diff options
Diffstat (limited to 'kubernetes/sdc/components/sdc-be')
14 files changed, 1959 insertions, 14 deletions
diff --git a/kubernetes/sdc/components/sdc-be/Chart.yaml b/kubernetes/sdc/components/sdc-be/Chart.yaml index b59c655fa3..a17a9d3b00 100644 --- a/kubernetes/sdc/components/sdc-be/Chart.yaml +++ b/kubernetes/sdc/components/sdc-be/Chart.yaml @@ -18,7 +18,7 @@ apiVersion: v2 description: ONAP Service Design and Creation Backend API name: sdc-be -version: 13.0.1 +version: 13.0.2 dependencies: - name: common diff --git a/kubernetes/sdc/components/sdc-be/resources/config/catalog-be/configuration.yaml b/kubernetes/sdc/components/sdc-be/resources/config/catalog-be/configuration.yaml new file mode 100644 index 0000000000..8103700bd9 --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/resources/config/catalog-be/configuration.yaml @@ -0,0 +1,1253 @@ +identificationHeaderFields: + - HTTP_IV_USER + - HTTP_CSP_FIRSTNAME + - HTTP_CSP_LASTNAME + - HTTP_IV_REMOTE_ADDRESS + - HTTP_CSP_WSTYPE + + +# catalog backend hostname +beFqdn: {{ .Values.beFqdn }} + +# catalog backend http port +beHttpPort: {{ .Values.beHttpPort }} + +# catalog backend http context +beContext: /sdc/rest/config/get + +# catalog backend protocol +beProtocol: http + +tlsCert: {{ .Values.tlsCert }} +tlsKey: {{ .Values.tlsKey }} +caCert: {{ .Values.caCert }} + +# catalog backend ssl port +beSslPort: {{ .Values.beSslPort }} +version: 1.1.0 +released: 2012-11-30 +toscaConformanceLevel: 11.0 +minToscaConformanceLevel: 3.0 + +janusGraphCfgFile: {{ .Values.janusGraphCfgFile }} +janusGraphInMemoryGraph: false +janusGraphLockTimeout: 1800 +#startup: connect to JanusGraph DB when it is down during ASDC--More-- (2% of 27930 bytes) +janusGraphReconnectIntervalInSeconds: 3 + +# The read timeout towards JanusGraph DB when health check is invoked: +janusGraphHealthCheckReadTimeout: 1 + + #startup: connect to Elasticsearch when it is down during ASDC--More-- (3% of 27930 bytes) + +uebHealthCheckReconnectIntervalInSeconds: 15 +uebHealthCheckReadTimeout: 4 + +# Protocols +protocols: + - http + - https + +# Default imports +defaultImports: + - nodes: + file: nodes.yml + - datatypes: + file: data.yml + - capabilities: + file: capabilities.yml + - relationships: + file: relationships.yml + - groups: + file: groups.yml + - policies: + file: policies.yml + - annotations: + file: annotations.yml + +# Global CSAR Import Files +globalCsarImports: + - annotations.yml + - artifacts.yml + - capabilities.yml + - data.yml + - groups.yml + - interfaces.yml + - nodes.yml + - policies.yml + - relationships.yml + +# Users +users: + tom: passwd + bob: passwd + +basicAuth: + enabled: {{ .Values.basicAuthConfig.enabled }} + userName: {{ .Values.basicAuth.userName }} + userPass: {{ .Values.basicAuth.userPass }} + excludedUrls: "/sdc2/rest/healthCheck" + + +cassandraConfig: + cassandraHosts: [{{ .Values.cassandra.hostname }}] + cassandraPort: {{ .Values.cassandra.port }} + localDataCenter: {{ .Values.cassandra.datacenterName }} + reconnectTimeout : 30000 + socketReadTimeout: {{ .Values.cassandraConfig.socketReadTimeout }} + socketConnectTimeout: {{ .Values.cassandraConfig.socketConnectTimeout }} + authenticate: true + username: {{ .Values.cassandra.cassandraUsername }} + password: {{ .Values.cassandra.cassandraPassword }} + ssl: {{ .Values.cassandraConfig.ssl }} + keystorePath: {{ .Values.cassandraConfig.keystorePath }} + keystorePassword: {{ .Values.cassandraConfig.keystorePassword }} + truststorePath: {{ .Values.cassandraConfig.truststorePath }} + truststorePassword: {{ .Values.cassandraConfig.truststorePassword }} + keySpaces: + - { name: dox, replicationStrategy: NetworkTopologyStrategy, replicationInfo: [{{ if .Values.pairEnvName }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}','{{ .Values.cassandra.clusterName }}{{ .Values.pairEnvName }}','{{ .Values.cassandra.replicationFactor }}'{{ else }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}'{{ end }}]} + - { name: sdcaudit, replicationStrategy: NetworkTopologyStrategy, replicationInfo: [{{ if .Values.pairEnvName }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}','{{ .Values.cassandra.clusterName }}{{ .Values.pairEnvName }}','{{ .Values.cassandra.replicationFactor }}'{{ else }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}'{{ end }}]} + - { name: sdcartifact, replicationStrategy: NetworkTopologyStrategy, replicationInfo: [{{ if .Values.pairEnvName }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}','{{ .Values.cassandra.clusterName }}{{ .Values.pairEnvName }}','{{ .Values.cassandra.replicationFactor }}'{{ else }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}'{{ end }}]} + - { name: sdccomponent, replicationStrategy: NetworkTopologyStrategy, replicationInfo: [{{ if .Values.pairEnvName }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}','{{ .Values.cassandra.clusterName }}{{ .Values.pairEnvName }}','{{ .Values.cassandra.replicationFactor }}'{{ else }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}'{{ end }}]} + - { name: sdcrepository, replicationStrategy: NetworkTopologyStrategy, replicationInfo: [{{ if .Values.pairEnvName }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}','{{ .Values.cassandra.clusterName }}{{ .Values.pairEnvName }}','{{ .Values.cassandra.replicationFactor }}'{{ else }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}'{{ end }}]} +licenseTypes: + - User + - Installation + - CPU + +#Deployment artifacts placeHolder +resourceTypes: &allResourceTypes + - VFC + - CP + - VL + - VF + - CR + - VFCMT + - Abstract + - CVFC + - Configuration + - ServiceProxy + - PNF + +componentAllowedInstanceTypes: + Resource: + VF: + - VFC + - VF + - CR + - CP + - PNF + - CVFC + - VL + - Configuration + - ServiceProxy + - Abstract + CVFC: + - VFC + - VF + - CR + - CP + - PNF + - CVFC + - VL + - ServiceProxy + - Abstract + PNF: + - VF + - CR + - CP + - PNF + - CVFC + - VL + - Configuration + - ServiceProxy + - Abstract + CR: + - VF + - CR + - CP + - PNF + - CVFC + - VL + - Configuration + - ServiceProxy + - Abstract + VL: + - VL + Service: + "*": + - VF + - VFC + - CR + - CP + - PNF + - CVFC + - VL + - Configuration + - ServiceProxy + - Abstract + +artifacts: + - type: CONTROLLER_BLUEPRINT_ARCHIVE + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + - RESOURCE + resourceTypes: + - VF + - PNF + acceptedTypes: + - zip + - type: HELM + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - tgz + - type: YANG_XML + categories: + - DEPLOYMENT + - INFORMATIONAL + componentTypes: + - SERVICE + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - xml + - type: VNF_CATALOG + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + resourceTypes: + acceptedTypes: + - xml + - type: MODEL_INVENTORY_PROFILE + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + resourceTypes: + acceptedTypes: + - xml + - type: MODEL_QUERY_SPEC + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + resourceTypes: + acceptedTypes: + - xml + - type: UCPE_LAYER_2_CONFIGURATION + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + resourceTypes: + acceptedTypes: + - xml + #AAI Artifacts + - type: AAI_SERVICE_MODEL + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + resourceTypes: + acceptedTypes: + - xml + - type: AAI_VF_MODULE_MODEL + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + resourceTypes: + acceptedTypes: + - xml + - type: AAI_VF_INSTANCE_MODEL + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + resourceTypes: + acceptedTypes: + - xml + #Plan + - type: PLAN + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + - RESOURCE + - RESOURCE_INSTANCE + resourceTypes: + - VF + - VFC + acceptedTypes: + - xml + - type: WORKFLOW + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + - RESOURCE + resourceTypes: + - VFC + - CP + - VL + - VF + - CR + - VFCMT + - Abstract + - CVFC + - PNF + acceptedTypes: + - type: HEAT + categories: + - DEPLOYMENT + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - yaml + - yml + - type: HEAT_VOL + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - yaml + - yml + - type: HEAT_NET + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - yaml + - yml + - type: HEAT_NESTED + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - yaml + - yml + - type: HEAT_ARTIFACT + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: CLOUD_TECHNOLOGY_SPECIFIC_ARTIFACT + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - zip + - tgz + - csar + - type: VNF_CATALOG + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - xml + - type: VF_LICENSE + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - xml + - type: VENDOR_LICENSE + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - xml + - type: MODEL_INVENTORY_PROFILE + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - xml + - type: MODEL_QUERY_SPEC + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - xml + - type: LIFECYCLE_OPERATIONS + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - VFC + acceptedTypes: + - yaml + - yml + - type: VES_EVENTS + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + - RESOURCE_INSTANCE + resourceTypes: + - VFC + - CP + - VL + - VF + - CR + - VFCMT + - Abstract + - CVFC + - PNF + acceptedTypes: + - yaml + - yml + - type: PERFORMANCE_COUNTER + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + - RESOURCE_INSTANCE + resourceTypes: *allResourceTypes + acceptedTypes: + - csv + - type: APPC_CONFIG + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + acceptedTypes: + - type: DCAE_TOSCA + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - VFCMT + acceptedTypes: + - yml + - yaml + - type: DCAE_JSON + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - VFCMT + acceptedTypes: + - json + - type: DCAE_POLICY + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - VFCMT + acceptedTypes: + - emf + - type: DCAE_DOC + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - VFCMT + acceptedTypes: + - type: DCAE_EVENT + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - VFCMT + acceptedTypes: + - type: AAI_VF_MODEL + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + acceptedTypes: + - xml + - type: AAI_VF_MODULE_MODEL + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + acceptedTypes: + - xml + - type: OTHER + categories: + - DEPLOYMENT + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: + - VFC + - CVFC + - CP + - VL + - VF + - VFCMT + - Abstract + - PNF + acceptedTypes: + - type: SNMP_POLL + categories: + - DEPLOYMENT + - INFORMATIONAL + componentTypes: + - RESOURCE + - RESOURCE_INSTANCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: SNMP_TRAP + categories: + - DEPLOYMENT + - INFORMATIONAL + componentTypes: + - RESOURCE + - RESOURCE_INSTANCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: PM_DICTIONARY + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - PNF + acceptedTypes: + - yaml + - yml + - type: YANG_MODULE + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - PNF + acceptedTypes: + - yang + - type: ANSIBLE_PLAYBOOK + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - PNF + acceptedTypes: + - yaml + - yml + - type: ONBOARDED_PACKAGE + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - PNF + acceptedTypes: + - csar + - zip + - type: ETSI_PACKAGE + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - PNF + acceptedTypes: + - csar + - zip + - type: ASD_PACKAGE + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - PNF + acceptedTypes: + - csar + - zip + - type: HEAT_ENV + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE_INSTANCE + resourceTypes: + acceptedTypes: + - env + - type: VF_MODULES_METADATA + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE_INSTANCE + resourceTypes: + acceptedTypes: + - json + - type: DCAE_INVENTORY_TOSCA + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE_INSTANCE + resourceTypes: + acceptedTypes: + - yml + - yaml + - type: DCAE_INVENTORY_JSON + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE_INSTANCE + resourceTypes: + acceptedTypes: + - json + - type: DCAE_INVENTORY_POLICY + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE_INSTANCE + resourceTypes: + acceptedTypes: + - emf + - type: DCAE_INVENTORY_DOC + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE_INSTANCE + resourceTypes: + acceptedTypes: + - type: DCAE_INVENTORY_BLUEPRINT + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE_INSTANCE + resourceTypes: + acceptedTypes: + - type: DCAE_INVENTORY_EVENT + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE_INSTANCE + resourceTypes: + acceptedTypes: + - type: CHEF + categories: + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: PUPPET + categories: + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: SHELL + categories: + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: YANG + categories: + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: BPEL + categories: + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: DG_XML + categories: + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: MURANO_PKG + categories: + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: PNF_SW_INFORMATION + categories: + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: + - PNF + acceptedTypes: + - yaml + - yml + - type: GUIDE + categories: + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: + - VF + - VFC + - CVFC + - PNF + acceptedTypes: + - yaml + - yml + - type: FLOW + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: SHELL_SCRIPT + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + - SERVICE_INSTANCE + - RESOURCE + - RESOURCE_INSTANCE + resourceTypes: *allResourceTypes + acceptedTypes: + - sh + - type: TOSCA_CSAR + categories: + - TOSCA + componentTypes: + resourceTypes: + acceptedTypes: + - csar + - type: TOSCA_TEMPLATE + categories: + - TOSCA + componentTypes: + resourceTypes: + acceptedTypes: + - yml + - yaml + - type: NETWORK_CALL_FLOW + categories: + componentTypes: + resourceTypes: + acceptedTypes: + - type: ICON + categories: + componentTypes: + resourceTypes: + acceptedTypes: + +deploymentResourceArtifacts: + +deploymentResourceInstanceArtifacts: + heatEnv: + displayName: "HEAT ENV" + type: HEAT_ENV + description: "Auto-generated HEAT Environment deployment artifact" + fileExtension: "env" + VfHeatEnv: + displayName: "VF HEAT ENV" + type: HEAT_ENV + description: "VF Auto-generated HEAT Environment deployment artifact" + fileExtension: "env" + +#tosca artifacts placeholders +toscaArtifacts: + assetToscaTemplate: + artifactName: -template.yml + displayName: Tosca Template + type: TOSCA_TEMPLATE + description: TOSCA representation of the asset + assetToscaCsar: + artifactName: -csar.csar + displayName: Tosca Model + type: TOSCA_CSAR + description: TOSCA definition package of the asset + +#Informational artifacts placeHolder +excludeResourceCategory: + - Generic +excludeResourceType: + - PNF + - CR +informationalResourceArtifacts: + features: + displayName: Features + type: OTHER + capacity: + displayName: Capacity + type: OTHER + vendorTestResult: + displayName: Vendor Test Result + type: OTHER + testScripts: + displayName: Test Scripts + type: OTHER + CloudQuestionnaire: + displayName: Cloud Questionnaire (completed) + type: OTHER + HEATTemplateFromVendor: + displayName: HEAT Template from Vendor + type: HEAT + resourceSecurityTemplate: + displayName: Resource Security Template + type: OTHER + +excludeServiceCategory: + +informationalServiceArtifacts: + serviceArtifactPlan: + displayName: Service Artifact Plan + type: OTHER + summaryOfImpactsToECOMPElements: + displayName: Summary of impacts to ECOMP elements,OSSs, BSSs + type: OTHER + automationCompositionFunctions: + displayName: Automation Composition Functions + type: OTHER + dimensioningInfo: + displayName: Dimensioning Info + type: OTHER + affinityRules: + displayName: Affinity Rules + type: OTHER + operationalPolicies: + displayName: Operational Policies + type: OTHER + serviceSpecificPolicies: + displayName: Service-specific Policies + type: OTHER + engineeringRules: + displayName: Engineering Rules (ERD) + type: OTHER + distributionInstructions: + displayName: Distribution Instructions + type: OTHER + certificationTestResults: + displayName: TD Certification Test Results + type: OTHER + deploymentVotingRecord: + displayName: Deployment Voting Record + type: OTHER + serviceQuestionnaire: + displayName: Service Questionnaire + type: OTHER + serviceSecurityTemplate: + displayName: Service Security Template + type: OTHER + +serviceApiArtifacts: + configuration: + displayName: Configuration + type: OTHER + instantiation: + displayName: Instantiation + type: OTHER + monitoring: + displayName: Monitoring + type: OTHER + reporting: + displayName: Reporting + type: OTHER + logging: + displayName: Logging + type: OTHER + testing: + displayName: Testing + type: OTHER + +additionalInformationMaxNumberOfKeys: 50 + +systemMonitoring: + enabled: false + isProxy: false + probeIntervalInSeconds: 15 +heatArtifactDeploymentTimeout: + defaultMinutes: 30 + minMinutes: 1 + maxMinutes: 120 + +unLoggedUrls: + - /sdc2/rest/monitoring + - /sdc2/rest/healthCheck + +cleanComponentsConfiguration: + cleanIntervalInMinutes: 1440 + componentsToClean: + - Resource + - Service + +artifactsIndex: resources + +heatEnvArtifactHeader: "" +heatEnvArtifactFooter: "" + +onboarding: + host: {{ .Values.ONBOARDING_BE.host }} + protocol: {{ if .Values.disableHttp }}https{{ else }}http{{ end }} + port: {{ if .Values.disableHttp }}{{ .Values.ONBOARDING_BE.httpsPort }}{{ else }}{{ .Values.ONBOARDING_BE.httpPort }}{{ end }} + getVspPackageUri: "/onboarding-api/v1.0/vendor-software-products/packages/%s?versionId=%s" # /onboarding-api/v1.0/vendor-software-products/packages/:vspId?versionId=:vspVersionId + getLatestVspPackageUri: "/onboarding-api/v1.0/vendor-software-products/packages/%s" # /onboarding-api/v1.0/vendor-software-products/packages/:vspId + getVspUri: "/onboarding-api/v1.0/vendor-software-products/%s/versions/%s" # /onboarding-api/v1.0/vendor-software-products/:vspId/versions/:vspVersionId + getLatestVspUri: "/onboarding-api/v1.0/vendor-software-products/%s" # /onboarding-api/v1.0/vendor-software-products/:vspId + healthCheckUri: "/onboarding-api/v1.0/healthcheck" + +# #GSS IDNS +switchoverDetector: + gBeFqdn: + gFeFqdn: + beVip: 1.2.3.4 + feVip: 1.2.3.4 + beResolveAttempts: 3 + feResolveAttempts: 3 + enabled: false + interval: 60 + changePriorityUser: ecompasdc + changePriorityPassword: ecompasdc123 + publishNetworkUrl: + publishNetworkBody: '{"note":"comment"}' + groups: + beSet: { changePriorityUrl: "", changePriorityBody: '{"name":"","uri":"","no_ad_redirection":false,"v4groups":{"failover_groups":["","","failover_policy":["FAILALL"]},"comment":"","intended_app_proto":"DNS"}'} + feSet: { changePriorityUrl: "", changePriorityBody: '{"name":"","uri":"","no_ad_redirection":false,"v4groups":{"failover_groups":["",""],"failover_policy":["FAILALL"]},"comment":"","intended_app_proto":"DNS"}'} +applicationL1Cache: + datatypes: + enabled: true + firstRunDelay: 10 + pollIntervalInSec: 60 + +applicationL2Cache: + enabled: false + catalogL1Cache: + enabled: false + resourcesSizeInCache: 300 + servicesSizeInCache: 200 + productsSizeInCache: 100 + queue: + syncIntervalInSecondes: 43200 + waitOnShutDownInMinutes: 10 + numberOfCacheWorkers: 4 + +toscaValidators: + stringMaxLength: 2500 + +disableAudit: false + +vfModuleProperties: + min_vf_module_instances: + forBaseModule: 