diff options
Diffstat (limited to 'kubernetes/pomba/components')
150 files changed, 7421 insertions, 0 deletions
diff --git a/kubernetes/pomba/components/Makefile b/kubernetes/pomba/components/Makefile new file mode 100644 index 0000000000..bf267b7720 --- /dev/null +++ b/kubernetes/pomba/components/Makefile @@ -0,0 +1,51 @@ +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) +OUTPUT_DIR := $(ROOT_DIR)/../../dist +PACKAGE_DIR := $(OUTPUT_DIR)/packages +SECRET_DIR := $(OUTPUT_DIR)/secrets + +EXCLUDES := +HELM_BIN := helm +HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) + +.PHONY: $(EXCLUDES) $(HELM_CHARTS) + +all: $(HELM_CHARTS) + +$(HELM_CHARTS): + @echo "\n[$@]" + @make package-$@ + +make-%: + @if [ -f $*/Makefile ]; then make -C $*; fi + +dep-%: make-% + @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi + +lint-%: dep-% + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi + +package-%: lint-% + @mkdir -p $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi + @$(HELM_BIN) repo index $(PACKAGE_DIR) + +clean: + @rm -f */requirements.lock + @rm -f *tgz */charts/*tgz + @rm -rf $(PACKAGE_DIR) +%: + @: diff --git a/kubernetes/pomba/components/pomba-aaictxbuilder/Chart.yaml b/kubernetes/pomba/components/pomba-aaictxbuilder/Chart.yaml new file mode 100644 index 0000000000..30e62fc6d7 --- /dev/null +++ b/kubernetes/pomba/components/pomba-aaictxbuilder/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP POMBA AAI Context Builder +name: pomba-aaictxbuilder +version: 7.0.0 diff --git a/kubernetes/pomba/components/pomba-aaictxbuilder/requirements.yaml b/kubernetes/pomba/components/pomba-aaictxbuilder/requirements.yaml new file mode 100644 index 0000000000..39a7aa565e --- /dev/null +++ b/kubernetes/pomba/components/pomba-aaictxbuilder/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-aaictxbuilder/resources/config/application.properties b/kubernetes/pomba/components/pomba-aaictxbuilder/resources/config/application.properties new file mode 100644 index 0000000000..fb27d9ce80 --- /dev/null +++ b/kubernetes/pomba/components/pomba-aaictxbuilder/resources/config/application.properties @@ -0,0 +1,51 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +*/}} + +spring.jersey.type=filter +spring.mvc.urls=swagger,docs,prometheus,auditevents,info,heapdump,autoconfig,beans,loggers,dump,env,trace,health,configprops,mappings,metrics,webjars + +server.contextPath=/aaicontextbuilder +spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration + +#This property is used to set the Tomcat connector attributes.developers can define multiple attributes separated by comma +#tomcat.connector.attributes=allowTrace-true +#The max number of active threads in this pool +server.tomcat.max-threads=200 +#The minimum number of threads always kept alive +server.tomcat.min-spare-threads=25 + +# AAI REST Client Configuration +aai.serviceName={{ .Values.config.aaiServiceName }}.{{.Release.Namespace}} +aai.servicePort={{ .Values.config.aaiPort }} +# AAI APIs authentication mode. Valid values: [basic_auth, client_cert] +aai.authentication=basic_auth +aai.trustStorePath=n/a +aai.keyStorePath=n/a +aai.keyStorePassword=n/a +aai.username={{ .Values.config.aaiUsername }} +aai.password={{ .Values.config.aaiPassword }} +aai.httpProtocol={{ .Values.config.aaiHttpProtocol }} +aai.connectionTimeout={{ .Values.config.aaiConnectionTimeout }} +aai.readTimeout={{ .Values.config.aaiReadTimeout }} + +# HTTP Basic Authorization credentials for Rest Service API +http.userId={{ .Values.config.httpUserId }} +http.password={{ .Values.config.httpPassword }} + +aai.searchNodeQuery=/aai/v13/nodes/service-instance/{0} + +#Servlet context parameters +server.context_parameters.p-name=value #context parameter with p-name as key and value as value. diff --git a/kubernetes/pomba/components/pomba-aaictxbuilder/resources/config/logback.xml b/kubernetes/pomba/components/pomba-aaictxbuilder/resources/config/logback.xml new file mode 100644 index 0000000000..0a4b616453 --- /dev/null +++ b/kubernetes/pomba/components/pomba-aaictxbuilder/resources/config/logback.xml @@ -0,0 +1,31 @@ +<configuration > + <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> + <property name="p_lvl" value="%level"/> + <property name="p_log" value="%logger"/> + <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> + <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <!-- tabs --> + <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_thr" value="%thread"/> + <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender name="FILE" class="ch.qos.logback.core.FileAppender"> + <file>/opt/app/logs/EELF/output.log</file> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </logger> + <root level="info"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </root> +</configuration> diff --git a/kubernetes/pomba/components/pomba-aaictxbuilder/templates/configmap.yaml b/kubernetes/pomba/components/pomba-aaictxbuilder/templates/configmap.yaml new file mode 100644 index 0000000000..d0e26326ce --- /dev/null +++ b/kubernetes/pomba/components/pomba-aaictxbuilder/templates/configmap.yaml @@ -0,0 +1,32 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-aaictxbuilder/templates/deployment.yaml b/kubernetes/pomba/components/pomba-aaictxbuilder/templates/deployment.yaml new file mode 100644 index 0000000000..d657215315 --- /dev/null +++ b/kubernetes/pomba/components/pomba-aaictxbuilder/templates/deployment.yaml @@ -0,0 +1,120 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + readOnly: false + - mountPath: /opt/app/config/logback.xml + name: {{ include "common.fullname" . }}-log-conf + subPath: logback.xml + - name: {{ include "common.fullname" . }}-logs-eelf + mountPath: /opt/app/logs/EELF + readOnly: false + - mountPath: /opt/app/config/application.properties + name: {{ include "common.fullname" . }}-config + subPath: application.properties + readOnly: true + + + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + - name: {{ include "common.fullname" . }}-log-conf + configMap: + name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs-eelf + emptyDir: {} + + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-aaictxbuilder/templates/service.yaml b/kubernetes/pomba/components/pomba-aaictxbuilder/templates/service.yaml new file mode 100644 index 0000000000..2ebd6758a0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-aaictxbuilder/templates/service.yaml @@ -0,0 +1,43 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName | default "http" }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-aaictxbuilder/values.yaml b/kubernetes/pomba/components/pomba-aaictxbuilder/values.yaml new file mode 100644 index 0000000000..89cfd4d8d9 --- /dev/null +++ b/kubernetes/pomba/components/pomba-aaictxbuilder/values.yaml @@ -0,0 +1,125 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + +################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: db-secret + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}' + login: '{{ .Values.db.user }}' + password: '{{ .Values.db.password }}' + passwordPolicy: required + - uid: pdp-http-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.pdp.pdpCredsExternalSecret) . }}' + login: '{{ .Values.pdp.pdphttpuserid }}' + password: '{{ .Values.pdp.pdphttppassword }}' + passwordPolicy: required + - uid: pap-http-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.pap.papCredsExternalSecret) . }}' + login: '{{ .Values.pap.pdppappdphttpuserid }}' + password: '{{ .Values.pap.pdppappdphttppassword }}' + passwordPolicy: required + +################################################################# +# Application configuration defaults. +################################################################# +# application image +image: onap/pomba-aai-context-builder:1.5.1 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + aaiServiceName: aai + aaiPort: 8443 + aaiUsername: AAI + aaiPassword: OBF:1gfr1ev31gg7 + aaiHttpProtocol: https + aaiConnectionTimeout: 60000 + aaiReadTimeout: 60000 + # HTTP Basic Authorization credentials for Rest Service API + httpUserId: admin + httpPassword: OBF:1u2a1toa1w8v1tok1u30 + + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + +#Example service definition with external, internal and node ports. +service: + # The default service name (exposed in the service.yaml) will be the same + # name as the chart. If the service name needs to be overriden (such as + # when a subchart is shared), uncomment the value below. + #name: <service-name-override> + + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: ClusterIP + externalPort: 9530 + internalPort: 8080 +# nodePort: <replace with unused node port suffix eg. 23> + # optional port name override - default can be defined in service.yaml + #portName: http + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 800Mi + requests: + cpu: 100m + memory: 400Mi + large: + limits: + cpu: 2 + memory: 1600Mi + requests: + cpu: 200m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-contextaggregator/.helmignore b/kubernetes/pomba/components/pomba-contextaggregator/.helmignore new file mode 100755 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/pomba/components/pomba-contextaggregator/Chart.yaml b/kubernetes/pomba/components/pomba-contextaggregator/Chart.yaml new file mode 100644 index 0000000000..794e6332f1 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP POMBA Context Aggregator +name: pomba-contextaggregator +version: 7.0.0 diff --git a/kubernetes/pomba/components/pomba-contextaggregator/requirements.yaml b/kubernetes/pomba/components/pomba-contextaggregator/requirements.yaml new file mode 100644 index 0000000000..39a7aa565e --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-contextaggregator/resources/config/application.properties b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/application.properties new file mode 100755 index 0000000000..cddeeb3128 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/application.properties @@ -0,0 +1,55 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +server.port=9529 +server.ssl.key-store=/auth/tomcat_keystore +server.ssl.key-store-password=onapSecret +server.ssl.key-password=onapSecret + +builders.properties.path=config/builders/ + +# Transport Configuration +transport.consume.host=message-router +transport.consume.port=3904 +transport.consume.topic=POA-AUDIT-INIT +transport.consume.motsid=motsid@motsid.com +transport.consume.pass=1234 +transport.consume.consumergroup=audit1 +transport.consume.consumerid=audit1 +transport.consume.timeout=15000 +transport.consume.batchsize=8 +transport.consume.type=HTTPAUTH +transport.message-router.apiKey=apiKeyTemp123 +transport.message-router.apiSecret=apiSecretTemp123 +transport.message-router.requiredPombaTopics=POA-AUDIT-INIT,POA-AUDIT-RESULT,POA-RULE-VALIDATION + +transport.publish.host=message-router +transport.publish.port=3904 +transport.publish.topic=POA-RULE-VALIDATION +transport.publish.motsid=motsid@motsid.com +transport.publish.pass=1234 +transport.publish.batchsize=8 +transport.publish.maxage=1000 +transport.publish.delay=1000 +transport.publish.type=HTTPAUTH +transport.publish.partition=1 +transport.publish.retries=4 + +event.header.domain=onap +event.header.source-name=RO +event.header.event-type=POA-EVENT +event.header.entity-type=poa-entity +event.header.top-entity-type=poa-entity +event.header.topic-name=POA-RULE-VALIDATION diff --git a/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/aai.properties b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/aai.properties new file mode 100755 index 0000000000..a7dfa1adb8 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/aai.properties @@ -0,0 +1,30 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +server.host={{ .Values.config.aaiCtxBuilderHost }} +basicauth.username={{ .Values.config.aaiCtxBuilderUsername }} +basicauth.password={{ .Values.config.aaiCtxBuilderPassword }} +server.port={{ .Values.config.ctxBuilderExternalPort }} +server.protocol=http +trust.store.path=/auth/tomcat_keystore +key.store.path=/auth/aai-client-cert.p12 +key.store.password=70c87528c88dcd9f9c2558d30e817868 +key.store.type=PKCS12 +key.manager.factory.algorithm=SunX509 +security.protocol=TLS +connection.timeout.ms=60000 +read.timeout.ms=60000 +base.uri=/aaicontextbuilder/v2/service/context diff --git a/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/ndcb.properties b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/ndcb.properties new file mode 100644 index 0000000000..c8daafc6e8 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/ndcb.properties @@ -0,0 +1,30 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +server.host={{ .Values.global.networkdiscoveryCtxBuilderHost }} +basicauth.username={{ .Values.config.networkdiscoveryCtxBuilderUsername }} +basicauth.password={{ .Values.config.networkdiscoveryCtxBuilderPassword }} +server.port={{ .Values.config.ctxBuilderExternalPort }} +server.protocol=http +trust.store.path=/auth/tomcat_keystore +key.store.path=/auth/aai-client-cert.p12 +key.store.password=70c87528c88dcd9f9c2558d30e817868 +key.store.type=PKCS12 +key.manager.factory.algorithm=SunX509 +security.protocol=TLS +connection.timeout.ms=60000 +read.timeout.ms=60000 +base.uri=/ndcontextbuilder/service/context diff --git a/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/sdc.properties b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/sdc.properties new file mode 100755 index 0000000000..7cf98b1ddd --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/sdc.properties @@ -0,0 +1,29 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +server.host={{ .Values.config.sdcCtxBuilderHost }} +basicauth.username={{ .Values.config.sdcCtxBuilderUsername }} +basicauth.password={{ .Values.config.sdcCtxBuilderPassword }} +server.port={{ .Values.config.ctxBuilderExternalPort }} +server.protocol=http +trust.store.path=/auth/tomcat_keystore +key.store.path=/auth/aai-client-cert.p12 +key.store.password=70c87528c88dcd9f9c2558d30e817868 +key.store.type=PKCS12 +key.manager.factory.algorithm=SunX509 +security.protocol=TLS +connection.timeout.ms=60000 +read.timeout.ms=60000 +base.uri=/sdccontextbuilder/v2/service/context diff --git a/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/sdnc.properties b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/sdnc.properties new file mode 100644 index 0000000000..85c213e966 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/sdnc.properties @@ -0,0 +1,29 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +server.host={{ .Values.config.sdncCtxBuilderHost }} +basicauth.username={{ .Values.config.sdncCtxBuilderUsername }} +basicauth.password={{ .Values.config.sdncCtxBuilderPassword }} +server.port={{ .Values.config.ctxBuilderExternalPort }} +server.protocol=http +trust.store.path=/auth/tomcat_keystore +key.store.path=/auth/aai-client-cert.p12 +key.store.password=70c87528c88dcd9f9c2558d30e817868 +key.store.type=PKCS12 +key.manager.factory.algorithm=SunX509 +security.protocol=TLS +connection.timeout.ms=60000 +read.timeout.ms=60000 +base.uri=/sdnccontextbuilder/v1/service/context diff --git a/kubernetes/pomba/components/pomba-contextaggregator/resources/config/logback.xml b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/logback.xml new file mode 100644 index 0000000000..0a4b616453 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/logback.xml @@ -0,0 +1,31 @@ +<configuration > + <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> + <property name="p_lvl" value="%level"/> + <property name="p_log" value="%logger"/> + <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> + <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <!-- tabs --> + <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_thr" value="%thread"/> + <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender name="FILE" class="ch.qos.logback.core.FileAppender"> + <file>/opt/app/logs/EELF/output.log</file> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </logger> + <root level="info"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </root> +</configuration> diff --git a/kubernetes/pomba/components/pomba-contextaggregator/templates/configmap.yaml b/kubernetes/pomba/components/pomba-contextaggregator/templates/configmap.yaml new file mode 100755 index 0000000000..0af3832c49 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/templates/configmap.yaml @@ -0,0 +1,39 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap-builders + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/builders/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-contextaggregator/templates/deployment.yaml b/kubernetes/pomba/components/pomba-contextaggregator/templates/deployment.yaml new file mode 100755 index 0000000000..a8cab88b6a --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/templates/deployment.yaml @@ -0,0 +1,140 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + initContainers: + - command: + - /app/ready.py + args: + - --container-name + - message-router + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ include "repositoryGenerator.image.readiness" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + {{- if .Values.liveness.enabled }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{- end }} + {{- if .Values.readiness.enabled }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + {{- end }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/config/application.properties + name: {{ include "common.fullname" . }}-config + subPath: application.properties + readOnly: true + - mountPath: /opt/app/config/builders + name: {{ include "common.fullname" . }}-config-builders + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + readOnly: false + - mountPath: /opt/app/config/logback.xml + name: {{ include "common.fullname" . }}-log-conf + subPath: logback.xml + - name: {{ include "common.fullname" . }}-logs-eelf + mountPath: /opt/app/logs/EELF + readOnly: false + + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{- toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{- toYaml .Values.affinity | indent 10 }} + {{- end }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + - name: {{ include "common.fullname" . }}-config-builders + configMap: + name: {{ include "common.fullname" . }}-configmap-builders + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-log-conf + configMap: + name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-logs-eelf + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-contextaggregator/templates/service.yaml b/kubernetes/pomba/components/pomba-contextaggregator/templates/service.yaml new file mode 100644 index 0000000000..2ebd6758a0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/templates/service.yaml @@ -0,0 +1,43 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName | default "http" }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-contextaggregator/values.yaml b/kubernetes/pomba/components/pomba-contextaggregator/values.yaml new file mode 100755 index 0000000000..6745f00b41 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/values.yaml @@ -0,0 +1,103 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +image: onap/pomba-context-aggregator:1.5.1 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: + aaiCtxBuilderHost: pomba-aaictxbuilder + aaiCtxBuilderUsername: admin + aaiCtxBuilderPassword: OBF:1u2a1toa1w8v1tok1u30 + sdcCtxBuilderHost: pomba-sdcctxbuilder + sdcCtxBuilderUsername: admin + sdcCtxBuilderPassword: OBF:1u2a1toa1w8v1tok1u30 + sdncCtxBuilderHost: pomba-sdncctxbuilder + sdncCtxBuilderUsername: admin + sdncCtxBuilderPassword: OBF:1u2a1toa1w8v1tok1u30 + networkdiscoveryCtxBuilderUsername: admin + networkdiscoveryCtxBuilderPassword: OBF:1u2a1toa1w8v1tok1u30 + ctxBuilderExternalPort: 9530 + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + enabled: false + +#Example service definition with external, internal and node ports. +service: + # The default service name (exposed in the service.yaml) will be the same + # name as the chart. If the service name needs to be overriden (such as + # when a subchart is shared), uncomment the value below. + #name: <service-name-override> + + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: ClusterIP + externalPort: 9529 + internalPort: 9529 + #nodePort: <replace with unused node port suffix eg. 23> + # optional port name override - default can be defined in service.yaml + #portName: http + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 800Mi + requests: + cpu: 10m + memory: 400Mi + large: + limits: + cpu: 2 + memory: 1600Mi + requests: + cpu: 20m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-data-router/.helmignore b/kubernetes/pomba/components/pomba-data-router/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/pomba/components/pomba-data-router/Chart.yaml