diff options
Diffstat (limited to 'kubernetes/portal')
28 files changed, 277 insertions, 65 deletions
diff --git a/kubernetes/portal/Chart.yaml b/kubernetes/portal/Chart.yaml index bc3737a45f..84105d2db2 100644 --- a/kubernetes/portal/Chart.yaml +++ b/kubernetes/portal/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Web Portal name: portal -version: 2.0.0 +version: 3.0.0 diff --git a/kubernetes/portal/charts/portal-app/Chart.yaml b/kubernetes/portal/charts/portal-app/Chart.yaml index 0ccf705063..01e83e8e28 100644 --- a/kubernetes/portal/charts/portal-app/Chart.yaml +++ b/kubernetes/portal/charts/portal-app/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Portal application name: portal-app -version: 2.0.0
\ No newline at end of file +version: 3.0.0
\ No newline at end of file diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks Binary files differnew file mode 100644 index 0000000000..4b7e115d8c --- /dev/null +++ b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks diff --git a/kubernetes/portal/charts/portal-app/resources/certs/truststoreONAPall.jks b/kubernetes/portal/charts/portal-app/resources/certs/truststoreONAPall.jks Binary files differnew file mode 100644 index 0000000000..ff844b109d --- /dev/null +++ b/kubernetes/portal/charts/portal-app/resources/certs/truststoreONAPall.jks diff --git a/kubernetes/portal/charts/portal-app/resources/server/server.xml b/kubernetes/portal/charts/portal-app/resources/server/server.xml new file mode 100644 index 0000000000..c87e6c377a --- /dev/null +++ b/kubernetes/portal/charts/portal-app/resources/server/server.xml @@ -0,0 +1,147 @@ +<?xml version='1.0' encoding='utf-8'?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<!-- Note: A "Server" is not itself a "Container", so you may not + define subcomponents such as "Valves" at this level. + Documentation at /docs/config/server.html + --> +<Server port="8005" shutdown="SHUTDOWN"> + <Listener className="org.apache.catalina.startup.VersionLoggerListener" /> + <!-- Security listener. Documentation at /docs/config/listeners.html + <Listener className="org.apache.catalina.security.SecurityListener" /> + --> + <!--APR library loader. Documentation at /docs/apr.html --> + <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> + <!-- Prevent memory leaks due to use of particular java/javax APIs--> + <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" /> + <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" /> + <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" /> + + <!-- Global JNDI resources + Documentation at /docs/jndi-resources-howto.html + --> + <GlobalNamingResources> + <!-- Editable user database that can also be used by + UserDatabaseRealm to authenticate users + --> + <Resource name="UserDatabase" auth="Container" + type="org.apache.catalina.UserDatabase" + description="User database that can be updated and saved" + factory="org.apache.catalina.users.MemoryUserDatabaseFactory" + pathname="conf/tomcat-users.xml" /> + </GlobalNamingResources> + + <!-- A "Service" is a collection of one or more "Connectors" that share + a single "Container" Note: A "Service" is not itself a "Container", + so you may not define subcomponents such as "Valves" at this level. + Documentation at /docs/config/service.html + --> + <Service name="Catalina"> + + <!--The connectors can use a shared executor, you can define one or more named thread pools--> + <!-- + <Executor name="tomcatThreadPool" namePrefix="catalina-exec-" + maxThreads="150" minSpareThreads="4"/> + --> + + + <!-- A "Connector" represents an endpoint by which requests are received + and responses are returned. Documentation at : + Java HTTP Connector: /docs/config/http.html (blocking & non-blocking) + Java AJP Connector: /docs/config/ajp.html + APR (HTTP/AJP) Connector: /docs/apr.html + Define a non-SSL/TLS HTTP/1.1 Connector on port 8080 + --> + <Connector port="8080" protocol="HTTP/1.1" + connectionTimeout="20000" + redirectPort="8443" /> + <!-- A "Connector" using the shared thread pool--> + <!