diff options
Diffstat (limited to 'kubernetes/sdc/charts')
18 files changed, 78 insertions, 132 deletions
diff --git a/kubernetes/sdc/charts/sdc-be/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-be/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/sdc/charts/sdc-be/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-be/values.yaml b/kubernetes/sdc/charts/sdc-be/values.yaml index 5ba797c8ab..8ac6c27dba 100644 --- a/kubernetes/sdc/charts/sdc-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-be/values.yaml @@ -73,6 +73,13 @@ service: ingress: enabled: false + service: + - baseaddr: "sdcbe" + name: "sdc-be" + port: 8080 + config: + ssl: "none" + # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-dcae-dt/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-dt/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml b/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml index 7a1fffcc8e..df0606fdbe 100644 --- a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml @@ -61,6 +61,15 @@ service: ingress: enabled: false + service: + - baseaddr: "dcaedt" + name: "sdc-dcae-dt" + port: 8186 + - baseaddr: "dcaedt2" + name: "sdc-dcae-dt" + port: 9446 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-dcae-fe/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-fe/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml b/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml index f38ef30196..a5794b28c3 100644 --- a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml @@ -66,7 +66,15 @@ service: ingress: enabled: false - + service: + - baseaddr: "dcaedt" + name: "sdc-dcae-fe" + port: 8183 + - baseaddr: "dcaedt2" + name: "sdc-dcae-fe" + port: 9444 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) diff --git a/kubernetes/sdc/charts/sdc-es/templates/pv.yaml b/kubernetes/sdc/charts/sdc-es/templates/pv.yaml index 618b23a584..8edf342f3a 100644 --- a/kubernetes/sdc/charts/sdc-es/templates/pv.yaml +++ b/kubernetes/sdc/charts/sdc-es/templates/pv.yaml @@ -16,6 +16,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -33,6 +34,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}}
\ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml b/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml index e1f01b67fe..5251283ddf 100644 --- a/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml +++ b/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml @@ -31,19 +31,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}}
\ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-fe/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-fe/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/sdc/charts/sdc-fe/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-fe/values.yaml b/kubernetes/sdc/charts/sdc-fe/values.yaml index 8878f1a0b6..a435b59203 100644 --- a/kubernetes/sdc/charts/sdc-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-fe/values.yaml @@ -80,6 +80,12 @@ service: ingress: enabled: false + service: + - baseaddr: "sdcfe" + name: "sdc-fe" + port: 9443 + config: + ssl: "redirect" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml index b292ff9448..70f6d959ce 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml @@ -16,10 +16,11 @@ # limitations under the License. */}} {{- if and .Values.persistence.enabled (not .Values.cert.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }}-cert + name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -33,6 +34,8 @@ spec: accessModes: - {{ .Values.cert.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.cert.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.cert.persistence.mountSubPath }} -{{- end -}}
\ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml index eb2c372a33..662370d204 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml @@ -31,19 +31,10 @@ metadata: {{ toYaml .Values.cert.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.cert.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.cert.persistence.size }} -{{- if .Values.cert.persistence.storageClass }} -{{- if (eq "-" .Values.cert.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.cert.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}}
\ No newline at end of file +{{- end -}} diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml index 0bf1bf5d31..31ab7d5eaf 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml @@ -60,13 +60,13 @@ spec: {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.service.internalPort2 }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.service.internalPort2 }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml index 0a250e4fce..92903ba96a 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-backend:1.5.1 -configInitImage: onap/workflow-init:1.5.1 +image: onap/workflow-backend:1.5.2 +configInitImage: onap/workflow-init:1.5.2 pullPolicy: Always # flag to enable debugging - application support required @@ -43,14 +43,14 @@ config: cassandraAuthenticationEnabled: true cassandraThriftClientPort: 9160 cassandraClientPort: 9042 - sdcProtocol: HTTP - sdcEndpoint: sdc-be:8080 + sdcProtocol: HTTPS + sdcEndpoint: sdc-be:8443 sdcExternalUser: workflow sdcExternalUserPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U serverSSLEnabled: false serverSSLKeyStoreType: jks - serverSSLKeyStorePath: /etc/server-https-keystore/keystore - serverSSLKeyPassword: password + serverSSLKeyStorePath: etc/org.onap.sdc.p12 + serverSSLKeyPassword: "!ppJ.JvWn0hGh)oVF]([Kv)^" cassandraSSLEnabled: false cassandraTrustStorePath: /etc/cassandra-client-truststore/truststore cassandraTrustStorePassword: password @@ -85,7 +85,13 @@ service: ingress: enabled: false - + service: + - baseaddr: "sdcwfdbe" + name: "sdc-wfd-be" + port: 8443 + config: + ssl: "redirect" + resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml index 0be06f3985..1daee714b6 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml @@ -75,41 +75,15 @@ spec: value: "{{ .Values.config.isHttpsEnabled}}" {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }} - name: KEYSTORE_PASS - {{- if .Values.global.security.keysFromCa }} - valueFrom: - secretKeyRef: - name: mft-sdc - key: keystore-password.txt - {{ else }} - value: {{ .Values.global.security.keyStorePass}} - {{- end }} + value: "{{ .Values.security.keystorePass}}" - name: TRUSTSTORE_PASS - {{- if .Values.global.security.keysFromCa }} - valueFrom: - secretKeyRef: - name: mft-catruststore - key: keystore-password.txt - {{ else }} - value: {{ .Values.global.security.trustStorePass}} - {{- end }} + value: "{{ .Values.security.truststorePass}}" - name: TRUSTSTORE_PATH value: "{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }}" - name: KEYSTORE_PATH value: "{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }}" - - name: TRUSTSTORE_TYPE - value: {{ .Values.security.truststore.type }} - - name: KEYSTORE_TYPE - value: {{ .Values.security.keystore.type }} {{ end }} volumeMounts: - {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }} - - name: {{ include "common.fullname" . }}-jetty-https-truststore - mountPath: /var/lib/jetty/{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }} - subPath: {{ .Values.security.truststoreFilename }} - - name: {{ include "common.fullname" . }}-jetty-https-keystore - mountPath: /var/lib/jetty/etc/{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }} - subPath: {{ .Values.security.keystoreFilename }} - {{ end }} - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime readOnly: true @@ -123,7 +97,6 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} - # side car containers - name: {{ include "common.name" . }}-filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml index e10de6df20..8f87c68f1e 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml @@ -1,59 +1 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -{{- define "rules.wf" -}} -- http: - paths: - - path: /workflows/ - backend: - serviceName: {{.Values.service.name}} - servicePort: {{.Values.service.internalPort}} -{{- end -}} - -{{- if .Values.ingress.enabled }} - -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: {{ include "common.fullname" . }}-ingress - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -{{- with .Values.ingress.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} -spec: - rules: -{{- if .Values.ingress.hosts}} -{{- range .Values.ingress.hosts}} -{{- include "rules.wf" $ | nindent 2}} -{{- if .}} - host: {{. | quote}} -{{- end}} -{{- end}} - tls: - - hosts: -{{- range .Values.ingress.hosts}} -{{- if .}} - - {{ . | quote }} -{{- end}} -{{- end }} -{{- else}} -{{- include "rules.wf" . | nindent 2}} -{{- end}} -{{ end }} +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml index 91cdead023..21c7c17d66 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-frontend:1.5.1 +image: onap/workflow-frontend:1.5.2 pullPolicy: Always # flag to enable debugging - application support required @@ -41,11 +41,11 @@ config: # https relevant settings. Change in case you have other trust files then default ones. security: - isDefaultStore: true - truststoreType: "JKS" - keystoreType: "JKS" - truststoreFilename: "truststore" - keystoreFilename: "keystore" + isDefaultStore: false + truststoreFilename: "org.onap.sdc.trust.jks" + keystoreFilename: "org.onap.sdc.p12" + keystorePass: "!ppJ.JvWn0hGh)oVF]([Kv)^" + truststorePass: "].][xgtze]hBhz*wy]}m#lf*" storePath: "etc" # default number of instances @@ -80,16 +80,18 @@ service: ingress: enabled: false - hosts: ~ + service: + - baseaddr: "sdcwfdfe" + name: "sdc-wfd-fe" + port: 8443 annotations: ingress.kubernetes.io/secure-backends: "false" nginx.ingress.kubernetes.io/secure-backends: "false" nginx.ingress.kubernetes.io/proxy-body-size: "0" nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/backend-protocol: "HTTP" - nginx.ingress.kubernetes.io/rewrite-target: /workflows/ - nginx.ingress.kubernetes.io/server-snippet: | - underscores_in_headers on; + nginx.ingress.kubernetes.io/rewrite-target: "/workflows/" + nginx.ingress.kubernetes.io/server-snippet: "underscores_in_headers on" resources: {} # We usually recommend not to specify default resources and to leave this as a conscious |