b/kubernetes/pomba/components/pomba-data-router/Chart.yaml new file mode 100644 index 0000000000..e928528654 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/Chart.yaml @@ -0,0 +1,17 @@ +# Copyright © 2018 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +description: ONAP POMBA Data-Router +name: pomba-data-router +version: 7.0.0 diff --git a/kubernetes/pomba/components/pomba-data-router/requirements.yaml b/kubernetes/pomba/components/pomba-data-router/requirements.yaml new file mode 100644 index 0000000000..39a7aa565e --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-data-router/resources/config/auth/client-cert-onap.p12 b/kubernetes/pomba/components/pomba-data-router/resources/config/auth/client-cert-onap.p12 Binary files differnew file mode 100644 index 0000000000..dbf4fcacec --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/resources/config/auth/client-cert-onap.p12 diff --git a/kubernetes/pomba/components/pomba-data-router/resources/config/auth/data-router_policy.json b/kubernetes/pomba/components/pomba-data-router/resources/config/auth/data-router_policy.json new file mode 100644 index 0000000000..18659a5d4d --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/resources/config/auth/data-router_policy.json @@ -0,0 +1,18 @@ +{ + "roles": [ + { + "name": "admin", + "functions": [ + { + "name": "search", "methods": [ { "name": "GET" },{ "name": "DELETE" }, { "name": "PUT" }, { "name": "POST" } ] + } + ], + + "users": [ + { + "username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA" + } + ] + } + ] +} diff --git a/kubernetes/pomba/components/pomba-data-router/resources/config/auth/tomcat_keystore b/kubernetes/pomba/components/pomba-data-router/resources/config/auth/tomcat_keystore Binary files differnew file mode 100644 index 0000000000..9eec841aa2 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/resources/config/auth/tomcat_keystore diff --git a/kubernetes/pomba/components/pomba-data-router/resources/config/data-router.properties b/kubernetes/pomba/components/pomba-data-router/resources/config/data-router.properties new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/resources/config/data-router.properties diff --git a/kubernetes/pomba/components/pomba-data-router/resources/config/schemaIngest.properties b/kubernetes/pomba/components/pomba-data-router/resources/config/schemaIngest.properties new file mode 100644 index 0000000000..ca9c4e557f --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/resources/config/schemaIngest.properties @@ -0,0 +1,26 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + + +# Properties for the SchemaLocationsBean +# The AAI Schema jar will be unpacked to bundleconfig/etc +schemaConfig=NA +# OXM files named aai_oxm_v*.xml are unpacked here: +nodeDir=/opt/app/data-router/bundleconfig/etc/oxm +# DB Edge Rules are unpacked here: +edgeDir= +# DB Edge Property files are copied here: +edgePropsDir= diff --git a/kubernetes/pomba/components/pomba-data-router/resources/dynamic/conf/audit-bean.xml b/kubernetes/pomba/components/pomba-data-router/resources/dynamic/conf/audit-bean.xml new file mode 100644 index 0000000000..3f22a8b701 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/resources/dynamic/conf/audit-bean.xml @@ -0,0 +1,23 @@ +<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+
+ <bean id="eventPublisher" class="org.onap.aai.event.client.DMaaPEventPublisher" >
+ <constructor-arg name="host" value="message-router.{{.Release.Namespace}}:3904" />
+ <constructor-arg name="topic" value="POA-AUDIT-INIT" />
+ <constructor-arg name="username" value="" />
+ <constructor-arg name="password" value="" />
+ <constructor-arg name="maxBatchSize" value="100" />
+ <constructor-arg name="maxAgeMs" value="250" />
+ <constructor-arg name="delayBetweenBatchesMs" value="50" />
+ <constructor-arg name="transportType" value="HTTPAUTH" />
+ </bean>
+
+ <bean id="auditService" class="org.onap.aai.datarouter.service.AuditService" >
+ <constructor-arg ref="eventPublisher" />
+ </bean>
+
+</beans>
diff --git a/kubernetes/pomba/components/pomba-data-router/resources/dynamic/conf/poa-validation-bean.xml b/kubernetes/pomba/components/pomba-data-router/resources/dynamic/conf/poa-validation-bean.xml new file mode 100644 index 0000000000..c5c8d615e4 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/resources/dynamic/conf/poa-validation-bean.xml @@ -0,0 +1,29 @@ +<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+ <bean id="poaPolicy" class="org.onap.aai.datarouter.policy.ServiceIntegrityValidationPolicy" init-method="startup" >
+ <constructor-arg name="searchCertPath" value="client-cert-onap.p12" />
+ <constructor-arg name="searchCertPassword" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10" />
+ <constructor-arg name="searchCertTruststore" value="tomcat_keystore" />
+ <constructor-arg name="searchBaseURL" value="https://pomba-search-data.{{.Release.Namespace}}:9509" />
+ <constructor-arg name="endpoint" value="services/search-data-service/v1/search/indexes/" />
+ <constructor-arg name="validationIndexName" value="service-validations" />
+ <constructor-arg name="violationIndexName" value="service-violations" />
+ </bean>
+
+ <bean id="consumerBean" class="org.onap.aai.event.client.DMaaPEventConsumer" >
+ <constructor-arg name="host" value="message-router.{{.Release.Namespace}}:3904" />
+ <constructor-arg name="topic" value="POA-AUDIT-RESULT" />
+ <constructor-arg name="username" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10" />
+ <constructor-arg name="password" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10" />
+ <constructor-arg name="consumerGroup" value="poaConsumer" />
+ <constructor-arg name="consumerId" value="poaConsumer" />
+ <constructor-arg name="timeoutMs" value="15000" />
+ <constructor-arg name="messageLimit" value="1000" />
+ <constructor-arg name="transportType" value="HTTPAUTH" />
+ </bean>
+
+</beans>
diff --git a/kubernetes/pomba/components/pomba-data-router/resources/dynamic/routes/audit.route b/kubernetes/pomba/components/pomba-data-router/resources/dynamic/routes/audit.route new file mode 100644 index 0000000000..db631a84fe --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/resources/dynamic/routes/audit.route @@ -0,0 +1,5 @@ +<route xmlns="http://camel.apache.org/schema/spring" trace="true">
+ <from uri="servlet:///data-router/v1/orchestration-event-service/?matchOnUriPrefix=true" />
+ <to uri="cxfbean:auditService" />
+</route>
+
diff --git a/kubernetes/pomba/components/pomba-data-router/resources/dynamic/routes/poaValidation.route b/kubernetes/pomba/components/pomba-data-router/resources/dynamic/routes/poaValidation.route new file mode 100644 index 0000000000..655d436c9d --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/resources/dynamic/routes/poaValidation.route @@ -0,0 +1,4 @@ +<route xmlns="http://camel.apache.org/schema/spring" trace="true">
+ <from uri="event-bus:mybus/?eventTopic=POA-AUDIT-RESULT&consumer=#consumerBean" />
+ <to uri="bean:poaPolicy?method=process"/>
+</route>
diff --git a/kubernetes/pomba/components/pomba-data-router/templates/configmap.yaml b/kubernetes/pomba/components/pomba-data-router/templates/configmap.yaml new file mode 100644 index 0000000000..97b9e8389a --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/templates/configmap.yaml @@ -0,0 +1,34 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-prop + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-dynamic + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/dynamic/routes/audit.route").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/dynamic/conf/audit-bean.xml").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/dynamic/routes/poaValidation.route").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/dynamic/conf/poa-validation-bean.xml").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-data-router/templates/deployment.yaml b/kubernetes/pomba/components/pomba-data-router/templates/deployment.yaml new file mode 100644 index 0000000000..7b080ea6c7 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/templates/deployment.yaml @@ -0,0 +1,177 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + name: {{ include "common.name" . }} + spec: + initContainers: + - command: + - /app/ready.py + args: + - --container-name + - pomba-search-data + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ include "repositoryGenerator.image.readiness" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + - command: + - /bin/sh + - -c + - | + mkdir -p /logroot/data-router/logs + chmod -R 777 /logroot/data-router/logs + chown -R root:root /logroot + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + securityContext: + privileged: true + image: {{ include "repositoryGenerator.image.busybox" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: init-sysctl + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /logroot/ + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: SERVICE_BEANS + value: /opt/app/data-router/dynamic/conf + - name: CONFIG_HOME + value: /opt/app/data-router/config/ + - name: KEY_STORE_PASSWORD + value: {{ .Values.config.keyStorePassword }} + - name: DYNAMIC_ROUTES + value: /opt/app/data-router/dynamic/routes + - name: KEY_MANAGER_PASSWORD + value: {{ .Values.config.keyManagerPassword }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/data-router/config/auth + name: {{ include "common.fullname" . }}-auth + - mountPath: /opt/app/data-router/config/data-router.properties + subPath: data-router.properties + name: {{ include "common.fullname" . }}-properties + - mountPath: /opt/app/data-router/config/schemaIngest.properties + subPath: schemaIngest.properties + name: {{ include "common.fullname" . }}-properties + - mountPath: /opt/app/data-router/dynamic/routes/audit.route + subPath: audit.route + name: {{ include "common.fullname" . }}-dynamic-route + - mountPath: /opt/app/data-router/dynamic/routes/poaValidation.route + subPath: poaValidation.route + name: {{ include "common.fullname" . }}-dynamic-route + - mountPath: /opt/app/data-router/dynamic/conf/audit-bean.xml + subPath: audit-bean.xml + name: {{ include "common.fullname" . }}-dynamic-policy + - mountPath: /opt/app/data-router/dynamic/conf/poa-validation-bean.xml + subPath: poa-validation-bean.xml + name: {{ include "common.fullname" . }}-dynamic-policy + - mountPath: /logs/ + name: {{ include "common.fullname" . }}-logs + resources: +{{ include "common.resources" . | indent 10 }} + ports: + - containerPort: {{ .Values.service.internalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-auth + secret: + secretName: {{ include "common.fullname" . }} + - name: {{ include "common.fullname" . }}-properties + configMap: + name: {{ include "common.fullname" . }}-prop + items: + - key: data-router.properties + path: data-router.properties + - key: schemaIngest.properties + path: schemaIngest.properties + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-dynamic-route + configMap: + name: {{ include "common.fullname" . }}-dynamic + - name: {{ include "common.fullname" . }}-dynamic-policy + configMap: + name: {{ include "common.fullname" . }}-dynamic + - name: {{ include "common.fullname" . }}-logs + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-data-router/templates/ingress.yaml b/kubernetes/pomba/components/pomba-data-router/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/pomba/components/pomba-data-router/templates/pv.yaml b/kubernetes/pomba/components/pomba-data-router/templates/pv.yaml new file mode 100644 index 0000000000..bab5f83d85 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/templates/pv.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-data" + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} +{{- end -}} diff --git a/kubernetes/pomba/components/pomba-data-router/templates/pvc.yaml b/kubernetes/pomba/components/pomba-data-router/templates/pvc.yaml new file mode 100644 index 0000000000..64d5d3d46a --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/templates/pvc.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- end -}} diff --git a/kubernetes/pomba/components/pomba-data-router/templates/secret.yaml b/kubernetes/pomba/components/pomba-data-router/templates/secret.yaml new file mode 100644 index 0000000000..e655997a19 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/templates/secret.yaml @@ -0,0 +1,24 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-data-router/templates/service.yaml b/kubernetes/pomba/components/pomba-data-router/templates/service.yaml new file mode 100644 index 0000000000..decee40960 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/templates/service.yaml @@ -0,0 +1,42 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-data-router/values.yaml b/kubernetes/pomba/components/pomba-data-router/values.yaml new file mode 100644 index 0000000000..aed767c9e2 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/values.yaml @@ -0,0 +1,117 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# Default values for data-router. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + + +# Global configuration defaults +global: + nodePortPrefix: 302 + persistence: {} + +# application image +image: onap/data-router:1.3.3 +pullPolicy: Always +restartPolicy: Always + +# BusyBox image +busyboxRepository: docker.io +busyboxImage: library/busybox:latest + + +# application configuration +config: + keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 60 + periodSeconds: 30 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 60 + periodSeconds: 30 + +service: + name: pomba-data-router + type: NodePort + externalPort: 9502 + internalPort: 9502 + nodePort: 49 + +ingress: + enabled: false + service: + - baseaddr: "pombadatarouter" + name: "pomba-data-router" + port: 9502 + config: + ssl: "none" + +persistence: + enabled: true + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: <storageClass> + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + ## storageClass: "-" + accessMode: ReadWriteOnce + size: 2Gi + mountPath: /dockerdata-nfs + mountSubPath: pomba/data-router/logs + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1400Mi + requests: + cpu: 100m + memory: 700Mi + large: + limits: + cpu: 2 + memory: 2800Mi + requests: + cpu: 200m + memory: 1400Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-elasticsearch/Chart.yaml b/kubernetes/pomba/components/pomba-elasticsearch/Chart.yaml new file mode 100644 index 0000000000..10bc25400a --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP POMBA Elasticsearch +name: pomba-elasticsearch +version: 7.0.0 diff --git a/kubernetes/pomba/components/pomba-elasticsearch/requirements.yaml b/kubernetes/pomba/components/pomba-elasticsearch/requirements.yaml new file mode 100644 index 0000000000..39a7aa565e --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-elasticsearch/resources/config/elasticsearch.yml b/kubernetes/pomba/components/pomba-elasticsearch/resources/config/elasticsearch.yml new file mode 100644 index 0000000000..2ffa686ba5 --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/resources/config/elasticsearch.yml @@ -0,0 +1,134 @@ +# ======================== Elasticsearch Configuration ========================= +# +# NOTE: Elasticsearch comes with reasonable defaults for most settings. +# Before you set out to tweak and tune the configuration, make sure you +# understand what are you trying to accomplish and the consequences. +# +# The primary way of configuring a node is via this file. This template lists +# the most important settings you may want to configure for a production cluster. +# +# Please consult the documentation for further information on configuration options: +# https://www.elastic.co/guide/en/elasticsearch/reference/index.html +# +# ---------------------------------- Cluster ----------------------------------- +# +# Name of the Elasticsearch cluster. +# A node can only join a cluster when it shares its cluster.name with all the other nodes in the cluster. +# The default name is elasticsearch, but you should change it to an appropriate name which describes the +# purpose of the cluster. +# +cluster.name: POMBA_ES +# +# The port that other nodes in the cluster should use when communicating with this node. +# Required for Elasticsearch's nodes running on different cluster nodes. +# More : https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-transport.html +#transport.publish_port:$transport.publish_port +# +# The host address to publish for nodes in the cluster to connect to. +# Required for Elasticsearch's nodes running on different cluster nodes. +# More : https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-transport.html +#transport.publish_host:$transport.publish_host +# +# ------------------------------------ Node ------------------------------------ +# +# It is better to provide different meaningfull names fot different elastic nodes. +# By default, Elasticsearch will take the 7 first character of the randomly generated uuid used as the node id. +# Note that the node id is persisted and does not change when a node restarts +# +#node.name: $node.name +# +# Add custom attributes to the node: +# +#node.attr.rack: r1 +# +# ----------------------------------- Paths ------------------------------------ +# +# The location of the data files of each index / shard allocated on the node. Can hold multiple locations separated by coma. +# In production, we should not keep this default to "/elasticsearch/data", as on upgrading Elasticsearch, directory structure +# may change & can deal to data loss. +path.data: /usr/share/elasticsearch/data +# +# Elasticsearch's log files location. In production, we should not keep this default to "/elasticsearch/logs", +# as on upgrading Elasticsearch, directory structure may change. +path.logs: /usr/share/elasticsearch/logs +# +# ----------------------------------- Memory ----------------------------------- +# +# It is vitally important to the health of your node that none of the JVM is ever swapped out to disk. +# Lock the memory on startup. +# +bootstrap.memory_lock: false +# +# Make sure that the heap size is set to about half the memory available +# on the system and that the owner of the process is allowed to use this +# limit. +# +# Elasticsearch performs poorly when the system is swapping the memory. +# +# ---------------------------------- Network ----------------------------------- +# +# Set the bind address to a specific IP (IPv4 or IPv6): +# In order to communicate and to form a cluster with nodes on other servers, your node will need to bind to a +# non-loopback address. +network.host: 0.0.0.0 +# +# Set a custom port for HTTP: If required, default is 9200-9300 +# +#http.port: $http.port +# +# For more information, consult the network module documentation. +# +# --------------------------------- Discovery ---------------------------------- +# +# Pass an initial list of hosts to perform discovery when new node is started +# To form a cluster with nodes on other servers, you have to provide a seed list of other nodes in the cluster +# that are likely to be live and contactable. +# By default, Elasticsearch will bind to the available loopback addresses and will scan ports 9300 to 9305 to try +# to connect to other nodes running on the same server. +# +#$discovery.zen.ping.unicast.hosts +# +# This setting tells Elasticsearch to not elect a master unless there are enough master-eligible nodes +# available. Only then will an election take place. +# Prevent the "split brain" by configuring the majority of nodes (total number of master-eligible nodes / 2 + 1): +discovery.zen.minimum_master_nodes: 1 +# +# For more information, consult the zen discovery module documentation. +# +# ---------------------------------- Gateway ----------------------------------- +# +# Block initial recovery after a full cluster restart until N nodes are started: +# +#gateway.recover_after_nodes: 3 +# +# For more information, consult the gateway module documentation. +# +# ---------------------------------- Various ----------------------------------- +# +# Require explicit names when deleting indices: +# +#action.destructive_requires_name: true +# Set a custom port for HTTP: If required, default is 9200-9300 +# This is used for REST APIs +http.port: {{.Values.service.externalPort}} +# Port to bind for communication between nodes. Accepts a single value or a range. +# If a range is specified, the node will bind to the first available port in the range. +# Defaults to 9300-9400. +# More info: +transport.tcp.port: {{.Values.service.externalPort2}} + +xpack.graph.enabled: false +#Set to false to disable X-Pack graph features. + +xpack.ml.enabled: false +#Set to false to disable X-Pack machine learning features. + +xpack.monitoring.enabled: false +#Set to false to disable X-Pack monitoring features. + +xpack.security.enabled: false +#Set to false to disable X-Pack security features. + +xpack.watcher.enabled: false +#Set to false to disable Watcher. + diff --git a/kubernetes/pomba/components/pomba-elasticsearch/templates/configmap.yaml b/kubernetes/pomba/components/pomba-elasticsearch/templates/configmap.yaml new file mode 100644 index 0000000000..8ca06753fd --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/templates/configmap.yaml @@ -0,0 +1,23 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