-- + <Connector executor="tomcatThreadPool" + port="8080" protocol="HTTP/1.1" + connectionTimeout="20000" + redirectPort="8443" /> + --> + <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 + This connector uses the NIO implementation that requires the JSSE + style configuration. When using the APR/native implementation, the + OpenSSL style configuration is required as described in the APR/native + documentation --> + <!-- + <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" + maxThreads="150" SSLEnabled="true" scheme="https" secure="true" + clientAuth="false" sslProtocol="TLS" /> + --> + + <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" + maxThreads="150" SSLEnabled="true" scheme="https" secure="true" + keystoreFile="{{.Values.global.keystoreFile}}" keystorePass="{{.Values.global.keypass}}" + clientAuth="false" sslProtocol="TLS" /> + + <!-- Define an AJP 1.3 Connector on port 8009 --> + <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> + + + <!-- An Engine represents the entry point (within Catalina) that processes + every request. The Engine implementation for Tomcat stand alone + analyzes the HTTP headers included with the request, and passes them + on to the appropriate Host (virtual host). + Documentation at /docs/config/engine.html --> + + <!-- You should set jvmRoute to support load-balancing via AJP ie : + <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1"> + --> + <Engine name="Catalina" defaultHost="localhost"> + + <!--For clustering, please take a look at documentation at: + /docs/cluster-howto.html (simple how to) + /docs/config/cluster.html (reference documentation) --> + <!-- + <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/> + --> + + <!-- Use the LockOutRealm to prevent attempts to guess user passwords + via a brute-force attack --> + <Realm className="org.apache.catalina.realm.LockOutRealm"> + <!-- This Realm uses the UserDatabase configured in the global JNDI + resources under the key "UserDatabase". Any edits + that are performed against this UserDatabase are immediately + available for use by the Realm. --> + <Realm className="org.apache.catalina.realm.UserDatabaseRealm" + resourceName="UserDatabase"/> + </Realm> + + <Host name="localhost" appBase="webapps" + unpackWARs="true" autoDeploy="true"> + + <!-- SingleSignOn valve, share authentication between web applications + Documentation at: /docs/config/valve.html --> + <!-- + <Valve className="org.apache.catalina.authenticator.SingleSignOn" /> + --> + + <!-- Access log processes all example. + Documentation at: /docs/config/valve.html + Note: The pattern used is equivalent to using pattern="common" --> + <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" + prefix="localhost_access_log" suffix=".txt" + pattern="%h %l %u %t "%r" %s %b" /> + + </Host> + </Engine> + </Service> +</Server>
\ No newline at end of file diff --git a/kubernetes/portal/charts/portal-app/templates/configmap.yaml b/kubernetes/portal/charts/portal-app/templates/configmap.yaml index 178e91c5fc..28de588aa0 100644 --- a/kubernetes/portal/charts/portal-app/templates/configmap.yaml +++ b/kubernetes/portal/charts/portal-app/templates/configmap.yaml @@ -24,3 +24,4 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPPORTAL/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/server/*").AsConfig . | indent 2 }} diff --git a/kubernetes/portal/charts/portal-app/templates/deployment.yaml b/kubernetes/portal/charts/portal-app/templates/deployment.yaml index f22bc480e2..fb9f35ba19 100644 --- a/kubernetes/portal/charts/portal-app/templates/deployment.yaml +++ b/kubernetes/portal/charts/portal-app/templates/deployment.yaml @@ -55,10 +55,20 @@ spec: - "" - -n - "" + env: + - name: javax.net.ssl.keyStore + value: {{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}} + - name: javax.net.ssl.keyStorePassword + value: {{ .Values.global.trustpass }} + - name: javax.net.ssl.trustStore + value: {{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}} + - name: javax.net.ssl.trustStorePassword + value: {{ .Values.global.trustpass }} ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} - containerPort: {{ .Values.service.internalPort3 }} + - containerPort: {{ .Values.service.internalPort4 }} {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -93,12 +103,19 @@ spec: - name: properties-onapportal mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/classes/logback.xml" subPath: logback.xml - - name: portal-tomcat-logs - mountPath: "{{ .Values.global.env.tomcatDir }}/logs" + - name: properties-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/conf/server.xml" + subPath: server.xml + - name: authz-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.keystoreFile}}" + subPath: {{ .Values.global.keystoreFile}} + - name: authz-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}}" + subPath: {{ .Values.global.truststoreFile}} - name: var-log-onap mountPath: /var/log/onap resources: -{{ toYaml (pluck .Values.flavor .Values.resources| first) | indent 12 }} +{{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} @@ -126,6 +143,9 @@ spec: configMap: name: {{ include "common.fullname" . }}-onapportal defaultMode: 0755 + - name: authz-onapportal + secret: + secretName: {{ include "common.fullname" . }}-authz-onapportal - name: filebeat-conf configMap: name: portal-filebeat diff --git a/kubernetes/portal/charts/portal-app/templates/secret.yaml b/kubernetes/portal/charts/portal-app/templates/secret.yaml new file mode 100644 index 0000000000..18f85c1698 --- /dev/null +++ b/kubernetes/portal/charts/portal-app/templates/secret.yaml @@ -0,0 +1,27 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-authz-onapportal + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/portal/charts/portal-app/templates/service.yaml b/kubernetes/portal/charts/portal-app/templates/service.yaml index 4ccf2b02b8..9d7073243d 100644 --- a/kubernetes/portal/charts/portal-app/templates/service.yaml +++ b/kubernetes/portal/charts/portal-app/templates/service.yaml @@ -49,6 +49,10 @@ spec: targetPort: {{ .Values.service.internalPort3 }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} name: {{ .Values.service.portName }}3 + - port: {{ .Values.service.externalPort4 }} + targetPort: {{ .Values.service.internalPort4 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }} + name: {{ .Values.service.portName }}4 {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} diff --git a/kubernetes/portal/charts/portal-app/values.yaml b/kubernetes/portal/charts/portal-app/values.yaml index c8aa81f84f..d34a08bb45 100644 --- a/kubernetes/portal/charts/portal-app/values.yaml +++ b/kubernetes/portal/charts/portal-app/values.yaml @@ -63,6 +63,9 @@ service: externalPort3: 8010 internalPort3: 8009 nodePort3: 14 + externalPort4: 8443 + internalPort4: 8443 + nodePort4: 25 mariadb: service: @@ -86,7 +89,7 @@ messageRouter: ingress: enabled: false -# Resource Limit flavor -By Default using small +# Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) resources: @@ -104,3 +107,4 @@ resources: requests: cpu: 2 memory: 8Gi + unlimited: {} diff --git a/kubernetes/portal/charts/portal-cassandra/Chart.yaml b/kubernetes/portal/charts/portal-cassandra/Chart.yaml index a38a44cded..a899183ee8 100644 --- a/kubernetes/portal/charts/portal-cassandra/Chart.yaml +++ b/kubernetes/portal/charts/portal-cassandra/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: Portal cassandra name: portal-cassandra -version: 2.0.0 +version: 3.0.0 diff --git a/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml b/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml index 38c6028aa9..0adf4e1b79 100644 --- a/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml +++ b/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml @@ -83,7 +83,7 @@ spec: - name: {{ include "common.fullname" . }}-data mountPath: /var/lib/cassandra/data resources: -{{ toYaml (pluck .Values.flavor .Values.resources| first) | indent 12 }} +{{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/portal/charts/portal-cassandra/values.yaml b/kubernetes/portal/charts/portal-cassandra/values.yaml index 6c55391d3d..c46ca4238c 100644 --- a/kubernetes/portal/charts/portal-cassandra/values.yaml +++ b/kubernetes/portal/charts/portal-cassandra/values.yaml @@ -73,7 +73,7 @@ persistence: size: 2Gi mountPath: /dockerdata-nfs mountSubPath: portal/cassandra/data - + service: type: ClusterIP name: portal-cassandra @@ -92,7 +92,7 @@ service: ingress: enabled: false -# Resource Limit flavor -By Default using small +# Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) resources: @@ -110,3 +110,4 @@ resources: requests: cpu: 2 memory: 6Gi + unlimited: {} diff --git a/kubernetes/portal/charts/portal-mariadb/Chart.yaml b/kubernetes/portal/charts/portal-mariadb/Chart.yaml index 78a7e28a26..8a966214a5 100644 --- a/kubernetes/portal/charts/portal-mariadb/Chart.yaml +++ b/kubernetes/portal/charts/portal-mariadb/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: MariaDB Service name: portal-mariadb -version: 2.0.0 +version: 3.0.0 diff --git a/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql b/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql index 1dcf0d8606..6b9e8a957c 100644 --- a/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql +++ b/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql @@ -1,41 +1,41 @@ -/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -*/ - -USE portal; -/* -Any updates required by OOM to the portaldb are made here. -1. split up SDC-FE and SDC-BE. Originally both FE and BE point to the same IP -while the OOM K8s version has these service split up. -*/ --- app_url is the FE, app_rest_endpoint is the BE ---portal-sdk => TODO: doesn't open a node port yet -update fn_app set app_url = 'http://{{.Values.config.portalSdkHostName}}:{{.Values.config.portalSdkPort}}/ONAPPORTALSDK/welcome.htm', app_rest_endpoint = 'http://portal-sdk:8990/ONAPPORTALSDK/api/v2' where app_name = 'xDemo App'; ---dmaap-bc => the dmaap-bc doesn't open a node port.. -update fn_app set app_url = 'http://{{.Values.config.dmaapBcHostName}}:{{.Values.config.dmaapBcPort}}/ECOMPDBCAPP/dbc#/dmaap', app_rest_endpoint = 'http://dmaap-bc:8989/ECOMPDBCAPP/api/v2' where app_name = 'DMaaP Bus Ctrl'; ---sdc-be => 8443:30204, 8080:30205 ---sdc-fe => 8181:30206, 9443:30207 -update fn_app set app_url = 'http://{{.Values.config.sdcFeHostName}}:{{.Values.config.sdcFePort}}/sdc1/portal', app_rest_endpoint = 'http://sdc-be:8080/api/v2' where app_name = 'SDC'; ---pap => 8443:30219 -update fn_app set app_url = 'http://{{.Values.config.papHostName}}:{{.Values.config.papPort}}/onap/policy', app_rest_endpoint = 'http://pap:8443/onap/api/v2' where app_name = 'Policy'; ---vid => 8080:30200 -update fn_app set app_url = 'https://{{.Values.config.vidHostName}}:{{.Values.config.vidPort}}/vid/welcome.htm', app_rest_endpoint = 'https://vid:8443/vid/api/v2' where app_name = 'Virtual Infrastructure Deployment'; ---sparky => TODO: sparky doesn't open a node port yet -update fn_app set app_url = 'http://{{.Values.config.aaiSparkyHostName}}:{{.Values.config.aaiSparkyPort}}/services/aai/webapp/index.html#/viewInspect', app_rest_endpoint = 'http://aai-sparky-be.{{.Release.Namespace}}:9517/api/v2' where app_name = 'A&AI UI'; ---cli => 8080:30260 -update fn_app set app_url = 'http://{{.Values.config.cliHostName}}:{{.Values.config.cliPort}}/', app_type = 1 where app_name = 'CLI'; ---msb-discovery => 10081:30281 this is clearly incorrect -update fn_app set app_url = 'http://{{.Values.config.msbDiscoveryHostName}}:{{.Values.config.msbDiscoveryPort}}/iui/microservices/default.html' where app_name = 'MSB'; +/*
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*/
+
+USE portal;
+/*
+Any updates required by OOM to the portaldb are made here.
+1. split up SDC-FE and SDC-BE. Originally both FE and BE point to the same IP
+while the OOM K8s version has these service split up.
+*/
+-- app_url is the FE, app_rest_endpoint is the BE
+--portal-sdk => TODO: doesn't open a node port yet
+update fn_app set app_url = 'http://{{.Values.config.portalSdkHostName}}:{{.Values.config.portalSdkPort}}/ONAPPORTALSDK/welcome.htm', app_rest_endpoint = 'http://portal-sdk:8990/ONAPPORTALSDK/api/v2' where app_name = 'xDemo App';
+--dmaap-bc => the dmaap-bc doesn't open a node port..
