diff options
Diffstat (limited to 'kubernetes/pomba')
36 files changed, 1143 insertions, 3 deletions
diff --git a/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/application.properties b/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/application.properties index 4799f097e4..f1493cd27d 100644 --- a/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/application.properties +++ b/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/application.properties @@ -26,8 +26,8 @@ server.tomcat.max-threads=200 server.tomcat.min-spare-threads=25 # AAI REST Client Configuration -aai.host={{ .Values.config.aaiServiceName }}.{{.Release.Namespace}} -aai.port={{ .Values.config.aaiPort }} +aai.serviceName={{ .Values.config.aaiServiceName }}.{{.Release.Namespace}} +aai.servicePort={{ .Values.config.aaiPort }} aai.username={{ .Values.config.aaiUsername }} aai.password={{ .Values.config.aaiPassword }} aai.httpProtocol={{ .Values.config.aaiHttpProtocol }} diff --git a/kubernetes/pomba/charts/pomba-data-router/.helmignore b/kubernetes/pomba/charts/pomba-data-router/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/pomba/charts/pomba-data-router/Chart.yaml b/kubernetes/pomba/charts/pomba-data-router/Chart.yaml new file mode 100644 index 0000000000..6b2857dc41 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/Chart.yaml @@ -0,0 +1,17 @@ +# Copyright © 2018 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +description: ONAP POMBA Data-Router +name: pomba-data-router +version: 2.0.0 diff --git a/kubernetes/pomba/charts/pomba-data-router/resources/config/auth/client-cert-onap.p12 b/kubernetes/pomba/charts/pomba-data-router/resources/config/auth/client-cert-onap.p12 Binary files differnew file mode 100644 index 0000000000..dbf4fcacec --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/resources/config/auth/client-cert-onap.p12 diff --git a/kubernetes/pomba/charts/pomba-data-router/resources/config/auth/data-router_policy.json b/kubernetes/pomba/charts/pomba-data-router/resources/config/auth/data-router_policy.json new file mode 100644 index 0000000000..18659a5d4d --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/resources/config/auth/data-router_policy.json @@ -0,0 +1,18 @@ +{ + "roles": [ + { + "name": "admin", + "functions": [ + { + "name": "search", "methods": [ { "name": "GET" },{ "name": "DELETE" }, { "name": "PUT" }, { "name": "POST" } ] + } + ], + + "users": [ + { + "username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA" + } + ] + } + ] +} diff --git a/kubernetes/pomba/charts/pomba-data-router/resources/config/auth/tomcat_keystore b/kubernetes/pomba/charts/pomba-data-router/resources/config/auth/tomcat_keystore Binary files differnew file mode 100644 index 0000000000..9eec841aa2 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/resources/config/auth/tomcat_keystore diff --git a/kubernetes/pomba/charts/pomba-data-router/resources/config/data-router.properties b/kubernetes/pomba/charts/pomba-data-router/resources/config/data-router.properties new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/resources/config/data-router.properties diff --git a/kubernetes/pomba/charts/pomba-data-router/resources/config/schemaIngest.properties b/kubernetes/pomba/charts/pomba-data-router/resources/config/schemaIngest.properties new file mode 100644 index 0000000000..946bb63a13 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/resources/config/schemaIngest.properties @@ -0,0 +1,24 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# Properties for the SchemaLocationsBean +# The AAI Schema jar will be unpacked to bundleconfig/etc +schemaConfig=NA +# OXM files named aai_oxm_v*.xml are unpacked here: +nodeDir=/opt/app/data-router/bundleconfig/etc/oxm +# DB Edge Rules are unpacked here: +edgeDir= +# DB Edge Property files are copied here: +edgePropsDir= diff --git a/kubernetes/pomba/charts/pomba-data-router/resources/dynamic/conf/audit-bean.xml b/kubernetes/pomba/charts/pomba-data-router/resources/dynamic/conf/audit-bean.xml new file mode 100644 index 0000000000..3f22a8b701 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/resources/dynamic/conf/audit-bean.xml @@ -0,0 +1,23 @@ +<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+
+ <bean id="eventPublisher" class="org.onap.aai.event.client.DMaaPEventPublisher" >
+ <constructor-arg name="host" value="message-router.{{.Release.Namespace}}:3904" />
+ <constructor-arg name="topic" value="POA-AUDIT-INIT" />
+ <constructor-arg name="username" value="" />
+ <constructor-arg name="password" value="" />
+ <constructor-arg name="maxBatchSize" value="100" />