\ No newline at end of file diff --git a/kubernetes/pomba/components/pomba-elasticsearch/templates/deployment.yaml b/kubernetes/pomba/components/pomba-elasticsearch/templates/deployment.yaml new file mode 100644 index 0000000000..578a5cd723 --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/templates/deployment.yaml @@ -0,0 +1,127 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + initContainers: + - command: + - /bin/sh + - -c + - | + sysctl -w vm.max_map_count=262144 + mkdir -p /logroot/elasticsearch/logs + mkdir -p /logroot/elasticsearch/data + chmod -R 777 /logroot/elasticsearch + chown -R root:root /logroot + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + securityContext: + privileged: true + image: {{ include "repositoryGenerator.image.busybox" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: init-sysctl + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /logroot/ + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.elasticRepository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + - containerPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.name2 }} +# disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort2 }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /usr/share/elasticsearch/config/elasticsearch.yml + name: {{ include "common.fullname" . }}-config + subPath: elasticsearch.yml + - mountPath: /usr/share/elasticsearch/data/ + name: {{ include "common.fullname" . }}-data + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + items: + - key: elasticsearch.yml + path: elasticsearch.yml + - name: {{ include "common.fullname" . }}-data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} + - name: {{ include "common.fullname" . }}-logs + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-logs + {{- else }} + emptyDir: {} + {{- end }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-elasticsearch/templates/pv-data.yaml b/kubernetes/pomba/components/pomba-elasticsearch/templates/pv-data.yaml new file mode 100644 index 0000000000..18994300db --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/templates/pv-data.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright © 2019 Amdocs, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} +{{- end -}} diff --git a/kubernetes/pomba/components/pomba-elasticsearch/templates/pv-logs.yaml b/kubernetes/pomba/components/pomba-elasticsearch/templates/pv-logs.yaml new file mode 100644 index 0000000000..705ea83984 --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/templates/pv-logs.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright © 2019 Amdocs, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-logs + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-logs +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-logs" + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPathLogs }} +{{- end -}} +{{- end -}} diff --git a/kubernetes/pomba/components/pomba-elasticsearch/templates/pvc-data.yaml b/kubernetes/pomba/components/pomba-elasticsearch/templates/pvc-data.yaml new file mode 100644 index 0000000000..4004e00f7e --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/templates/pvc-data.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- end -}} diff --git a/kubernetes/pomba/components/pomba-elasticsearch/templates/pvc-logs.yaml b/kubernetes/pomba/components/pomba-elasticsearch/templates/pvc-logs.yaml new file mode 100644 index 0000000000..f5898c129f --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/templates/pvc-logs.yaml @@ -0,0 +1,44 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-logs + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-logs +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} +{{- if eq "True" (include "common.needPV" .) }} + storageClassName: "{{ include "common.fullname" . }}-logs" +{{- else }} + storageClassName: {{ include "common.storageClass" . }} +{{- end }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- end -}} diff --git a/kubernetes/pomba/components/pomba-elasticsearch/templates/service.yaml b/kubernetes/pomba/components/pomba-elasticsearch/templates/service.yaml new file mode 100644 index 0000000000..0a12afb609 --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/templates/service.yaml @@ -0,0 +1,69 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name2 }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type2 }} + ports: + {{if eq .Values.service.type2 "NodePort" -}} + - port: {{ .Values.service.internalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.name2 }} + {{- else -}} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.name2 }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-elasticsearch/values.yaml b/kubernetes/pomba/components/pomba-elasticsearch/values.yaml new file mode 100644 index 0000000000..04b9434e02 --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/values.yaml @@ -0,0 +1,109 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# + +# application image +image: elasticsearch/elasticsearch:6.6.2 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: {} + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 120 + periodSeconds: 10 + +## Persist data to a persitent volume +persistence: + enabled: true + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: <storageClass> + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + accessMode: ReadWriteOnce + size: 1Gi + mountPath: /dockerdata-nfs + mountSubPath: pomba/elasticsearch/data + mountSubPathLogs: pomba + +service: + type: ClusterIP + name: pomba-es + externalPort: 9200 + internalPort: 9200 + type2: ClusterIP + name2: pomba-es-tcp + externalPort2: 9300 + internalPort2: 9300 + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 3Gi + requests: + cpu: 1 + memory: 1.5Gi + large: + limits: + cpu: 4 + memory: 6Gi + requests: + cpu: 2 + memory: 3Gi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-kibana/Chart.yaml b/kubernetes/pomba/components/pomba-kibana/Chart.yaml new file mode 100644 index 0000000000..58460fcff5 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP POMBA Kibana +name: pomba-kibana +version: 7.0.0 diff --git a/kubernetes/pomba/components/pomba-kibana/requirements.yaml b/kubernetes/pomba/components/pomba-kibana/requirements.yaml new file mode 100644 index 0000000000..39a7aa565e --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-kibana/resources/auth/pomba.crt.pem b/kubernetes/pomba/components/pomba-kibana/resources/auth/pomba.crt.pem new file mode 100644 index 0000000000..11125eaef7 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/resources/auth/pomba.crt.pem @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIID/TCCAuWgAwIBAgIJALVJyrUvH8uGMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD +VQQGEwJBVTERMA8GA1UECAwIVmljdG9yaWExEjAQBgNVBAcMCU1lbGJvdXJuZTEd +MBsGA1UECgwURXhhbXBsZSBPcmdhbml6YXRpb24xGzAZBgNVBAMMEmtpYmFuYS5l +eGFtcGxlLm9yZzEiMCAGCSqGSIb3DQEJARYTZXhhbXBsZUBleGFtcGxlLm9yZzAe +Fw0xNjA5MTgwMzU4NTNaFw0yNjA5MTYwMzU4NTNaMIGUMQswCQYDVQQGEwJBVTER +MA8GA1UECAwIVmljdG9yaWExEjAQBgNVBAcMCU1lbGJvdXJuZTEdMBsGA1UECgwU +RXhhbXBsZSBPcmdhbml6YXRpb24xGzAZBgNVBAMMEmtpYmFuYS5leGFtcGxlLm9y +ZzEiMCAGCSqGSIb3DQEJARYTZXhhbXBsZUBleGFtcGxlLm9yZzCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAK3AKz7Jq8CGR75NcbuUKiLTJhSS0/TBGA9M +k+OmradT5qWhFKbxUDoMwT4YpUTzkUGUzkGEVbUsrKK4XaYXldRoHOm8mS0aBErk +g2ffmpi+TiGk5LHykZ0avmYeEsqVESAjVEMuU3fWJzZd4NfUcTKsBA7Ccqfnb3CB +TS5fbAz/zw1K//XR5ZNCEBOsFD+0oFGKTNLCeMBCwccFNyVI2mNZpDA++HilNiQj +TEJytBXGcMVZaS+Tc0vENfVWHAAtVdk8+dd6jkpNnDhK1W1TB7HvhScewyEGh9yb +cK5asE8TBebEvUIrPaVFz+ef/o3lRev0Gq1QUYAoaG7ps9JlDcsCAwEAAaNQME4w +HQYDVR0OBBYEFIKSLrYMY9fXpCS7OGnyxhS7JzRrMB8GA1UdIwQYMBaAFIKSLrYM +Y9fXpCS7OGnyxhS7JzRrMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB +ABiu7+GH8WGNPqPUUHP17HHYK41xAyYoKSzCrELKmFLphYhnUQA6EeBY8rjYr3X0 +Z2O0F9J6Cik/kG/uBYW0Oi8PQ0EeSZwzvd+CsAc2EJAryOBpafWRXa2XrOtFkKjq +jKWHSa0QJsBALiu8+JVfcwXYshbhmdVBxrktxMoY9WpGI7EcZkf77SW5enY4LtSF +wuRr2lv29YADsa/Q7JV2I4oAbWUjW3513mR5JsefHPk7hXZbRCXqUxFTmWpnDomF +HDeEDAdSgMgzODnbU/qHI9tmP6iDaCTz/eVfyCMKGYA0oIX1j5GdJ6HXK1OHafJK +W/M9gDRhQKU0bTXC2CoEOAs= +-----END CERTIFICATE----- diff --git a/kubernetes/pomba/components/pomba-kibana/resources/auth/pomba.key.pem b/kubernetes/pomba/components/pomba-kibana/resources/auth/pomba.key.pem new file mode 100644 index 0000000000..db46f0d462 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/resources/auth/pomba.key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCtwCs+yavAhke+ +TXG7lCoi0yYUktP0wRgPTJPjpq2nU+aloRSm8VA6DME+GKVE85FBlM5BhFW1LKyi +uF2mF5XUaBzpvJktGgRK5INn35qYvk4hpOSx8pGdGr5mHhLKlREgI1RDLlN31ic2 +XeDX1HEyrAQOwnKn529wgU0uX2wM/88NSv/10eWTQhATrBQ/tKBRikzSwnjAQsHH +BTclSNpjWaQwPvh4pTYkI0xCcrQVxnDFWWkvk3NLxDX1VhwALVXZPPnXeo5KTZw4 +StVtUwex74UnHsMhBofcm3CuWrBPEwXmxL1CKz2lRc/nn/6N5UXr9BqtUFGAKGhu +6bPSZQ3LAgMBAAECggEAKE5S+d7ItAGydOf8QTpux+NZix5Agx+kGDB4gi/xSsbA +051ZcBy8sqqwzVnkROmHwcHmUvaC92NkrN6+AsCn5j08r9ArbHYDlugJv7f0YgiL +kWxyDQGrW9mPX5sMWuhXr6/iZS9C96K7N/ZxKUBD/jA/RLlA5chfZqboI6DJLP5s +u03ZW4toaGItLZtPxF07eElE4MGG/TbkoBZ5t79Y98TJP2oO95IpPQa8omqQcDEM +w0DsbV/dJV9AtyZBfmIRNaG5beiIUH26OQzUJP7FP2eIN4F/CAXLdlMnHtQA1XJz +QRwMxbfBQ+JfKD7YWedqivrjR0iPMx80M4HSU9DFaQKBgQDa+7F7zDRy4WU0GtfP +g+ArDUMjQv5pTXA0b2hKjHJRXM3LVo5qNJYWlirHtPjkVL4BJSY+iVl9/lfV2Xrf +gDXQLcUhABx5HNzZ5p+NyDHWrpZamFkfw9wLwQHXZGG8I+dla/iToHRWEH2QYxdz +VvfntpyE7XbxzhPPiS5haHGerwKBgQDLHxPn/jm2dSHa6jAidJXFJCMblcDuwIBy +7Cm7vnRro9Mbx/hZkRPXYWHQ/4WEVlWO9Sgkf4ambPSmdFg8ksQwBBd+l3K5K4Un +2AIL/PqgZg+anoEYYn1sqiWSc+YiO2GiRaHh5wOWtekEBBH9HcYkmKIXm3JHVdSw +SpQsryxppQKBgDi7qqDLJ+93a7PTHIRbwzEEL5esHKOFd4NuNZPSzS89HugGVcE4 +PIY/g3fX7/+f4NYFHOJozTGyOmlh/c53tfloUkEZeUb7blBZyo5+BkN7WeLAw55S +LOkyqNp33EZU+vcwwObmVB2UCiPlOEceif2TNvvNVdqRrFpBTS3ZVE5rAoGAJivk +9cgU2HESt60i9paqPq4X2us9oqCSgwZWoW2dO01CMwpVZZ+Z9vPaCgi68q+2zHLN +5G4Cw+vd3honKtr5+3wJXkTfzmSbVW2GlPIpt1L2w7vdztNTdsRS4z7clLpMEs67 +KVTcm8n7zEFnkAW0YtQ8Qet4gmdi3O5nAi65TfECgYEA0Pw2X4R37IrYM7tFDJSz +zDF4mRmk2qfhHBd8IaIDBpsXSgLcVRduro4HBzf/JeCt8rvw3VMLEFyqwyszpHro +xNnqPvbMPMCtOvUcr1VtXnO7CzaFNCJrfjYdV8vmDgvbYmBEHzG+LGbnVZIBUhQa +igVjtqU1uT83+VpR703IcBI= +-----END PRIVATE KEY----- diff --git a/kubernetes/pomba/components/pomba-kibana/resources/bin/kibana_start.sh b/kubernetes/pomba/components/pomba-kibana/resources/bin/kibana_start.sh new file mode 100644 index 0000000000..781a4b7f67 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/resources/bin/kibana_start.sh @@ -0,0 +1,26 @@ +#!/bin/bash +{{/* + +# Copyright � 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +mkdir -p /usr/share/kibana/auth +chmod 0777 /usr/share/kibana/auth + +cp /opt/app/auth/* /usr/share/kibana/auth/. + +chmod 0400 /usr/share/kibana/auth/* + +/usr/share/kibana/node/bin/node --no-warnings /usr/share/kibana/src/cli --cpu.cgroup.path.override=/ --cpuacct.cgroup.path.override=/ diff --git a/kubernetes/pomba/components/pomba-kibana/resources/config/default-mapping.json b/kubernetes/pomba/components/pomba-kibana/resources/config/default-mapping.json new file mode 100644 index 0000000000..77afee7a03 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/resources/config/default-mapping.json @@ -0,0 +1,247 @@ +{ + ".kibana": { + "mappings": { + "doc": { + "dynamic": "strict", + "properties": { + "config": { + "dynamic": "true", + "properties": { + "buildNum": { + "type": "keyword" + }, + "defaultIndex": { + "type": "text", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "telemetry:optIn": { + "type": "boolean" + } + } + }, + "dashboard": { + "properties": { + "description": { + "type": "text" + }, + "hits": { + "type": "integer" + }, + "kibanaSavedObjectMeta": { + "properties": { + "searchSourceJSON": { + "type": "text" + } + } + }, + "optionsJSON": { + "type": "text" + }, + "panelsJSON": { + "type": "text" + }, + "refreshInterval": { + "properties": { + "display": { + "type": "keyword" + }, + "pause": { + "type": "boolean" + }, + "section": { + "type": "integer" + }, + "value": { + "type": "integer" + } + } + }, + "timeFrom": { + "type": "keyword" + }, + "timeRestore": { + "type": "boolean" + }, + "timeTo": { + "type": "keyword" + }, + "title": { + "type": "text" + }, + "uiStateJSON": { + "type": "text" + }, + "version": { + "type": "integer" + } + } + }, + "index-pattern": { + "properties": { + "fieldFormatMap": { + "type": "text" + }, + "fields": { + "type": "text" + }, + "intervalName": { + "type": "keyword" + }, + "notExpandable": { + "type": "boolean" + }, + "sourceFilters": { + "type": "text" + }, + "timeFieldName": { + "type": "keyword" + }, + "title": { + "type": "text" + } + } + }, + "search": { + "properties": { + "columns": { + "type": "keyword" + }, + "description": { + "type": "text" + }, + "hits": { + "type": "integer" + }, + "kibanaSavedObjectMeta": { + "properties": { + "searchSourceJSON": { + "type": "text" + } + } + }, + "sort": { + "type": "keyword" + }, + "title": { + "type": "text" + }, + "version": { + "type": "integer" + } + } + }, + "server": { + "properties": { + "uuid": { + "type": "keyword" + } + } + }, + "timelion-sheet": { + "properties": { + "description": { + "type": "text" + }, + "hits": { + "type": "integer" + }, + "kibanaSavedObjectMeta": { + "properties": { + "searchSourceJSON": { + "type": "text" + } + } + }, + "timelion_chart_height": { + "type": "integer" + }, + "timelion_columns": { + "type": "integer" + }, + "timelion_interval": { + "type": "keyword" + }, + "timelion_other_interval": { + "type": "keyword" + }, + "timelion_rows": { + "type": "integer" + }, + "timelion_sheet": { + "type": "text" + }, + "title": { + "type": "text" + }, + "version": { + "type": "integer" + } + } + }, + "type": { + "type": "keyword" + }, + "updated_at": { + "type": "date" + }, + "url": { + "properties": { + "accessCount": { + "type": "long" + }, + "accessDate": { + "type": "date" + }, + "createDate": { + "type": "date" + }, + "url": { + "type": "text", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 2048 + } + } + } + } + }, + "visualization": { + "properties": { + "description": { + "type": "text" + }, + "kibanaSavedObjectMeta": { + "properties": { + "searchSourceJSON": { + "type": "text" + } + } + }, + "savedSearchId": { + "type": "keyword" + }, + "title": { + "type": "text" + }, + "uiStateJSON": { + "type": "text" + }, + "version": { + "type": "integer" + }, + "visState": { + "type": "text" + } + } + } + } + } + } + } +}
\ No newline at end of file diff --git a/kubernetes/pomba/components/pomba-kibana/resources/config/default.json b/kubernetes/pomba/components/pomba-kibana/resources/config/default.json new file mode 100644 index 0000000000..d54dbfe686 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/resources/config/default.json @@ -0,0 +1,239 @@ +{ + "_index": ".kibana", + "_type": "doc", + "_id": "index-pattern:f4978470-8fa0-11e8-bf59-199e245501e4", + "_score": 1, + "_source": { + "type": "index-pattern", + "updated_at": "2018-07-25T00:23:33.543Z", + "index-pattern": { + "title": "service-viol*", + "timeFieldName": "violationTimestamp", + "fields": "[{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"category\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"message\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"modelInvariantId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"modelVersionId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"serviceInstanceId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"severity\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"validationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"validationRule\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"validationTimestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"violationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violationTimestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"violationType\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false}]" + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "dashboard:Audit-Dashboard", + "_score": 1, + "_source": { + "type": "dashboard", + "updated_at": "2018-07-25T01:08:47.377Z", + "dashboard": { + "title": "Audit Dashboard", + "hits": 0, + "description": "", + "panelsJSON": "[{\"id\":\"Count-Visualization\",\"type\":\"visualization\",\"panelIndex\":1,\"size_x\":12,\"size_y\":3,\"col\":1,\"row\":1},{\"id\":\"Validation-Records\",\"type\":\"search\",\"panelIndex\":2,\"size_x\":12,\"size_y\":5,\"col\":1,\"row\":4,\"columns\":[\"validationId\",\"modelInvariantId\",\"serviceInstanceId\",\"result\"],\"sort\":[\"validationTimestamp\",\"desc\"]}]", + "optionsJSON": "{\"darkTheme\":false}", + "uiStateJSON": "{}", + "version": 1, + "timeRestore": true, + "timeTo": "now", + "timeFrom": "now-30d", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}}}]}" + } + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "search:test", + "_score": 1, + "_source": { + "type": "search", + "updated_at": "2018-07-25T01:12:03.481Z", + "search": { + "title": "test", + "description": "", + "hits": 0, + "columns": [ + "serviceInstanceId", + "validationId" + ], + "sort": [ + "validationTimestamp", + "desc" + ], + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"index\":\"2fa1bf80-8fa7-11e8-b5d4-cb06e6cca380\",\"query\":{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647}}" + } + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "visualization:Violations-Over-Time", + "_score": 1, + "_source": { + "type": "visualization", + "updated_at": "2018-07-25T01:08:47.645Z", + "visualization": { + "title": "Violations Over Time", + "visState": "{\"title\":\"Violations Over Time\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"scale\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Violation Events\"}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"violationTimestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}", + "uiStateJSON": "{}", + "description": "", + "savedSearchId": "Violation-Search", + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + } + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "dashboard:Audit-Violations-Dashboard", + "_score": 1, + "_source": { + "type": "dashboard", + "updated_at": "2018-07-25T01:08:47.382Z", + "dashboard": { + "title": "Audit Violations Dashboard", + "hits": 0, + "description": "", + "panelsJSON": "[{\"id\":\"Violations-Over-Time\",\"type\":\"visualization\",\"panelIndex\":1,\"size_x\":12,\"size_y\":3,\"col\":1,\"row\":1},{\"id\":\"Violation-Search\",\"type\":\"search\",\"panelIndex\":2,\"size_x\":12,\"size_y\":5,\"col\":1,\"row\":4,\"columns\":[\"validationId\",\"violationId\",\"violationType\",\"message\",\"severity\"],\"sort\":[\"validationTimestamp\",\"desc\"]}]", + "optionsJSON": "{\"darkTheme\":false}", + "uiStateJSON": "{}", + "version": 1, + "timeRestore": false, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}}}]}" + } + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "visualization:Count-Visualization", + "_score": 1, + "_source": { + "type": "visualization", + "updated_at": "2018-07-25T01:12:03.484Z", + "visualization": { + "title": "Validations Over Time", + "visState": "{\"aggs\":[{\"id\":\"1\",\"params\":{\"customLabel\":\"Validation Events\"},\"schema\":\"metric\",\"type\":\"count\"},{\"id\":\"2\",\"params\":{\"customInterval\":\"2h\",\"customLabel\":\"\",\"extended_bounds\":{},\"field\":\"validationTimestamp\",\"interval\":\"auto\",\"min_doc_count\":1},\"schema\":\"segment\",\"type\":\"date_histogram\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"defaultYExtents\":false,\"mode\":\"stacked\",\"scale\":\"linear\",\"setYExtents\":false,\"shareYAxis\":true,\"times\":[],\"yAxis\":{}},\"title\":\"Count Visualization\",\"type\":\"histogram\"}", + "uiStateJSON": "{}", + "description": "", + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"index\":\"2fa1bf80-8fa7-11e8-b5d4-cb06e6cca380\",\"query\":{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}" + } + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "config:6.3.1", + "_score": 1, + "_source": { + "type": "config", + "updated_at": "2018-07-25T00:25:06.654Z", + "config": { + "buildNum": 17276, + "defaultIndex": "f4978470-8fa0-11e8-bf59-199e245501e4", + "telemetry:optIn": false + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "search:Validation-Records", + "_score": 1, + "_source": { + "type": "search", + "updated_at": "2018-07-25T01:12:03.478Z", + "search": { + "title": "Validation