# application configuration -config: - someConfig: blah +affinity: {} -# default number of instances -replicaCount: 1 +containerPort: &svc_port 3904 -nodeSelector: {} +service: + type: ClusterIP + name: message-router + ports: + - name: api + port: *svc_port + port_protocol: http -affinity: {} +ingress: + enabled: false + service: + - baseaddr: "dmaap-mr-api" + name: "message-router" + port: *svc_port + config: + ssl: "redirect" # probe configuration parameters liveness: @@ -104,7 +69,7 @@ liveness: failureThreshold: 3 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container - port: api + port: *svc_port enabled: true readiness: @@ -113,7 +78,7 @@ readiness: timeoutSeconds: 1 successThreshold: 1 failureThreshold: 3 - port: api + port: *svc_port startup: initialDelaySeconds: 10 @@ -121,43 +86,7 @@ startup: timeoutSeconds: 1 successThreshold: 1 failureThreshold: 70 - port: api - -service: - type: NodePort - name: message-router - both_tls_and_plain: true - msb: - - port: 3904 - url: "/" - version: "v1" - protocol: "REST" - visualRange: "1" - ports: - - name: api - port: 3905 - plain_port: 3904 - port_protocol: http - nodePort: 26 - -prometheus: - jmx: - enabled: false - image: solsson/kafka-prometheus-jmx-exporter@sha256 - imageTag: 6f82e2b0464f50da8104acd7363fb9b995001ddff77d248379f8788e78946143 - port: 5556 - targetPort: 5555 - -ingress: - enabled: false - service: - - baseaddr: "dmaap-mr-api" - name: "message-router" - port: 3905 - plain_port: 3904 - config: - ssl: "redirect" - + port: *svc_port # Resource Limit flavor -By Default using small flavor: small |