+ <constructor-arg name="maxAgeMs" value="250" />
+ <constructor-arg name="delayBetweenBatchesMs" value="50" />
+ <constructor-arg name="transportType" value="HTTPAUTH" />
+ </bean>
+
+ <bean id="auditService" class="org.onap.aai.datarouter.service.AuditService" >
+ <constructor-arg ref="eventPublisher" />
+ </bean>
+
+</beans>
diff --git a/kubernetes/pomba/charts/pomba-data-router/resources/dynamic/conf/poa-validation-bean.xml b/kubernetes/pomba/charts/pomba-data-router/resources/dynamic/conf/poa-validation-bean.xml new file mode 100644 index 0000000000..c5c8d615e4 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/resources/dynamic/conf/poa-validation-bean.xml @@ -0,0 +1,29 @@ +<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+ <bean id="poaPolicy" class="org.onap.aai.datarouter.policy.ServiceIntegrityValidationPolicy" init-method="startup" >
+ <constructor-arg name="searchCertPath" value="client-cert-onap.p12" />
+ <constructor-arg name="searchCertPassword" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10" />
+ <constructor-arg name="searchCertTruststore" value="tomcat_keystore" />
+ <constructor-arg name="searchBaseURL" value="https://pomba-search-data.{{.Release.Namespace}}:9509" />
+ <constructor-arg name="endpoint" value="services/search-data-service/v1/search/indexes/" />
+ <constructor-arg name="validationIndexName" value="service-validations" />
+ <constructor-arg name="violationIndexName" value="service-violations" />
+ </bean>
+
+ <bean id="consumerBean" class="org.onap.aai.event.client.DMaaPEventConsumer" >
+ <constructor-arg name="host" value="message-router.{{.Release.Namespace}}:3904" />
+ <constructor-arg name="topic" value="POA-AUDIT-RESULT" />
+ <constructor-arg name="username" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10" />
+ <constructor-arg name="password" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10" />
+ <constructor-arg name="consumerGroup" value="poaConsumer" />
+ <constructor-arg name="consumerId" value="poaConsumer" />
+ <constructor-arg name="timeoutMs" value="15000" />
+ <constructor-arg name="messageLimit" value="1000" />
+ <constructor-arg name="transportType" value="HTTPAUTH" />
+ </bean>
+
+</beans>
diff --git a/kubernetes/pomba/charts/pomba-data-router/resources/dynamic/routes/audit.route b/kubernetes/pomba/charts/pomba-data-router/resources/dynamic/routes/audit.route new file mode 100644 index 0000000000..db631a84fe --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/resources/dynamic/routes/audit.route @@ -0,0 +1,5 @@ +<route xmlns="http://camel.apache.org/schema/spring" trace="true">
+ <from uri="servlet:///data-router/v1/orchestration-event-service/?matchOnUriPrefix=true" />
+ <to uri="cxfbean:auditService" />
+</route>
+
diff --git a/kubernetes/pomba/charts/pomba-data-router/resources/dynamic/routes/poaValidation.route b/kubernetes/pomba/charts/pomba-data-router/resources/dynamic/routes/poaValidation.route new file mode 100644 index 0000000000..655d436c9d --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/resources/dynamic/routes/poaValidation.route @@ -0,0 +1,4 @@ +<route xmlns="http://camel.apache.org/schema/spring" trace="true">
+ <from uri="event-bus:mybus/?eventTopic=POA-AUDIT-RESULT&consumer=#consumerBean" />
+ <to uri="bean:poaPolicy?method=process"/>
+</route>
diff --git a/kubernetes/pomba/charts/pomba-data-router/templates/configmap.yaml b/kubernetes/pomba/charts/pomba-data-router/templates/configmap.yaml new file mode 100644 index 0000000000..c726e48ac7 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/templates/configmap.yaml @@ -0,0 +1,32 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-prop + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-dynamic + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/dynamic/routes/audit.route").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/dynamic/conf/audit-bean.xml").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/dynamic/routes/poaValidation.route").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/dynamic/conf/poa-validation-bean.xml").