diff options
Diffstat (limited to 'kubernetes/sdc/components')
29 files changed, 382 insertions, 238 deletions
diff --git a/kubernetes/sdc/components/sdc-be/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-be/resources/config/logging/logback.xml index 28fd910d76..fcbca71f33 100644 --- a/kubernetes/sdc/components/sdc-be/resources/config/logging/logback.xml +++ b/kubernetes/sdc/components/sdc-be/resources/config/logging/logback.xml @@ -14,24 +14,45 @@ # limitations under the License. --> <configuration scan="true" scanPeriod="3 seconds"> - <property name="logDir" value="/var/log/onap" /> - <property name="componentName" scope="system" value="sdc"></property> - <property name="subComponentName" scope="system" value="sdc-be"></property> - <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" /> - <property file="${config.home}/catalog-be/configuration.yaml" /> - <property name="enable-all-log" scope="context" value="false" /> + <property name="logDir" value="/var/log/onap"/> + <property name="componentName" scope="system" value="sdc"/> + <property name="subComponentName" scope="system" value="sdc-be"/> + <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}"/> + <property file="${config.home}/catalog-be/configuration.yaml"/> + <property name="enable-all-log" scope="context" value="false"/> <!-- log file names --> - <property name="errorLogName" value="error" /> - <property name="metricsLogName" value="metrics" /> - <property name="auditLogName" value="audit" /> - <property name="debugLogName" value="debug" /> - <property name="transactionLogName" value="transaction" /> - <property name="allLogName" value="all" /> - <property name="queueSize" value="256" /> - <property name="maxFileSize" value="50MB" /> - <property name="maxHistory" value="30" /> - <property name="totalSizeCap" value="10GB" /> - <property name="pattern" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" /> + <property name="errorLogName" value="error"/> + <property name="metricsLogName" value="metrics"/> + <property name="auditLogName" value="audit"/> + <property name="debugLogName" value="debug"/> + <property name="transactionLogName" value="transaction"/> + <property name="allLogName" value="all"/> + <property name="queueSize" value="256"/> + <property name="maxFileSize" value="50MB"/> + <property name="maxHistory" value="30"/> + <property name="totalSizeCap" value="10GB"/> + <property name="pattern" + value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n"/> + + <!-- STDOUT --> + <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + + <!-- STDERR --> + <appender class="ch.qos.logback.core.ConsoleAppender" name="STDERR"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>ERROR</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <encoder> + <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> + </encoder> + </appender> + <!-- All log --> <if condition='property("enable-all-log").equalsIgnoreCase("true")'> <then> @@ -50,7 +71,7 @@ </encoder> </appender> <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ALL"> - <appender-ref ref="ALL_ROLLING" /> + <appender-ref ref="ALL_ROLLING"/> </appender> </then> </if> @@ -170,30 +191,32 @@ <!-- Asynchronicity Configurations --> <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_DEBUG"> <queueSize>${queueSize}</queueSize> - <appender-ref ref="DEBUG_ROLLING" /> + <appender-ref ref="DEBUG_ROLLING"/> </appender> <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_TRANSACTION"> <queueSize>${queueSize}</queueSize> - <appender-ref ref="TRANSACTION_ROLLING" /> + <appender-ref ref="TRANSACTION_ROLLING"/> </appender> <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ERROR"> <queueSize>${queueSize}</queueSize> - <appender-ref ref="ERROR_ROLLING" /> + <appender-ref ref="ERROR_ROLLING"/> </appender> <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_AUDIT"> <queueSize>${queueSize}</queueSize> - <appender-ref ref="AUDIT_ROLLING" /> + <appender-ref ref="AUDIT_ROLLING"/> </appender> <root level="INFO"> - <appender-ref ref="ASYNC_ERROR" /> - <appender-ref ref="ASYNC_DEBUG" /> - <appender-ref ref="ASYNC_AUDIT" /> - <appender-ref ref="ASYNC_TRANSACTION" /> + <appender-ref ref="ASYNC_ERROR"/> + <appender-ref ref="ASYNC_DEBUG"/> + <appender-ref ref="ASYNC_AUDIT"/> + <appender-ref ref="ASYNC_TRANSACTION"/> <if condition='property("enable-all-log").equalsIgnoreCase("true")'> <then> - <appender-ref ref="ALL_ROLLING" /> + <appender-ref ref="ALL_ROLLING"/> </then> </if> + <appender-ref ref="STDOUT"/> + <appender-ref ref="STDERR"/> </root> - <logger level="INFO" name="org.openecomp.sdc" /> + <logger level="INFO" name="org.openecomp.sdc"/> </configuration> diff --git a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml index 5a5fcd6f75..24f169a5b9 100644 --- a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml @@ -98,9 +98,9 @@ spec: cpu: 3m memory: 20Mi volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} - - name: {{ include "common.fullname" . }}-environments + - name: sdc-environments-input mountPath: /config-input/ - - name: sdc-environments-output + - name: sdc-environments mountPath: /config-output/ {{- end }} containers: @@ -160,20 +160,22 @@ spec: fieldRef: fieldPath: status.podIP volumeMounts: - - name: sdc-environments-output + - name: sdc-environments mountPath: /app/jetty/chef-solo/environments/ - - name: sdc-environments-output + {{- if .Values.global.aafEnabled }} + - name: sdc-environments mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.p12 subPath: org.onap.sdc.p12 - - name: sdc-environments-output + - name: sdc-environments mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.trust.jks subPath: org.onap.sdc.trust.jks - - name: {{ include "common.fullname" . }}-localtime + {{- end }} + - name: localtime mountPath: /etc/localtime readOnly: true - name: logs mountPath: /var/log/onap - - name: {{ include "common.fullname" . }}-logback + - name: logback mountPath: /tmp/logback.xml subPath: logback.xml lifecycle: @@ -184,19 +186,21 @@ spec: {{ include "common.log.sidecar" . | nindent 8 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - - name: {{ include "common.fullname" . }}-localtime + - name: localtime hostPath: path: /etc/localtime {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 6 }} - - name: {{ include "common.fullname" . }}-logback + - name: logback configMap: name : {{ include "common.fullname" . }}-logging-configmap - - name: {{ include "common.fullname" . }}-environments + - name: sdc-environments + {{- if .Values.global.aafEnabled }} + emptyDir: { medium: "Memory" } + - name: sdc-environments-input + {{- end }} configMap: name: {{ include "common.release" . }}-sdc-environments-configmap defaultMode: 0755 - - name: sdc-environments-output - emptyDir: { medium: "Memory" } - name: logs emptyDir: {} imagePullSecrets: diff --git a/kubernetes/sdc/components/sdc-be/templates/job.yaml b/kubernetes/sdc/components/sdc-be/templates/job.yaml index aaf8fada28..5f70991e6f 100644 --- a/kubernetes/sdc/components/sdc-be/templates/job.yaml +++ b/kubernetes/sdc/components/sdc-be/templates/job.yaml @@ -79,6 +79,7 @@ spec: requests: cpu: 200m memory: 200Mi + {{ include "common.waitForJobContainer" . | indent 6 | trim }} volumes: - name: {{ include "common.fullname" . }}-environments configMap: diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml index 0449648b27..b7fa714e73 100644 --- a/kubernetes/sdc/components/sdc-be/values.yaml +++ b/kubernetes/sdc/components/sdc-be/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 aafEnabled: true - cassandra: + sdc_cassandra: #This flag allows SDC to instantiate its own cluster, serviceName #should be sdc-cs if this flag is enabled localCluster: false @@ -35,8 +35,8 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-backend-all-plugins:1.9.5 -backendInitImage: onap/sdc-backend-init:1.9.5 +image: onap/sdc-backend-all-plugins:1.10.1 +backendInitImage: onap/sdc-backend-init:1.10.1 pullPolicy: Always @@ -85,7 +85,7 @@ affinity: {} liveness: initialDelaySeconds: 1 periodSeconds: 10 - timeoutSeconds: 5 + timeoutSeconds: 180 successThreshold: 1 failureThreshold: 3 # necessary to disable liveness probe when setting breakpoints @@ -95,14 +95,14 @@ liveness: readiness: initialDelaySeconds: 1 periodSeconds: 10 - timeoutSeconds: 5 + timeoutSeconds: 180 successThreshold: 1 failureThreshold: 3 startup: initialDelaySeconds: 10 periodSeconds: 10 - timeoutSeconds: 5 + timeoutSeconds: 180 successThreshold: 1 failureThreshold: 60 @@ -126,7 +126,7 @@ service: visualRange: "1" serviceName: sdc-deprecated ports: - - name: api + - name: tcp-api port: 8443 plain_port: 8080 port_protocol: http @@ -168,6 +168,10 @@ serviceAccount: roles: - read +wait_for_job_container: + containers: + - '{{ include "common.name" . }}-job' + #Log configuration log: path: /var/log/onap diff --git a/kubernetes/sdc/components/sdc-cs/Chart.yaml b/kubernetes/sdc/components/sdc-cs/Chart.yaml index 5b4d631889..0789ee32b2 100644 --- a/kubernetes/sdc/components/sdc-cs/Chart.yaml +++ b/kubernetes/sdc/components/sdc-cs/Chart.yaml @@ -30,3 +30,11 @@ dependencies: - name: serviceAccount version: ~10.x-0 repository: '@local' + - name: cassandra + version: ~10.x-0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' + condition: global.sdc_cassandra.localCluster + diff --git a/kubernetes/sdc/components/sdc-cs/templates/job.yaml b/kubernetes/sdc/components/sdc-cs/templates/job.yaml index fb849b9f25..0eeeff52da 100644 --- a/kubernetes/sdc/components/sdc-cs/templates/job.yaml +++ b/kubernetes/sdc/components/sdc-cs/templates/job.yaml @@ -42,7 +42,7 @@ spec: - /app/ready.py args: - --container-name - {{- if .Values.global.cassandra.localCluster }} + {{- if .Values.global.sdc_cassandra.localCluster }} - sdc-cs {{- else }} - cassandra @@ -96,6 +96,7 @@ spec: requests: cpu: 200m memory: 300Mi + {{ include "common.waitForJobContainer" . | indent 6 | trim }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: {{ include "common.fullname" . }}-environments diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml index e00475adc4..3391af7864 100644 --- a/kubernetes/sdc/components/sdc-cs/values.yaml +++ b/kubernetes/sdc/components/sdc-cs/values.yaml @@ -21,7 +21,7 @@ global: readinessImage: onap/oom/readiness:3.0.1 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 - cassandra: + sdc_cassandra: #This flag allows SDC to instantiate its own cluster, serviceName #should be sdc-cs if this flag is enabled localCluster: false @@ -36,10 +36,23 @@ global: ################################################################# # Application configuration defaults. ################################################################# + +#Used only if localCluster is enabled. Instantiates SDC's own cassandra cluster +cassandra: + nameOverride: sdc-cs + replicaCount: 3 + service: + name: sdc-cs + serviceAccount: + nameOverride: sdc-cs + persistence: + mountSubPath: sdc/sdc-cs/CS + enabled: true + # application image repository: nexus3.onap.org:10001 -image: onap/sdc-cassandra:1.9.5 -cassandraInitImage: onap/sdc-cassandra-init:1.9.5 +image: onap/sdc-cassandra:1.10.1 +cassandraInitImage: onap/sdc-cassandra-init:1.10.1 pullPolicy: Always config: @@ -109,3 +122,7 @@ serviceAccount: nameOverride: sdc-cs roles: - read + +wait_for_job_container: + containers: + - '{{ include "common.name" . }}-job' diff --git a/kubernetes/sdc/components/sdc-fe/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-fe/resources/config/logging/logback.xml index 1000982b6e..f3ebf76428 100644 --- a/kubernetes/sdc/components/sdc-fe/resources/config/logging/logback.xml +++ b/kubernetes/sdc/components/sdc-fe/resources/config/logging/logback.xml @@ -16,24 +16,45 @@ -->