Records", + "description": "", + "hits": 0, + "columns": [ + "validationId", + "modelInvariantId", + "serviceInstanceId", + "result" + ], + "sort": [ + "validationTimestamp", + "desc" + ], + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"index\":\"2fa1bf80-8fa7-11e8-b5d4-cb06e6cca380\",\"query\":{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647}}" + } + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "search:Main-View", + "_score": 1, + "_source": { + "type": "search", + "updated_at": "2018-07-25T01:12:03.480Z", + "search": { + "title": "Main View", + "description": "", + "hits": 0, + "columns": [ + "validationId", + "modelInvariantId", + "serviceInstanceId", + "result" + ], + "sort": [ + "validationTimestamp", + "desc" + ], + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"index\":\"2fa1bf80-8fa7-11e8-b5d4-cb06e6cca380\",\"query\":{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647}}" + } + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "index-pattern:2fa1bf80-8fa7-11e8-b5d4-cb06e6cca380", + "_score": 1, + "_source": { + "type": "index-pattern", + "updated_at": "2018-07-25T01:08:06.474Z", + "index-pattern": { + "title": "service-validations*", + "timeFieldName": "validationTimestamp", + "fields": "[{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"modelInvariantId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"modelName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"modelVersionId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"result\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"serviceInstanceId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"validationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"validationTimestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"violations.category\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.errorMessage\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.modelName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.severity\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.validationRule\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*]-name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*]-type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].invariant-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].nf-naming-code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].uuid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].vf-module-list.invariant-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].vf-module-list.max-instances\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].vf-module-list.min-instances\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].vf-module-list.uuid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].vnfc-list.name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].vnfc-list.nfc-naming-code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf[*]-name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf[*]-type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-service-name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].invariant-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].uuid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].vf-module-list.invariant-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].vf-module-list.max-instances\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].vf-module-list.min-instances\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].vf-module-list.uuid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].vnfc-list.invariant-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].vnfc-list.name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].vnfc-list.nfc-naming-code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].vnfc-list.uuid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdnc-vf-list[*]-name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdnc-vf-list[*]-type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdnc-vf[*]-name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdnc-vf[*]-type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationTimestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"violations.violationType\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"client\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"requestId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false}]" + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "search:Violation-Search", + "_score": 1, + "_source": { + "type": "search", + "updated_at": "2018-07-25T01:12:03.486Z", + "search": { + "title": "Violation Search", + "description": "", + "hits": 0, + "columns": [ + "validationId", + "violationId", + "violationType", + "message", + "severity" + ], + "sort": [ + "validationTimestamp", + "desc" + ], + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"index\":\"f4978470-8fa0-11e8-bf59-199e245501e4\",\"query\":{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647}}" + } + } + } +} diff --git a/kubernetes/pomba/components/pomba-kibana/resources/config/kibana.yml b/kubernetes/pomba/components/pomba-kibana/resources/config/kibana.yml new file mode 100644 index 0000000000..fdcdd02cc7 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/resources/config/kibana.yml @@ -0,0 +1,114 @@ +xpack.graph.enabled: false +#Set to false to disable X-Pack graph features. +xpack.ml.enabled: false +#Set to false to disable X-Pack machine learning features. +xpack.monitoring.enabled: false +#Set to false to disable X-Pack monitoring features. +xpack.reporting.enabled: false +#Set to false to disable X-Pack reporting features. +xpack.security.enabled: false +#Set to false to disable X-Pack security features. +xpack.watcher.enabled: false +#Set to false to disable Watcher. +# Kibana is served by a back end server. This setting specifies the port to use. +server.port: {{.Values.service.externalPort}} + +# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values. +# The default is 'localhost', which usually means remote machines will not be able to connect. +# To allow connections from remote users, set this parameter to a non-loopback address. +server.host: "0" + +# Enables you to specify a path to mount Kibana at if you are running behind a proxy. This only affects +# the URLs generated by Kibana, your proxy is expected to remove the basePath value before forwarding requests +# to Kibana. This setting cannot end in a slash. +#server.basePath: "" + +# The maximum payload size in bytes for incoming server requests. +#server.maxPayloadBytes: 1048576 + +# The Kibana server's name. This is used for display purposes. +server.name: "POMBA Reports" + +# The URL of the Elasticsearch instance to use for all your queries. +elasticsearch.url: "http://{{.Values.config.elasticsearchServiceName}}.{{.Release.Namespace}}:{{.Values.config.elasticsearchPort}}" +# When this setting's value is true Kibana uses the hostname specified in the server.host +# setting. When the value of this setting is false, Kibana uses the hostname of the host +# that connects to this Kibana instance. +#elasticsearch.preserveHost: true + +# Kibana uses an index in Elasticsearch to store saved searches, visualizations and +# dashboards. Kibana creates a new index if the index doesn't already exist. +#kibana.index: ".kibana" + +# The default application to load. +#kibana.defaultAppId: "discover" + +# If your Elasticsearch is protected with basic authentication, these settings provide +# the username and password that the Kibana server uses to perform maintenance on the Kibana +# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which +# is proxied through the Kibana server. +elasticsearch.username: "elastic" +elasticsearch.password: "changeme" +# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively. +# These settings enable SSL for outgoing requests from the Kibana server to the browser. +server.ssl.enabled: {{.Values.config.serverSslEnabled}} +server.ssl.certificate: {{.Values.config.serverSslCertificate}} +server.ssl.key: {{.Values.config.serverSslKey}} + +# Optional settings that provide the paths to the PEM-format SSL certificate and key files. +# These files validate that your Elasticsearch backend uses the same key files. +#elasticsearch.ssl.certificate: $elasticsearch_ssl_certificate +#elasticsearch.ssl.key: $elasticsearch_ssl_key + +# Optional setting that enables you to specify a path to the PEM file for the certificate +# authority for your Elasticsearch instance. +#elasticsearch.ssl.certificateAuthorities: $elasticsearch_ssl_certificateAuthorities + +# To disregard the validity of SSL certificates, change this setting's value to 'none'. +#elasticsearch.ssl.verificationMode: $elasticsearch_ssl_verificationMode + +# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of +# the elasticsearch.requestTimeout setting. +#elasticsearch.pingTimeout: 1500 + +# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value +# must be a positive integer. +#elasticsearch.requestTimeout: 30000 + +# List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side +# headers, set this value to [] (an empty list). +#elasticsearch.requestHeadersWhitelist: [ authorization ] + +# Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten +# by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration. +#elasticsearch.customHeaders: {} + +# Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable. +#elasticsearch.shardTimeout: 0 + +# Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying. +#elasticsearch.startupTimeout: 5000 + +# Specifies the path where Kibana creates the process ID file. +#pid.file: /var/run/kibana.pid + +# Enables you specify a file where Kibana stores log output. +#logging.dest: stdout + +# Set the value of this setting to true to suppress all logging output. +#logging.silent: false + +# Set the value of this setting to true to suppress all logging output other than error messages. +#logging.quiet: false + +# Set the value of this setting to true to log all events, including system usage information +# and all requests. +#logging.verbose: false + +# Set the interval in milliseconds to sample system and process performance +# metrics. Minimum is 100ms. Defaults to 5000. +#ops.interval: 5000 + +# The default locale. This locale can be used in certain circumstances to substitute any missing +# translations. +#i18n.defaultLocale: "en" diff --git a/kubernetes/pomba/components/pomba-kibana/templates/configmap.yaml b/kubernetes/pomba/components/pomba-kibana/templates/configmap.yaml new file mode 100644 index 0000000000..8facf30c14 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/templates/configmap.yaml @@ -0,0 +1,39 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-auth + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/auth/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-bin + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/bin/*").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-kibana/templates/deployment.yaml b/kubernetes/pomba/components/pomba-kibana/templates/deployment.yaml new file mode 100644 index 0000000000..7258784f09 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/templates/deployment.yaml @@ -0,0 +1,157 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + initContainers: + - command: + - /app/ready.py + args: + - --container-name + - pomba-elasticsearch + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ include "repositoryGenerator.image.readiness" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + - args: + - --output=http://{{.Values.config.elasticsearchServiceName}}.{{ include "common.namespace" . }}:{{.Values.config.elasticsearchPort}}/.kibana + - --input=/config/default-mapping.json + - --type=mapping + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.configImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-config-map + volumeMounts: + - mountPath: /config/default-mapping.json + name: {{ include "common.fullname" . }} + subPath: default-mapping.json + - args: + - --output=http://{{.Values.config.elasticsearchServiceName}}.{{ include "common.namespace" . }}:{{.Values.config.elasticsearchPort}}/.kibana + - --input=/config/default.json + - --type=data + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.configImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-config + volumeMounts: + - mountPath: /config/default.json + name: {{ include "common.fullname" . }} + subPath: default.json + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.elasticRepository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/bin/bash"] + args: ["-c", "/opt/app/bin/kibana_start.sh"] + ports: + - containerPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + readinessProbe: + httpGet: + path: "/" + scheme: "HTTPS" + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} +# disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + httpGet: + path: "/" + scheme: "HTTPS" + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + {{ end -}} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /usr/share/kibana/config + name: {{ include "common.fullname" . }} + - mountPath: /opt/app/auth + name: {{ include "common.fullname" . }}-auth + - mountPath: /opt/app/bin + name: {{ include "common.fullname" . }}-bin + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }} + configMap: + name: {{ include "common.fullname" . }} + items: + - key: kibana.yml + path: kibana.yml + - key: default.json + path: default.json + - key: default-mapping.json + path: default-mapping.json + - name: {{ include "common.fullname" . }}-auth + configMap: + name: {{ include "common.fullname" . }}-auth + defaultMode: 0777 + - name: {{ include "common.fullname" . }}-bin + configMap: + name: {{ include "common.fullname" . }}-bin + defaultMode: 0777 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-kibana/templates/ingress.yaml b/kubernetes/pomba/components/pomba-kibana/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/pomba/components/pomba-kibana/templates/service.yaml b/kubernetes/pomba/components/pomba-kibana/templates/service.yaml new file mode 100644 index 0000000000..decd606f35 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/templates/service.yaml @@ -0,0 +1,42 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-kibana/values.yaml b/kubernetes/pomba/components/pomba-kibana/values.yaml new file mode 100644 index 0000000000..deed02fd18 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/values.yaml @@ -0,0 +1,103 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# +# Configuration image +configImage: taskrabbit/elasticsearch-dump + +# application image +image: kibana/kibana:6.6.2 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: + elasticsearchServiceName: pomba-es + elasticsearchPort: 9200 + + #Enable HTTPS + serverSslEnabled: true + serverSslCertificate: /usr/share/kibana/auth/pomba.crt.pem + serverSslKey: /usr/share/kibana/auth/pomba.key.pem + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 300 + periodSeconds: 10 + timeoutSeconds: 1 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 300 + periodSeconds: 10 + timeoutSeconds: 1 + +service: + #Example service definition with external, internal and node ports. + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: NodePort + name: pomba-kibana + externalPort: 5601 + internalPort: 5601 + nodePort: 34 + +ingress: + enabled: false + service: + - baseaddr: "pombakibana" + name: "pomba-kibana" + port: 5601 + config: + ssl: "none" + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 1600Mi + requests: + cpu: 1 + memory: 800Mi + large: + limits: + cpu: 4 + memory: 3200Mi + requests: + cpu: 2 + memory: 1600Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/Chart.yaml b/kubernetes/pomba/components/pomba-networkdiscovery/Chart.yaml new file mode 100644 index 0000000000..f777057e5c --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP POMBA Network Discovery
+name: pomba-networkdiscovery
+version: 7.0.0
diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/requirements.yaml b/kubernetes/pomba/components/pomba-networkdiscovery/requirements.yaml new file mode 100644 index 0000000000..39a7aa565e --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/application.properties b/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/application.properties new file mode 100644 index 0000000000..19f9690f73 --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/application.properties @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +*/}} + +spring.jersey.type=filter + +#Enable HTTPS +server.port={{ .Values.config.serverSslPort }} +server.ssl.key-store={{ .Values.config.serverSslKeyStore }} +server.ssl.key-store-password={{ .Values.config.serverSslKeyStorePassword }} +server.ssl.client-auth={{ .Values.config.serverSslClientAuth }} +server.ssl.enabled={{ .Values.config.serverSslEnabled }} +server.ssl.enabled-protocols={{ .Values.config.serverSslEnabledProtocols }} + +# Basic Authentication +basicAuth.username={{ .Values.config.networkDiscoveryUserId }} +basicAuth.password={{ .Values.config.networkDiscoveryPassword }} + +openstack.identity.url ={{ .Values.config.openstackIdentityUrl }} +openstack.identity.user ={{ .Values.config.openstackUserId }} +openstack.identity.password ={{ .Values.config.openstackPassword }} + +openstack.types = vserver, l3-network, port +openstack.type.vserver.url = {{ .Values.config.openstackTypeVserverUrl }} +openstack.type.l3-network.url = {{ .Values.config.openstackTypeL3NetworkUrl }} +openstack.type.port.url = {{ .Values.config.openstackTypePortUrl }} + +openstack.api.microversion = 2.42 + diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/auth/client-cert-onap.p12 b/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/auth/client-cert-onap.p12 Binary files differnew file mode 100644 index 0000000000..dbf4fcacec --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/auth/client-cert-onap.p12 diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/auth/tomcat_keystore b/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/auth/tomcat_keystore Binary files differnew file mode 100644 index 0000000000..9eec841aa2 --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/auth/tomcat_keystore diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/logback.xml b/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/logback.xml new file mode 100644 index 0000000000..0a4b616453 --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/logback.xml @@ -0,0 +1,31 @@ +<configuration > + <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> + <property name="p_lvl" value="%level"/> + <property name="p_log" value="%logger"/> + <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> + <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <!-- tabs --> + <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_thr" value="%thread"/> + <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender name="FILE" class="ch.qos.logback.core.FileAppender"> + <file>/opt/app/logs/EELF/output.log</file> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </logger> + <root level="info"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </root> +</configuration> diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/templates/configmap.yaml b/kubernetes/pomba/components/pomba-networkdiscovery/templates/configmap.yaml new file mode 100644 index 0000000000..2e1a4387e2 --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/templates/configmap.yaml @@ -0,0 +1,31 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +*/}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/templates/deployment.yaml b/kubernetes/pomba/components/pomba-networkdiscovery/templates/deployment.yaml new file mode 100644 index 0000000000..be6c7c423a --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/templates/deployment.yaml @@ -0,0 +1,129 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + readOnly: false + - mountPath: /opt/app/config/logback.xml + name: {{ include "common.fullname" . }}-log-conf + subPath: logback.xml + - mountPath: /opt/app/config/application.properties + name: {{ include "common.fullname" . }}-config + subPath: application.properties + readOnly: true + - mountPath: /opt/app/config/auth/client-cert-onap.p12 + name: {{ include "common.fullname" . }}-auth-secret + subPath: client-cert-onap.p12 + readOnly: true + - mountPath: /opt/app/config/auth/tomcat_keystore + name: {{ include "common.fullname" . }}-auth-secret + subPath: tomcat_keystore + readOnly: true + - name: {{ include "common.fullname" . }}-logs-eelf + mountPath: /opt/app/logs/EELF + readOnly: false + + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-log-conf + configMap: + name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + - name: {{ include "common.fullname" . }}-auth-secret + secret: + secretName: {{ include "common.fullname" . }}-auth + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs-eelf + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/templates/ingress.yaml b/kubernetes/pomba/components/pomba-networkdiscovery/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/templates/secrets.yaml b/kubernetes/pomba/components/pomba-networkdiscovery/templates/secrets.yaml new file mode 100644 index 0000000000..6d357c496d --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/templates/secrets.yaml @@ -0,0 +1,28 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}} +