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/charts/pomba-data-router/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-data-router/templates/deployment.yaml new file mode 100644 index 0000000000..ce62679ee0 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/templates/deployment.yaml @@ -0,0 +1,140 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + name: {{ include "common.name" . }} + spec: + initContainers: + - command: + - /bin/sh + - -c + - | + mkdir -p /logroot/data-router/logs + chmod -R 777 /logroot/data-router/logs + chown -R root:root /logroot + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + securityContext: + privileged: true + image: {{ .Values.global.dockerhubRepository | default .Values.dockerhubRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: init-sysctl + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /logroot/ + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: SERVICE_BEANS + value: /opt/app/data-router/dynamic/conf + - name: CONFIG_HOME + value: /opt/app/data-router/config/ + - name: KEY_STORE_PASSWORD + value: {{ .Values.config.keyStorePassword }} + - name: DYNAMIC_ROUTES + value: /opt/app/data-router/dynamic/routes + - name: KEY_MANAGER_PASSWORD + value: {{ .Values.config.keyManagerPassword }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/data-router/config/auth + name: {{ include "common.fullname" . }}-auth + - mountPath: /opt/app/data-router/config/data-router.properties + subPath: data-router.properties + name: {{ include "common.fullname" . }}-properties + - mountPath: /opt/app/data-router/config/schemaIngest.properties + subPath: schemaIngest.properties + name: {{ include "common.fullname" . }}-properties + - mountPath: /opt/app/data-router/dynamic/routes/audit.route + subPath: audit.route + name: {{ include "common.fullname" . }}-dynamic-route + - mountPath: /opt/app/data-router/dynamic/routes/poaValidation.route + subPath: poaValidation.route + name: {{ include "common.fullname" . }}-dynamic-route + - mountPath: /opt/app/data-router/dynamic/conf/audit-bean.xml + subPath: audit-bean.xml + name: {{ include "common.fullname" . }}-dynamic-policy + - mountPath: /opt/app/data-router/dynamic/conf/poa-validation-bean.xml + subPath: poa-validation-bean.xml + name: {{ include "common.fullname" . }}-dynamic-policy + - mountPath: /logs/ + name: {{ include "common.fullname" . }}-logs + ports: + - containerPort: {{ .Values.service.internalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-auth + secret: + secretName: {{ include "common.fullname" . }} + - name: {{ include "common.fullname" . }}-properties + configMap: + name: {{ include "common.fullname" . }}-prop + items: + - key: data-router.properties + path: data-router.properties + - key: schemaIngest.properties + path: schemaIngest.properties + - name: {{ include "common.fullname" . }}-dynamic-route + configMap: + name: {{ include "common.fullname" . }}-dynamic + - name: {{ include "common.fullname" . }}-dynamic-policy + configMap: + name: {{ include "common.fullname" . }}-dynamic + - name: {{ include "common.fullname" . }}-logs + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/charts/pomba-data-router/templates/pv.yaml b/kubernetes/pomba/charts/pomba-data-router/templates/pv.yaml new file mode 100644 index 0000000000..184728f8ad --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/templates/pv.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} diff --git a/kubernetes/pomba/charts/pomba-data-router/templates/pvc.yaml b/kubernetes/pomba/charts/pomba-data-router/templates/pvc.yaml new file mode 100644 index 0000000000..e27c3311e9 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/kubernetes/pomba/charts/pomba-data-router/templates/secret.yaml b/kubernetes/pomba/charts/pomba-data-router/templates/secret.yaml new file mode 100644 index 0000000000..aa7c9388e4 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/templates/secret.yaml @@ -0,0 +1,22 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/pomba/charts/pomba-data-router/templates/service.yaml b/kubernetes/pomba/charts/pomba-data-router/templates/service.yaml new file mode 100644 index 0000000000..f6a1ce9cbc --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/templates/service.yaml @@ -0,0 +1,40 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/pomba/charts/pomba-data-router/values.yaml b/kubernetes/pomba/charts/pomba-data-router/values.yaml new file mode 100644 index 0000000000..3cfcc97c5c --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/values.yaml @@ -0,0 +1,111 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# Default values for data-router. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + + +# Global configuration defaults +global: + nodePortPrefix: 302 + persistence: {} + +# application image +repository: nexus3.onap.org:10001 +image: onap/data-router:1.3-STAGING-latest +pullPolicy: Always +restartPolicy: Always + +# BusyBox image +busyboxRepository: registry.hub.docker.com +busyboxImage: library/busybox:latest + + +# application configuration +config: + keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + name: pomba-data-router + type: NodePort + externalPort: 9502 + internalPort: 9502 + nodePort: 49 + +ingress: + enabled: false + +persistence: + enabled: true + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: <storageClass> + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + ## storageClass: "-" + accessMode: ReadWriteMany + size: 2Gi + mountPath: /dockerdata-nfs + mountSubPath: pomba/data-router/logs + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/kubernetes/pomba/charts/pomba-elasticsearch/resources/config/elasticsearch.yml b/kubernetes/pomba/charts/pomba-elasticsearch/resources/config/elasticsearch.yml index 80b68b97ab..2e469d551f 100644 --- a/kubernetes/pomba/charts/pomba-elasticsearch/resources/config/elasticsearch.yml +++ b/kubernetes/pomba/charts/pomba-elasticsearch/resources/config/elasticsearch.yml @@ -17,7 +17,7 @@ # The default name is elasticsearch, but you should change it to an appropriate name which describes the # purpose of the cluster. # -cluster.name: "pomba-dashboard" +cluster.name: POMBA_ES # # The port that other nodes in the cluster should use when communicating with this node. # Required for Elasticsearch's nodes running on different cluster nodes. diff --git a/kubernetes/pomba/charts/pomba-search-data/.helmignore b/kubernetes/pomba/charts/pomba-search-data/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-search-data/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/pomba/charts/pomba-search-data/Chart.yaml b/kubernetes/pomba/charts/pomba-search-data/Chart.yaml new file mode 100644 index 0000000000..ef0e5d6973 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-search-data/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License + +apiVersion: v1 +description: ONAP POMBA search-data +name: pomba-search-data +version: 2.0.0 diff --git a/kubernetes/pomba/charts/pomba-search-data/resources/config/analysis-config.json b/kubernetes/pomba/charts/pomba-search-data/resources/config/analysis-config.json new file mode 100644 index 0000000000..0927d98748 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-search-data/resources/config/analysis-config.json @@ -0,0 +1,31 @@ +[{ + "name": "whitespace_analyzer", + "description": "A standard whitespace analyzer.", + "behaviours": [ + "Tokenize the text using white space characters as delimeters.", + "Convert all characters to lower case.", + "Convert all alphanumeric and symbolic Unicode characters above the first 127 ASCII characters into their ASCII equivalents." + ], + "tokenizer": "whitespace", + "filters": [ + "lowercase", + "asciifolding" + ] + }, + { + "name": "ngram_analyzer", + "description": "An analyzer which performs ngram filtering on the data stream.", + "behaviours": [ + "Tokenize the text using white space characters as delimeters.", + "Convert all characters to lower case.", + "Convert all alphanumeric and symbolic Unicode characters above the first 127 ASCII characters into their ASCII equivalents.", + "Apply ngram filtering using the following values for minimum and maximum size in codepoints of a single n-gram: minimum = 1, maximum = 2." + ], + "tokenizer": "whitespace", + "filters": [ + "lowercase", + "asciifolding", + "ngram_filter" + ] + } +]
\ No newline at end of file diff --git a/kubernetes/pomba/charts/pomba-search-data/resources/config/auth/search_policy.json b/kubernetes/pomba/charts/pomba-search-data/resources/config/auth/search_policy.json new file mode 100644 index 0000000000..00a6de5f4a --- /dev/null +++ b/kubernetes/pomba/charts/pomba-search-data/resources/config/auth/search_policy.json @@ -0,0 +1,24 @@ +{ + "roles": [{ + "name": "admin", + "functions": [{ + "name": "search", + "methods": [{ + "name": "GET" + }, + { + "name": "DELETE" + }, + { + "name": "PUT" + }, + { + "name": "POST" + } + ] + }], + "users": [{ + "username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA" + }] + }] +}
\ No newline at end of file diff --git a/kubernetes/pomba/charts/pomba-search-data/resources/config/auth/tomcat_keystore b/kubernetes/pomba/charts/pomba-search-data/resources/config/auth/tomcat_keystore Binary files differnew file mode 100644 index 0000000000..9eec841aa2 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-search-data/resources/config/auth/tomcat_keystore diff --git a/kubernetes/pomba/charts/pomba-search-data/resources/config/dynamic-custom-template.json b/kubernetes/pomba/charts/pomba-search-data/resources/config/dynamic-custom-template.json new file mode 100644 index 0000000000..0bd8686f85 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-search-data/resources/config/dynamic-custom-template.json @@ -0,0 +1,10 @@ +"dynamic_templates": [{ + "strings": { + "match_mapping_type": "string", + "match": "*", + "mapping": { + "type": "text", + "fielddata": true + } + } +}],
