diff options
Diffstat (limited to 'kubernetes/oof')
24 files changed, 222 insertions, 410 deletions
diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml index 08af62d844..2050fe676c 100644 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml @@ -41,7 +41,7 @@ spec: - /app/ready.py args: - --container-name - - {{ .Values.config.db.container }} + - {{ include "common.mariadbService" . }} env: - name: NAMESPACE valueFrom: @@ -77,9 +77,9 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: DB_HOST - value: {{ .Values.config.db.host }}.{{.Release.Namespace}} + value: {{ include "common.mariadbService" . }}.{{.Release.Namespace}} - name: DB_PORT - value: {{ .Values.config.db.port | quote}} + value: {{ include "common.mariadbPort" . | quote}} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}} - name: DB_SCHEMA @@ -99,9 +99,9 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: DB_HOST - value: {{ .Values.config.db.host }}.{{.Release.Namespace}} + value: {{ include "common.mariadbService" . }}.{{.Release.Namespace}} - name: DB_PORT - value: {{ .Values.config.db.port | quote}} + value: {{ include "common.mariadbPort" . | quote}} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}} - name: DB_SCHEMA diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml index c9de6546c2..3bee34aaa7 100644 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml +++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml @@ -19,6 +19,7 @@ global: # global defaults nodePortPrefix: 302 readinessImage: onap/oom/readiness:3.0.1 + mariadbGalera: {} subChartsOnly: enabled: true @@ -85,6 +86,7 @@ service: # as of 20181022 port 23 is reserved for cmso # see https://wiki.onap.org/display/DW/OOM+NodePort+List +mariadb-galera: {} config: aaf: @@ -92,7 +94,6 @@ config: password: pass # userCredentialsExternalSecret: some-secret db: - port: 3306 # rootPassword: pass # rootPasswordExternalSecret: some secret user: cmso-admin diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml index 3fd0112928..d82040b17b 100644 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml @@ -41,7 +41,7 @@ spec: - /app/ready.py args: - --container-name - - {{ .Values.config.db.container }} + - {{ include "common.mariadbService" . }} env: - name: NAMESPACE valueFrom: @@ -77,9 +77,9 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: DB_HOST - value: {{ .Values.config.db.host }}.{{.Release.Namespace}} + value: {{ include "common.mariadbService" . }}.{{.Release.Namespace}} - name: DB_PORT - value: {{ .Values.config.db.port | quote}} + value: {{ include "common.mariadbPort" . | quote}} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}} - name: DB_SCHEMA @@ -113,9 +113,9 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: DB_HOST - value: {{ .Values.config.db.host }}.{{.Release.Namespace}} + value: {{ include "common.mariadbService" . }}.{{.Release.Namespace}} - name: DB_PORT - value: {{ .Values.config.db.port | quote}} + value: {{ include "common.mariadbPort" . | quote}} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}} - name: DB_SCHEMA diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml index 105163e95c..3eb94ead7b 100644 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml +++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml @@ -18,6 +18,7 @@ ################################################################# global: # global defaults nodePortPrefix: 302 + mariadbGalera: {} subChartsOnly: enabled: true @@ -83,6 +84,7 @@ service: # as of 20181022 port 23 is reserved for cmso # see https://wiki.onap.org/display/DW/OOM+NodePort+List +mariadb-galera: {} config: aaf: @@ -90,7 +92,6 @@ config: password: pass # userCredentialsExternalSecret: some-secret db: - port: 3306 # rootPassword: pass # rootPasswordExternalSecret: some secret user: cmso-admin diff --git a/kubernetes/oof/components/oof-cmso/requirements.yaml b/kubernetes/oof/components/oof-cmso/requirements.yaml index 535a1e1696..30946c6a33 100644 --- a/kubernetes/oof/components/oof-cmso/requirements.yaml +++ b/kubernetes/oof/components/oof-cmso/requirements.yaml @@ -23,6 +23,7 @@ dependencies: - name: mariadb-galera version: ~8.x-0 repository: '@local' + condition: global.mariadbGalera.localCluster - name: mariadb-init version: ~8.x-0 repository: '@local' diff --git a/kubernetes/oof/components/oof-cmso/values.yaml b/kubernetes/oof/components/oof-cmso/values.yaml index c46fd0a33a..15aac51888 100644 --- a/kubernetes/oof/components/oof-cmso/values.yaml +++ b/kubernetes/oof/components/oof-cmso/values.yaml @@ -13,6 +13,19 @@ # See the License for the specific language governing permissions and # limitations under the License. +global: + commonConfigPrefix: "oof-cmso" + truststoreFile: "truststoreONAPall.jks" + keystoreFile: "org.onap.oof.jks" + truststorePassword: + authentication: aaf-auth + mariadbGalera: &mariadbGalera + #This flag allows OOF-CMSO