+update fn_app set app_url = 'http://{{.Values.config.dmaapBcHostName}}:{{.Values.config.dmaapBcPort}}/ECOMPDBCAPP/dbc#/dmaap', app_rest_endpoint = 'http://dmaap-bc:8989/ECOMPDBCAPP/api/v2' where app_name = 'DMaaP Bus Ctrl';
+--sdc-be => 8443:30204, 8080:30205
+--sdc-fe => 8181:30206, 9443:30207
+update fn_app set app_url = 'http://{{.Values.config.sdcFeHostName}}:{{.Values.config.sdcFePort}}/sdc1/portal', app_rest_endpoint = 'http://sdc-be:8080/api/v2' where app_name = 'SDC';
+--pap => 8443:30219
+update fn_app set app_url = 'https://{{.Values.config.papHostName}}:{{.Values.config.papPort}}/onap/policy', app_rest_endpoint = 'https://pap:8443/onap/api/v2' where app_name = 'Policy';
+--vid => 8080:30200
+update fn_app set app_url = 'https://{{.Values.config.vidHostName}}:{{.Values.config.vidPort}}/vid/welcome.htm', app_rest_endpoint = 'https://vid:8443/vid/api/v2' where app_name = 'Virtual Infrastructure Deployment';
+--sparky => TODO: sparky doesn't open a node port yet
+update fn_app set app_url = 'http://{{.Values.config.aaiSparkyHostName}}:{{.Values.config.aaiSparkyPort}}/services/aai/webapp/index.html#/viewInspect', app_rest_endpoint = 'http://aai-sparky-be.{{.Release.Namespace}}:9517/api/v2' where app_name = 'A&AI UI';
+--cli => 8080:30260
+update fn_app set app_url = 'http://{{.Values.config.cliHostName}}:{{.Values.config.cliPort}}/', app_type = 1 where app_name = 'CLI';
+--msb-discovery => 10081:30281 this is clearly incorrect
+update fn_app set app_url = 'http://{{.Values.config.msbDiscoveryHostName}}:{{.Values.config.msbDiscoveryPort}}/iui/microservices/default.html' where app_name = 'MSB';
diff --git a/kubernetes/portal/charts/portal-mariadb/templates/deployment.yaml b/kubernetes/portal/charts/portal-mariadb/templates/deployment.yaml index 951f00ba16..20fa9cecc2 100644 --- a/kubernetes/portal/charts/portal-mariadb/templates/deployment.yaml +++ b/kubernetes/portal/charts/portal-mariadb/templates/deployment.yaml @@ -66,7 +66,7 @@ spec: name: localtime readOnly: true resources: -{{ toYaml (pluck .Values.flavor .Values.resources| first) | indent 12 }} +{{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/portal/charts/portal-mariadb/values.yaml b/kubernetes/portal/charts/portal-mariadb/values.yaml index 308558848e..bd68f9aaec 100644 --- a/kubernetes/portal/charts/portal-mariadb/values.yaml +++ b/kubernetes/portal/charts/portal-mariadb/values.yaml @@ -121,7 +121,7 @@ service: ingress: enabled: false -# Resource Limit flavor -By Default using small +# Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) resources: @@ -139,3 +139,4 @@ resources: requests: cpu: 800m memory: 1Gi + unlimited: {} diff --git a/kubernetes/portal/charts/portal-sdk/Chart.yaml b/kubernetes/portal/charts/portal-sdk/Chart.yaml index 155072c1b4..5eac1fc958 100644 --- a/kubernetes/portal/charts/portal-sdk/Chart.yaml +++ b/kubernetes/portal/charts/portal-sdk/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: Portal software development kit name: portal-sdk -version: 2.0.0 +version: 3.0.0 diff --git a/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml b/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml index 4a9f4a0dfc..f59a16a671 100644 --- a/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml +++ b/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml @@ -90,7 +90,7 @@ spec: - name: var-log-onap mountPath: /var/log/onap resources: -{{ toYaml (pluck .Values.flavor .Values.resources| first) | indent 12 }} +{{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/portal/charts/portal-sdk/values.yaml b/kubernetes/portal/charts/portal-sdk/values.yaml index 22a0b2ffc0..89d2e77182 100644 --- a/kubernetes/portal/charts/portal-sdk/values.yaml +++ b/kubernetes/portal/charts/portal-sdk/values.yaml @@ -82,7 +82,7 @@ messageRouter: ingress: enabled: false -# Resource Limit flavor -By Default using small +# Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) resources: @@ -100,3 +100,4 @@ resources: requests: cpu: 4 memory: 10Gi + unlimited: {} diff --git a/kubernetes/portal/charts/portal-widget/Chart.yaml b/kubernetes/portal/charts/portal-widget/Chart.yaml index c2f8a91ae9..1e73c38e9e 100644 --- a/kubernetes/portal/charts/portal-widget/Chart.yaml +++ b/kubernetes/portal/charts/portal-widget/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: Portal widgets micro service application name: portal-widget -version: 2.0.0 +version: 3.0.0 diff --git a/kubernetes/portal/charts/portal-widget/templates/deployment.yaml b/kubernetes/portal/charts/portal-widget/templates/deployment.yaml index 8c16974322..fdf9915f2e 100644 --- a/kubernetes/portal/charts/portal-widget/templates/deployment.yaml +++ b/kubernetes/portal/charts/portal-widget/templates/deployment.yaml @@ -77,7 +77,7 @@ spec: mountPath: "/application.yml" subPath: application.yml resources: -{{ toYaml (pluck .Values.flavor .Values.resources| first) | indent 12 }} +{{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/portal/charts/portal-widget/values.yaml b/kubernetes/portal/charts/portal-widget/values.yaml index 52649384aa..0724653b43 100644 --- a/kubernetes/portal/charts/portal-widget/values.yaml +++ b/kubernetes/portal/charts/portal-widget/values.yaml @@ -68,7 +68,7 @@ service: ingress: enabled: false -# Resource Limit flavor -By Default using small +# Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) resources: @@ -86,3 +86,4 @@ resources: requests: cpu: 1 memory: 4Gi + unlimited: {} diff --git a/kubernetes/portal/charts/portal-zookeeper/Chart.yaml b/kubernetes/portal/charts/portal-zookeeper/Chart.yaml index 4deb608284..fc02f4df58 100644 --- a/kubernetes/portal/charts/portal-zookeeper/Chart.yaml +++ b/kubernetes/portal/charts/portal-zookeeper/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: Zookeeper for ONAP Portal name: portal-zookeeper -version: 2.0.0 +version: 3.0.0 diff --git a/kubernetes/portal/charts/portal-zookeeper/templates/deployment.yaml b/kubernetes/portal/charts/portal-zookeeper/templates/deployment.yaml index 598d5ffe28..73056beaed 100644 --- a/kubernetes/portal/charts/portal-zookeeper/templates/deployment.yaml +++ b/kubernetes/portal/charts/portal-zookeeper/templates/deployment.yaml @@ -54,7 +54,7 @@ spec: name: localtime readOnly: true resources: -{{ toYaml (pluck .Values.flavor .Values.resources| first) | indent 12 }} +{{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/portal/charts/portal-zookeeper/values.yaml b/kubernetes/portal/charts/portal-zookeeper/values.yaml index b8e93c45a7..c7c8030339 100644 --- a/kubernetes/portal/charts/portal-zookeeper/values.yaml +++ b/kubernetes/portal/charts/portal-zookeeper/values.yaml @@ -56,7 +56,7 @@ service: ingress: enabled: false -# Resource Limit flavor -By Default using small +# Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) resources: @@ -74,3 +74,4 @@ resources: requests: cpu: 500m memory: 600Mi + unlimited: {} diff --git a/kubernetes/portal/requirements.yaml b/kubernetes/portal/requirements.yaml index 204a77562f..897df32ce0 100644 --- a/kubernetes/portal/requirements.yaml +++ b/kubernetes/portal/requirements.yaml @@ -15,5 +15,5 @@ dependencies: - name: common - version: ~2.0.0 + version: ~3.0.0 repository: '@local' diff --git a/kubernetes/portal/values.yaml b/kubernetes/portal/values.yaml index ac575b3c30..719116b7dd 100644 --- a/kubernetes/portal/values.yaml +++ b/kubernetes/portal/values.yaml @@ -20,11 +20,15 @@ global: portalPort: "8989" # application's front end hostname. Must be resolvable on the client side environment portalHostName: "portal.api.simpledemo.onap.org" + keystoreFile: "keystoreONAPPortal.jks" + truststoreFile: "truststoreONAPall.jks" + keypass: "changeit" + trustpass: "changeit" config: logstashServiceName: log-ls logstashPort: 5044 - + portal-mariadb: nameOverride: portal-db |