1 + forNonBaseModule: 0 + max_vf_module_instances: + forBaseModule: 1 + forNonBaseModule: + initial_count: + forBaseModule: 1 + forNonBaseModule: 0 + vf_module_type: + forBaseModule: Base + forNonBaseModule: Expansion + +genericAssetNodeTypes: + VFC: org.openecomp.resource.abstract.nodes.VFC + CVFC: org.openecomp.resource.abstract.nodes.VFC + VF : org.openecomp.resource.abstract.nodes.VF + CR : org.openecomp.resource.abstract.nodes.CR + PNF: org.openecomp.resource.abstract.nodes.PNF + Service: org.openecomp.resource.abstract.nodes.service + ETSI NFV Network Service: tosca.nodes.nfv.NS + +# Defines the base types for Services +# <category name>: +# required: <boolean> //if the base type is mandatory or not +# baseTypes: <list of TOSCA types> //the base types. Required if the base type is required. +# If not provided, the category will have no base type. +serviceBaseNodeTypes: + ETSI NFV Network Service: + required: true + baseTypes: + - tosca.nodes.nfv.NS + AutomationComposition: + required: false + +workloadContext: Production + +environmentContext: + defaultValue: General_Revenue-Bearing + validValues: + - Critical_Revenue-Bearing + - Vital_Revenue-Bearing + - Essential_Revenue-Bearing + - Important_Revenue-Bearing + - Needed_Revenue-Bearing + - Useful_Revenue-Bearing + - General_Revenue-Bearing + - Critical_Non-Revenue + - Vital_Non-Revenue + - Essential_Non-Revenue + - Important_Non-Revenue + - Needed_Non-Revenue + - Useful_Non-Revenue + - General_Non-Revenue + +gabConfig: + - artifactType: 'VES_EVENTS' + pathsAndNamesDefinitions: + - + friendlyName: "Action" + path: "event.action[2]" + searchable: true + - + friendlyName: "Comment" + path: "event.comment" + searchable: true + - + friendlyName: "Alarm Additional Information" + path: "event.structure.faultFields.structure.alarmAdditionalInformation.comment" + searchable: true + - artifactType: 'PM_DICTIONARY' + pathsAndNamesDefinitions: + - + friendlyName: "measType" + path: "pmMetaData.pmFields.measType" + searchable: true + - + friendlyName: "measDescription" + path: "pmMetaData.pmFields.measDescription" + searchable: true + - + friendlyName: "measCondition" + path: "pmMetaData.pmFields.measCondition" + searchable: false + - + friendlyName: "measResultUnits" + path: "pmMetaData.pmFields.measResultUnits" + searchable: false + - + friendlyName: "measResultRange" + path: "pmMetaData.pmFields.measResultRange" + searchable: false + - + friendlyName: "measObjClass" + path: "pmMetaData.pmFields.measObjClass" + searchable: true + - + friendlyName: "measCollectionMethod" + path: "pmMetaData.pmFields.measCollectionMethod" + searchable: false + - + friendlyName: "measInfoId" + path: "pmMetaData.pmFields.measInfoId" + searchable: true + - + friendlyName: "iMeasInfoId" + path: "pmMetaData.pmFields.iMeasInfoId" + searchable: false +dmaapConsumerConfiguration: + active: {{ .Values.dmaapConsumerConfiguration.active }} + hosts: localhost:3905 + consumerGroup: sdc + consumerId: mama + timeoutMs: 15000 + limit: 1 + pollingInterval: 2 + topic: topic + latitude: 32.109333 + longitude: 34.855499 + version: 1.0 + serviceName: localhost/events + environment: TEST + partner: BOT_R + routeOffer: MR1 + protocol: https + contenttype: application/json + dme2TraceOn: true + aftEnvironment: AFTUAT + aftDme2ConnectionTimeoutMs: 15000 + aftDme2RoundtripTimeoutMs: 240000 + aftDme2ReadTimeoutMs: 50000 + dme2preferredRouterFilePath: DME2preferredRouter.txt + timeLimitForNotificationHandleMs: 120000 + credential: + username: user + password: + aftDme2SslEnable: true + aftDme2ClientSslCertAlias: certman + +dmaapProducerConfiguration: + active: true + hosts: {{ .Values.dmaapProducerConfiguration.hosts }} + consumerGroup: sdc-{{ .Values.chefEnvironment }}-1730226683 + consumerId: sdc-{{ .Values.chefEnvironment }}1-1730226683 + timeoutMs: 15000 + limit: 1 + pollingInterval: 2 + topic: {{ .Values.dmaapProducerConfiguration.topic }} + latitude: 32.109333 + longitude: 34.855499 + version: 1.0 + serviceName: {{ .Values.dmaapProducerConfiguration.serviceName }} + environment: {{ .Values.dmaapProducerConfiguration.environment }} + partner: BOT_R + routeOffer: MR1 + protocol: {{ .Values.dmaapProducerConfiguration.protocol }} + contenttype: application/json + dme2TraceOn: true + aftEnvironment: {{ .Values.dmaapProducerConfiguration.aftEnvironment }} + aftDme2ConnectionTimeoutMs: 15000 + aftDme2RoundtripTimeoutMs: 240000 + aftDme2ReadTimeoutMs: 50000 + dme2preferredRouterFilePath: {{ .Values.dmaapProducerConfiguration.dme2preferredRouterFilePath }} + timeLimitForNotificationHandleMs: 120000 + credential: + username: {{ .Values.dmaapProducerConfiguration.username }} + password: {{ .Values.dmaapProducerConfiguration.password }} + aftDme2SslEnable: true + aftDme2ClientSslCertAlias: certman + +# ToDo: AF - had to remove due to configuration laod class failure +#dmeConfiguration: +# lookupUriFormat: "http://DME2RESOLVE/service=%s/version=1.0.0/envContext=%s/routeOffer=DEFAULT" +# dme2Search: DME2SEARCH +# dme2Resolve: DME2RESOLVE + +excludedPolicyTypesMapping: +# VF: +# - a.b.c +# - c.d.e +#CR: +# - x.y.z + +excludedGroupTypesMapping: + CR: + - org.openecomp.groups.VfModule + - org.openecomp.groups.heat.HeatStack + - org.openecomp.groups.Group + - tosca.groups.Root + PNF: + - org.openecomp.groups.VfModule + - org.openecomp.groups.heat.HeatStack + - org.openecomp.groups.Group + - tosca.groups.Root + VF: + - org.openecomp.groups.VfModule + - org.openecomp.groups.heat.HeatStack + - org.openecomp.groups.Group + - tosca.groups.Root + Service: + - org.openecomp.groups.VfModule + - org.openecomp.groups.heat.HeatStack + - org.openecomp.groups.Group + - tosca.groups.Root + +healthStatusExclude: + - DE + - DMAAP + - DMAAP_PRODUCER + - ON_BOARDING + - DCAE + - PORTAL + - External API + +#Auto Healing +enableAutoHealing: false +appVersion: {{ .Values.appVersion }} + +artifactGeneratorConfig: Artifact-Generator.properties +resourcesForUpgrade: + 8.0: + - org.openecomp.resource.cp.extCP + - tosca.nodes.network.Network + - tosca.nodes.network.Port + - org.openecomp.resource.cp.nodes.network.SubInterface +skipUpgradeFailedVfs: true +skipUpgradeVSPs: true +autoHealingOwner: jh0003 +supportAllottedResourcesAndProxy: true +deleteLockTimeoutInSeconds: 60 +maxDeleteComponents: 10 + +# This configuration entry lists all node type names prefix that shall be allowed on SDC. +definedResourceNamespace: + - org.openecomp.resource. + - org.onap.policy.clamp.acm. + - tosca.nodes. + +# This