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-auth
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+data:
+{{ (.Files.Glob "resources/config/auth/*").AsSecrets | indent 2 }}
diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/templates/service.yaml b/kubernetes/pomba/components/pomba-networkdiscovery/templates/service.yaml new file mode 100644 index 0000000000..a846fe3ec0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/templates/service.yaml @@ -0,0 +1,42 @@ +{{/* +# Copyright © 2018 Amdocs
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}} +
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName | default "http" }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName | default "http" }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/values.yaml b/kubernetes/pomba/components/pomba-networkdiscovery/values.yaml new file mode 100644 index 0000000000..50c837d27d --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/values.yaml @@ -0,0 +1,120 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +image: onap/network-discovery:1.5.1 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + # Network Discovery Micro Service REST Client Configuration + + #Enable HTTPS + serverSslPort: 8443 + serverSslKeyStore: /opt/app/config/auth/tomcat_keystore + serverSslKeyStorePassword: password(OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10) + serverSslClientAuth: want + serverSslEnabled: true + serverSslEnabledProtocols: TLSv1.1,TLSv1.2 + + # Basic Authorization credentials for Network Discovery Micro Service Rest Service + networkDiscoveryUserId: admin + networkDiscoveryPassword: OBF:1u2a1toa1w8v1tok1u30 + + # Basic Authorization credentials for Openstack Rest APIs + openstackIdentityUrl: http://10.69.36.11:5000/v3/auth/tokens + openstackUserId: admin + openstackPassword: OBF:1w951ugg1vun1uha1w8l + + # Openstack Rest API URLs: + openstackTypeVserverUrl: http://10.69.36.11:8774/v2.1/servers/{0} + openstackTypeL3NetworkUrl: http://10.69.36.11:9696/v2.0/networks/{0} + openstackTypePortUrl: http://10.69.36.11:9696/v2.0/ports/{0} + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + +#Example service definition with external, internal and node ports. +service: + # The default service name (exposed in the service.yaml) will be the same + # name as the chart. If the service name needs to be overriden (such as + # when a subchart is shared), uncomment the value below. + #name: <service-name-override> + + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: NodePort + name: pomba-networkdiscovery + externalPort: 9531 + internalPort: 8443 + nodePort: 99 + portName: https + +ingress: + enabled: false + service: + - baseaddr: "pombanetworkdiscovery" + name: "pomba-networkdiscovery" + port: 8443 + config: + ssl: "redirect" + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 800Mi + requests: + cpu: 10m + memory: 400Mi + large: + limits: + cpu: 2 + memory: 1600Mi + requests: + cpu: 20m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/Chart.yaml b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/Chart.yaml new file mode 100644 index 0000000000..1c9ae77c9e --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP POMBA Network Discovery Context Builder +name: pomba-networkdiscoveryctxbuilder +version: 7.0.0 diff --git a/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/requirements.yaml b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/requirements.yaml new file mode 100644 index 0000000000..39a7aa565e --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/resources/config/application.properties b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/resources/config/application.properties new file mode 100644 index 0000000000..6b43aba20e --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/resources/config/application.properties @@ -0,0 +1,65 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +*/}} + +spring.jersey.type=filter +spring.mvc.urls=swagger,docs,prometheus,auditevents,info,heapdump,autoconfig,beans,loggers,dump,env,trace,health,configprops,mappings,metrics,webjars + + +server.contextPath=/ndcontextbuilder +spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration + +#This property is used to set the Tomcat connector attributes.developers can define multiple attributes separated by comma +#tomcat.connector.attributes=allowTrace-true +#The max number of active threads in this pool +server.tomcat.max-threads=200 +#The minimum number of threads always kept alive +server.tomcat.min-Spare-Threads=25 +#The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads +server.tomcat.max-idle-time=60000 + + +# Network Discovery Context Builder REST Service +networkDiscoveryCtxBuilder.httpProtocol={{ .Values.config.networkDiscoveryCtxBuilderHttpProtocol }} +networkDiscoveryCtxBuilder.serviceName={{ .Values.global.networkdiscoveryCtxBuilderHost }} +networkDiscoveryCtxBuilder.port={{ .Values.config.networkDiscoveryCtxBuilderPort }} +# Basic Authorization credentials for Network Discovery Context Builder REST Service +networkDiscoveryCtxBuilder.userId={{ .Values.config.networkDiscoveryCtxBuilderUserId }} +networkDiscoveryCtxBuilder.password={{ .Values.config.networkDiscoveryCtxBuilderPassword }} +networkDiscoveryCtxBuilder.resourceList={{ .Values.config.networkDiscoveryCtxBuilderResourceList }} + +# Service Decomposition REST Client Configuration +serviceDecomposition.httpProtocol={{ .Values.config.serviceDecompositionHttpProtocol }} +serviceDecomposition.host={{ .Values.config.serviceDecompositionServiceName }}.{{.Release.Namespace}} +serviceDecomposition.port={{ .Values.config.serviceDecompositionPort }} +serviceDecomposition.serviceInstancePath={{ .Values.config.serviceDecompositionInstancePath }} +#Basic Authorization Client credentials for Service Decomposition REST service +serviceDecomposition.userId={{ .Values.config.serviceDecompositionUserId }} +serviceDecomposition.password={{ .Values.config.serviceDecompositionPassword }} + +# Network Discovery Micro Service REST Client Configuration + +networkDiscoveryMicroService.host={{ .Values.config.networkDiscoveryServiceName }}.{{.Release.Namespace}} +networkDiscoveryMicroService.port={{ .Values.config.networkDiscoveryPort }} +networkDiscoveryMicroService.httpProtocol={{ .Values.config.networkDiscoveryHttpProtocol }} +networkDiscoveryMicroService.networkDiscoveryPath={{ .Values.config.networkDiscoveryPath }} +# Wait for Network Discovery MicroService response in milliseconds +networkDiscoveryMicroService.responseTimeOutInMilliseconds = {{ .Values.config.networkDiscoveryTimeOutInMilliseconds }} +# Basic Authorization credentials for Network Discovery Micro Service Rest Service +networkDiscoveryMicroService.userId={{ .Values.config.networkDiscoveryUserId }} +networkDiscoveryMicroService.password={{ .Values.config.networkDiscoveryPassword }} + +#Servlet context parameters +server.context_parameters.p-name=value diff --git a/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/resources/config/logback.xml b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/resources/config/logback.xml new file mode 100644 index 0000000000..0a4b616453 --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/resources/config/logback.xml @@ -0,0 +1,31 @@ +<configuration > + <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> + <property name="p_lvl" value="%level"/> + <property name="p_log" value="%logger"/> + <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> + <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <!-- tabs --> + <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_thr" value="%thread"/> + <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender name="FILE" class="ch.qos.logback.core.FileAppender"> + <file>/opt/app/logs/EELF/output.log</file> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </logger> + <root level="info"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </root> +</configuration> diff --git a/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/templates/configmap.yaml b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/templates/configmap.yaml new file mode 100644 index 0000000000..d0e26326ce --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/templates/configmap.yaml @@ -0,0 +1,32 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/templates/deployment.yaml b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/templates/deployment.yaml new file mode 100644 index 0000000000..32f35b695e --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/templates/deployment.yaml @@ -0,0 +1,118 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + readOnly: false + - mountPath: /opt/app/config/logback.xml + name: {{ include "common.fullname" . }}-log-conf + subPath: logback.xml + - mountPath: /opt/app/config/application.properties + name: {{ include "common.fullname" . }}-config + readOnly: true + subPath: application.properties + - name: {{ include "common.fullname" . }}-logs-eelf + mountPath: /opt/app/logs/EELF + readOnly: false + + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + - name: {{ include "common.fullname" . }}-log-conf + configMap: + name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs-eelf + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/templates/service.yaml b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/templates/service.yaml new file mode 100644 index 0000000000..2ebd6758a0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/templates/service.yaml @@ -0,0 +1,43 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName | default "http" }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/values.yaml b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/values.yaml new file mode 100644 index 0000000000..3fa4b8b25e --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/values.yaml @@ -0,0 +1,117 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +image: onap/pomba-network-discovery-context-builder:1.5.1 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + # Network Discovery Context Builder REST Service + networkDiscoveryCtxBuilderHttpProtocol: http + networkDiscoveryCtxBuilderPort: 9530 + networkDiscoveryCtxBuilderUserId: admin + networkDiscoveryCtxBuilderPassword: OBF:1u2a1toa1w8v1tok1u30 + networkDiscoveryCtxBuilderResourceList: vnfcs,vservers,l3-networks + + # Service Decomposition REST Client Configuration + serviceDecompositionHttpProtocol: http + serviceDecompositionServiceName: pomba-servicedecomposition + serviceDecompositionPort: 9532 + serviceDecompositionInstancePath: /service-decomposition/service/context + #Basic Authorization Client credentials for Service Decomposition REST service + serviceDecompositionUserId: admin + serviceDecompositionPassword: OBF:1u2a1toa1w8v1tok1u30 + + # Network Discovery Micro Service REST Client Configuration + networkDiscoveryServiceName: pomba-networkdiscovery + networkDiscoveryPort: 9531 + networkDiscoveryHttpProtocol: https + networkDiscoveryPath: /network-discovery/v1/network/resource + # Wait for Network Discovery MicroService response in milliseconds + networkDiscoveryTimeOutInMilliseconds: 60000 + # Basic Authorization credentials for Network Discovery Micro Service Rest Service + networkDiscoveryUserId: admin + networkDiscoveryPassword: OBF:1u2a1toa1w8v1tok1u30 + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + +#Example service definition with external, internal and node ports. +service: + # The default service name (exposed in the service.yaml) will be the same + # name as the chart. If the service name needs to be overriden (such as + # when a subchart is shared), uncomment the value below. + #name: <service-name-override> + + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: ClusterIP + externalPort: 9530 + internalPort: 8080 +# nodePort: <replace with unused node port suffix eg. 23> + # optional port name override - default can be defined in service.yaml + #portName: http + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 800Mi + requests: + cpu: 100m + memory: 400Mi + large: + limits: + cpu: 2 + memory: 1600Mi + requests: + cpu: 200m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/.helmignore b/kubernetes/pomba/components/pomba-sdcctxbuilder/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/Chart.yaml b/kubernetes/pomba/components/pomba-sdcctxbuilder/Chart.yaml new file mode 100644 index 0000000000..8248d14083 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP POMBA SDC Context Builder +name: pomba-sdcctxbuilder +version: 7.0.0 diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/requirements.yaml b/kubernetes/pomba/components/pomba-sdcctxbuilder/requirements.yaml new file mode 100644 index 0000000000..39a7aa565e --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/resources/config/README.txt b/kubernetes/pomba/components/pomba-sdcctxbuilder/resources/config/README.txt new file mode 100644 index 0000000000..5cc01497f5 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/resources/config/README.txt @@ -0,0 +1,10 @@ +This directory contains all external configuration files that +need to be mounted into an application container. + +See the configmap.yaml in the templates directory for an example +of how to load (ie map) config files from this directory, into +Kubernetes, for distribution within the k8s cluster. + +See deployment.yaml in the templates directory for an example +of how the 'config mapped' files are then mounted into the +containers. diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/resources/config/application.properties b/kubernetes/pomba/components/pomba-sdcctxbuilder/resources/config/application.properties new file mode 100644 index 0000000000..cfa618dad9 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/resources/config/application.properties @@ -0,0 +1,59 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +spring.jersey.type=filter +spring.mvc.urls=swagger,docs,prometheus,auditevents,info,heapdump,autoconfig,beans,loggers,dump,env,trace,health,configprops,mappings,metrics,webjars + +server.contextPath=/sdccontextbuilder +spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration + +#This property is used to set the Tomcat connector attributes.developers can define multiple attributes separated by comma +#tomcat.connector.attributes=allowTrace-true +#The max number of active threads in this pool +server.tomcat.max-threads=200 +#The minimum number of threads always kept alive +server.tomcat.min-Spare-Threads=25 +#server.port=9191 + +#The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads +server.tomcat.max-idle-time=60000 + +#Application properties +sdcConnect.username={{ .Values.config.sdcUsername }} +sdcConnect.password={{ .Values.config.sdcPassword }} +sdcConnect.consumerID={{ .Values.config.sdcConsumerId }} +sdcConnect.sdcAddress={{ .Values.config.sdcServiceName }}.{{.Release.Namespace}}:{{ .Values.config.sdcPort }} + +# Minimum timeout value is 15 seconds; default is 120000s +sdcConnect.timeout.seconds=60000 + +# {0} = UUID +sdc.url.template=/sdc/v1/catalog/services/{0}/toscaModel +sdc.artifact.type=TOSCA_CSAR + +# Intended name for downloaded temporary CSAR files: csar-[UUID].zip +# Only .zip and .csar are accepted extensions, default is .zip +sdc.csar.file.prefix=csar- +sdc.csar.file.suffix=.zip + +# HTTP Basic Authorization credentials for Rest Service API +http.userId={{ .Values.config.sdcCtxBuilderUserId }} +http.password={{ .Values.config.sdcCtxBuilderPassword }} + +#Servlet context parameters +server.context_parameters.p-name=value #context parameter with p-name as key and value as value. + +#test.tosca.csar.file=\\config\\toscaModel.csar.zip diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/resources/config/logback.xml b/kubernetes/pomba/components/pomba-sdcctxbuilder/resources/config/logback.xml new file mode 100644 index 0000000000..0a4b616453 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/resources/config/logback.xml @@ -0,0 +1,31 @@ +<configuration > + <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> + <property name="p_lvl" value="%level"/> + <property name="p_log" value="%logger"/> + <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> + <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <!-- tabs --> + <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_thr" value="%thread"/> + <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender name="FILE" class="ch.qos.logback.core.FileAppender"> + <file>/opt/app/logs/EELF/output.log</file> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </logger> + <root level="info"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </root> +</configuration> diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/templates/configmap.yaml b/kubernetes/pomba/components/pomba-sdcctxbuilder/templates/configmap.yaml new file mode 100644 index 0000000000..ab79c5c24f --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/templates/configmap.yaml @@ -0,0 +1,31 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }}
\ No newline at end of file diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/templates/deployment.yaml b/kubernetes/pomba/components/pomba-sdcctxbuilder/templates/deployment.yaml new file mode 100644 index 0000000000..67be143cd9 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/templates/deployment.yaml @@ -0,0 +1,117 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/config/application.properties + name: {{ include "common.fullname" . }}-config + subPath: application.properties + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + readOnly: false + - mountPath: /opt/app/config/logback.xml + name: {{ include "common.fullname" . }}-log-conf + subPath: logback.xml + - name: {{ include "common.fullname" . }}-logs-eelf + mountPath: /opt/app/logs/EELF + readOnly: false + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-log-conf + configMap: + name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs-eelf + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/templates/service.yaml b/kubernetes/pomba/components/pomba-sdcctxbuilder/templates/service.yaml new file mode 100644 index 0000000000..8647447dc1 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/templates/service.yaml @@ -0,0 +1,43 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName | default "http" }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/values.yaml b/kubernetes/pomba/components/pomba-sdcctxbuilder/values.yaml new file mode 100644 index 0000000000..b9502d88c9 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/values.yaml @@ -0,0 +1,100 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +image: onap/pomba-sdc-context-builder:1.5.1 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + #Application properties + sdcUsername: pomba + sdcPassword: OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp + sdcConsumerId: pomba + sdcServiceName: sdc-be + sdcPort: 8443 + # HTTP Basic Authorization credentials for Rest Service API + sdcCtxBuilderUserId: admin + sdcCtxBuilderPassword: OBF:1u2a1toa1w8v1tok1u30 + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + +#Example service definition with external, internal and node ports. +service: + # The default service name (exposed in the service.yaml) will be the same + # name as the chart. If the service name needs to be overriden (such as + # when a subchart is shared), uncomment the value below. + #name: <service-name-override> + + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: ClusterIP + externalPort: 9530 + internalPort: 8080 +# nodePort: <replace with unused node port suffix eg. 23> + # optional port name override - default can be defined in service.yaml + #portName: http + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 800Mi + requests: + cpu: 100m + memory: 400Mi + large: + limits: + cpu: 2 + memory: 1600Mi + requests: + cpu: 200m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-sdncctxbuilder/.helmignore b/kubernetes/pomba/components/pomba-sdncctxbuilder/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdncctxbuilder/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/pomba/components/pomba-sdncctxbuilder/Chart.yaml b/kubernetes/pomba/components/pomba-sdncctxbuilder/Chart.yaml new file mode 100644 index 0000000000..66bd4ba2e0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdncctxbuilder/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP POMBA SDNC Context Builder +name: pomba-sdncctxbuilder +version: 7.0.0 diff --git a/kubernetes/pomba/components/pomba-sdncctxbuilder/requirements.yaml b/kubernetes/pomba/components/pomba-sdncctxbuilder/requirements.yaml new file mode 100644 index 0000000000..39a7aa565e --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdncctxbuilder/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-sdncctxbuilder/resources/config/application.properties b/kubernetes/pomba/components/pomba-sdncctxbuilder/resources/config/application.properties new file mode 100644 index 0000000000..f95fa85fc1 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdncctxbuilder/resources/config/application.properties @@ -0,0 +1,73 @@ +{{/* +# Copyright © 2019 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +*/}} + +spring.jersey.type=filter +spring.mvc.urls=swagger,docs,prometheus,auditevents,info,heapdump,autoconfig,beans,loggers,dump,env,trace,health,configprops,mappings,metrics,webjars +camel.springboot.xmlRoutes = file:config/dynamic/routes/*.route +service.xml.beans = config/dynamic/conf/*.xml + +server.contextPath=/sdnccontextbuilder +spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration + +#This property is used to set the Tomcat connector attributes.developers can define multiple attributes separated by comma +#tomcat.connector.attributes=allowTrace-true +#The max number of active threads in this pool +server.tomcat.max-threads=200 +#The minimum number of threads always kept alive +server.tomcat.min-spare-threads=25 + +# Basic Authorization credentials for SDNC Context Builder REST Service +sdncCtxBuilder.userId={{ .Values.config.sdncCtxBuilderUserId }} +sdncCtxBuilder.password={{ .Values.config.sdncCtxBuilderPassword }} + +# AAI REST Client Configuration +aai.serviceName={{ .Values.config.aaiServiceName }}.