summaryrefslogtreecommitdiffstats
path: root/kubernetes/dmaap/components
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/dmaap/components')
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties23
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties18
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml4
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml25
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties23
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties17
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml4
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml18
-rw-r--r--kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/_zkquorum.tpl34
-rw-r--r--kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml2
-rw-r--r--kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json2
11 files changed, 153 insertions, 17 deletions
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties
new file mode 100644
index 0000000000..90c413738c
--- /dev/null
+++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties
@@ -0,0 +1,23 @@
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
+cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile
+cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks
+cadi_keystore_password=]3V)($O&.Mv]W{f8^]6SxGNL
+cadi_key_password=]3V)($O&.Mv]W{f8^]6SxGNL
+cadi_alias=dmaap-dr-node@dmaap-dr.onap.org
+cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks
+cadi_truststore_password=(Rd,&{]%ePdp}4JZjqoJ2G+g
+
+aaf_env=DEV
+aaf_locate_url=https://aaf-onap-test.osaaf.org:8095
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1
+cadi_protocols=TLSv1.1,TLSv1.2
+cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1
+fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1
+gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1
+
+cadi_latitude=53.423
+cadi_longitude=7.940
+
+cadi_loglevel=INFO \ No newline at end of file
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties
index 2046dbfbf0..f2896ccafa 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties
+++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties
@@ -108,4 +108,22 @@ QuiesceFile=etc/SHUTDOWN
# The key used to generate passwords for node to node transfers
#
NodeAuthKey=Node123!
+#
+# DR_NODE DEFAULT ENABLED TLS PROTOCOLS
+NodeHttpsProtocols = TLSv1.1|TLSv1.2
+#
+# AAF type to generate permission string
+AAFType = org.onap.dmaap-dr.feed
+#
+# AAF default instance to generate permission string - default should be legacy
+AAFInstance = legacy
+#
+# AAF action to generate permission string - default should be publish
+AAFAction = publish
+#
+# AAF URL to connect to AAF server
+AafUrl = https://aaf-onap-test.osaaf.org:8095
+#
+# AAF CADI enabled flag
+CadiEnabled = false
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml
index cae0d71672..a3882bcb38 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml
@@ -15,7 +15,7 @@
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-node-props-configmap
+ name: {{ include "common.fullname" . }}-configmap
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
@@ -23,7 +23,7 @@ metadata:
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/config/node.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
---
apiVersion: v1
kind: ConfigMap
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml
index 3e0e69ecc2..ec31f3f750 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml
@@ -73,14 +73,17 @@ spec:
name: localtime
readOnly: false
- mountPath: /opt/app/datartr/etc/dedicatedFeed.json
+ name: {{ include "common.fullname" . }}-create-feed-config
subPath: dedicatedFeed.json
- name: create-feed
- mountPath: /opt/app/datartr/etc/createFeed.sh
+ name: {{ include "common.fullname" . }}-create-feed-config
subPath: createFeed.sh
- name: create-feed
- mountPath: /opt/app/datartr/etc/node.properties
+ name: {{ include "common.fullname" . }}-config
subPath: node.properties
- name: node-props
+ - mountPath: /opt/app/datartr/etc/drNodeCadi.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: drNodeCadi.properties
lifecycle:
postStart:
exec:
@@ -114,13 +117,23 @@ spec:
- name: localtime
hostPath:
path: /etc/localtime
- - name: create-feed
+ - name: {{ include "common.fullname" . }}-create-feed-config
configMap:
name: {{ include "common.fullname" . }}-create-feed-configmap
defaultMode: 0755
- - name: node-props
+ items:
+ - key: createFeed.sh
+ path: createFeed.sh
+ - key: dedicatedFeed.json
+ path: dedicatedFeed.json
+ - name: {{ include "common.fullname" . }}-config
configMap:
- name: {{ include "common.fullname" . }}-node-props-configmap
+ name: {{ include "common.fullname" . }}-configmap
+ items:
+ - key: node.properties
+ path: node.properties
+ - key: drNodeCadi.properties
+ path: drNodeCadi.properties
- name: {{ include "common.fullname" . }}-log-conf
configMap:
name: {{ include "common.fullname" . }}-log
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties
new file mode 100644
index 0000000000..6a875146bd
--- /dev/null
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties
@@ -0,0 +1,23 @@
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
+cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile
+cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks
+cadi_keystore_password=AT{];bvaDiytVD&oWhMZj0N5
+cadi_key_password=AT{];bvaDiytVD&oWhMZj0N5
+cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org
+cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks
+cadi_truststore_password=ljlS@Y}0]{UO(TnwvEWkgJ%]
+
+aaf_env=DEV
+aaf_locate_url=https://aaf-onap-test.osaaf.org:8095
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1
+cadi_protocols=TLSv1.1,TLSv1.2
+cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1
+fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1
+gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1
+
+cadi_latitude=53.423
+cadi_longitude=7.940
+
+cadi_loglevel=INFO \ No newline at end of file
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties
index bb24d99dea..2b78b8eb2c 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties
@@ -47,3 +47,20 @@ org.onap.dmaap.datarouter.db.driver = org.mariadb.jdbc.Driver
org.onap.dmaap.datarouter.db.url = jdbc:mariadb://{{.Values.config.dmaapDrDb.mariadbServiceName}}:{{.Values.config.dmaapDrDb.mariadbServicePort}}/datarouter
org.onap.dmaap.datarouter.db.login = datarouter
org.onap.dmaap.datarouter.db.password = datarouter
+
+# PROV - DEFAULT ENABLED TLS PROTOCOLS
+org.onap.dmaap.datarouter.provserver.https.include.protocols = TLSv1.1|TLSv1.2
+
+# AAF config
+org.onap.dmaap.datarouter.provserver.cadi.enabled = false
+
+org.onap.dmaap.datarouter.provserver.passwordencryption = PasswordEncryptionKey#@$%^&1234#
+org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.feed
+org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub
+org.onap.dmaap.datarouter.provserver.aaf.instance = legacy
+org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish
+org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe
+
+# AAF URL to connect to AAF server
+org.onap.dmaap.datarouter.provserver.cadi.aaf.url = https://aaf-onap-test.osaaf.org:8095
+
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml
index bd5886ba9c..fe93cb0dcd 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml
@@ -15,7 +15,7 @@
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-prov-props-configmap
+ name: {{ include "common.fullname" . }}-configmap
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
@@ -23,7 +23,7 @@ metadata:
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/config/provserver.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
---
apiVersion: v1
kind: ConfigMap
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
index 573e90c35a..afd34d92bc 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
@@ -69,10 +69,13 @@ spec:
name: localtime
readOnly: false
- mountPath: /opt/app/datartr/etc/provserver.properties
+ name: {{ include "common.fullname" . }}-config
subPath: provserver.properties
- name: prov-props
- - name: {{ include "common.fullname" . }}-logs
- mountPath: {{ .Values.global.loggingDirectory }}
+ - mountPath: /opt/app/datartr/etc/drProvCadi.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: drProvCadi.properties
+ - mountPath: {{ .Values.global.loggingDirectory }}
+ name: {{ include "common.fullname" . }}-logs
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -99,9 +102,14 @@ spec:
- name: localtime
hostPath:
path: /etc/localtime
- - name: prov-props
+ - name: {{ include "common.fullname" . }}-config
configMap:
- name: {{ include "common.fullname" . }}-prov-props-configmap
+ name: {{ include "common.fullname" . }}-configmap
+ items:
+ - key: provserver.properties
+ path: provserver.properties
+ - key: drProvCadi.properties
+ path: drProvCadi.properties
- name: {{ include "common.fullname" . }}-log-conf
configMap:
name: {{ include "common.fullname" . }}-log
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/_zkquorum.tpl b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/_zkquorum.tpl
new file mode 100644
index 0000000000..9af910eb89
--- /dev/null
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/_zkquorum.tpl
@@ -0,0 +1,34 @@
+{{/*
+# Copyright © 2019 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- /*
+ Calculate the maximum number of zk server down in order to guarantee ZK quorum.
+ For guaranteeing ZK quorum we need half of the server + 1 up.
+
+ div in go template cast return an int64
+ so we need to know if it is an even number or an odd.
+ For this we are doing (n/2)*2=n?
+ if true it is even else it is even
+*/ -}}
+{{- define "zk.maxUnavailable" -}}
+{{- $halfReplica := div .Values.replicaCount 2 -}}
+ {{/* divide by 2 and multiply by 2 in order to know if it is an even number*/}}
+ {{if eq (mul $halfReplica 2) (int .Values.replicaCount) }}
+ {{- toYaml (sub $halfReplica 1) -}}
+ {{else}}
+ {{- toYaml $halfReplica -}}
+ {{end}}
+{{- end -}}
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml
index 2d251e90b0..5a370cdc4a 100644
--- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml
@@ -25,4 +25,4 @@ spec:
selector:
matchLabels:
app: {{ include "common.name" . }}
- maxUnavailable: {{ div (sub .Values.replicaCount 1) 2 }}
+ maxUnavailable: {{ include "zk.maxUnavailable" . }}
diff --git a/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json b/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json
index 691e66abac..d2910b8398 100644
--- a/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json
+++ b/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json
@@ -5,7 +5,7 @@
"txenabled": false,
"clients": [{
"dcaeLocationName": "san-francisco",
- "clientIdentity" "dcae@dcae.onap.org",
+ "clientIdentity": "dcae@dcae.onap.org",
"action": [
"pub",
"view"