configuration entry lists all Directives values that shall be allowed on SDC. +directives: + - select + - selectable + - substitute + - substitutable + +externalCsarStore: + storageType: NONE # NONE, MINIO + endpoint: + host: 127.0.0.1 + port: 9000 + secure: false + credentials: + accessKey: "login" + secretKey: "password" + tempPath: "/home/onap/temp/" + uploadPartSize: 200000000 + +#This configuration specifies the delimiter used to differentiate instance name and count +componentInstanceCounterDelimiter: " " + +# Comma separated list of excluded URLs by the DataValidatorFilter +dataValidatorFilterExcludedUrls: "/healthCheck,/followed,/authorize" + +#Space separated list of permitted ancestors +permittedAncestors: {{ .Values.permittedAncestors }} diff --git a/kubernetes/sdc/components/sdc-be/resources/config/catalog-be/distribution-engine-configuration.yaml b/kubernetes/sdc/components/sdc-be/resources/config/catalog-be/distribution-engine-configuration.yaml new file mode 100644 index 0000000000..f096b13fcc --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/resources/config/catalog-be/distribution-engine-configuration.yaml @@ -0,0 +1,84 @@ +uebServers: + - no-message-router.onap + - no-message-router.onap + +uebPublicKey: {{ .Values.uebPublicKey }} +uebSecretKey: {{ .Values.uebSecretKey }} + +distributionNotifTopicName: {{ if .Values.distributionNotifTopicName }}{{ .Values.distributionNotifTopicName }}{{- else }}SDC-DISTR-NOTIF-TOPIC{{- end }} + +distributionStatusTopicName: {{ if .Values.distributionStatusTopicName }}{{ .Values.distributionStatusTopicName }}{{- else }}SDC-DISTR-STATUS-TOPIC{{- end }} + +kafkaBootStrapServers: {{ .Values.kafkaBootStrapServers }} + +initRetryIntervalSec: 5 +initMaxIntervalSec: 60 + +distribNotifServiceArtifactTypes: + info: + - MURANO-PKG + +distribNotifResourceArtifactTypes: + lifecycle: + - HEAT + - DG-XML + +environments: + - {{ .Values.chefEnvironment }} + +distributionStatusTopic: + pollingIntervalSec: 60 + fetchTimeSec: 15 + consumerGroup: sdc-{{ .Values.chefEnvironment }} + consumerId: sdc-{{ .Values.chefEnvironment }}1 + + +distributionNotificationTopic: + minThreadPoolSize: 0 + maxThreadPoolSize: 10 + maxWaitingAfterSendingSeconds: 5 + +createTopic: + partitionCount: 1 + replicationCount: 1 + +startDistributionEngine: true + +#This is false by default, since ONAP Dmaap currently doesn't support https +useHttpsWithDmaap: false +opEnvRecoveryIntervalSec: 180 +allowedTimeBeforeStaleSec: 300 + +aaiConfig: + httpRequestConfig: + serverRootUrl: https://localhost:8443 + resourceNamespaces: + operationalEnvironments: /aai/v12/cloud-infrastructure/operational-environments + + httpClientConfig: + timeouts: + readTimeoutMs: 5000 + connectTimeoutMs: 1000 + clientCertificate: + keyStore: /app/jetty/base/be/etc/non-prod.jks + keyStorePassword: hmXYcznAljMSisdy8zgcag== + headers: + X-FromAppId: asdc + numOfRetries: 3 + +msoConfig: + httpRequestConfig: + serverRootUrl: http://127.0.0.1:8080/onap/mso/infra/modelDistributions/v1 + resourceNamespaces: + distributions: /distributions + + httpClientConfig: + timeouts: + readTimeoutMs: 2000 + connectTimeoutMs: 500 + basicAuthorization: + userName: asdc + password: OTLEp5lfVhYdyw5EAtTUBQ== + numOfRetries: 3 + +currentArtifactInstallationTimeout: 120 diff --git a/kubernetes/sdc/components/sdc-be/resources/config/catalog-be/janusgraph.properties b/kubernetes/sdc/components/sdc-be/resources/config/catalog-be/janusgraph.properties new file mode 100644 index 0000000000..a08f7bd77a --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/resources/config/catalog-be/janusgraph.properties @@ -0,0 +1,39 @@ +storage.backend=cql +storage.hostname={{ .Values.cassandra.hostname }} +storage.port={{ .Values.cassandra.port }} +storage.username={{ .Values.cassandra.cassandraUsername }} +storage.password={{ .Values.cassandra.cassandraPassword }} +storage.connection-timeout={{ .Values.cassandra.connectionTimeout }} +storage.cql.keyspace=sdctitan + +storage.cql.ssl.enabled={{ .Values.cassandra.cassandraSslEnabled }} +storage.cql.ssl.keystore.location={{ .Values.cassandra.keystoreLocation }} +storage.cql.ssl.keystore.password={{ .Values.cassandra.keystorePassword }} +storage.cql.ssl.truststore.location={{ .Values.cassandra.truststoreLocation }} +storage.cql.ssl.truststore.password={{ .Values.cassandra.truststorePassword }} + +storage.cql.read-consistency-level={{ .Values.cassandra.readConsistencyLevel }} +storage.cql.write-consistency-level={{ .Values.cassandra.writeConsistencyLevel }} +storage.cql.replication-strategy-class=NetworkTopologyStrategy + + +{{- $replicationStrategyOptions := "" -}} +{{- if .Values.pairEnvName | eq "" }} +{{- $replicationStrategyOptions = printf "%s,%d" .Values.cassandra.datacenterName (int .Values.cassandra.replicationFactor) -}} +{{- else }} +{{- $replicationStrategyOptions = printf "%s,%d,%s%s,%d" .Values.cassandra.datacenterName (int .Values.cassandra.replicationFactor) .Values.cassandra.cluster_name .Values.pairEnvName (int .Values.cassandra.replicationFactor) -}} +{{- end }} + +storage.cql.replication-strategy-options={{ $replicationStrategyOptions }} + +storage.cql.local-datacenter={{ .Values.cassandra.datacenterName }} + +cache.db-cache ={{ .Values.cassandra.db_cache }} +cache.db-cache-clean-wait = 20 +cache.db-cache-time = 180000 +cache.db-cache-size = 0.5 + +cache.tx-cache-size = 1000000 + +storage.lock.retries=5 +graph.replace-instance-if-exists=true diff --git a/kubernetes/sdc/components/sdc-be/resources/config/ready-probe.sh b/kubernetes/sdc/components/sdc-be/resources/config/ready-probe.sh new file mode 100644 index 0000000000..4bad479d91 --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/resources/config/ready-probe.sh @@ -0,0 +1,9 @@ +#!