diff options
Diffstat (limited to 'kubernetes/policy/components')
18 files changed, 180 insertions, 39 deletions
diff --git a/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml b/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml index 4d9ff9250e..71320dc3eb 100755 --- a/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml @@ -2,6 +2,7 @@ # ============LICENSE_START======================================================= # Copyright (C) 2018 Ericsson. All rights reserved. # Modifications Copyright (C) 2020 AT&T Intellectual Property. +# Modifications Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -56,6 +57,10 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 10 }} - name: RESTSERVER_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "password") | indent 10 }} +{{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }} +{{- end }} volumeMounts: - mountPath: /config-input name: apexconfig-input diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml index db5251913e..f0fa193281 100755 --- a/kubernetes/policy/components/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml @@ -1,6 +1,7 @@ # ============LICENSE_START======================================================= # Copyright (C) 2018 Ericsson. All rights reserved. # Modifications Copyright (C) 2019-2021 AT&T Intellectual Property. +# Modifications Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -44,12 +45,19 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}' password: '{{ .Values.certStores.keyStorePassword }}' passwordPolicy: required + - uid: policy-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/policy-apex-pdp:2.7.3 +image: onap/policy-apex-pdp:2.8.0 pullPolicy: Always # flag to enable debugging - application support required @@ -160,3 +168,26 @@ metrics: chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' release: '{{ include "common.release" . }}' heritage: '{{ .Release.Service }}' + +# application configuration +config: +# Event consumption (kafka) properties + useStrimziKafka: true + kafkaBootstrap: strimzi-kafka-bootstrap + kafka: + consumer: + groupId: policy-group + app: + listener: + policyPdpPapTopic: policy-pdp-pap +# If targeting a custom kafka cluster, ie useStrimziKakfa: false +# uncomment below config and target your kafka bootstrap servers, +# along with any other security config. +# +# eventConsumption: +# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092 +# spring.kafka.security.protocol: PLAINTEXT +# spring.kafka.consumer.group-id: policy-group +# +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format instead of yaml. diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml index 0e3ada8956..45e54ed3aa 100755 --- a/kubernetes/policy/components/policy-api/values.yaml +++ b/kubernetes/policy/components/policy-api/values.yaml @@ -79,7 +79,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-api:2.6.3 +image: onap/policy-api:2.7.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml index 406b59c545..bae5941854 100644 --- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml @@ -23,18 +23,17 @@ spring: password: ${RESTSERVER_PASSWORD} {{- if .Values.config.useStrimziKafka }} kafka: + consumer: + group-id: {{ .Values.config.kafka.consumer.groupId }} bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 security.protocol: SASL_PLAINTEXT properties.sasl: mechanism: SCRAM-SHA-512 jaas.config: ${JAASLOGIN} {{ else }} -{{ toYaml .Values.config.eventPublisher | nindent 2 }} +{{ toYaml .Values.config.eventConsumption | nindent 2 }} {{- end }} -{{- if .Values.config.additional }} -{{ toYaml .Values.config.additional | nindent 2 }} -{{- end }} security: enable-csrf: false @@ -62,6 +61,29 @@ participant: - ${topicServer:message-router} topicCommInfrastructure: dmaap useHttps: true +# If Strimzi Kafka to be used for communication, replace clampAutomationCompositionTopics configuration with below +# clampAutomationCompositionTopics: +# topicSources: +# - topic: policy-acruntime-participant +# servers: +# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +# topicCommInfrastructure: kafka +# fetchTimeout: 15000 +# useHttps: true +# additionalProps: +# security.protocol: SASL_PLAINTEXT +# sasl.mechanism: SCRAM-SHA-512 +# sasl.jaas.config: ${JAASLOGIN} +# topicSinks: +# - topic: policy-acruntime-participant +# servers: +# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +# topicCommInfrastructure: kafka +# useHttps: true +# additionalProps: +# security.protocol: SASL_PLAINTEXT +# sasl.mechanism: SCRAM-SHA-512 +# sasl.jaas.config: ${JAASLOGIN} management: endpoints: diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml index 5f8aa3b5a1..697ce6ea47 100644 --- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml @@ -78,7 +78,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-http-ppnt:6.2.3 +image: onap/policy-clamp-ac-http-ppnt:6.3.0 pullPolicy: Always # application configuration diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml index 6c14fd2207..00451b9425 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml @@ -21,20 +21,19 @@ spring: user: name: ${RESTSERVER_USER} password: ${RESTSERVER_PASSWORD} -{{- if .Values.config.useStrimziKafka }} kafka: + consumer: + group-id: {{ .Values.config.kafka.consumer.groupId }} +{{- if .Values.config.useStrimziKafka }} bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 security.protocol: SASL_PLAINTEXT properties.sasl: mechanism: SCRAM-SHA-512 jaas.config: ${JAASLOGIN} {{ else }} -{{ toYaml .Values.config.eventPublisher | nindent 2 }} +{{ toYaml .Values.config.eventConsumption | nindent 2 }} {{- end }} -{{- if .Values.config.additional }} -{{ toYaml .Values.config.additional | nindent 2 }} -{{- end }} security: enable-csrf: false @@ -67,6 +66,32 @@ participant: topicCommInfrastructure: dmaap useHttps: true +# If Strimzi Kafka to be used for communication, replace clampAutomationCompositionTopics configuration with below +# clampAutomationCompositionTopics: +# topicSources: +# - +# topic: policy-acruntime-participant +# servers: +# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +# topicCommInfrastructure: kafka +# fetchTimeout: 15000 +# useHttps: true +# additionalProps: +# security.protocol: SASL_PLAINTEXT +# sasl.mechanism: SCRAM-SHA-512 +# sasl.jaas.config: ${JAASLOGIN} +# topicSinks: +# - +# topic: policy-acruntime-participant +# servers: +# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +# topicCommInfrastructure: kafka +# useHttps: true +# additionalProps: +# security.protocol: SASL_PLAINTEXT +# sasl.mechanism: SCRAM-SHA-512 +# sasl.jaas.config: ${JAASLOGIN} + management: endpoints: web: diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml index 2cf8d2d723..b8f6b9f3c4 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml @@ -79,7 +79,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-k8s-ppnt:6.2.3 +image: onap/policy-clamp-ac-k8s-ppnt:6.3.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml index 856b16d91d..07d5eca377 100644 --- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml @@ -21,20 +21,19 @@ spring: user: name: ${RESTSERVER_USER} password: ${RESTSERVER_PASSWORD} -{{- if .Values.config.useStrimziKafka }} kafka: + consumer: + group-id: {{ .Values.config.kafka.consumer.groupId }} +{{- if .Values.config.useStrimziKafka }} bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 security.protocol: SASL_PLAINTEXT properties.sasl: mechanism: SCRAM-SHA-512 jaas.config: ${JAASLOGIN} {{ else }} -{{ toYaml .Values.config.eventPublisher | nindent 2 }} +{{ toYaml .Values.config.eventConsumption | nindent 2 }} {{- end }} -{{- if .Values.config.additional }} -{{ toYaml .Values.config.additional | nindent 2 }} -{{- end }} security: enable-csrf: false @@ -83,6 +82,32 @@ participant: topicCommInfrastructure: dmaap useHttps: true +# If Strimzi Kafka to be used for communication, replace clampAutomationCompositionTopics configuration with below +# clampAutomationCompositionTopics: +# topicSources: +# - +# topic: policy-acruntime-participant +# servers: +# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +# topicCommInfrastructure: kafka +# fetchTimeout: 15000 +# useHttps: true +# additionalProps: +# security.protocol: SASL_PLAINTEXT +# sasl.mechanism: SCRAM-SHA-512 +# sasl.jaas.config: ${JAASLOGIN} +# topicSinks: +# - +# topic: policy-acruntime-participant +# servers: +# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +# topicCommInfrastructure: kafka +# useHttps: true +# additionalProps: +# security.protocol: SASL_PLAINTEXT +# sasl.mechanism: SCRAM-SHA-512 +# sasl.jaas.config: ${JAASLOGIN} + management: endpoints: web: diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml index 6fefa02783..9d000f1018 100644 --- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml @@ -90,7 +90,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-pf-ppnt:6.2.3 +image: onap/policy-clamp-ac-pf-ppnt:6.3.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-be/values.yaml b/kubernetes/policy/components/policy-clamp-be/values.yaml index c23657c421..3442cdd3be 100644 --- a/kubernetes/policy/components/policy-clamp-be/values.yaml +++ b/kubernetes/policy/components/policy-clamp-be/values.yaml @@ -71,7 +71,7 @@ secrets: flavor: small # application image -image: onap/policy-clamp-backend:6.2.3 +image: onap/policy-clamp-backend:6.3.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml index 219be24079..4fb70fc337 100644 --- a/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml @@ -44,19 +44,17 @@ spring: hibernate: dialect: org.hibernate.dialect.MariaDB103Dialect format_sql: true -{{- if .Values.config.useStrimziKafka }} kafka: + consumer: + group-id: {{ .Values.config.kafka.consumer.groupId }} +{{- if .Values.config.useStrimziKafka }} bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 security.protocol: SASL_PLAINTEXT properties.sasl: mechanism: SCRAM-SHA-512 jaas.config: ${JAASLOGIN} {{ else }} -{{ toYaml .Values.config.eventPublisher | nindent 2 }} -{{- end }} - -{{- if .Values.config.additional }} -{{ toYaml .Values.config.additional | nindent 2 }} +{{ toYaml .Values.config.eventConsumption | nindent 2 }} {{- end }} security: @@ -95,6 +93,32 @@ runtime: topicCommInfrastructure: dmaap