{{.Release.Namespace}} +aai.servicePort={{ .Values.config.aaiPort }} +# AAI APIs authentication mode. Valid values: [basic_auth, client_cert] +aai.authentication=basic_auth +aai.trustStorePath=n/a +aai.keyStorePath=n/a +aai.keyStorePassword=n/a +aai.username={{ .Values.config.aaiUsername }} +aai.password={{ .Values.config.aaiPassword }} +aai.httpProtocol={{ .Values.config.aaiHttpProtocol }} +aai.authentication={{ .Values.config.aaiAuthentication }} +aai.trustStorePath={{ .Values.config.aaiTrustStorePath }} +aai.keyStorePath={{ .Values.config.aaiKeyStorePath }} +aai.keyStorePassword={{ .Values.config.aaiKeyStorePassword }} +aai.connectionTimeout={{ .Values.config.aaiConnectionTimeout }} +aai.readTimeout={{ .Values.config.aaiReadTimeout }} + +# HTTP Basic Authorization credentials for AAI Rest Service API +aai.http.userId={{ .Values.config.aaiHttpUserId }} +aai.http.password={{ .Values.config.aaiHttpPassword }} + +aai.serviceInstanceQuery=/aai/v13/nodes/service-instance/{0} + +# SDNC REST Client Configuration +sdnc.serviceName={{ .Values.config.sdncServiceName }}.{{.Release.Namespace}} +sdnc.servicePort={{ .Values.config.sdncPort }} +sdnc.user={{ .Values.config.sdncUsername }} +sdnc.password={{ .Values.config.sdncPassword }} +sdnc.httpProtocol={{ .Values.config.sdncHttpProtocol }} +sdnc.connectionTimeout={{ .Values.config.sdncConnectionTimeout }} +sdnc.readTimeout={{ .Values.config.sdncReadTimeout }} +sdnc.genericResourcePath=/restconf/config/GENERIC-RESOURCE-API:services/service/{0} +sdnc.portMirrorResourcePath=/restconf/config/GENERIC-RESOURCE-API:port-mirror-configurations/port-mirror-configuration/{0}/configuration-data/configuration-operation-information/port-mirror-configuration-request-input +sdnc.vnfPath=/restconf/config/VNF-API:vnfs/vnf-list/{0} + +#Servlet context parameters +server.context_parameters.p-name=value #context parameter with p-name as key and value as value. diff --git a/kubernetes/pomba/components/pomba-sdncctxbuilder/resources/config/logback.xml b/kubernetes/pomba/components/pomba-sdncctxbuilder/resources/config/logback.xml new file mode 100644 index 0000000000..0a4b616453 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdncctxbuilder/resources/config/logback.xml @@ -0,0 +1,31 @@ +<configuration > + <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> + <property name="p_lvl" value="%level"/> + <property name="p_log" value="%logger"/> + <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> + <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <!-- tabs --> + <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_thr" value="%thread"/> + <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender name="FILE" class="ch.qos.logback.core.FileAppender"> + <file>/opt/app/logs/EELF/output.log</file> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </logger> + <root level="info"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </root> +</configuration> diff --git a/kubernetes/pomba/components/pomba-sdncctxbuilder/templates/configmap.yaml b/kubernetes/pomba/components/pomba-sdncctxbuilder/templates/configmap.yaml new file mode 100644 index 0000000000..d0e26326ce --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdncctxbuilder/templates/configmap.yaml @@ -0,0 +1,32 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-sdncctxbuilder/templates/deployment.yaml b/kubernetes/pomba/components/pomba-sdncctxbuilder/templates/deployment.yaml new file mode 100644 index 0000000000..0bb855b6ce --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdncctxbuilder/templates/deployment.yaml @@ -0,0 +1,117 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + readOnly: false + - mountPath: /opt/app/config/logback.xml + name: {{ include "common.fullname" . }}-log-conf + subPath: logback.xml + - name: {{ include "common.fullname" . }}-logs-eelf + mountPath: /opt/app/logs/EELF + readOnly: false + - mountPath: /opt/app/config/application.properties + name: {{ include "common.fullname" . }}-config + subPath: application.properties + readOnly: true + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + - name: {{ include "common.fullname" . }}-log-conf + configMap: + name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs-eelf + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-sdncctxbuilder/templates/service.yaml b/kubernetes/pomba/components/pomba-sdncctxbuilder/templates/service.yaml new file mode 100644 index 0000000000..2ebd6758a0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdncctxbuilder/templates/service.yaml @@ -0,0 +1,43 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName | default "http" }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-sdncctxbuilder/values.yaml b/kubernetes/pomba/components/pomba-sdncctxbuilder/values.yaml new file mode 100644 index 0000000000..0c8814c6a3 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdncctxbuilder/values.yaml @@ -0,0 +1,117 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +image: onap/pomba-sdnc-context-builder:1.5.1 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + # AAI Rest Client Connection + aaiServiceName: aai + aaiPort: 8443 + aaiUsername: AAI + aaiPassword: OBF:1gfr1ev31gg7 + aaiHttpProtocol: https + aaiAuthentication: basic_auth + aaiTrustStorePath: n/a + aaiKeyStorePath: n/a + aaiKeyStorePassword: n/a + aaiConnectionTimeout: 5000 + aaiReadTimeout: 5000 + # HTTP Basic Authorization credentials for Rest Service API + aaiHttpUserId: admin + aaiHttpPassword: OBF:1u2a1toa1w8v1tok1u30 + sdncCtxBuilderUserId: admin + sdncCtxBuilderPassword: OBF:1u2a1toa1w8v1tok1u30 + + # SDNC Rest Client Connection + sdncServiceName: sdnc + sdncPort: 8282 + sdncUsername: admin + sdncPassword: OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp + sdncHttpProtocol: http + sdncConnectionTimeout: 5000 + sdncReadTimeout: 5000 + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 60 + periodSeconds: 30 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 60 + periodSeconds: 30 + +#Example service definition with external, internal and node ports. +service: + # The default service name (exposed in the service.yaml) will be the same + # name as the chart. If the service name needs to be overriden (such as + # when a subchart is shared), uncomment the value below. + #name: <service-name-override> + + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: ClusterIP + externalPort: 9530 + internalPort: 8080 +# nodePort: <replace with unused node port suffix eg. 23> + # optional port name override - default can be defined in service.yaml + #portName: http + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 800Mi + requests: + cpu: 100m + memory: 400Mi + large: + limits: + cpu: 2 + memory: 1600Mi + requests: + cpu: 200m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-search-data/.helmignore b/kubernetes/pomba/components/pomba-search-data/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/pomba/components/pomba-search-data/Chart.yaml b/kubernetes/pomba/components/pomba-search-data/Chart.yaml new file mode 100644 index 0000000000..2aaf2d183a --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License + +apiVersion: v1 +description: ONAP POMBA search-data +name: pomba-search-data +version: 7.0.0 diff --git a/kubernetes/pomba/components/pomba-search-data/requirements.yaml b/kubernetes/pomba/components/pomba-search-data/requirements.yaml new file mode 100644 index 0000000000..39a7aa565e --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-search-data/resources/config/analysis-config.json b/kubernetes/pomba/components/pomba-search-data/resources/config/analysis-config.json new file mode 100644 index 0000000000..0927d98748 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/resources/config/analysis-config.json @@ -0,0 +1,31 @@ +[{ + "name": "whitespace_analyzer", + "description": "A standard whitespace analyzer.", + "behaviours": [ + "Tokenize the text using white space characters as delimeters.", + "Convert all characters to lower case.", + "Convert all alphanumeric and symbolic Unicode characters above the first 127 ASCII characters into their ASCII equivalents." + ], + "tokenizer": "whitespace", + "filters": [ + "lowercase", + "asciifolding" + ] + }, + { + "name": "ngram_analyzer", + "description": "An analyzer which performs ngram filtering on the data stream.", + "behaviours": [ + "Tokenize the text using white space characters as delimeters.", + "Convert all characters to lower case.", + "Convert all alphanumeric and symbolic Unicode characters above the first 127 ASCII characters into their ASCII equivalents.", + "Apply ngram filtering using the following values for minimum and maximum size in codepoints of a single n-gram: minimum = 1, maximum = 2." + ], + "tokenizer": "whitespace", + "filters": [ + "lowercase", + "asciifolding", + "ngram_filter" + ] + } +]
\ No newline at end of file diff --git a/kubernetes/pomba/components/pomba-search-data/resources/config/auth/search_policy.json b/kubernetes/pomba/components/pomba-search-data/resources/config/auth/search_policy.json new file mode 100644 index 0000000000..00a6de5f4a --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/resources/config/auth/search_policy.json @@ -0,0 +1,24 @@ +{ + "roles": [{ + "name": "admin", + "functions": [{ + "name": "search", + "methods": [{ + "name": "GET" + }, + { + "name": "DELETE" + }, + { + "name": "PUT" + }, + { + "name": "POST" + } + ] + }], + "users": [{ + "username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA" + }] + }] +}
\ No newline at end of file diff --git a/kubernetes/pomba/components/pomba-search-data/resources/config/auth/tomcat_keystore b/kubernetes/pomba/components/pomba-search-data/resources/config/auth/tomcat_keystore Binary files differnew file mode 100644 index 0000000000..9eec841aa2 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/resources/config/auth/tomcat_keystore diff --git a/kubernetes/pomba/components/pomba-search-data/resources/config/dynamic-custom-template.json b/kubernetes/pomba/components/pomba-search-data/resources/config/dynamic-custom-template.json new file mode 100644 index 0000000000..0bd8686f85 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/resources/config/dynamic-custom-template.json @@ -0,0 +1,10 @@ +"dynamic_templates": [{ + "strings": { + "match_mapping_type": "string", + "match": "*", + "mapping": { + "type": "text", + "fielddata": true + } + } +}],
\ No newline at end of file diff --git a/kubernetes/pomba/components/pomba-search-data/resources/config/elastic-search.properties b/kubernetes/pomba/components/pomba-search-data/resources/config/elastic-search.properties new file mode 100644 index 0000000000..a42eb427bb --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/resources/config/elastic-search.properties @@ -0,0 +1,7 @@ +{{/* +# ElasticSearch Configuration +*/}} + +es.cluster-name=POMBA_ES +es.ip-address=pomba-es.{{.Release.Namespace}} +es.http-port={{.Values.config.elasticsearchHttpPort}} diff --git a/kubernetes/pomba/components/pomba-search-data/resources/config/es-payload-translation.json b/kubernetes/pomba/components/pomba-search-data/resources/config/es-payload-translation.json new file mode 100644 index 0000000000..58ed8f6428 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/resources/config/es-payload-translation.json @@ -0,0 +1,16 @@ +{ + "attr-translations": [ + { + "query": "$..[?(@.type=='string' && @.index=='analyzed')]", + "update": {"type": "text", "index": true, "fielddata": true} + }, + { + "query": "$..[?(@.type=='string' && @.index=='not_analyzed')]", + "update": {"type": "keyword", "index": true} + }, + { + "query": "$..[?(@.type=='string' && !@.index)]", + "update": {"type": "text", "fielddata": true} + } + ] +}
\ No newline at end of file diff --git a/kubernetes/pomba/components/pomba-search-data/resources/config/filter-config.json b/kubernetes/pomba/components/pomba-search-data/resources/config/filter-config.json new file mode 100644 index 0000000000..5f9120e889 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/resources/config/filter-config.json @@ -0,0 +1,5 @@ +[{ + "name": "ngram_filter", + "description": "Custom NGram Filter.", + "configuration": " \"type\": \"nGram\", \"min_gram\": 1, \"max_gram\": 50, \"token_chars\": [ \"letter\", \"digit\", \"punctuation\", \"symbol\" ]" +}]
\ No newline at end of file diff --git a/kubernetes/pomba/components/pomba-search-data/resources/config/log/logback.xml b/kubernetes/pomba/components/pomba-search-data/resources/config/log/logback.xml new file mode 100644 index 0000000000..f84d1bbbb0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/resources/config/log/logback.xml @@ -0,0 +1,170 @@ +<configuration scan="true" scanPeriod="3 seconds" debug="false"> + <!--<jmxConfigurator /> --> + <!-- directory path for all other type logs --> + + <property name="logDir" value="/var/log/onap" /> + + + <!-- specify the component name + <ECOMP-component-name>::= "MSO" | "DCAE" | "ASDC " | "AAI" |"Policy" | "SDNC" | "AC" --> + <property name="componentName" value="AAI-SDB"></property> + + <!-- default eelf log file names --> + <property name="generalLogName" value="error" /> + <property name="metricsLogName" value="metrics" /> + <property name="auditLogName" value="audit" /> + <property name="debugLogName" value="debug" /> + + <property name="errorLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|SearchDataService|%mdc{PartnerName}|%logger||%.-5level|%msg%n" /> + <property name="auditMetricPattern" value="%m%n" /> + + <property name="logDirectory" value="${logDir}/${componentName}" /> + + <!-- Example evaluator filter applied against console appender --> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${errorLogPattern}</pattern> + </encoder> + </appender> + + <!-- ============================================================================ --> + <!-- EELF Appenders --> + <!-- ============================================================================ --> + + <!-- The EELFAppender is used to record events to the general application + log --> + + <appender name="EELF" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${generalLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip + </fileNamePattern> + <maxHistory>60</maxHistory> + </rollingPolicy> + <encoder> + <pattern>${errorLogPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender"> + <!-- deny all events with a level below INFO, that is TRACE and DEBUG --> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>INFO</level> + </filter> + <queueSize>256</queueSize> + <appender-ref ref="EELF" /> + </appender> + + + <!-- EELF Audit Appender. This appender is used to record audit engine + related logging events. The audit logger and appender are specializations + of the EELF application root logger and appender. This can be used to segregate + Policy engine events from other components, or it can be eliminated to record + these events as part of the application root log. --> + + <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${auditLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip + </fileNamePattern> + <maxHistory>60</maxHistory> + </rollingPolicy> + <encoder> + <pattern>${auditMetricPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFAudit" /> + </appender> + + <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${metricsLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip + </fileNamePattern> + <maxHistory>60</maxHistory> + </rollingPolicy> + <encoder> + <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - + %msg%n"</pattern> --> + <pattern>${auditMetricPattern}</pattern> + </encoder> + </appender> + + + <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFMetrics"/> + </appender> + + <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${debugLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip + </fileNamePattern> + <maxHistory>60</maxHistory> + </rollingPolicy> + <encoder> + <pattern>${errorLogPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFDebug" /> + <includeCallerData>false</includeCallerData> + </appender> + + + <!-- ============================================================================ --> + <!-- EELF loggers --> + <!-- ============================================================================ --> + <logger name="com.att.eelf" level="info" additivity="false"> + <appender-ref ref="asyncEELF" /> + <appender-ref ref="asyncEELFDebug" /> + </logger> + + <logger name="com.att.eelf.audit" level="info" additivity="false"> + <appender-ref ref="asyncEELFAudit" /> + </logger> + <logger name="com.att.eelf.metrics" level="info" additivity="false"> + <appender-ref ref="asyncEELFMetrics" /> + </logger> + + <!-- Spring related loggers --> + <logger name="org.springframework" level="WARN" /> + <logger name="org.springframework.beans" level="WARN" /> + <logger name="org.springframework.web" level="WARN" /> + <logger name="com.blog.spring.jms" level="WARN" /> + + <!-- SearchDB loggers --> + <logger name="org.openecomp.sa" level="INFO" /> + + <!-- Other Loggers that may help troubleshoot --> + <logger name="net.sf" level="WARN" /> + <logger name="org.apache.commons.httpclient" level="WARN" /> + <logger name="org.apache.commons" level="WARN" /> + <logger name="org.apache.coyote" level="WARN" /> + <logger name="org.apache.jasper" level="WARN" /> + + <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging. + May aid in troubleshooting) --> + <logger name="org.apache.camel" level="WARN" /> + <logger name="org.apache.cxf" level="WARN" /> + <logger name="org.apache.camel.processor.interceptor" level="WARN" /> + <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" /> + <logger name="org.apache.cxf.service" level="WARN" /> + <logger name="org.restlet" level="WARN" /> + <logger name="org.apache.camel.component.restlet" level="WARN" /> + + <!-- logback internals logging --> + <logger name="ch.qos.logback.classic" level="WARN" /> + <logger name="ch.qos.logback.core" level="WARN" /> + + <root> + <appender-ref ref="asyncEELF" /> + <appender-ref ref="STDOUT" /> + <!-- <appender-ref ref="asyncEELFDebug" /> --> + </root> + +</configuration> diff --git a/kubernetes/pomba/components/pomba-search-data/templates/configmap.yaml b/kubernetes/pomba/components/pomba-search-data/templates/configmap.yaml new file mode 100644 index 0000000000..0715f0d51a --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/templates/configmap.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-service-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/logback.xml").