to instantiate its own mariadb-galera cluster + localCluster: false + service: mariadb-galera + internalPort: 3306 + nameOverride: mariadb-galera + ################################################################# # Secrets metaconfig ################################################################# @@ -42,7 +55,7 @@ secrets: login: '{{ .Values.config.aaf.user }}' password: '{{ .Values.config.aaf.password }}' -mariadb-galera: +mariadb-galera: &localMariadb replicaCount: 1 nameOverride: &dbName cmso-db nfsprovisionerPrefix: cmso @@ -56,19 +69,7 @@ mariadb-galera: serviceAccount: nameOverride: *dbName -global: - commonConfigPrefix: "oof-cmso" - truststoreFile: "truststoreONAPall.jks" - keystoreFile: "org.onap.oof.jks" - truststorePassword: - authentication: aaf-auth - mariadb-init: - mariadbGalera: - containerName: *dbName - serviceName: *dbName - servicePort: 3306 - userRootSecret: *rootPassword config: userCredentialsExternalSecret: *serviceDbCreds mysqlDatabase: cmso @@ -117,11 +118,10 @@ oof-cmso-service: certInitializer: << : *certInitConfig nameOverride: oof-cmso-service-cert-initializer + mariadb-galera: *localMariadb config: db: userCredentialsExternalSecret: *serviceDbCreds - host: *dbName - container: *dbName mysqlDatabase: cmso aaf: userCredentialsExternalSecret: *aafCreds @@ -131,12 +131,11 @@ oof-cmso-optimizer: certInitializer: << : *certInitConfig nameOverride: oof-cmso-optimizer-cert-initializer + mariadb-galera: *localMariadb config: enabled: true db: userCredentialsExternalSecret: *optimizerDbCreds - host: *dbName - container: *dbName mysqlDatabase: optimizer aaf: userCredentialsExternalSecret: *aafCreds diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml index 491250c72a..ba4a657c1a 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml @@ -55,21 +55,6 @@ spec: image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - name: {{ include "common.name" . }}-onboard-readiness - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-oof-has-onboard" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - name: {{ include "common.name" . }}-has-sms-readiness command: - sh @@ -94,7 +79,7 @@ spec: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"] + command: ["/bin/sh","-c"] args: ["/usr/local/bin/uwsgi -s /run/conductor/uwsgi.sock --chmod-socket=777 --wsgi-file /etc/nginx/conductor.wsgi --callable application --set port={{ .Values.uwsgi.internalPort }} --die-on-term --exit-on-reload --pidfile /run/conductor/conductor-uwsgi.pid --enable-threads --workers 6 --master --vacuum --single-interpreter --socket-timeout 10 --max-worker-lifetime 300 --max-requests 100 --no-defer-accept --protocol=uwsgi --socket 0.0.0.0:{{ .Values.uwsgi.internalPort }}"] ports: - containerPort: {{ .Values.uwsgi.internalPort }} @@ -112,7 +97,7 @@ spec: port: {{ .Values.uwsgi.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - env: + env: {{ include "oof.etcd.env" . | nindent 10 }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml index d6743cdfda..63461d9c83 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml @@ -16,7 +16,7 @@ global: # global defaults nodePortPrefix: 302 image: - optf_has: onap/optf-has:2.1.5 + optf_has: onap/optf-has:2.2.0 ################################################################# # secrets metaconfig @@ -26,6 +26,18 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certSecret) . }}' type: generic filePaths: '{{ .Values.secretsFilePaths }}' + - uid: oof-has-etcd-secret + name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.etcd.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.etcd.appUser }}' + password: '{{ .Values.config.etcd.appPassword }}' + passwordPolicy: required + +config: + etcd: + appUser: user + appPassword: pass service: type: NodePort diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml index 8e0ff1aeb5..895a305b53 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml @@ -41,8 +41,8 @@ spec: command: - /app/ready.py args: - - --container-name - - music-springboot + - --job-name + - {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job - --container-name - aaf-sms env: @@ -54,21 +54,6 @@ spec: image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - name: {{ include "common.name" . }}-onboard-readiness - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-oof-has-onboard" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - name: {{ include "common.name" . }}-cont-sms-readiness command: - sh @@ -114,7 +99,7 @@ spec: - /usr/local/bin/healthy.sh initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - env: + env: {{ include "oof.etcd.env" . | nindent 10 }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml index 3cbf96adc1..9e799e1045 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.1.5 + optf_has: onap/optf-has:2.2.0 ################################################################# # Secrets metaconfig @@ -24,6 +24,18 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certSecret) . }}' type: generic filePaths: '{{ .Values.secretsFilePaths }}' + - uid: oof-has-etcd-secret + name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.etcd.