/bin/sh +health_check_http_code=$(curl -k --max-time 5 -o /dev/null -w '%{http_code}' {{ if .Values.global.disableHttp }}https://127.0.0.1:{{ .Values.beSslPort }}{{- else -}}http://127.0.0.1:{{ .Values.beHttpPort }}{{- end -}}/sdc2/rest/healthCheck) + +if [ "$health_check_http_code" -eq 200 ]; then + exit 0 +else + echo "Health check http status: $health_check_http_code" + exit 1 +fi diff --git a/kubernetes/sdc/components/sdc-be/resources/config/resource/key.properties b/kubernetes/sdc/components/sdc-be/resources/config/resource/key.properties new file mode 100644 index 0000000000..72fd2f6440 --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/resources/config/resource/key.properties @@ -0,0 +1,41 @@ +### +# ============LICENSE_START========================================== +# ONAP Portal SDK +# =================================================================== +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# =================================================================== +# +# Unless otherwise specified, all software contained herein is licensed +# under the Apache License, Version 2.0 (the ?License?); +# you may not use this software except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Unless otherwise specified, all documentation contained herein is licensed +# under the Creative Commons License, Attribution 4.0 Intl. (the ?License?); +# you may not use this documentation except in compliance with the License. +# You may obtain a copy of the License at +# +# https://creativecommons.org/licenses/by/4.0/ +# +# Unless required by applicable law or agreed to in writing, documentation +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# ============LICENSE_END============================================ +# +# +### + +# Properties read by the ECOMP Framework library (epsdk-fw) + +cipher.enc.key = AGLDdG4D04BKm2IxIWEr8o== diff --git a/kubernetes/sdc/components/sdc-be/resources/config/resource/portal.properties b/kubernetes/sdc/components/sdc-be/resources/config/resource/portal.properties new file mode 100644 index 0000000000..c3ba1b1aa0 --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/resources/config/resource/portal.properties @@ -0,0 +1,89 @@ +### +# ============LICENSE_START========================================== +# ONAP Portal SDK +# =================================================================== +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# =================================================================== +# +# Unless otherwise specified, all software contained herein is licensed +# under the Apache License, Version 2.0 (the ?License?); +# you may not use this software except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Unless otherwise specified, all documentation contained herein is licensed +# under the Creative Commons License, Attribution 4.0 Intl. (the ?License?); +# you may not use this documentation except in compliance with the License. +# You may obtain a copy of the License at +# +# https://creativecommons.org/licenses/by/4.0/ +# +# Unless required by applicable law or agreed to in writing, documentation +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# ============LICENSE_END============================================ +# +# +### +# Properties read by ECOMP Framework library, ecompFW.jar + +########################################################################## +# The following properties should NOT be changed by partner applications. +########################################################################## + +portal.api.prefix = /api +max.idle.time = 5 +user.attribute.name = user_attribute + +#Use REST API instead of UEB to fetch the functional menu data +use_rest_for_functional_menu=true + + +########################################################################## +# The following properties MUST be changed by partner applications. +########################################################################## + +# Name of java class that implements the OnBoardingApiService interface. +portal.api.impl.class = org.openecomp.sdc.be.ecomp.PortalRestApiCentralServiceImpl +role_access_centralized = remote + +# Cookie set by CSP-SSO +#csp_cookie_name = onapCsp + +# CSP setting, most use PROD; DEV also recognized +csp_gate_keeper_prod_key = PROD + +# URL of the Portal where this app is onboarded +ecomp_redirect_url = https://portal-app.onap:30225/ONAPPORTAL/login.htm + +# URL of the ECOMP Portal REST API +ecomp_rest_url = https://portal-app.onap:8443/ONAPPORTAL/auxapi + +# Connection and Read timeout values +ext_req_connection_timeout = 15000 +ext_req_read_timeout = 20000 + +# Name of java class that implements the OnBoardingApiService interface. +portal.api.impl.class = org.openecomp.sdc.be.ecomp.PortalRestApiCentralServiceImpl + +#Portal user & key +portal_app_name = Ipwxi2oLvDxctMA1royaRw1W0jhucLx+grHzci3ePIA= +portal_pass = j85yNhyIs7zKYbR1VlwEfNhS6b7Om4l0Gx5O8931sCI= +portal_user = Ipwxi2oLvDxctMA1royaRw1W0jhucLx+grHzci3ePIA= + + +# UEB key generated while on-boarding +ueb_app_key = "" + +# Applications do not need to run a UEB listener after 1607. +ueb_listeners_enable = false diff --git a/kubernetes/sdc/components/sdc-be/resources/config/start.d/http.ini b/kubernetes/sdc/components/sdc-be/resources/config/start.d/http.ini new file mode 100644 index 0000000000..e637e2378d --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/resources/config/start.d/http.ini @@ -0,0 +1,29 @@ +# --------------------------------------- +# Module: http +--module=http + +### HTTP Connector Configuration + +## Connector host/address to bind to +# jetty.http.host=0.0.0.0 + +## Connector port to listen on +jetty.http.port= {{ .Values.jetty.httpPort }} + +## Connector idle timeout in milliseconds +jetty.http.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.http.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.http.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.http.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.http.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.http.acceptorPriorityDelta=0 diff --git a/kubernetes/sdc/components/sdc-be/resources/config/start.d/https.ini b/kubernetes/sdc/components/sdc-be/resources/config/start.d/https.ini new file mode 100644 index 0000000000..68c36e8c57 --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/resources/config/start.d/https.ini @@ -0,0 +1,29 @@ +# --------------------------------------- +# Module: https +--module=https + +### HTTPS Connector Configuration + +## Connector host/address to bind to +# jetty.https.host=0.0.0.0 + +## Connector port to listen on +jetty.https.port={{ .Values.jetty.httpsPort }} + +## Connector idle timeout in milliseconds +jetty.https.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.https.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.https.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.https.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.https.