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-search-data/templates/deployment.yaml b/kubernetes/pomba/components/pomba-search-data/templates/deployment.yaml new file mode 100644 index 0000000000..08fc3e9148 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/templates/deployment.yaml @@ -0,0 +1,160 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + name: {{ include "common.name" . }} + spec: + initContainers: + - command: + - /app/ready.py + args: + - --container-name + - pomba-elasticsearch + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ include "repositoryGenerator.image.readiness" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: CONFIG_HOME + value: /opt/app/search-data-service/config/ + - name: KEY_STORE_PASSWORD + value: {{ .Values.config.keyStorePassword }} + - name: KEY_MANAGER_PASSWORD + value: {{ .Values.config.keyManagerPassword }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/search-data-service/config/filter-config.json + subPath: filter-config.json + name: {{ include "common.fullname" . }}-service-config + - mountPath: /opt/app/search-data-service/config/elastic-search.properties + subPath: elastic-search.properties + name: {{ include "common.fullname" . }}-service-config + - mountPath: /opt/app/search-data-service/config/analysis-config.json + subPath: analysis-config.json + name: {{ include "common.fullname" . }}-service-config + - mountPath: /opt/app/search-data-service/config/es-payload-translation.json + subPath: es-payload-translation.json + name: {{ include "common.fullname" . }}-service-config + - mountPath: /opt/app/search-data-service/config/dynamic-custom-template.json + subPath: dynamic-custom-template.json + name: {{ include "common.fullname" . }}-service-config + - mountPath: /opt/app/search-data-service/config/auth/tomcat_keystore + subPath: tomcat_keystore + name: {{ include "common.fullname" . }}-service-auth-config + - mountPath: /opt/app/search-data-service/config/auth/search_policy.json + subPath: search_policy.json + name: {{ include "common.fullname" . }}-search-policy-config + - mountPath: /var/log/onap + name: {{ include "common.fullname" . }}-service-logs + - mountPath: /opt/app/search-data-service/bundleconfig/etc/logback.xml + name: {{ include "common.fullname" . }}-service-log-conf + subPath: logback.xml + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + + # side car containers + - name: filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + name: filebeat-conf + - mountPath: /var/log/onap + name: {{ include "common.fullname" . }}-service-logs + - mountPath: /usr/share/filebeat/data + name: {{ include "common.fullname" . }}-service-filebeat + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-service-config + configMap: + name: {{ include "common.fullname" . }} + - name: {{ include "common.fullname" . }}-service-auth-config + secret: + secretName: {{ include "common.fullname" . }}-keystone + - name: {{ include "common.fullname" . }}-search-policy-config + secret: + secretName: {{ include "common.fullname" . }}-policy + - name: filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-service-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-service-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-service-log-conf + configMap: + name: {{ include "common.fullname" . }}-service-log + restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-search-data/templates/secret.yaml b/kubernetes/pomba/components/pomba-search-data/templates/secret.yaml new file mode 100644 index 0000000000..33b058fc8f --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/templates/secret.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-keystone + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/config/auth/tomcat_keystore").AsSecrets . | indent 2 }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-policy + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/auth/search_policy.json").AsSecrets . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-search-data/templates/service.yaml b/kubernetes/pomba/components/pomba-search-data/templates/service.yaml new file mode 100644 index 0000000000..c786a5a894 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/templates/service.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-search-data/values.yaml b/kubernetes/pomba/components/pomba-search-data/values.yaml new file mode 100644 index 0000000000..a950750f85 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/values.yaml @@ -0,0 +1,65 @@ +# Default values for search-data. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +global: # global defaults + nodePortPrefix: 302 + + +# application image +image: onap/search-data-service:1.3.1 +pullPolicy: Always +restartPolicy: Always + +# application configuration +config: + elasticsearchHttpPort: 9200 + keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + +service: + type: ClusterIP + portName: pomba-search-data + internalPort: 9509 + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1800Mi + requests: + cpu: 50m + memory: 900Mi + large: + limits: + cpu: 2 + memory: 3600Mi + requests: + cpu: 100m + memory: 1800Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-servicedecomposition/Chart.yaml b/kubernetes/pomba/components/pomba-servicedecomposition/Chart.yaml new file mode 100644 index 0000000000..022628b372 --- /dev/null +++ b/kubernetes/pomba/components/pomba-servicedecomposition/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP POMBA Network Discovery Service Decomposition
+name: pomba-servicedecomposition
+version: 7.0.0
diff --git a/kubernetes/pomba/components/pomba-servicedecomposition/requirements.yaml b/kubernetes/pomba/components/pomba-servicedecomposition/requirements.yaml new file mode 100644 index 0000000000..39a7aa565e --- /dev/null +++ b/kubernetes/pomba/components/pomba-servicedecomposition/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-servicedecomposition/resources/config/application.properties b/kubernetes/pomba/components/pomba-servicedecomposition/resources/config/application.properties new file mode 100644 index 0000000000..d03f44a080 --- /dev/null +++ b/kubernetes/pomba/components/pomba-servicedecomposition/resources/config/application.properties @@ -0,0 +1,56 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +*/}} + +spring.jersey.type=filter +spring.mvc.urls=swagger,docs,prometheus,auditevents,info,heapdump,autoconfig,beans,loggers,dump,env,trace,health,configprops,mappings,metrics,webjars + + +server.contextPath=/service-decomposition +spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration + +#This property is used to set the Tomcat connector attributes.developers can define multiple attributes separated by comma +#tomcat.connector.attributes=allowTrace-true +#The max number of active threads in this pool +server.tomcat.max-threads=200 +#The minimum number of threads always kept alive +server.tomcat.min-Spare-Threads=25 +#The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads +server.tomcat.max-idle-time=60000 + +basicAuth.username={{ .Values.config.serviceDecompositionUserId }} +basicAuth.password={{ .Values.config.serviceDecompositionPassword }} + +# AAI REST Client Configuration +aai.serviceName={{ .Values.config.aaiServiceName }}.{{.Release.Namespace}} +aai.servicePort={{ .Values.config.aaiPort }} +# AAI APIs authentication mode. Valid values: [basic_auth, client_cert] +aai.authentication=basic_auth +aai.trustStorePath=n/a +aai.keyStorePath=n/a +aai.keyStorePassword=n/a +aai.username={{ .Values.config.aaiUsername }} +aai.password={{ .Values.config.aaiPassword }} +aai.httpProtocol={{ .Values.config.aaiHttpProtocol }} +aai.securityProtocol=TLS +aai.connectionTimeout=60000 +aai.readTimeout=60000 +aai.resourceList=vnfc,vserver,l3-network,pserver +aai.serviceInstancePath=/aai/v13/nodes/service-instance/{0} +aai.urlDepth=2 + +#Servlet context parameters +server.context_parameters.p-name=value #context parameter with p-name as key and value as value. + diff --git a/kubernetes/pomba/components/pomba-servicedecomposition/resources/config/log/logback.xml b/kubernetes/pomba/components/pomba-servicedecomposition/resources/config/log/logback.xml new file mode 100644 index 0000000000..3b02684b68 --- /dev/null +++ b/kubernetes/pomba/components/pomba-servicedecomposition/resources/config/log/logback.xml @@ -0,0 +1,31 @@ +<configuration> + <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> + <property name="p_lvl" value="%level"/> + <property name="p_log" value="%logger"/> + <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> + <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <!-- tabs --> + <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_thr" value="%thread"/> + <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender name="FILE" class="ch.qos.logback.core.FileAppender"> + <file>logs/EELF/output.log</file> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </logger> + <root level="INFO"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </root> +</configuration>
\ No newline at end of file diff --git a/kubernetes/pomba/components/pomba-servicedecomposition/templates/configmap.yaml b/kubernetes/pomba/components/pomba-servicedecomposition/templates/configmap.yaml new file mode 100644 index 0000000000..e2cb33c791 --- /dev/null +++ b/kubernetes/pomba/components/pomba-servicedecomposition/templates/configmap.yaml @@ -0,0 +1,32 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-servicedecomposition/templates/deployment.yaml b/kubernetes/pomba/components/pomba-servicedecomposition/templates/deployment.yaml new file mode 100644 index 0000000000..d30e921e12 --- /dev/null +++ b/kubernetes/pomba/components/pomba-servicedecomposition/templates/deployment.yaml @@ -0,0 +1,113 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + - mountPath: /opt/app/config/logback.xml + name: {{ include "common.fullname" . }}-log-conf + subPath: logback.xml + - mountPath: /opt/app/config/application.properties + name: {{ include "common.fullname" . }}-config + subPath: application.properties + readOnly: true + + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-log-conf + configMap: + name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-servicedecomposition/templates/service.yaml b/kubernetes/pomba/components/pomba-servicedecomposition/templates/service.yaml new file mode 100644 index 0000000000..2ebd6758a0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-servicedecomposition/templates/service.yaml @@ -0,0 +1,43 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName | default "http" }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-servicedecomposition/values.yaml b/kubernetes/pomba/components/pomba-servicedecomposition/values.yaml new file mode 100644 index 0000000000..a0e849890a --- /dev/null +++ b/kubernetes/pomba/components/pomba-servicedecomposition/values.yaml @@ -0,0 +1,100 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +image: onap/service-decomposition:1.5.1 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + # Service Decomposition REST Client Configuration + aaiServiceName: aai + aaiPort: 8443 + aaiUsername: AAI + aaiPassword: OBF:1gfr1ev31gg7 + aaiHttpProtocol: https + # Basic Authorization Client credentials for Service Decomposition REST service + serviceDecompositionUserId: admin + serviceDecompositionPassword: OBF:1u2a1toa1w8v1tok1u30 + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + +#Example service definition with external, internal and node ports. +service: + # The default service name (exposed in the service.yaml) will be the same + # name as the chart. If the service name needs to be overriden (such as + # when a subchart is shared), uncomment the value below. + #name: <service-name-override> + + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: ClusterIP + externalPort: 9532 + internalPort: 8080 +# nodePort: <replace with unused node port suffix eg. 23> + # optional port name override - default can be defined in service.yaml + #portName: http + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 800Mi + requests: + cpu: 100m + memory: 400Mi + large: + limits: + cpu: 2 + memory: 1600Mi + requests: + cpu: 200m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-validation-service/Chart.yaml b/kubernetes/pomba/components/pomba-validation-service/Chart.yaml new file mode 100644 index 0000000000..d6c923ca69 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: POMBA Validaton-Service +name: pomba-validation-service +version: 7.0.0 diff --git a/kubernetes/pomba/components/pomba-validation-service/requirements.yaml b/kubernetes/pomba/components/pomba-validation-service/requirements.yaml new file mode 100644 index 0000000000..39a7aa565e --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/README.txt b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/README.txt new file mode 100644 index 0000000000..5cc01497f5 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/README.txt @@ -0,0 +1,10 @@ +This directory contains all external configuration files that +need to be mounted into an application container. + +See the configmap.yaml in the templates directory for an example +of how to load (ie map) config files from this directory, into +Kubernetes, for distribution within the k8s cluster. + +See deployment.yaml in the templates directory for an example +of how the 'config mapped' files are then mounted into the +containers. diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/aai-environment.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/aai-environment.properties new file mode 100644 index 0000000000..cd5c62e96b --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/aai-environment.properties @@ -0,0 +1,15 @@ +host=dummy-host.onap.org +port=8443 +httpProtocol=https +trustStorePath=/auth/tomcat_keystore +#trustStorePassword intentionally left blank +trustStorePassword.x= +keyStorePath=/auth/client-cert-onap.p12 +keyStorePassword.x=OBF: +keyManagerFactoryAlgorithm=SunX509 +keyStoreType=PKCS12 +securityProtocol=TLS +connectionTimeout=5000 +readTimeout=1000 + +baseModelURI=/aai/v8/service-design-and-creation/models/model diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/client-cert-onap.p12 b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/client-cert-onap.p12 Binary files differnew file mode 100644 index 0000000000..dbf4fcacec --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/client-cert-onap.p12 diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/tomcat_keystore b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/tomcat_keystore Binary files differnew file mode 100644 index 0000000000..9eec841aa2 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/tomcat_keystore diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth_policy.json b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth_policy.json new file mode 100644 index 0000000000..ea5565a71e --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth_policy.json @@ -0,0 +1,46 @@ +{"roles": [ + { + "name": "admin", + "functions": [ + { + "name": "actions", + "methods": [ + {"name": "GET"}, + {"name": "DELETE"}, + {"name": "PUT"} + ] + }, + { + "name": "validate", + "methods": [{"name": "POST"}] + } + ], + "users": [ + {"username": "CN=common-name, OU=org-unit, O=org, L=location, ST=state, C=US"}, + {"username": "CN=test, OU=qa, O=Test Ltd, L=London, ST=London, C=GB"}, + {"username": "CN=aai-client.dev.att.com, OU=aai digicert client dev, O=\"AT&T Services, Inc.\", L=Dallas, ST=Texas, C=US"} + ] + }, + { + "name": "ops", + "functions": [{ + "name": "actions", + "methods": [{"name": "POST"}] + }], + "users": [ + {"username": "CN=common-name, OU=org-unit, O=org, L=location, ST=state, C=US"}, + {"username": "CN=test, OU=qa, O=Test Ltd, L=London, ST=London, C=GB"} + ] + }, + { + "name": "basicauth", + "functions": [{ + "name": "util", + "methods": [{"name": "GET"}] + }], + "users": [{ + "user": "aai", + "pass": "OBF:1u2a1t2v1vgb1s3g1s3m1vgj1t3b1u30" + }] + } +]} diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-data-dictionary.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-data-dictionary.properties new file mode 100644 index 0000000000..d93f030395 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-data-dictionary.properties @@ -0,0 +1,9 @@ +rule.datadictionary.hostport={{ .Values.config.dataDictHostPort }} +rule.datadictionary.connect.timeout=1000 +rule.datadictionary.read.timeout=1000 + +# basic authentication: base64 encoding of username:password +rule.datadictionary.credentials={{ .Values.config.dataDictCredentials }} + +# ex: /commonModelElements/instance~nfValuesCatalog~1.0/ +rule.datadictionary.uri=/commonModelElements/{0}~{1}~1.0/validateInstance diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-indexing.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-indexing.properties new file mode 100644 index 0000000000..06f4626ab6 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-indexing.properties @@ -0,0 +1,4 @@ +rule.indexing.events=POA-EVENT +rule.indexing.exclude.oxm.validation=POA-EVENT +rule.indexing.key.attributes=$.poa-event.modelVersionId,$.poa-event.modelInvariantId +rule.indexing.default.key=default-rules diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/schemaIngest.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/schemaIngest.properties new file mode 100644 index 0000000000..a711881dc5 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/schemaIngest.properties @@ -0,0 +1,9 @@ +{{/* +# Properties for the SchemaLocationsBean +# The AAI Schema jar will be unpacked to bundleconfig/etc +*/}} +schemaConfig=bundleconfig +# Files named aai_oxm_v*.xml are unpacked here: +nodeDir=${APP_HOME}/bundleconfig/etc/oxm +# Dummy folder/directory: +edgeDir=${APP_HOME}/bundleconfig/etc/oxm diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties new file mode 100644 index 0000000000..fe8e2684d5 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties @@ -0,0 +1,24 @@ +{{/* +# ============LICENSE_START=================================================== +# Copyright (c) 2018 Amdocs +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END===================================================== +*/}} + +poa-audit-result.name=POA-AUDIT-RESULT +poa-audit-result.host=message-router:3904 +poa-audit-result.publisher.partition=1 +poa-audit-result.username= +poa-audit-result.password=OBF: +poa-audit-result.transport.type=HTTPAUTH diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties new file mode 100644 index 0000000000..2dace57936 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties @@ -0,0 +1,25 @@ +{{/* +# ============LICENSE_START=================================================== +# Copyright (c) 2018 Amdocs +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END===================================================== +*/}} + +poa-rule-validation.name=POA-RULE-VALIDATION +poa-rule-validation.host=message-router:3904 +poa-rule-validation.username= +poa-rule-validation.password=OBF: +poa-rule-validation.consumer.group=poa-validator-test +poa-rule-validation.consumer.id=test +poa-rule-validation.transport.type=HTTPAUTH diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service-auth.