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.etcd.appUser }}' + password: '{{ .Values.config.etcd.appPassword }}' + passwordPolicy: required + +config: + etcd: + appUser: user + appPassword: pass ingress: enabled: false diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml index f4ccd57773..cc4eaf08b9 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml @@ -41,38 +41,8 @@ spec: command: - /app/ready.py args: - - --container-name - - music-springboot - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - - name: {{ include "common.name" . }}-onboard-readiness - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-oof-has-onboard" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - - name: {{ include "common.name" . }}-health-readiness - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-oof-has-healthcheck" + - --job-name + - {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job env: - name: NAMESPACE valueFrom: @@ -128,7 +98,7 @@ spec: - /usr/local/bin/healthy.sh initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - env: + env: {{ include "oof.etcd.env" . | nindent 10 }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml index 0940a9db39..915ffc019f 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.1.5 + optf_has: onap/optf-has:2.2.0 ################################################################# # secrets metaconfig @@ -24,6 +24,18 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certSecret) . }}' type: generic filePaths: '{{ .Values.secretsFilePaths }}' + - uid: oof-has-etcd-secret + name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.etcd.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.etcd.appUser }}' + password: '{{ .Values.config.etcd.appPassword }}' + passwordPolicy: required + +config: + etcd: + appUser: user + appPassword: pass ingress: enabled: false diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml index 4d04b6fe76..095162bea2 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml @@ -41,38 +41,8 @@ spec: command: - /app/ready.py args: - - --container-name - - music-springboot - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - - name: {{ include "common.name" . }}-onboard-readiness - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-oof-has-onboard" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - - name: {{ include "common.name" . }}-health-readiness - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-oof-has-healthcheck" + - --job-name + - {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job env: - name: NAMESPACE valueFrom: @@ -128,7 +98,7 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} {{ end -}} - env: + env: {{ include "oof.etcd.env" . | nindent 10 }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml index 0940a9db39..915ffc019f 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.1.5 + optf_has: onap/optf-has:2.2.0 ################################################################# # secrets metaconfig @@ -24,6 +24,18 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certSecret) . }}' type: generic filePaths: '{{ .Values.secretsFilePaths }}' + - uid: oof-has-etcd-secret + name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.etcd.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.etcd.appUser }}' + password: '{{ .Values.config.etcd.appPassword }}' + passwordPolicy: required + +config: + etcd: + appUser: user + appPassword: pass ingress: enabled: false diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml index 6079dcfd6e..d664ca0875 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml @@ -41,38 +41,8 @@ spec: command: - /app/ready.py args: - - --container-name - - music-springboot - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - - name: {{ include "common.name" . }}-onboard-readiness - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-oof-has-onboard" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - - name: {{ include "common.name" . }}-health-readiness - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-oof-has-healthcheck" + - --job-name + - {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job env: - name: NAMESPACE valueFrom: @@ -128,7 +98,7 @@ spec: - /usr/local/bin/healthy.sh initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - env: + env: {{ include "oof.etcd.env" . | nindent 10 }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml index 0940a9db39..915ffc019f 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.1.5 + optf_has: onap/optf-has:2.2.0 ################################################################# # secrets metaconfig @@ -24,6 +24,18 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certSecret) . }}' type: generic filePaths: '{{ .Values.secretsFilePaths }}' + - uid: oof-has-etcd-secret + name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.etcd.