<configuration scan="true" scanPeriod="3 seconds">
- <property name="logDir" value="/var/log/onap" />
- <property name="componentName" scope="system" value="sdc"></property>
- <property name="subComponentName" scope="system" value="sdc-fe"></property>
- <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
- <property file="${config.home}/catalog-fe/configuration.yaml" />
- <property name="enable-all-log" scope="context" value="false" />
+ <property name="logDir" value="/var/log/onap"/>
+ <property name="componentName" scope="system" value="sdc"/>
+ <property name="subComponentName" scope="system" value="sdc-fe"/>
+ <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}"/>
+ <property file="${config.home}/catalog-fe/configuration.yaml"/>
+ <property name="enable-all-log" scope="context" value="false"/>
<!-- log file names -->
- <property name="errorLogName" value="error" />
- <property name="metricsLogName" value="metrics" />
- <property name="auditLogName" value="audit" />
- <property name="debugLogName" value="debug" />
- <property name="transactionLogName" value="transaction" />
- <property name="allLogName" value="all" />
- <property name="queueSize" value="256" />
- <property name="maxFileSize" value="50MB" />
- <property name="maxHistory" value="30" />
- <property name="totalSizeCap" value="10GB" />
- <property name="pattern" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
+ <property name="errorLogName" value="error"/>
+ <property name="metricsLogName" value="metrics"/>
+ <property name="auditLogName" value="audit"/>
+ <property name="debugLogName" value="debug"/>
+ <property name="transactionLogName" value="transaction"/>
+ <property name="allLogName" value="all"/>
+ <property name="queueSize" value="256"/>
+ <property name="maxFileSize" value="50MB"/>
+ <property name="maxHistory" value="30"/>
+ <property name="totalSizeCap" value="10GB"/>
+ <property name="pattern"
+ value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n"/>
+
+ <!-- STDOUT -->
+ <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- STDERR -->
+ <appender class="ch.qos.logback.core.ConsoleAppender" name="STDERR">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>ERROR</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <encoder>
+ <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
+ </encoder>
+ </appender>
+
<!-- All log -->
<if condition='property("enable-all-log").equalsIgnoreCase("true")'>
<then>
@@ -52,7 +73,7 @@ </encoder>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ALL">
- <appender-ref ref="ALL_ROLLING" />
+ <appender-ref ref="ALL_ROLLING"/>
</appender>
</then>
</if>
@@ -174,30 +195,32 @@ <!-- Asynchronicity Configurations -->
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_DEBUG">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="DEBUG_ROLLING" />
+ <appender-ref ref="DEBUG_ROLLING"/>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_TRANSACTION">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="TRANSACTION_ROLLING" />
+ <appender-ref ref="TRANSACTION_ROLLING"/>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ERROR">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="ERROR_ROLLING" />
+ <appender-ref ref="ERROR_ROLLING"/>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_AUDIT">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="AUDIT_ROLLING" />
+ <appender-ref ref="AUDIT_ROLLING"/>
</appender>
<root level="INFO">
- <appender-ref ref="ASYNC_ERROR" />
- <appender-ref ref="ASYNC_DEBUG" />
- <appender-ref ref="ASYNC_AUDIT" />
- <appender-ref ref="ASYNC_TRANSACTION" />
+ <appender-ref ref="ASYNC_ERROR"/>
+ <appender-ref ref="ASYNC_DEBUG"/>
+ <appender-ref ref="ASYNC_AUDIT"/>
+ <appender-ref ref="ASYNC_TRANSACTION"/>
<if condition='property("enable-all-log").equalsIgnoreCase("true")'>
<then>
- <appender-ref ref="ALL_ROLLING" />
+ <appender-ref ref="ALL_ROLLING"/>
</then>
</if>
+ <appender-ref ref="STDOUT"/>
+ <appender-ref ref="STDERR"/>
</root>
- <logger level="INFO" name="org.openecomp.sdc" />
+ <logger level="INFO" name="org.openecomp.sdc"/>
</configuration>
diff --git a/kubernetes/sdc/components/sdc-fe/resources/config/plugins/plugins-configuration.yaml b/kubernetes/sdc/components/sdc-fe/resources/config/plugins/plugins-configuration.yaml index 9dc317b2b5..cc91960dbf 100644 --- a/kubernetes/sdc/components/sdc-fe/resources/config/plugins/plugins-configuration.yaml +++ b/kubernetes/sdc/components/sdc-fe/resources/config/plugins/plugins-configuration.yaml @@ -1,6 +1,10 @@ pluginsList: - pluginId: WORKFLOW - pluginDiscoveryUrl: "{{ .Values.config.plugins.workflow_discovery_url }}" + {{- if (include "common.needTLS" .) }} + pluginDiscoveryUrl: "{{ .Values.config.plugins.workflow_discovery_url.https }}" + {{- else }} + pluginDiscoveryUrl: "{{ .Values.config.plugins.workflow_discovery_url.http }}" + {{- end }} pluginSourceUrl: "{{ .Values.config.plugins.workflow_source_url }}" pluginStateUrl: "workflowDesigner" pluginDisplayOptions: @@ -8,4 +12,4 @@ pluginsList: displayName: "WORKFLOW" displayRoles: ["DESIGNER", "TESTER"] -connectionTimeout: 1000
\ No newline at end of file +connectionTimeout: 1000 diff --git a/kubernetes/sdc/components/sdc-fe/templates/configmap.yaml b/kubernetes/sdc/components/sdc-fe/templates/configmap.yaml index 2ac85aead6..948a3fee99 100644 --- a/kubernetes/sdc/components/sdc-fe/templates/configmap.yaml +++ b/kubernetes/sdc/components/sdc-fe/templates/configmap.yaml @@ -39,4 +39,4 @@ metadata: release: {{ include "common.release" . }} heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/config/plugins/*").AsConfig . | indent 2 }}