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service-auth.properties new file mode 100644 index 0000000000..8bbd4233a6 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service-auth.properties @@ -0,0 +1,2 @@ +auth.policy.file=${CONFIG_HOME}/auth_policy.json +auth.authentication.disable=false diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service.properties new file mode 100644 index 0000000000..9b2e86213a --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service.properties @@ -0,0 +1,13 @@ +topic.publish.enable=true +topic.publish.retries=3 +topic.consume.enable=true +topic.consume.polling.interval.seconds=3 + +event.domain=onap +event.action.exclude=DELETE +event.type.rule=POA-EVENT +event.type.model=NOT-APPLICABLE-IN-POMBA +event.type.end=END-EVENT + +model.cache.expirySeconds=3 +aai.oxm.version=10 diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/application.properties b/kubernetes/pomba/components/pomba-validation-service/resources/application.properties new file mode 100644 index 0000000000..99879d4557 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/application.properties @@ -0,0 +1,45 @@ +{{/* +# ============LICENSE_START=================================================== +# Copyright (c) 2018 Amdocs +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END===================================================== + +# Note that the start.sh script sets the following System Properties +# We provide default values here for testing purposes +*/}} +APP_HOME=. +CONFIG_HOME=appconfig +com.att.eelf.logging.path=src/main/resources +com.att.eelf.logging.file=logback.xml +logback.configurationFile=${com.att.eelf.logging.path}/${com.att.eelf.logging.file} + +schemaIngestPropLoc=${CONFIG_HOME}/schemaIngest.properties + +server.port=9501 +server.ssl.client-auth=want +server.ssl.key-store=${CONFIG_HOME}/auth/tomcat_keystore +# Work-around for missing Java certificates file "cacerts". This default value should be overridden. +server.ssl.trust-store=${CONFIG_HOME}/auth/tomcat_keystore + +server.tomcat.max-threads=200 +# The minimum number of threads always kept alive +server.tomcat.min-spare-threads=25 + +# Spring Boot logging +logging.config=${logback.configurationFile} + +consumer.topic.names=poa-rule-validation +publisher.topic.names=poa-audit-result + +topics.properties.location=${CONFIG_HOME}/topics/ diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy b/kubernetes/pomba/components/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy new file mode 100644 index 0000000000..4a7f30452f --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy @@ -0,0 +1,512 @@ +/* + * ============LICENSE_START=================================================== + * Copyright (c) 2018 Amdocs + * ============================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END===================================================== + */ + +entity { + name 'POA-EVENT' + indexing { + indices 'default-rules' + } + validation { + + // NDCB-AAI comparison: Context level + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb', 'context-list.aai' + } + + // NDCB-AAI comparison: Service entity + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.service', 'context-list.aai.service' + } + + // NDCB-AAI comparison: Context level network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.networkList[*]', 'context-list.aai.networkList[*]' + } + + // NDCB-AAI comparison: VNF list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*]', 'context-list.aai.vnfList[*]' + } + + // NDCB-AAI comparison: VNF network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*].networkList[*]', 'context-list.aai.vnfList[*].networkList[*]' + } + + // NDCB-AAI comparison: VF-Module list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]' + } + + // NDCB-AAI comparison: VF-Module network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].networkList[*]' + } + + // NDCB-AAI comparison: VNFC list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]' + } + + // NDCB-AAI comparison: VM list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].vmList[*]' + } + + // NDCB-AAI comparison: P-Interface list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.pnfList[*].pInterfaceList[*]', 'context-list.aai.pnfList[*].pInterfaceList[*]' + } + + + // SDNC-AAI comparison: Context level + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc', 'context-list.aai' + } + + // SDNC-AAI comparison: Service entity + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.service', 'context-list.aai.service' + } + + // SDNC-AAI comparison: Context level network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.networkList[*]', 'context-list.aai.networkList[*]' + } + + // SDNC-AAI comparison: VNF list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*]', 'context-list.aai.vnfList[*]' + } + + // SDNC-AAI comparison: VNF network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].networkList[*]', 'context-list.aai.vnfList[*].networkList[*]' + } + + // SDNC-AAI comparison: VF-Module list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]' + } + + // SDNC-AAI comparison: VF-Module network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].networkList[*]' + } + + // SDNC-AAI comparison: VNFC list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]' + } + + // SDNC-AAI comparison: VM list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].vmList[*]' + } + + // AAI-SDNC PNF name validation + useRule { + name 'AAI-SDNC-pnf-name-check' + attributes 'context-list.aai.pnfList[*].name', 'context-list.sdnc.pnfList[*].name' + } + + + // SDNC-NDCB comparison: Context level + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc', 'context-list.ndcb' + } + + // SDNC-NDCB comparison: Service entity + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.service', 'context-list.ndcb.service' + } + + // SDNC-NDCB comparison: Context level network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.networkList[*]', 'context-list.ndcb.networkList[*]' + } + + // SDNC-NDCB comparison: VNF list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*]', 'context-list.ndcb.vnfList[*]' + } + + // SDNC-NDCB comparison: VNF network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].networkList[*]', 'context-list.ndcb.vnfList[*].networkList[*]' + } + + // SDNC-NDCB comparison: VF-Module list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*]' + } + + // SDNC-NDCB comparison: VF-Module network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*]' + } + + // SDNC-NDCB comparison: VNFC list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vnfcList[*]', 'context-list.ndcb.vnfList[*].vnfcList[*]' + } + + // SDNC-NDCB comparison: VM list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*].vmList[*]' + } + + + + // SDC-AAI VNFC type + useRule { + name 'SDC-AAI-vnfc-type' + attributes 'context-list.sdc.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]' + } + + // SDC-AAI VNFC node count + useRule { + name 'SDC-AAI-vnfc-node-count' + attributes 'context-list.sdc.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]' + } + + // SDC-AAI VF-Module instance + useRule { + name 'SDC-AAI-vf-module-instance-check' + attributes 'context-list.sdc.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]' + } + + useRule { + name 'AAI-not-empty' + attributes 'context-list.aai.pnfList', 'context-list.aai.vnfList', 'context-list.aai.networkList' + } + } +} + +rule { + name 'AAI-not-empty' + category 'VNFC Consistency' + description 'Check if AAI collected anything' + errorText 'AAI section is empty' + severity 'ERROR' + attributes 'pnfList', 'vnfList', 'networkList' + validate ''' + // expect at least one not empty list + return !pnfList.isEmpty() || !vnfList.isEmpty() || !networkList.isEmpty() + ''' +} + +rule { + name 'SDC-AAI-vnfc-type' + category 'VNFC Consistency' + description 'Validate that each VNFC instance in AAI conforms to a VNFC type defined in SDC model' + errorText 'AAI VNFC instance includes non-specified type in design SDC model' + severity 'ERROR' + attributes 'sdcList', 'aaiList' + validate ''' + def getVnfcTypes = { parsedData -> + parsedData.collect{ it.findResult{ k, v -> if(k.equals("type")) {return "$v"}}} + } + + def slurper = new groovy.json.JsonSlurper() + def sdcTypes = getVnfcTypes(slurper.parseText(sdcList.toString())) + def aaiTypes = getVnfcTypes(slurper.parseText(aaiList.toString())) + + // each type in AAI must exist in SDC + return sdcTypes.containsAll(aaiTypes) + ''' +} + +rule { + name 'SDC-AAI-vnfc-node-count' + category 'VNFC Consistency' + description 'Validate that for each VNFC node defined in SDC model, there is at least one VNFC instance in AAI' + errorText 'Design has specified types but not all of them exist in AAI' + severity 'WARNING' + attributes 'sdcList', 'aaiList' + validate ''' + def getVnfcNodes = { parsedData -> + parsedData.collect { new Tuple2( + it.findResult{ k, v -> if(k.equals("name")) {return "$v"}}, + it.findResult{ k, v -> if(k.equals("type")) {return "$v"}}) + } + } + + def slurper = new groovy.json.JsonSlurper() + def sdcNodes = getVnfcNodes(slurper.parseText(sdcList.toString())) + def aaiNodes = getVnfcNodes(slurper.parseText(aaiList.toString())) + + // each node in AAI must exist in SDC + return aaiNodes.containsAll(sdcNodes) + ''' +} + +rule { + name 'SDC-AAI-vf-module-instance-check' + category 'VF Consistency' + description 'Validate that each VF module instance in AAI conforms to a VF module defined in SDC service model' + errorText 'One or more AAI VF module instance(s) not defined in SDC model' + severity 'CRITICAL' + attributes 'sdcList', 'aaiList' + validate ''' + def getVfModules = { parsedData -> + parsedData.collect{ it.findResult{ k, v -> if(k.equals("name")) {return "$v"}}} + } + + def slurper = new groovy.json.JsonSlurper() + def sdcVfModules = getVfModules(slurper.parseText(sdcList.toString())) + def aaiVfModules = getVfModules(slurper.parseText(aaiList.toString())) + + // all VF modules in AAI must exist in SDC + return aaiVfModules.containsAll(sdcVfModules) + ''' +} + +rule { + name 'Attribute-comparison' + category 'Attribute Mismatch' + description 'Determine all discrepancies between values for attributes with matching names from each model' + errorText 'Error found with attribute(s) and values: {0}' + severity 'ERROR' + attributes 'lhsObject', 'rhsObject' + validate ''' + // This closure extracts the given object's root level attributes and contents of the attribute list. + // Complex items like lists are excluded. + // Returns a map containing attribute names as keys, mapping to a list of values for each attribute. + Closure<java.util.Map> getAttributes = { parsedData -> + java.util.Map attributeMap = new java.util.HashMap() + + def isAttributeDataQualityOk = { attribute -> + attribute.findResult{ k, v -> if(k.equals("dataQuality") ) {return v.get("status")}}.equals("ok") + } + + def addToMap = { attrKey, attrValue -> + java.util.Set values = attributeMap.get("$attrKey") + if(values == null) { + values = new java.util.HashSet() + attributeMap.put("$attrKey", values) + } + values.add("$attrValue") + } + + def addAttributeToMap = { attribute -> + if(isAttributeDataQualityOk(attribute)) { + String key, value + attribute.each { k, v -> + if(k.equals("name")) {key = "$v"} + if(k.equals("value")) {value = "$v"} + } + addToMap("$key", "$value") + } + } + + def processKeyValue = { key, value -> + if(value instanceof java.util.ArrayList) { + if(key.equals("attributeList")) { + value.each { + addAttributeToMap(it) + } + } + } else if(!(value instanceof groovy.json.internal.LazyMap)) { + // only add key-value attributes, skip the rest + addToMap("$key", "$value") + } + } + + if(parsedData instanceof java.util.ArrayList) { + parsedData.each { + it.each { key, value -> processKeyValue(key, value) } + } + } else { + parsedData.each { key, value -> processKeyValue(key, value) } + } + return attributeMap + } + + // This closure compares all values for each key from the left map, to values of the same key from the right map. + // Returns a map of attributes with mismatched or missing values (i.e. attribute name mapped to list of failed values). + Closure<java.util.Map> compareAttributes = { java.util.Map left, java.util.Map right -> + java.util.Map violationMap = new java.util.HashMap() + left.each{ leftKey, leftValueList -> + def rightValueList = right.get("$leftKey") + rightValueList.each{ rightValue -> + if(!leftValueList.any{ it == "$rightValue" }) { + def existingValues = violationMap.get(leftKey) + if(existingValues) { + existingValues.add("$rightValue") + } else { + java.util.Set newValues = new HashSet() + newValues.add("$rightValue") + violationMap.put("$leftKey", newValues) + } + } + } + } + return violationMap + } + + // This closure merges the given maps into a new map. + // Returns a map containing all keys and their values from both maps. + Closure<java.util.Map> mergeMaps = { java.util.Map left, java.util.Map right -> + if(left.isEmpty() && right.isEmpty()) { + return [:] + } else if(left.isEmpty()) { + return right + } else if(right.isEmpty()) { + return left + } + java.util.Map merged = new java.util.HashMap() + merged.putAll(left) + right.each{ rightKey, rightValues -> + java.util.Set mergedValues = merged.get(rightKey) + if(mergedValues == null) { + merged.put(rightKey, rightValues) + } else { + mergedValues.addAll(rightValues) + } + } + return merged + } + + def slurper = new groovy.json.JsonSlurper() + java.util.Map lhsAttributes = getAttributes(slurper.parseText(lhsObject.toString())) + java.util.Map rhsAttributes = getAttributes(slurper.parseText(rhsObject.toString())) + + def leftToRight = compareAttributes(lhsAttributes, rhsAttributes) + def rightToLeft = compareAttributes(rhsAttributes, lhsAttributes) + def mergedResults = mergeMaps(leftToRight, rightToLeft) + + boolean success = true + List<String> details = new ArrayList<>() + if(!mergedResults.isEmpty()) { + success = false + details.add(mergedResults.toString()) + } + return new Tuple2(success, details) + ''' +} + +/* + * The data-dictionary rule below can be used with this useRule clause: + * useRule { + * name 'Data-Dictionary validate VF type' + * attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*].type' + * } + */ +rule { + name 'Data-Dictionary validate VF type' + category 'INVALID_VALUE' + description 'Validate all VF type values against data-dictionary' + errorText 'VF type [{0}] failed data-dictionary validation: {1}' + severity 'ERROR' + attributes 'typeList' + validate ''' + boolean success = true + List<String> details = new ArrayList<>() + typeList.any { + if(!success) { + // break out of 'any' loop + return false + } + def result = org.onap.aai.validation.ruledriven.rule.builtin.DataDictionary.validate("instance", "vfModuleNetworkType", "type", "$it") + if(!result.isEmpty()) { + success = false + details.add("$it") + details.add("$result") + } + } + return new Tuple2(success, details) + ''' +} + +rule { + name 'AAI-SDNC-pnf-name-check' + category 'PNF Consistency' + description 'Validate that each PNF name in AAI matches a PNF name in the SDNC model' + errorText 'AAI PNF names do not match SDNC - {0}' + severity 'ERROR' + attributes 'aaiNames', 'sdncNames' + validate ''' + def addName = { values, key -> + values.add("$key") + } + + List<String> errorReasons = new ArrayList(); + + if (aaiNames.size() != sdncNames.size()) { + errorReasons.add("Number of PNFs don't match; aai has ${aaiNames.size()}, sdnc has ${sdncNames.size()}") + return new Tuple2(false, errorReasons) + } + + // collect all the "name" values from AAI and SDNC into two Sets. + Set aaiNameSet = new java.util.HashSet() + aaiNames.each { + aValue -> addName(aaiNameSet, aValue) + } + + Set sdncNameSet = new java.util.HashSet() + sdncNames.each { + aValue -> addName(sdncNameSet, aValue) + } + + // Validate that the names match by comparing the size of the two Sets. + if (aaiNameSet.size() != sdncNameSet.size()) { + errorReasons.add("Number of distinct PNF names don't match; aai: ${aaiNameSet}, sdnc: ${sdncNameSet}") + return new Tuple2(false, errorReasons) + } + + Set combinedSet = new HashSet(); + combinedSet.addAll(aaiNameSet); + combinedSet.addAll(sdncNameSet); + if (combinedSet.size() != aaiNameSet.size()) { + errorReasons.add("PNF names don't match; aai names: ${aaiNameSet}, sdnc names: ${sdncNameSet}") + return new Tuple2(false, errorReasons) + } + + return true + + ''' +} diff --git a/kubernetes/pomba/components/pomba-validation-service/templates/configmap.yaml b/kubernetes/pomba/components/pomba-validation-service/templates/configmap.yaml new file mode 100644 index 0000000000..9a9951ab9f --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/templates/configmap.yaml @@ -0,0 +1,47 @@ +{{/* +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-root-config + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/*.*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-config-properties + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/appconfig/*.*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-config-topics + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/appconfig/topics/*.properties").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-rules + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/bundleconfig/etc/rules/poa-event/*.groovy").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-validation-service/templates/deployment.yaml b/kubernetes/pomba/components/pomba-validation-service/templates/deployment.yaml new file mode 100644 index 0000000000..1590f4e001 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/templates/deployment.yaml @@ -0,0 +1,162 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + {{ if .Values.readiness.enabled }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + {{ end }} + env: + - name: APP_HOME + value: "{{ .Values.config.appDir }}" + - name: CONFIG_HOME + value: "{{ .Values.config.configDir }}" + - name: MAX_HEAP + value: "{{ .Values.config.maxHeap }}" + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: {{ .Values.config.appDir }}/application.properties + name: root-config-app-prop + subPath: application.properties + - mountPath: {{ .Values.config.configDir }}/ + name: properties + - mountPath: {{ .Values.config.configAuthDir }}/ + name: config-auth + - mountPath: {{ .Values.config.configTopicsDir }}/ + name: config-topics + - mountPath: {{ .Values.config.rulesDir }}/ + name: rules + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: root-config-app-prop + configMap: + name: {{ include "common.fullname" . }}-root-config + defaultMode: 0644 + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: properties + configMap: + name: {{ include "common.fullname" . }}-config-properties + defaultMode: 0644 + items: + - key: validation-service.properties + path: validation-service.properties + - key: validation-service-auth.properties + path: validation-service-auth.properties + - key: rule-indexing.properties + path: rule-indexing.properties + - key: rule-data-dictionary.properties + path: rule-data-dictionary.properties + - key: aai-environment.properties + path: aai-environment.properties + - key: schemaIngest.properties + path: schemaIngest.properties + - key: auth_policy.json + path: auth_policy.json + - name: config-auth + secret: + secretName: {{ include "common.fullname" . }}-config-auth-secret + items: + - key: tomcat_keystore + path: tomcat_keystore + - key: client-cert-onap.p12 + path: client-cert-onap.p12 + - name: config-topics + configMap: + name: {{ include "common.fullname" . }}-config-topics + defaultMode: 0644 + items: + - key: topic-poa-audit-result.properties + path: topic-poa-audit-result.properties + - key: topic-poa-rule-validation.properties + path: topic-poa-rule-validation.properties + - name: rules + configMap: + name: {{ include "common.fullname" . }}-rules + defaultMode: 0644 + items: + - key: default-rules.groovy + path: default-rules.groovy + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-validation-service/templates/secrets.yaml b/kubernetes/pomba/components/pomba-validation-service/templates/secrets.yaml new file mode 100644 index 0000000000..63d3b10f9a --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/templates/secrets.yaml @@ -0,0 +1,24 @@ +{{/* +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-config-auth-secret + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ (.Files.Glob "resources/appconfig/auth/*").AsSecrets | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-validation-service/templates/service.yaml b/kubernetes/pomba/components/pomba-validation-service/templates/service.yaml new file mode 100644 index 0000000000..8647447dc1 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/templates/service.yaml @@ -0,0 +1,43 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName | default "http" }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-validation-service/values.yaml b/kubernetes/pomba/components/pomba-validation-service/values.yaml new file mode 100644 index 0000000000..0626b0312e --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/values.yaml @@ -0,0 +1,100 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +image: onap/validation:1.3.1 +#pullPolicy: Always +pullPolicy: IfNotPresent + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: + appDir: /opt/app/validation-service + configDir: /opt/app/validation-service/appconfig + configAuthDir: /opt/app/validation-service/appconfig/auth + configTopicsDir: /opt/app/validation-service/appconfig/topics + rulesDir: /opt/app/validation-service/bundleconfig/etc/rules/poa-event + maxHeap: 1024 + dataDictHostPort: http://dummy-host:443 + dataDictCredentials: cG9tYmE6cG9tYmE= + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: false + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + enabled: false + +#Example service definition with external, internal and node ports. +service: + # The default service name (exposed in the service.yaml) will be the same + # name as the chart. If the service name needs to be overriden (such as + # when a subchart is shared), uncomment the value below. + #name: validation-service + + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: ClusterIP + externalPort: 9529 + internalPort: 8080 +# nodePort: <replace with unused node port suffix eg. 23> + # optional port name override - default can be defined in service.yaml + #portName: http + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1400Mi + requests: + cpu: 50m + memory: 700Mi + large: + limits: + cpu: 2 + memory: 2800Mi + requests: + cpu: 100m + memory: 1400Mi + unlimited: {} |