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.etcd.appUser }}' + password: '{{ .Values.config.etcd.appPassword }}' + passwordPolicy: required + +config: + etcd: + appUser: user + appPassword: pass ingress: enabled: false diff --git a/kubernetes/oof/components/oof-has/requirements.yaml b/kubernetes/oof/components/oof-has/requirements.yaml index 851211a1fb..7310aac8d0 100755 --- a/kubernetes/oof/components/oof-has/requirements.yaml +++ b/kubernetes/oof/components/oof-has/requirements.yaml @@ -20,6 +20,15 @@ dependencies: - name: music version: ~8.x-0 repository: '@local' + condition: music.enabled + - name: etcd + version: ~8.x-0 + repository: '@local' + condition: etcd.enabled + - name: etcd-init + version: ~8.x-0 + repository: '@local' + condition: etcd-init.enabled - name: oof-has-api version: ~8.x-0 repository: 'file://components/oof-has-api' diff --git a/kubernetes/oof/components/oof-has/resources/config/conductor.conf b/kubernetes/oof/components/oof-has/resources/config/conductor.conf index ded979c4fc..18b60bba4a 100755 --- a/kubernetes/oof/components/oof-has/resources/config/conductor.conf +++ b/kubernetes/oof/components/oof-has/resources/config/conductor.conf @@ -424,6 +424,30 @@ server_url = http://{{.Values.config.msb.serviceName}}.{{ include "common.namesp #server_url_version = v0 +[db_options] + +# db_backend to use +db_backend = {{.Values.config.dbBackend}} + +# Use music mock api +music_mock = False + + +[etcd_api] + +# host/ip address of etcd server +host = {{.Values.config.etcd.serviceName}}.{{ include "common.namespace" . }} + +# port of etcd server +port = {{.Values.config.etcd.port}} + +# username for etcd authentication +username = + +# password for etcd authentication +password = + + [music_api] # diff --git a/kubernetes/oof/components/oof-has/resources/config/healthcheck.json b/kubernetes/oof/components/oof-has/resources/config/healthcheck.json deleted file mode 100755 index 833fa0f5d9..0000000000 --- a/kubernetes/oof/components/oof-has/resources/config/healthcheck.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "consistencyInfo": { - "type": "eventual" - }, - "values": { - "id": "healthcheck", - "created": 1479482603641, - "message": "", - "name": "foo", - "recommend_max": 1, - "solution": "{\"healthcheck\": \" healthcheck\"}", - "status": "solved", - "template": "{\"healthcheck\": \"healthcheck\"}", - "timeout": 3600, - "translation": "{\"healthcheck\": \" healthcheck\"}", - "updated": 1484324150629 - } -} diff --git a/kubernetes/oof/components/oof-has/resources/config/onboard.json b/kubernetes/oof/components/oof-has/resources/config/onboard.json deleted file mode 100755 index 2c3d69be8d..0000000000 --- a/kubernetes/oof/components/oof-has/resources/config/onboard.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "appname": "conductor", - "userId": "conductor", - "isAAF": "false", - "password": "c0nduct0r" -} diff --git a/kubernetes/oof/components/oof-has/templates/job-healthcheck.yaml b/kubernetes/oof/components/oof-has/templates/job-healthcheck.yaml deleted file mode 100755 index 49406ba423..0000000000 --- a/kubernetes/oof/components/oof-has/templates/job-healthcheck.yaml +++ /dev/null @@ -1,100 +0,0 @@ -{{/* -# Copyright 2018 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "common.fullname" . }}-healthcheck - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - command: - - /app/ready.py - args: - - --container-name - - oof-has-api - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - containers: - - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-healthcheck - command: - - "/bin/sh" - - "-c" - - | - echo "INSERT HEALTHCHECK PLAN"; - sleep 15; - resp="FAILURE"; - until [ $resp = "200" ]; do - resp=$(curl -k -s -o /dev/null --write-out %{http_code} -X POST https://{{.Values.config.music.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.music.port}}/MUSIC/rest/v2/keyspaces/conductor/tables/plans/rows?id=healthcheck \ - -H "Content-Type: application/json" \ - -H "ns: conductor" \ - -H "Authorization: Basic Y29uZHVjdG9yOmMwbmR1Y3Qwcg==" \ - --data @healthcheck.json); - echo $resp; - sleep 2; - done; - workingDir: /has - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /has/healthcheck.json - name: {{ .Values.global.commonConfigPrefix }}-config - subPath: healthcheck.json - resources: -{{ include "common.resources" . | indent 10 }} - nodeSelector: - {{- if .Values.nodeSelector }} -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ .Values.global.commonConfigPrefix }}-config - configMap: - name: {{ .Values.global.commonConfigPrefix }}-configmap - items: - - key: healthcheck.json - path: healthcheck.json - restartPolicy: OnFailure - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/components/oof-has/templates/job-onboard.yaml b/kubernetes/oof/components/oof-has/templates/job-onboard.yaml deleted file mode 100755 index e63aeb369a..0000000000 --- a/kubernetes/oof/components/oof-has/templates/job-onboard.yaml +++ /dev/null @@ -1,105 +0,0 @@ -{{/* -# Copyright 2018 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "common.fullname" . }}-onboard - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - command: - - /app/ready.py - args: - - --container-name - - "music-springboot" - - --container-name - - "music-cassandra" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-music-cassandra-config" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-music-db-readiness - containers: - - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-onboard - command: - - "/bin/sh" - - "-c" - - | - echo "job-onboard" - workingDir: /has - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /has/onboard.json - name: {{ .Values.global.commonConfigPrefix }}-config - subPath: onboard.json - resources: -{{ include "common.resources" . | indent 10 }} - nodeSelector: - {{- if .Values.nodeSelector }} -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ .Values.global.commonConfigPrefix }}-config - configMap: - name: {{ .Values.global.commonConfigPrefix }}-configmap - items: - - key: onboard.json - path: onboard.json - restartPolicy: OnFailure - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/components/oof-has/values.yaml b/kubernetes/oof/components/oof-has/values.yaml index 3615a3bd33..9a8b60574e 100755 --- a/kubernetes/oof/components/oof-has/values.yaml +++ b/kubernetes/oof/components/oof-has/values.yaml @@ -19,7 +19,7 @@ global: commonConfigPrefix: onap-oof-has image: - optf_has: onap/optf-has:2.1.5 + optf_has: onap/optf-has:2.2.0 persistence: enabled: true @@ -32,11 +32,24 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certSecret) . }}' type: generic filePaths: '{{ .Values.secretsFilePaths }}' + - uid: oof-has-etcd-root-password + name: &root-password '{{ include "common.release" . }}-has-etcd-root-password' + type: password + password: '{{ .Values.config.etcd.rootPassword }}' + policy: generate + - uid: oof-has-etcd-secret + name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.etcd.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.etcd.appUser }}' + password: '{{ .Values.config.etcd.appPassword }}' + passwordPolicy: generate pullPolicy: Always nodePortPrefix: 302 dataRootDir: /dockerdata-nfs config: + dbBackend: etcd aaf: serviceName: aaf-service port: 8100 @@ -58,6 +71,13 @@ config: cps: service: cps-tbdmt port: 8080 + etcd: + serviceName: &etcd-service oof-has-etcd + port: 2379 + appUser: conductor +# rootPassword: +# appPassword: +# userCredentialsExternalSecret: # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) @@ -79,19 +99,59 @@ resources: unlimited: {} #component overrides -oof-has-api: +oof-has-api: &has-config enabled: true certSecret: *oof-certs -oof-has-controller: - enabled: true - certSecret: *oof-certs -oof-has-data: - enabled: true - certSecret: *oof-certs -oof-has-reservation: - enabled: true - certSecret: *oof-certs -oof-has-solver: + config: + etcd: + userCredentialsExternalSecret: *user-creds + configJobNameOverride: &job-name oof-has-etcd-config +oof-has-controller: *has-config +oof-has-data: *has-config +oof-has-reservation: *has-config +oof-has-solver: *has-config +music: + enabled: false + +#etcd subchart configurations +etcd: enabled: true - certSecret: *oof-certs + replicaCount: 3 + nameOverride: &etcd-container oof-has-etcd + service: + name: *etcd-service + persistence: + mountSubPath: oof/etcd/data + enabled: true + flavor: &etcd-flavor large + resources: &etcd-resources + small: + limits: + cpu: 100m + memory: 300Mi + requests: + cpu: 10m + memory: 75Mi + large: + limits: + cpu: 200m + memory: 1Gi + requests: + cpu: 50m + memory: 300Mi + unlimited: {} +etcd-init: + enabled: true + nameOverride: *job-name + etcd: + serviceName: *etcd-service + port : 2379 + containerName: *etcd-container + config: + userRootSecret: *root-password + userCredentialsExternalSecret: *user-creds + appRole: conductor + keyPrefix: conductor + flavor: *etcd-flavor + resources: *etcd-resources diff --git a/kubernetes/oof/components/oof-templates/templates/_secret.tpl b/kubernetes/oof/components/oof-templates/templates/_secret.tpl new file mode 100644 index 0000000000..0b04f7120b --- /dev/null +++ b/kubernetes/oof/components/oof-templates/templates/_secret.tpl @@ -0,0 +1,6 @@ +{{- define "oof.etcd.env" -}} +- name: OS_ETCD_API__USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oof-has-etcd-secret" "key" "login") | indent 2 }} +- name: OS_ETCD_API__PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oof-has-etcd-secret" "key" "password") | indent 2 }} +{{- end -}}
\ No newline at end of file |