\ No newline at end of file +{{ tpl (.Files.Glob "resources/config/plugins/*").AsConfig . | indent 2 }} diff --git a/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml index 43f9f2c928..599e32e175 100644 --- a/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml @@ -82,9 +82,9 @@ spec: chmod 0755 /config-output/${PFILE} done volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - - name: {{ include "common.fullname" . }}-environments + - name: sdc-environments-input mountPath: /config-input/ - - name: sdc-environments-output + - name: sdc-environments mountPath: /config-output/ resources: limits: @@ -147,23 +147,25 @@ spec: - name: JAVA_OPTIONS value: {{ .Values.config.javaOptions }} volumeMounts: - - name: sdc-environments-output + - name: sdc-environments mountPath: /app/jetty/chef-solo/environments/ - - name: sdc-environments-output + {{- if .Values.global.aafEnabled }} + - name: sdc-environments mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.p12 subPath: org.onap.sdc.p12 - - name: sdc-environments-output + - name: sdc-environments mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.trust.jks subPath: org.onap.sdc.trust.jks - - name: {{ include "common.fullname" . }}-localtime + {{- end }} + - name: localtime mountPath: /etc/localtime readOnly: true - name: logs mountPath: /var/log/onap - - name: {{ include "common.fullname" . }}-configs + - name: configs mountPath: /app/jetty/config/catalog-fe/plugins-configuration.yaml subPath: plugins-configuration.yaml - - name: {{ include "common.fullname" . }}-logback + - name: logback mountPath: /tmp/logback.xml subPath: logback.xml lifecycle: @@ -174,23 +176,25 @@ spec: {{ include "common.log.sidecar" . | nindent 8 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - - name: {{ include "common.fullname" . }}-localtime + - name: localtime hostPath: path: /etc/localtime {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 8 }} - - name: {{ include "common.fullname" . }}-configs + - name: configs configMap: name : {{ include "common.fullname" . }}-plugins-configmap defaultMode: 0777 - - name: {{ include "common.fullname" . }}-logback + - name: logback configMap: name : {{ include "common.fullname" . }}-logging-configmap - - name: {{ include "common.fullname" . }}-environments + - name: sdc-environments + {{- if .Values.global.aafEnabled }} + emptyDir: { medium: "Memory" } + - name: sdc-environments-input + {{- end }} configMap: name: {{ include "common.release" . }}-sdc-environments-configmap defaultMode: 0755 - - name: sdc-environments-output - emptyDir: { medium: "Memory" } - name: logs emptyDir: {} imagePullSecrets: diff --git a/kubernetes/sdc/components/sdc-fe/templates/service.yaml b/kubernetes/sdc/components/sdc-fe/templates/service.yaml index db8b59c2ce..f899d58971 100644 --- a/kubernetes/sdc/components/sdc-fe/templates/service.yaml +++ b/kubernetes/sdc/components/sdc-fe/templates/service.yaml @@ -39,28 +39,20 @@ metadata: spec: type: {{ .Values.service.type }} ports: - {{ if not .Values.security.disableHttp }} - # setting http port only if enabled - {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{ end }} - {{ end }} - - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName }}2 - {{- else -}} - - port: {{ .Values.service.externalPort2 }} + {{ if eq .Values.service.type "NodePort" -}} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + {{ end }} + {{ if (include "common.needTLS" .) }} + - port: {{ .Values.service.internalPort2 }} targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName }}2 - {{- end}} + name: {{ .Values.service.portName }}s + {{ if eq .Values.service.type "NodePort" -}} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + {{ end }} + {{ end }} selector: app: {{ include "common.name" . }} release: {{ include "common.release" . }} diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml index a208226b76..1dbf9ebd7a 100644 --- a/kubernetes/sdc/components/sdc-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-fe/values.yaml @@ -47,17 +47,23 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-frontend:1.9.5 +image: onap/sdc-frontend:1.10.1 pullPolicy: Always config: javaOptions: "-Xmx256m -Xms256m" plugins: - dcae_discovery_url: "https://sdc-dcae-fe:9444/dcaed/#/home" + dcae_discovery_url: + https: "https://sdc-dcae-fe:9444/dcaed/#/home" + http: "http://sdc-dcae-fe:8183/dcaed/#/home" dcae_source_url: "https://sdc.dcae.plugin.simpledemo.onap.org:30264/dcaed/#/home" - dcae_dt_discovery_url: "https://sdc-dcae-dt:9446/dcae/#/dcae/home" + dcae_dt_discovery_url: + https: "https://sdc-dcae-dt:9446/dcae/#/dcae/home" + http: "http://sdc-dcae-dt:8186/dcae/#/dcae/home" dcae_dt_source_url: "https://sdc.dcae.plugin.simpledemo.onap.org:30266/dcae/#/dcae/home" - workflow_discovery_url: "https://sdc-wfd-fe:8443/workflows" + workflow_discovery_url: + https: "https://sdc-wfd-fe:8443/workflows" + http: "http://sdc-wfd-fe:8080/workflows" workflow_source_url: "https://sdc.workflow.plugin.simpledemo.onap.org:30256/workflows/" #environment file @@ -105,7 +111,7 @@ service: #service being defined. type: NodePort name: sdc-fe - portName: sdc-fe + portName: http nodePort: "06" internalPort: 8181 externalPort: 8181 @@ -113,8 +119,6 @@ service: internalPort2: 9443 externalPort2: 9443 - - ingress: enabled: false service: diff --git a/kubernetes/sdc/components/sdc-helm-validator/values.yaml b/kubernetes/sdc/components/sdc-helm-validator/values.yaml index 4cd4a76506..363a05934d 100644 --- a/kubernetes/sdc/components/sdc-helm-validator/values.yaml +++ b/kubernetes/sdc/components/sdc-helm-validator/values.yaml @@ -18,7 +18,7 @@ global: pullPolicy: Always -image: onap/org.onap.sdc.sdc-helm-validator:1.2.2 +image: onap/sdc-helm-validator:1.3.1 containerPort: &svc_port 8080 config: diff --git a/kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml index b537709925..ee22ff2cfd 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml +++ b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml @@ -15,24 +15,45 @@ # limitations under the License.
