diff options
Diffstat (limited to 'kubernetes/dmaap')
24 files changed, 104 insertions, 40 deletions
diff --git a/kubernetes/dmaap/components/dmaap-bc/requirements.yaml b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml index 95f841632c..7c26bb83b1 100644 --- a/kubernetes/dmaap/components/dmaap-bc/requirements.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml @@ -26,3 +26,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json index 8f4cf8bd64..34197b948e 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json +++ b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json @@ -2,7 +2,7 @@ "topicName": "PNF_READY", "topicDescription": "This topic will be used to publish the PNF_READY events generated by the PNF REgistration Handler service in the DCAE platform.", "owner": "PNFRegistrationHandler", - "txenabled": false, + "tnxEnabled": false, "clients": [ { "dcaeLocationName": "san-francisco", diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json index f0dd2c7829..e7325794a1 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json +++ b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json @@ -2,7 +2,7 @@ "topicName": "PNF_REGISTRATION", "topicDescription": "the VES collector will be publishing pnfRegistration events in this topic", "owner": "VEScollector", - "txenabled": false, + "tnxEnabled": false, "clients": [ { "dcaeLocationName": "san-francisco", diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json b/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json index ff1a5732e2..fb2c54ed4b 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json +++ b/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json @@ -3,7 +3,7 @@ "topicDescription": "the topic used to provision the MM agent whitelist", "replicationCase": "REPLICATION_NONE", "owner": "dmaap", - "txenabled": false, + "tnxEnabled": false, "partitionCount": "1", "clients": [ { diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml index eaad403dc8..a0b6fdad8d 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml @@ -114,6 +114,7 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | nindent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml index bfd0f1ebd3..a3d42d2130 100644 --- a/kubernetes/dmaap/components/dmaap-bc/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -40,7 +40,7 @@ secrets: pullPolicy: Always # application images -image: onap/dmaap/dmaap-bc:2.0.5 +image: onap/dmaap/dmaap-bc:2.0.6 # application configuration @@ -163,3 +163,9 @@ resources: cpu: 2 memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: dmaap-bc + roles: + - read diff --git a/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml b/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml index d96058de91..b7e9dceba7 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml @@ -25,3 +25,9 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' + - name: certInitializer + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties index 1d0015ed7f..20030a79c8 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties @@ -103,4 +103,4 @@ AAFAction = publish CadiEnabled = false # # AAF Props file path -AAFPropsFilePath = {{ .Values.aafConfig.credsPath }}/org.onap.dmaap-dr.props +AAFPropsFilePath = {{ .Values.certInitializer.credsPath }}/org.onap.dmaap-dr.props diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml index 40a4d7db93..90db648028 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml @@ -23,7 +23,7 @@ spec: template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: - initContainers: + initContainers: {{ include "common.certInitializer.initContainer" . | nindent 8 }} - name: {{ include "common.name" . }}-readiness image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -38,11 +38,10 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - {{- if .Values.global.aafEnabled }}{{ include "common.aaf-config" . | nindent 8 }}{{ end }} - name: {{ include "common.name" . }}-permission-fixer image: {{ include "repositoryGenerator.image.busybox" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{- if .Values.global.aafEnabled }}{{ include "common.aaf-config-volume-mountpath" . | nindent 10 }}{{ end }} + volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - mountPath: {{ .Values.persistence.spool.path }} name: {{ include "common.fullname" . }}-spool - mountPath: {{ .Values.persistence.event.path }} @@ -65,7 +64,7 @@ spec: port: {{.Values.readiness.port}} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - volumeMounts: {{- if .Values.global.aafEnabled }}{{ include "common.aaf-config-volume-mountpath" . | nindent 10 }}{{ end }} + volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - mountPath: {{ .Values.persistence.spool.path }} name: {{ include "common.fullname" . }}-spool - mountPath: {{ .Values.persistence.event.path }} @@ -102,7 +101,8 @@ spec: mountPath: /var/log/onap/datarouter-node imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" - volumes: {{ include "common.aaf-config-volumes" . | nindent 8 }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} + volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime hostPath: path: /etc/localtime diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index 1d55a13bd9..ced70050a3 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -21,6 +21,25 @@ global: aafEnabled: true ################################################################# +# AAF part +################################################################# +certInitializer: + nameOverride: dmaap-dr-node-cert-initializer + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + fqdn: dmaap-dr-node + fqi: dmaap-dr-node@dmaap-dr.onap.org + public_fqdn: dmaap-dr.onap.org + cadi_longitude: "0.0" + cadi_latitude: "0.0" + app_ns: org.osaaf.aaf + credsPath: /opt/app/osaaf/local + aaf_add_config: > + echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" > {{ .Values.credsPath }}/mycreds.prop + echo "cadi_truststore_password=$cadi_truststore_password" >> {{ .Values.credsPath }}/mycreds.prop + +################################################################# # Application configuration defaults. ################################################################# # application image @@ -78,32 +97,9 @@ persistence: app.kubernetes.io/component: event-logs ################################################################# -# AAF part -################################################################# -aafConfig: - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - fqdn: dmaap-dr-node - fqi: dmaap-dr-node@dmaap-dr.onap.org - public_fqdn: dmaap-dr.onap.org - cadi_longitude: 0.0 - cadi_latitude: 0.0 - app_ns: org.osaaf.aaf - permission_user: 1000 - permission_group: 1001 - secret_uid: &aaf_secret_uid dmaap-dr-node-aaf-deploy-creds - credsPath: /opt/app/osaaf/local - -################################################################# # Secrets metaconfig ################################################################# -secrets: - - uid: *aaf_secret_uid - type: basicAuth - externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDisabled" .Values.global.aafEnabled }}' - login: '{{ .Values.aafConfig.aafDeployFqi }}' - password: '{{ .Values.aafConfig.aafDeployPass }}' - passwordPolicy: required +secrets: {} ingress: enabled: false @@ -154,3 +150,9 @@ config: # dr uses the EELF Logging framework https://github.com/att/EELF # and supports the following log levels: TRACE, DEBUG, INFO, WARN, ERROR, OFF logLevel: "INFO" + +#Pods Service Account +serviceAccount: + nameOverride: dmaap-dr-node + roles: + - read diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml index ed03e05b2e..65867f50af 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml @@ -32,3 +32,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml index 5c94116bac..61678961cc 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml @@ -118,6 +118,7 @@ spec: mountPath: /usr/share/filebeat/data - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap/datarouter-prov + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index df0e270db5..7564ccfc78 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -105,7 +105,7 @@ config: mariadb: name: *dmaap-dr-db nameOverride: *dmaap-dr-db - replicaCount: 3 + replicaCount: 1 db: externalSecret: *dbSecretName name: datarouter @@ -154,3 +154,9 @@ resources: cpu: 1000m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: dmaap-dr-prov + roles: + - read diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml index 68c3169e68..c212f38b39 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml @@ -26,3 +26,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml index c16500e787..7cedbf89d1 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml @@ -220,6 +220,7 @@ spec: tolerations: {{ toYaml .Values.tolerations | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: @@ -230,11 +231,6 @@ spec: - name: docker-socket hostPath: path: /var/run/docker.sock - {{- if .Values.global.aafEnabled }} - - name: cadi - configMap: - name: {{ include "common.fullname" . }}-cadi-prop-configmap - {{ end }} - name: jaas configMap: name: {{ include "common.fullname" . }}-jaas-configmap diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml index 04d7cee705..5732c5de0e 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml @@ -219,3 +219,9 @@ resources: cpu: 1000m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: message-router-kafka + roles: + - read diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml index 343812db25..20cc48f360 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml @@ -23,3 +23,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml index 5ea5bc53b7..f5473ec589 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml @@ -187,6 +187,7 @@ spec: tolerations: {{ toYaml .Values.tolerations | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml index 64c29db935..6863acc7a2 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml @@ -151,3 +151,9 @@ resources: cpu: 1000m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: message-router-zookeeper + roles: + - read diff --git a/kubernetes/dmaap/components/message-router/requirements.yaml b/kubernetes/dmaap/components/message-router/requirements.yaml index 5adbb623bd..00d14549cd 100644 --- a/kubernetes/dmaap/components/message-router/requirements.yaml +++ b/kubernetes/dmaap/components/message-router/requirements.yaml @@ -33,3 +33,6 @@ dependencies: - name: message-router-zookeeper version: ~8.x-0 repository: 'file://components/message-router-zookeeper' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index 706fe298bd..9bad341792 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -126,6 +126,7 @@ spec: - mountPath: /appl/dmaapMR1/etc/keyfile subPath: mykey name: mykey + {{- if .Values.global.aafEnabled }} - mountPath: /appl/dmaapMR1/etc/runner-web.xml subPath: runner-web.xml name: etc @@ -134,7 +135,9 @@ spec: name: sys-props - mountPath: /jetty-config name: jetty + {{- end }} resources: {{ include "common.resources" . | nindent 12 }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index d0b162b45e..7028bb1263 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -153,3 +153,9 @@ resources: cpu: 1000m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: message-router + roles: + - read diff --git a/kubernetes/dmaap/requirements.yaml b/kubernetes/dmaap/requirements.yaml index d62273499e..268ff70467 100644 --- a/kubernetes/dmaap/requirements.yaml +++ b/kubernetes/dmaap/requirements.yaml @@ -33,3 +33,6 @@ dependencies: version: ~8.x-0 repository: 'file://components/dmaap-dr-prov' condition: dmaap-dr-prov.enabled + - name: serviceAccount + version: ~8.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index c1ba7547db..b7f0735c8d 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -54,3 +54,9 @@ dmaap-dr-node: enabled: true dmaap-dr-prov: enabled: true + +#Pods Service Account +serviceAccount: + nameOverride: dmaap + roles: + - read |