useHttps: true +# If Strimzi Kafka to be used for communication, replace clampAutomationCompositionTopics configuration with below +# topicParameterGroup: +# topicSources: +# - +# topic: policy-acruntime-participant +# servers: +# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +# topicCommInfrastructure: kafka +# useHttps: true +# fetchTimeout: 15000 +# additionalProps: +# security.protocol: SASL_PLAINTEXT +# sasl.mechanism: SCRAM-SHA-512 +# sasl.jaas.config: ${JAASLOGIN} +# topicSinks: +# - +# topic: policy-acruntime-participant +# servers: +# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +# topicCommInfrastructure: kafka +# useHttps: true +# additionalProps: +# security.protocol: SASL_PLAINTEXT +# sasl.mechanism: SCRAM-SHA-512 +# sasl.jaas.config: ${JAASLOGIN} + management: endpoints: web: diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml index d224aa6bc4..87b613a3ef 100644 --- a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml @@ -85,7 +85,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-runtime-acm:6.2.3 +image: onap/policy-clamp-runtime-acm:6.3.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml index d36f1c2275..fe1c720590 100755 --- a/kubernetes/policy/components/policy-distribution/values.yaml +++ b/kubernetes/policy/components/policy-distribution/values.yaml @@ -67,7 +67,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/policy-distribution:2.7.3 +image: onap/policy-distribution:2.8.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml index 74c743cb2b..d48d05fe44 100755 --- a/kubernetes/policy/components/policy-drools-pdp/values.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml @@ -41,7 +41,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pdpd-cl:1.10.3 +image: onap/policy-pdpd-cl:1.11.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-gui/values.yaml b/kubernetes/policy/components/policy-gui/values.yaml index 60a6ce38c4..c605b6b6ea 100644 --- a/kubernetes/policy/components/policy-gui/values.yaml +++ b/kubernetes/policy/components/policy-gui/values.yaml @@ -73,7 +73,7 @@ subChartsOnly: flavor: small # application image -image: onap/policy-gui:2.2.3 +image: onap/policy-gui:2.3.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml b/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml index 195b087ff1..7cb32d0079 100644 --- a/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml +++ b/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml @@ -1,5 +1,6 @@ # ============LICENSE_START======================================================= # Copyright (C) 2022 Bell Canada. All rights reserved. +# Modifications Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -40,19 +41,17 @@ spring: naming: physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl implicit-strategy: org.onap.policy.common.spring.utils.CustomImplicitNamingStrategy -{{- if .Values.config.useStrimziKafka }} kafka: + consumer: + group-id: {{ .Values.config.kafka.consumer.groupId }} +{{- if .Values.config.useStrimziKafka }} bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 security.protocol: SASL_PLAINTEXT properties.sasl: mechanism: SCRAM-SHA-512 jaas.config: ${JAASLOGIN} {{ else }} -{{ toYaml .Values.config.eventPublisher | nindent 2 }} -{{- end }} - -{{- if .Values.config.additional }} -{{ toYaml .Values.config.additional | nindent 2 }} +{{ toYaml .Values.config.eventConsumption | nindent 2 }} {{- end }} server: @@ -99,6 +98,15 @@ pap: - message-router useHttps: true topicCommInfrastructure: dmaap +# If Strimzi Kafka to be used for communication, replace following configuration for topicSources and topicSinks +# servers: +# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +# topicCommInfrastructure: kafka +# additionalProps: +# security.protocol: SASL_PLAINTEXT +# sasl.mechanism: SCRAM-SHA-512 +# sasl.jaas.config: ${JAASLOGIN} + healthCheckRestClientParameters: - clientName: api hostname: policy-api diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml index 2c240d2347..0dc6dbe4dc 100755 --- a/kubernetes/policy/components/policy-pap/values.yaml +++ b/kubernetes/policy/components/policy-pap/values.yaml @@ -2,6 +2,7 @@ # Copyright (C) 2019 Nordix Foundation. # Modifications Copyright (C) 2019-2021 AT&T Intellectual Property. # Modifications Copyright (C) 2020-2022 Bell Canada. All rights reserved. +# Modifications Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -99,7 +100,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pap:2.6.3 +image: onap/policy-pap:2.7.0 pullPolicy: Always # flag to enable debugging - application support required @@ -211,7 +212,7 @@ config: kafkaBootstrap: strimzi-kafka-bootstrap kafka: consumer: - groupId: poicy-group + groupId: policy-group app: listener: policyPdpPapTopic: policy-pdp-pap diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml index e7e7eebefe..3a44719727 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml @@ -83,7 +83,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-xacml-pdp:2.6.3 +image: onap/policy-xacml-pdp:2.7.0 pullPolicy: Always # flag to enable debugging - application support required |