-->
<configuration scan="true" scanPeriod="3 seconds">
- <property name="logDir" value="/var/log/onap" />
- <property name="componentName" scope="system" value="sdc"></property>
- <property name="subComponentName" scope="system" value="sdc-onboarding-be"></property>
- <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
- <property file="${config.home}/catalog-be/configuration.yaml" />
- <property name="enable-all-log" scope="context" value="false" />
+ <property name="logDir" value="/var/log/onap"/>
+ <property name="componentName" scope="system" value="sdc"/>
+ <property name="subComponentName" scope="system" value="sdc-onboarding-be"/>
+ <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}"/>
+ <property file="${config.home}/catalog-be/configuration.yaml"/>
+ <property name="enable-all-log" scope="context" value="false"/>
<!-- log file names -->
- <property name="errorLogName" value="error" />
- <property name="metricsLogName" value="metrics" />
- <property name="auditLogName" value="audit" />
- <property name="debugLogName" value="debug" />
- <property name="transactionLogName" value="transaction" />
- <property name="allLogName" value="all" />
- <property name="queueSize" value="256" />
- <property name="maxFileSize" value="50MB" />
- <property name="maxHistory" value="30" />
- <property name="totalSizeCap" value="10GB" />
- <property name="pattern" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
+ <property name="errorLogName" value="error"/>
+ <property name="metricsLogName" value="metrics"/>
+ <property name="auditLogName" value="audit"/>
+ <property name="debugLogName" value="debug"/>
+ <property name="transactionLogName" value="transaction"/>
+ <property name="allLogName" value="all"/>
+ <property name="queueSize" value="256"/>
+ <property name="maxFileSize" value="50MB"/>
+ <property name="maxHistory" value="30"/>
+ <property name="totalSizeCap" value="10GB"/>
+ <property name="pattern"
+ value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n"/>
+
+ <!-- STDOUT -->
+ <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- STDERR -->
+ <appender class="ch.qos.logback.core.ConsoleAppender" name="STDERR">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>ERROR</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <encoder>
+ <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
+ </encoder>
+ </appender>
+
<!-- All log -->
<if condition='property("enable-all-log").equalsIgnoreCase("true")'>
<then>
@@ -51,7 +72,7 @@ </encoder>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ALL">
- <appender-ref ref="ALL_ROLLING" />
+ <appender-ref ref="ALL_ROLLING"/>
</appender>
</then>
</if>
@@ -171,30 +192,32 @@ <!-- Asynchronicity Configurations -->
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_DEBUG">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="DEBUG_ROLLING" />
+ <appender-ref ref="DEBUG_ROLLING"/>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_TRANSACTION">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="TRANSACTION_ROLLING" />
+ <appender-ref ref="TRANSACTION_ROLLING"/>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ERROR">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="ERROR_ROLLING" />
+ <appender-ref ref="ERROR_ROLLING"/>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_AUDIT">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="AUDIT_ROLLING" />
+ <appender-ref ref="AUDIT_ROLLING"/>
</appender>
<root level="INFO">
- <appender-ref ref="ASYNC_ERROR" />
- <appender-ref ref="ASYNC_DEBUG" />
- <appender-ref ref="ASYNC_AUDIT" />
- <appender-ref ref="ASYNC_TRANSACTION" />
+ <appender-ref ref="ASYNC_ERROR"/>
+ <appender-ref ref="ASYNC_DEBUG"/>
+ <appender-ref ref="ASYNC_AUDIT"/>
+ <appender-ref ref="ASYNC_TRANSACTION"/>
<if condition='property("enable-all-log").equalsIgnoreCase("true")'>
<then>
- <appender-ref ref="ALL_ROLLING" />
+ <appender-ref ref="ALL_ROLLING"/>
</then>
</if>
+ <appender-ref ref="STDOUT"/>
+ <appender-ref ref="STDERR"/>
</root>
- <logger level="INFO" name="org.openecomp.sdc" />
+ <logger level="INFO" name="org.openecomp.sdc"/>
</configuration>
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml index d6b8a4e026..8180cc79f1 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml @@ -1,6 +1,7 @@ {{/* # Copyright © 2017 Amdocs, AT&T, Bell Canada # Modifications Copyright © 2018 ZTE +# Modifications Copyright © 2021 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -80,9 +81,9 @@ spec: chmod 0755 /config-output/${PFILE} done volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - - name: {{ include "common.fullname" . }}-environments + - name: sdc-environments-input mountPath: /config-input/ - - name: sdc-environments-output + - name: sdc-environments mountPath: /config-output/ resources: limits: @@ -104,7 +105,7 @@ spec: securityContext: runAsUser: 0 volumeMounts: - - name: {{ include "common.fullname" . }}-cert-storage + - name: cert-storage mountPath: "/onboard/cert" resources: limits: @@ -172,22 +173,24 @@ spec: - name: SDC_CERT_DIR value: {{ .Values.cert.certDir }} volumeMounts: - - name: sdc-environments-output + - name: sdc-environments mountPath: /app/jetty/chef-solo/environments/ - - name: sdc-environments-output + {{- if .Values.global.aafEnabled }} + - name: sdc-environments mountPath: /app/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12 subPath: org.onap.sdc.p12 - - name: sdc-environments-output + - name: sdc-environments mountPath: /app/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks subPath: org.onap.sdc.trust.jks - - name: {{ include "common.fullname" . }}-localtime + {{- end }} + - name: localtime mountPath: /etc/localtime readOnly: true - name: logs mountPath: /var/log/onap - - name: {{ include "common.fullname" . }}-cert-storage + - name: cert-storage mountPath: "{{ .Values.cert.certDir }}" - - name: {{ include "common.fullname" . }}-logback + - name: logback mountPath: /tmp/logback.xml subPath: logback.xml lifecycle: @@ -198,22 +201,25 @@ spec: {{ include "common.log.sidecar" . | nindent 8 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - - name: {{ include "common.fullname" . }}-localtime + - name: localtime hostPath: path: /etc/localtime + {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 6 }} - - name: {{ include "common.fullname" . }}-logback + - name: logback configMap: name : {{ include "common.fullname" . }}-logging-configmap - - name: {{ include "common.fullname" . }}-environments + - name: sdc-environments + {{- if .Values.global.aafEnabled }} + emptyDir: { medium: "Memory" } + - name: sdc-environments-input + {{- end }} configMap: name: {{ include "common.release" . }}-sdc-environments-configmap defaultMode: 0755 - - name: sdc-environments-output - emptyDir: { medium: "Memory" } - name: logs emptyDir: {} - - name: {{ include "common.fullname" . }}-cert-storage + - name: cert-storage persistentVolumeClaim: claimName: {{ include "common.fullname" . }}-cert imagePullSecrets: diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml index c8edb29a28..bfc1ef8e7b 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml @@ -62,6 +62,13 @@ spec: - name: {{ include "common.name" . }}-job image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.onboardingInitImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{- if include "common.onServiceMesh" . }} + args: + - echo "waiting 10s for istio side cars to be up"; sleep 10s; /home/sdc/startup.sh + command: + - /bin/sh + - -c + {{- end }} volumeMounts: - name: {{ include "common.fullname" . }}-environments mountPath: /home/sdc/chef-solo/environments/ @@ -82,7 +89,7 @@ spec: valueFrom: secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: cs_password} - name: CS_HOST_IP - value: "{{ .Values.global.cassandra.serviceName }}" + value: "{{ .Values.global.sdc_cassandra.serviceName }}" resources: limits: cpu: 800m @@ -90,6 +97,7 @@ spec: requests: cpu: 200m memory: 200Mi + {{ include "common.waitForJobContainer" . | indent 6 | trim }} volumes: - name: {{ include "common.fullname" . }}-environments configMap: diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml index 2ee87eeb33..ece5a439a3 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml @@ -31,18 +31,18 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName | default "http" }} + name: {{ .Values.service.portName | default "http" }}s - port: {{ .Values.service.externalPort2 }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName | default "http" }}2 + name: {{ .Values.service.portName | default "http" }}} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }} + name: {{ .Values.service.portName | default "http" }}s - port: {{ .Values.service.externalPort2 }} targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName | default "http" }}2 + name: {{ .Values.service.portName | default "http" }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml index d8cc670bdf..ff5d031510 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml @@ -20,7 +20,7 @@ global: nodePortPrefix: 302 aafEnabled: true persistence: {} - cassandra: + sdc_cassandra: #This flag allows SDC to instantiate its own cluster, serviceName #should be sdc-cs if this flag is enabled localCluster: false @@ -59,8 +59,8 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-onboard-backend:1.9.5 -onboardingInitImage: onap/sdc-onboard-cassandra-init:1.9.5 +image: onap/sdc-onboard-backend:1.10.1 +onboardingInitImage: onap/sdc-onboard-cassandra-init:1.10.1 pullPolicy: Always # flag to enable debugging - application support required @@ -109,9 +109,10 @@ startup: service: type: ClusterIP name: sdc-onboarding-be - portName: sdc-onboarding-be + portName: http internalPort: 8445 externalPort: 8445 + internalPort2: 8081 externalPort2: 8081 @@ -182,6 +183,10 @@ serviceAccount: roles: - read +wait_for_job_container: + containers: + - '{{ include "common.name" . }}-job' + #Log configuration log: path: /var/log/onap diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/_helper.tpl b/kubernetes/sdc/components/sdc-wfd-be/templates/_helper.tpl deleted file mode 100644 index 298a2cd673..0000000000 --- a/kubernetes/sdc/components/sdc-wfd-be/templates/_helper.tpl +++ /dev/null @@ -1 +0,0 @@ -{{- define "wfd-be.internalPort" }}{{ if .Values.config.serverSSLEnabled }}{{ .Values.service.internalPort2 }}{{ else }}{{ .Values.service.internalPort }}{{ end }}{{- end }} diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml index 343bda8ff9..a187e19a75 100644 --- a/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml @@ -79,13 +79,13 @@ spec: ./startup.sh {{- end }} ports: - - containerPort: {{ template "wfd-be.internalPort" . }} + - containerPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: - port: {{ template "wfd-be.internalPort" . }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} successThreshold: {{ .Values.liveness.successThreshold }} @@ -93,14 +93,14 @@ spec: {{ end }} readinessProbe: tcpSocket: - port: {{ template "wfd-be.internalPort" . }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} successThreshold: {{ .Values.readiness.successThreshold }} failureThreshold: {{ .Values.readiness.failureThreshold }} startupProbe: tcpSocket: - port: {{ template "wfd-be.internalPort" . }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }} periodSeconds: {{ .Values.startup.periodSeconds }} successThreshold: {{ .Values.startup.successThreshold }} @@ -109,7 +109,7 @@ spec: - name: JAVA_OPTIONS value: {{ .Values.config.javaOptions }} - name: CS_HOSTS - value: "{{ .Values.global.cassandra.serviceName }}" + value: "{{ .Values.global.sdc_cassandra.serviceName }}" - name: CS_PORT value: "{{ .Values.config.cassandraClientPort }}" - name: CS_AUTHENTICATE @@ -128,20 +128,25 @@ spec: valueFrom: secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: cs_truststore_password} - name: SDC_PROTOCOL - value: "{{ .Values.config.sdcProtocol }}" + value: "{{ (eq "true" (include "common.needTLS" .)) | ternary "HTTPS" "HTTP" }}" - name: SDC_ENDPOINT - value: "{{ .Values.config.sdcEndpoint }}" + value: "{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdcEndpoint.https .Values.config.sdcEndpoint.http }}" - name: SDC_USER value: "{{ .Values.config.sdcExternalUser }}" - name: SDC_PASSWORD valueFrom: secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: wf_external_user_password} + {{- if (include "common.needTLS" .) }} - name: SERVER_SSL_ENABLED - value: "{{ .Values.config.serverSSLEnabled }}" + value: "true" - name: SERVER_SSL_KEYSTORE_TYPE value: "{{ .Values.config.serverSSLKeyStoreType }}" - name: SERVER_SSL_TRUSTSTORE_TYPE value: "{{ .Values.config.serverSSLTrustStoreType }}" + {{- else }} + - name: SERVER_SSL_ENABLED + value: "false" + {{- end }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} resources: {{ include "common.resources" . | nindent 12 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/ingress.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/ingress.yaml index 8f87c68f1e..171442dfdc 100644 --- a/kubernetes/sdc/components/sdc-wfd-be/templates/ingress.yaml +++ b/kubernetes/sdc/components/sdc-wfd-be/templates/ingress.yaml @@ -1 +1 @@ -{{ include "common.ingress" . }} +{{include "common.ingress" .}} diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml index f7b0cfa04b..2e5826d229 100644 --- a/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml +++ b/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml @@ -60,23 +60,31 @@ spec: cpu: 3m memory: 20Mi containers: - - name: {{ include "common.name" . }}-job - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.configInitImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: + - name: {{ include "common.name" . }}-job + image: + {{ include "repositoryGenerator.repository" . }}/{{ .Values.configInitImage }} + imagePullPolicy: + {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{- if include "common.onServiceMesh" . }} + args: + - echo "waiting 10s for istio side cars to be up"; sleep 10s; /start.sh + command: + - /bin/sh + - -c + {{- end }} + env: - name: CS_HOST - value: "{{ .Values.global.cassandra.serviceName }}" + value: "{{ .Values.global.sdc_cassandra.serviceName }}" - name: CS_PORT - value: "{{ .Values.config.cassandraClientPort }}" + value: {{ .Values.config.cassandraClientPort | quote }} - name: CS_AUTHENTICATE - value: "{{ .Values.config.cassandraAuthenticationEnabled }}" + value: {{ .Values.config.cassandraAuthenticationEnabled | quote }} - name: CS_USER - valueFrom: - secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_user} + valueFrom: {secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_user}} - name: CS_PASSWORD - valueFrom: - secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_password} - resources: {{ include "common.resources" . | nindent 12 }} + valueFrom: {secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_password}} + resources: {{ include "common.resources" . | nindent 12 }} + {{ include "common.waitForJobContainer" . | indent 6 | trim }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key" {{ end }} diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/service.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/service.yaml index 2af5e2ba26..2f4129b03f 100644 --- a/kubernetes/sdc/components/sdc-wfd-be/templates/service.yaml +++ b/kubernetes/sdc/components/sdc-wfd-be/templates/service.yaml @@ -30,13 +30,13 @@ spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} - - port: {{ template "wfd-be.internalPort" . }} + - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} {{- else -}} - - port: {{ if .Values.config.serverSslEnabled }}{{ .Values.service.externalPort2 }}{{ else }}{{ .Values.service.externalPort }}{{ end }} - targetPort: {{ template "wfd-be.internalPort" . }} - name: {{ .Values.service.portName }} + - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.externalPort2 .Values.service.externalPort }} + targetPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} + name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/sdc/components/sdc-wfd-be/values.yaml b/kubernetes/sdc/components/sdc-wfd-be/values.yaml index 8b61567114..6b18f47d66 100644 --- a/kubernetes/sdc/components/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/components/sdc-wfd-be/values.yaml @@ -19,14 +19,15 @@ global: nodePortPrefix: 302 aafEnabled: true - cassandra: - #This flag allows SDC to instantiate its own cluster, serviceName - #should be sdc-cs if this flag is enabled + sdc_cassandra: + # This flag allows SDC to instantiate its own cluster, serviceName + # should be sdc-cs if this flag is enabled localCluster: false - #The cassandra service name to connect to (default: shared cassandra service) + # The cassandra