\ No newline at end of file diff --git a/kubernetes/pomba/charts/pomba-search-data/resources/config/elastic-search.properties b/kubernetes/pomba/charts/pomba-search-data/resources/config/elastic-search.properties new file mode 100644 index 0000000000..3048e6019e --- /dev/null +++ b/kubernetes/pomba/charts/pomba-search-data/resources/config/elastic-search.properties @@ -0,0 +1,5 @@ +# ElasticSearch Configuration + +es.cluster-name=POMBA_ES +es.ip-address=pomba-es.{{.Release.Namespace}} +es.http-port={{.Values.config.elasticsearchHttpPort}} diff --git a/kubernetes/pomba/charts/pomba-search-data/resources/config/es-payload-translation.json b/kubernetes/pomba/charts/pomba-search-data/resources/config/es-payload-translation.json new file mode 100644 index 0000000000..de8bacf4cb --- /dev/null +++ b/kubernetes/pomba/charts/pomba-search-data/resources/config/es-payload-translation.json @@ -0,0 +1,19 @@ +{ + "attr-translations": [{ + "from": "\"type\":\"string\",\"index\":\"analyzed\"", + "to": "\"type\":\"text\",\"index\":\"true\"" + }, + { + "from": "\"type\":\"string\",\"index\":\"not_analyzed\"", + "to": "\"type\":\"keyword\",\"index\":\"true\"" + }, + { + "from": "\"type\":\"string\"", + "to": "\"type\":\"text\"" + }, + { + "from": "searchable", + "to": "index" + } + ] +}
\ No newline at end of file diff --git a/kubernetes/pomba/charts/pomba-search-data/resources/config/filter-config.json b/kubernetes/pomba/charts/pomba-search-data/resources/config/filter-config.json new file mode 100644 index 0000000000..5f9120e889 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-search-data/resources/config/filter-config.json @@ -0,0 +1,5 @@ +[{ + "name": "ngram_filter", + "description": "Custom NGram Filter.", + "configuration": " \"type\": \"nGram\", \"min_gram\": 1, \"max_gram\": 50, \"token_chars\": [ \"letter\", \"digit\", \"punctuation\", \"symbol\" ]" +}]
\ No newline at end of file diff --git a/kubernetes/pomba/charts/pomba-search-data/resources/config/log/logback.xml b/kubernetes/pomba/charts/pomba-search-data/resources/config/log/logback.xml new file mode 100644 index 0000000000..bfca544fe0 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-search-data/resources/config/log/logback.xml @@ -0,0 +1,169 @@ +<configuration scan="true" scanPeriod="3 seconds" debug="false"> + <!--<jmxConfigurator /> --> + <!-- directory path for all other type logs --> + + <property name="logDir" value="/var/log/onap" /> + + + <!-- specify the component name + <ECOMP-component-name>::= "MSO" | "DCAE" | "ASDC " | "AAI" |"Policy" | "SDNC" | "AC" --> + <property name="componentName" value="AAI-SDB"></property> + + <!-- default eelf log file names --> + <property name="generalLogName" value="error" /> + <property name="metricsLogName" value="metrics" /> + <property name="auditLogName" value="audit" /> + <property name="debugLogName" value="debug" /> + + <property name="errorLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|SearchDataService|%mdc{PartnerName}|%logger||%.-5level|%msg%n" /> + <property name="auditMetricPattern" value="%m%n" /> + + <property name="logDirectory" value="${logDir}/${componentName}" /> + + <!-- Example evaluator filter applied against console appender --> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${errorLogPattern}</pattern> + </encoder> + </appender> + + <!-- ============================================================================ --> + <!-- EELF Appenders --> + <!-- ============================================================================ --> + + <!-- The EELFAppender is used to record events to the general application + log --> + + <appender name="EELF" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${generalLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip + </fileNamePattern> + <maxHistory>60</maxHistory> + </rollingPolicy> + <encoder> + <pattern>${errorLogPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender"> + <!-- deny all events with a level below INFO, that is TRACE and DEBUG --> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>INFO</level> + </filter> + <queueSize>256</queueSize> + <appender-ref ref="EELF" /> + </appender> + + + <!