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.https.acceptorPriorityDelta=0 diff --git a/kubernetes/sdc/components/sdc-be/resources/config/start.d/ssl.ini b/kubernetes/sdc/components/sdc-be/resources/config/start.d/ssl.ini new file mode 100644 index 0000000000..43941594de --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/resources/config/start.d/ssl.ini @@ -0,0 +1,100 @@ +# --------------------------------------- +# Module: ssl +--module=ssl + +### TLS(SSL) Connector Configuration + +## Connector host/address to bind to +# jetty.ssl.host=0.0.0.0 + +## Connector port to listen on +jetty.ssl.port={{ .Values.jetty.httpsPort }} + +## Connector idle timeout in milliseconds +# jetty.ssl.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.ssl.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.ssl.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.ssl.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.ssl.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.ssl.acceptorPriorityDelta=0 + +## Whether request host names are checked to match any SNI names +# jetty.ssl.sniHostCheck=true + +## max age in seconds for a Strict-Transport-Security response header (default -1) +# jetty.ssl.stsMaxAgeSeconds=31536000 + +## include subdomain property in any Strict-Transport-Security header (default false) +# jetty.ssl.stsIncludeSubdomains=true + +### SslContextFactory Configuration +## Note that OBF passwords are not secure, just protected from casual observation +## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html + +## Keystore file path (relative to $jetty.base) +{{- if .Values.jetty.keystorePath }} +jetty.sslContext.keyStorePath={{ .Values.jetty.keystorePath }} +{{- end }} + +## Truststore file path (relative to $jetty.base) +{{- if .Values.jetty.truststorePath }} +i +jetty.sslContext.trustStorePath={{ .Values.jetty.truststorePath }} +{{- end }} + +## Keystore password +{{- if .Values.jetty.keystorePassword }} +jetty.sslContext.keyStorePassword={{ .Values.jetty.keystorePassword }} +{{- end }} + +## Keystore type and provider +# jetty.sslContext.keyStoreType=JKS +# jetty.sslContext.keyStoreProvider= + +## KeyManager password +{{- if .Values.jetty.keystorePassword }} +jetty.sslContext.keyManagerPassword={{ .Values.jetty.keystorePassword }} +{{- end }} + +## Truststore password +# tp{{ .Values.jetty.truststorePassword }}end +# kp{{ .Values.jetty.keystorePassword }}end +{{- if .Values.jetty.truststorePassword }} +jetty.sslContext.trustStorePassword={{ .Values.jetty.truststorePassword }} +{{- end }} + +## Truststore type and provider +# jetty.sslContext.trustStoreType=JKS +# jetty.sslContext.trustStoreProvider= + +## whether client certificate authentication is required +jetty.sslContext.needClientAuth={{ .Values.jetty.truststorePassword | quote | default "false" | not | toString }} + +## Whether client certificate authentication is desired +# jetty.sslContext.wantClientAuth=false + +## Whether cipher order is significant (since java 8 only) +# jetty.sslContext.useCipherSuitesOrder=true + +## To configure Includes / Excludes for Cipher Suites or Protocols see tweak-ssl.xml example at +## https://www.eclipse.org/jetty/documentation/current/configuring-ssl.html#configuring-sslcontextfactory-cipherSuites + +## Set the size of the SslSession cache +# jetty.sslContext.sslSessionCacheSize=-1 + +## Set the timeout (in seconds) of the SslSession cache timeout +# jetty.sslContext.sslSessionTimeout=-1 + +## Allow SSL renegotiation +# jetty.sslContext.renegotiationAllowed=true +# jetty.sslContext.renegotiationLimit=5 diff --git a/kubernetes/sdc/components/sdc-be/templates/configmap.yaml b/kubernetes/sdc/components/sdc-be/templates/configmap.yaml index 332cd74661..77b70a2c81 100644 --- a/kubernetes/sdc/components/sdc-be/templates/configmap.yaml +++ b/kubernetes/sdc/components/sdc-be/templates/configmap.yaml @@ -27,5 +27,81 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }} - - +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-sdc-http-be-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/start.d/http.ini").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-sdc-https-be-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/start.d/https.ini").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-sdc-ssl-be-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/start.d/ssl.ini").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-sdc-catalog-be-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/catalog-be/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-sdc-catalog-be-resource-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/resource/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-sdc-be-ready-probe-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/ready-probe.sh").AsConfig . | indent 2 }} diff --git a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml index 229d4233cc..f55f723f78 100644 --- a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml @@ -107,12 +107,26 @@ spec: failureThreshold: {{ .Values.startup.failureThreshold }} resources: {{ include "common.resources" . | nindent 12 }} env: - - name: ENVNAME - value: {{ .Values.env.name }} - name: JAVA_OPTIONS value: {{ .Values.config.javaOptions }} - name: cassandra_ssl_enabled value: {{ .Values.config.cassandraSslEnabled | quote }} + - name: TLS_CERT + value: {{ .Values.be.tlsCert }} + - name: TLS_KEY + value: {{ .Values.be.tlsKey }} + - name: TLS_PASSWORD + value: {{ .Values.be.tlsPassword }} + - name: KEYSTORE_PATH + value: {{ .Values.be.keystorePath }} + - name: KEYSTORE_PASSWORD + value: {{ .Values.be.keystorePassword }} + - name: CA_CERT + value: {{ .Values.be.caCert }} + - name: TRUSTSTORE_PATH + value: {{ .Values.be.truststorePath }} + - name: TRUSTSTORE_PASSWORD + value: {{ .Values.be.truststorePassword }} - name: HOST_IP valueFrom: fieldRef: @@ -127,17 +141,43 @@ spec: value: {{ .Values.global.kafka.useKafka | quote }} {{- end }} volumeMounts: - - name: sdc-environments - mountPath: /app/jetty/chef-solo/environments/ - name: logs mountPath: /var/log/onap - name: logback mountPath: /tmp/logback.xml subPath: logback.xml + - name: http-config + mountPath: /app/jetty/start.d/http.ini + subPath: http.ini + - name: https-config + mountPath: /app/jetty/start.d/https.ini + subPath: https.ini + - name: ssl-config + mountPath: /app/jetty/start.d/ssl.ini + subPath: ssl.ini + - name: catalog-be-config + mountPath: /app/jetty/config/catalog-be/janusgraph.properties + subPath: janusgraph.properties + - name: catalog-be-config + mountPath: /app/jetty/config/catalog-be/distribution-engine-configuration.yaml + subPath: distribution-engine-configuration.yaml + - name: catalog-be-config + mountPath: /app/jetty/config/catalog-be/configuration.yaml + subPath: configuration.yaml + - name: catalog-be-resource-config + mountPath: /app/jetty/resources/key.properties + subPath: key.properties + - name: catalog-be-resource-config + mountPath: /app/jetty/resources/portal.properties + subPath: portal.properties + - name: ready-probe-config + mountPath: /app/jetty/ready-probe.sh + subPath: ready-probe.sh + lifecycle: postStart: exec: - command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/app/jetty/config/catalog-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] + command: ["/bin/sh", "-c", "export SRC=/tmp/logback.xml; export DST=/app/jetty/config/catalog-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...'; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done copying logback.xml' ; echo 'Running BE_3_setup_key_and_trust_store.sh...' ; /app/jetty/BE_3_setup_key_and_trust_store.sh ; echo 'BE_3_setup_key_and_trust_store.sh completed' "] # side car containers {{ include "common.log.sidecar" . | nindent 8 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} @@ -146,10 +186,31 @@ spec: - name: logback configMap: name : {{ include "common.fullname" . }}-logging-configmap - - name: sdc-environments - configMap: - name: {{ include "common.release" . }}-sdc-environments-configmap - defaultMode: 0755 - name: logs emptyDir: {} + - name: http-config + configMap: + name: {{ include "common.release" . }}-sdc-http-be-configmap + defaultMode: 0755 + - name: https-config + configMap: + name: {{ include "common.release" . }}-sdc-https-be-configmap + defaultMode: 0755 + - name: ssl-config + configMap: + name: {{ include "common.release" . }}-sdc-ssl-be-configmap + defaultMode: 0755 + - name: catalog-be-config + configMap: + name: {{ include "common.release" . }}-sdc-catalog-be-configmap + defaultMode: 0755 + - name: catalog-be-resource-config + configMap: + name: {{ include "common.release" . }}-sdc-catalog-be-resource-configmap + defaultMode: 0755 + - name: ready-probe-config + configMap: + name: {{ include "common.release" . }}-sdc-be-ready-probe-configmap + defaultMode: 0755 {{- include "common.imagePullSecrets" . | nindent 6 }} + diff --git a/kubernetes/sdc/components/sdc-be/templates/job.yaml b/kubernetes/sdc/components/sdc-be/templates/job.yaml index 30400a80b7..02d04154e9 100644 --- a/kubernetes/sdc/components/sdc-be/templates/job.yaml +++ b/kubernetes/sdc/components/sdc-be/templates/job.yaml @@ -57,6 +57,13 @@ spec: - name: {{ include "common.name" . }}-job image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.backendInitImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /bin/sh + - -c + - | + /home/onap/create_consumer_and_user.sh + /home/onap/check_backend.sh + /home/onap/import_normatives.sh volumeMounts: - name: {{ include "common.fullname" . }}-environments mountPath: /home/onap/chef-solo/environments/ @@ -69,6 +76,28 @@ spec: valueFrom: fieldRef: fieldPath: status.podIP + - name: BE_IP + value: {{ .Values.beInit.beIp }} + - name: DISABLE_HTTP + value: {{ .Values.disableHttp | quote }} + - name: BE_HTTPS_PORT + value: {{ .Values.beSslPort | quote }} + - name: BE_HTTP_PORT + value: {{ .Values.beHttpPort | quote }} + - name: TLS_CERT + value: {{ .Values.beInit.tlsCert }} + - name: TLS_KEY + value: {{ .Values.beInit.tlsKey }} + - name: TLS_KEY_PW + value: {{ .Values.beInit.tlsKeyPw }} + - name: CA_CERT + value: {{ .Values.beInit.caCert }} + - name: BASIC_AUTH_ENABLED + value: {{ .Values.basicAuth.enabled | quote }} + - name: BASIC_AUTH_USER + value: {{ .Values.basicAuth.userName }} + - name: BASIC_AUTH_PASS + value: {{ .Values.basicAuth.userPass }} resources: limits: cpu: "800m" diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml index c77d09a772..7d41915102 100644 --- a/kubernetes/sdc/components/sdc-be/values.yaml +++ b/kubernetes/sdc/components/sdc-be/values.yaml @@ -39,8 +39,8 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-backend-all-plugins:1.13.8 -backendInitImage: onap/sdc-backend-init:1.13.8 +image: onap/sdc-backend-all-plugins:1.13.9 +backendInitImage: onap/sdc-backend-init:1.13.9 pullPolicy: Always @@ -191,3 +191,109 @@ wait_for_job_container: log: path: /var/log/onap logConfigMapNamePrefix: '{{ include "common.fullname" . }}' + +####### +####### +pairEnvName: "" + + +cassandra: + hostname: cassandra-dc1-service.onap + port: 9042 + cassandraPassword: Aa1234%^! + cassandraUsername: asdc_user + connectionTimeout: 10000 + cassandraSslEnabled: false + keystoreLocation: "" + keystorePassword: "" + truststoreLocation: "" + truststorePassword: "" + clusterName: SDC-CS- + readConsistencyLevel: ONE + writeConsistencyLevel: ALL + #replication_strategy_options: dc1,3 + datacenterName: dc1 + replicationFactor: 3 + db_cache: true + +cassandraConfig: + cassandraHosts: [cassandra-dc1-service.onap] + cassandraPort: 9042 + localDataCenter: dc1 + socketReadTimeout: 20000 + socketConnectTimeout: 20000 + username: asdc_user + password: Aa1234%^! + ssl: false + keystorePath: "" + keystorePassword: false + truststorePath: "" + truststorePassword: "" +dmaapConsumerConfiguration: + active: false +permittedAncestors: "" +tlsCert: "" +tlsKey: "" +caCert: "" +janusGraphCfgFile: /app/jetty/config/catalog-be/janusgraph.properties +ONBOARDING_BE: + host: sdc-onboarding-be.onap + httpPort: 8081 + httpsPort: 8445 +dmaapProducerConfiguration: + hosts: olsd004.com:3905 + topic: SDC-FACADE-NOTIF-v1 + serviceName: dmaap.com:3905/events + environment: TEST + protocol: "" + aftEnvironment: "" + dme2preferredRouterFilePath: "" + username: user1@sdc.com + password: password== +appVersion: "" + +# Distrubution +uebPublicKey: iPIxkpAMI8qTcQj8 +uebSecretKey: Ehq3WyT4bkif4zwgEbvshGal +#distributionNotifTopicName: SDC-DISTR-NOTIF-TOPIC +#distributionStatusTopicName: SDC-DISTR-STATUS-TOPIC +kafkaBootStrapServers: onap-strimzi-kafka-bootstrap:9092 +chefEnvironment: AUTO + +jetty: + httpPort: 8080 + httpsPort: 8443 + keystorePath: "" + truststorePath: "" + keystorePassword: "" + truststorePassword: "" + +disableHttp: false +beFqdn: sdc-be.onap +beHttpPort: 8080 +beSslPort: 8443 +basicAuth: + enabled: true + userName: testName + userPass: testPass + +basicAuthConfig: + enabled: false +beInit: + beIp: sdc-be.onap + tlsCert: "" + tlsKey: "" + tlsKeyPw: "" + caCert: "" + + +be: + tlsCert: "" + tlsKey: "" + tlsPassword: "" + keystorePath: "" + keystorePassword: "" + caCert: "" + truststorePath: "" + truststorePassword: "" +#END |