service name to connect to + # (default: shared cassandra service) serviceName: cassandra - #Shared cassandra cluster replicaCount, should be changed if localCluster is enabled - #to match with its own cluster replica + # Shared cassandra cluster replicaCount, should be changed if + # localCluster is enabled to match with its own cluster replica replicaCount: 3 clusterName: cassandra dataCenter: Pod @@ -69,10 +70,10 @@ config: javaOptions: "-Xmx1536m -Xms1536m" cassandraAuthenticationEnabled: true cassandraClientPort: 9042 - sdcProtocol: HTTPS - sdcEndpoint: sdc-be:8443 + sdcEndpoint: + https: sdc-be:8443 + http: sdc-be:8080 sdcExternalUser: workflow - serverSSLEnabled: true serverSSLKeyStoreType: jks serverSSLTrustStoreType: jks cassandraSSLEnabled: false @@ -90,16 +91,16 @@ nodeSelector: {} affinity: {} # probe configuration parameters -liveness: - initialDelaySeconds: 60 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true +#liveness: +# initialDelaySeconds: 60 +# periodSeconds: 10 +# # necessary to disable liveness probe when setting breakpoints +# # in debugger so K8s doesn't restart unresponsive container +# enabled: true -readiness: - initialDelaySeconds: 60 - periodSeconds: 10 +#readiness: +# initialDelaySeconds: 60 +# periodSeconds: 10 # probe configuration parameters liveness: @@ -125,7 +126,7 @@ startup: service: type: NodePort - portName: sdc-wfd-be + portName: http internalPort: 8080 externalPort: 8080 internalPort2: 8443 @@ -166,3 +167,7 @@ serviceAccount: nameOverride: sdc-wfd-be roles: - read + +wait_for_job_container: + containers: + - '{{ include "common.name" . }}-job' diff --git a/kubernetes/sdc/components/sdc-wfd-fe/templates/_helper.tpl b/kubernetes/sdc/components/sdc-wfd-fe/templates/_helper.tpl deleted file mode 100644 index 546bab7ddf..0000000000 --- a/kubernetes/sdc/components/sdc-wfd-fe/templates/_helper.tpl +++ /dev/null @@ -1 +0,0 @@ -{{- define "wfd-fe.internalPort" }}{{ if .Values.config.isHttpsEnabled }}{{ .Values.service.internalPort2 }}{{ else }}{{ .Values.service.internalPort }}{{ end }}{{- end }} diff --git a/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml index b703e6656c..d57309004d 100644 --- a/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml @@ -98,11 +98,11 @@ spec: ./startup.sh {{- end }} ports: - - containerPort: {{ template "wfd-fe.internalPort" . }} + - containerPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: - port: {{ template "wfd-fe.internalPort" . }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} successThreshold: {{ .Values.liveness.successThreshold }} @@ -110,14 +110,14 @@ spec: {{ end }} readinessProbe: tcpSocket: - port: {{ template "wfd-fe.internalPort" . }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} successThreshold: {{ .Values.readiness.successThreshold }} failureThreshold: {{ .Values.readiness.failureThreshold }} startupProbe: tcpSocket: - port: {{ template "wfd-fe.internalPort" . }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }} periodSeconds: {{ .Values.startup.periodSeconds }} successThreshold: {{ .Values.startup.successThreshold }} @@ -128,13 +128,13 @@ spec: - name: JAVA_OPTIONS value: {{ .Values.config.javaOptions }} - name: BACKEND - value: {{ .Values.config.backendServerURL }} + value: "{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.backendServerURL.https .Values.config.backendServerURL.http }}" - name: IS_HTTPS - value: "{{ .Values.config.isHttpsEnabled}}" - {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }} + value: "{{ (eq "true" (include "common.needTLS" .)) | ternary "true" "false" }}" + {{- if and (include "common.needTLS" .) (eq .Values.security.isDefaultStore false) }} - name: TRUST_ALL value: "{{ .Values.config.isTrustAll}}" - {{ end }} + {{- end }} volumeMounts: - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime diff --git a/kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml b/kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml index bc838ac22f..08feb5a6ed 100644 --- a/kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml +++ b/kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml @@ -31,7 +31,7 @@ metadata: "version": "v1", "url": "/", "protocol": "UI", - "port": "{{ .Values.service.internalPort2 }}", + "port": "{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}", "visualRange":"0|1" } ]' @@ -39,13 +39,13 @@ spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} - - port: {{ template "wfd-fe.internalPort" . }} + - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} {{- else -}} - - port: {{ if .Values.config.isHttpsEnabled }}{{ .Values.service.externalPort2 }}{{ else }}{{ .Values.service.externalPort }}{{ end }} - targetPort: {{ template "wfd-fe.internalPort" . }} - name: {{ .Values.service.portName }} + - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.externalPort2 .Values.service.externalPort }} + targetPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} + name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml index b3e3b39a41..c7e680a745 100644 --- a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml @@ -55,8 +55,9 @@ debugEnabled: false config: javaOptions: "-Xmx256m -Xms256m" - backendServerURL: "https://sdc-wfd-be:8443" - isHttpsEnabled: true + backendServerURL: + https: "https://sdc-wfd-be:8443" + http: "http://sdc-wfd-be:8080" # following flag decides whether to check the certificate on the outgoing proxy request or whether to trust all parties isTrustAll: true # https relevant settings. Change in case you have other trust files then default ones. |