-- EELF Audit Appender. This appender is used to record audit engine + related logging events. The audit logger and appender are specializations + of the EELF application root logger and appender. This can be used to segregate + Policy engine events from other components, or it can be eliminated to record + these events as part of the application root log. --> + + <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${auditLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip + </fileNamePattern> + <maxHistory>60</maxHistory> + </rollingPolicy> + <encoder> + <pattern>${auditMetricPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFAudit" /> + </appender> + + <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${metricsLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip + </fileNamePattern> + <maxHistory>60</maxHistory> + </rollingPolicy> + <encoder> + <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - + %msg%n"</pattern> --> + <pattern>${auditMetricPattern}</pattern> + </encoder> + </appender> + + + <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFMetrics"/> + </appender> + + <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${debugLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip + </fileNamePattern> + <maxHistory>60</maxHistory> + </rollingPolicy> + <encoder> + <pattern>${errorLogPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFDebug" /> + <includeCallerData>false</includeCallerData> + </appender> + + + <!-- ============================================================================ --> + <!-- EELF loggers --> + <!-- ============================================================================ --> + <logger name="com.att.eelf" level="info" additivity="false"> + <appender-ref ref="asyncEELF" /> + <appender-ref ref="asyncEELFDebug" /> + </logger> + + <logger name="com.att.eelf.audit" level="info" additivity="false"> + <appender-ref ref="asyncEELFAudit" /> + </logger> + <logger name="com.att.eelf.metrics" level="info" additivity="false"> + <appender-ref ref="asyncEELFMetrics" /> + </logger> + + <!-- Spring related loggers --> + <logger name="org.springframework" level="WARN" /> + <logger name="org.springframework.beans" level="WARN" /> + <logger name="org.springframework.web" level="WARN" /> + <logger name="com.blog.spring.jms" level="WARN" /> + + <!-- SearchDB loggers --> + <logger name="org.openecomp.sa" level="INFO" /> + + <!-- Other Loggers that may help troubleshoot --> + <logger name="net.sf" level="WARN" /> + <logger name="org.apache.commons.httpclient" level="WARN" /> + <logger name="org.apache.commons" level="WARN" /> + <logger name="org.apache.coyote" level="WARN" /> + <logger name="org.apache.jasper" level="WARN" /> + + <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging. + May aid in troubleshooting) --> + <logger name="org.apache.camel" level="WARN" /> + <logger name="org.apache.cxf" level="WARN" /> + <logger name="org.apache.camel.processor.interceptor" level="WARN" /> + <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" /> + <logger name="org.apache.cxf.service" level="WARN" /> + <logger name="org.restlet" level="WARN" /> + <logger name="org.apache.camel.component.restlet" level="WARN" /> + + <!-- logback internals logging --> + <logger name="ch.qos.logback.classic" level="WARN" /> + <logger name="ch.qos.logback.core" level="WARN" /> + + <root> + <appender-ref ref="asyncEELF" /> + <!-- <appender-ref ref="asyncEELFDebug" /> --> + </root> + +</configuration> diff --git a/kubernetes/pomba/charts/pomba-search-data/templates/configmap.yaml b/kubernetes/pomba/charts/pomba-search-data/templates/configmap.yaml new file mode 100644 index 0000000000..0715f0d51a --- /dev/null +++ b/kubernetes/pomba/charts/pomba-search-data/templates/configmap.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-service-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/logback.xml").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/charts/pomba-search-data/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-search-data/templates/deployment.yaml new file mode 100644 index 0000000000..c0e2568476 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-search-data/templates/deployment.yaml @@ -0,0 +1,143 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + name: {{ include "common.name" . }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: CONFIG_HOME + value: /opt/app/search-data-service/config/ + - name: KEY_STORE_PASSWORD + value: {{ .Values.config.keyStorePassword }} + - name: KEY_MANAGER_PASSWORD + value: {{ .Values.config.keyManagerPassword }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/search-data-service/config/filter-config.json + subPath: filter-config.json + name: {{ include "common.fullname" . }}-service-config + - mountPath: /opt/app/search-data-service/config/elastic-search.properties + subPath: elastic-search.properties + name: {{ include "common.fullname" . }}-service-config + - mountPath: /opt/app/search-data-service/config/analysis-config.json + subPath: analysis-config.json + name: {{ include "common.fullname" . }}-service-config + - mountPath: /opt/app/search-data-service/config/es-payload-translation.json + subPath: es-payload-translation.json + name: {{ include "common.fullname" . }}-service-config + - mountPath: /opt/app/search-data-service/config/dynamic-custom-template.json + subPath: dynamic-custom-template.json + name: {{ include "common.fullname" . }}-service-config + - mountPath: /opt/app/search-data-service/config/auth/tomcat_keystore + subPath: tomcat_keystore + name: {{ include "common.fullname" . }}-service-auth-config + - mountPath: /opt/app/search-data-service/config/auth/search_policy.json + subPath: search_policy.json + name: {{ include "common.fullname" . }}-search-policy-config + - mountPath: /var/log/onap + name: {{ include "common.fullname" . }}-service-logs + - mountPath: /opt/app/search-data-service/bundleconfig/etc/logback.xml + name: {{ include "common.fullname" . }}-service-log-conf + subPath: logback.xml + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ toYaml .Values.resources | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + + # side car containers + - name: filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + name: filebeat-conf + - mountPath: /var/log/onap + name: {{ include "common.fullname" . }}-service-logs + - mountPath: /usr/share/filebeat/data + name: {{ include "common.fullname" . }}-service-filebeat + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-service-config + configMap: + name: {{ include "common.fullname" . }} + - name: {{ include "common.fullname" . }}-service-auth-config + secret: + secretName: {{ include "common.fullname" . }}-keystone + - name: {{ include "common.fullname" . }}-search-policy-config + secret: + secretName: {{ include "common.fullname" . }}-policy + - name: filebeat-conf + configMap: + name: {{ .Release.Name }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-service-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-service-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-service-log-conf + configMap: + name: {{ include "common.fullname" . }}-service-log + restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/charts/pomba-search-data/templates/secret.yaml b/kubernetes/pomba/charts/pomba-search-data/templates/secret.yaml new file mode 100644 index 0000000000..33b058fc8f --- /dev/null +++ b/kubernetes/pomba/charts/pomba-search-data/templates/secret.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-keystone + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/config/auth/tomcat_keystore").AsSecrets . | indent 2 }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-policy + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/auth/search_policy.json").AsSecrets . | indent 2 }} diff --git a/kubernetes/pomba/charts/pomba-search-data/templates/service.yaml b/kubernetes/pomba/charts/pomba-search-data/templates/service.yaml new file mode 100644 index 0000000000..a30bac1afb --- /dev/null +++ b/kubernetes/pomba/charts/pomba-search-data/templates/service.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/pomba/charts/pomba-search-data/values.yaml b/kubernetes/pomba/charts/pomba-search-data/values.yaml new file mode 100644 index 0000000000..c9eb6f94ec --- /dev/null +++ b/kubernetes/pomba/charts/pomba-search-data/values.yaml @@ -0,0 +1,67 @@ +# Default values for search-data. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +global: # global defaults + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + + +# application image +repository: nexus3.onap.org:10001 +image: onap/search-data-service:1.3-STAGING-latest +pullPolicy: Always +restartPolicy: Always + +# application configuration +config: + elasticsearchHttpPort: 9200 + keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: ClusterIP + portName: pomba-search-data + internalPort: 9509 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/kubernetes/pomba/values.yaml b/kubernetes/pomba/values.yaml index ba6057ac74..f0acaa5b88 100644 --- a/kubernetes/pomba/values.yaml +++ b/kubernetes/pomba/values.yaml @@ -20,6 +20,8 @@ global: readinessRepository: oomk8s loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + repository: nexus3.onap.org:10001 + dockerhubRepository: docker.io # application configuration config: |