diff options
Diffstat (limited to 'kubernetes/sdc')
30 files changed, 180 insertions, 315 deletions
diff --git a/kubernetes/sdc/charts/sdc-be/values.yaml b/kubernetes/sdc/charts/sdc-be/values.yaml index c65aa73913..fcf5283c07 100644 --- a/kubernetes/sdc/charts/sdc-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-be/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-backend:1.4-STAGING-latest -backendInitImage: onap/sdc-backend-init:1.4-STAGING-latest +image: onap/sdc-backend:1.4.0 +backendInitImage: onap/sdc-backend-init:1.4.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdc/charts/sdc-cs/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-cs/templates/deployment.yaml deleted file mode 100644 index 4731edfebb..0000000000 --- a/kubernetes/sdc/charts/sdc-cs/templates/deployment.yaml +++ /dev/null @@ -1,96 +0,0 @@ -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# Modifications Copyright © 2018 ZTE -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} - {{ if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - exec: - command: - - "/var/lib/ready-probe.sh" - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . | indent 12 }} - env: - - name: ENVNAME - value: {{ .Values.global.env.name }} - - name: RELEASE - value: {{ .Values.config.release }} - - name: MAX_HEAP_SIZE - value: {{ .Values.config.maxHeapSize }} - - name: HEAP_NEWSIZE - value: {{ .Values.config.heapNewSize }} - - name: HOST_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: CS_PASSWORD - valueFrom: - secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: cs_password} - volumeMounts: - - name: {{ include "common.fullname" . }}-data - mountPath: /var/lib/cassandra/ - - name: {{ include "common.fullname" . }}-environments - mountPath: /root/chef-solo/environments/ - - name: {{ include "common.fullname" . }}-localtime - mountPath: /etc/localtime - readOnly: true - volumes: - - name: {{ include "common.fullname" . }}-localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }}-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} - - name: {{ include "common.fullname" . }}-environments - configMap: - name: {{ .Release.Name }}-sdc-environments-configmap - defaultMode: 0755 - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/charts/sdc-cs/templates/job.yaml b/kubernetes/sdc/charts/sdc-cs/templates/job.yaml index 75e9a11a03..856aecc63b 100644 --- a/kubernetes/sdc/charts/sdc-cs/templates/job.yaml +++ b/kubernetes/sdc/charts/sdc-cs/templates/job.yaml @@ -40,7 +40,11 @@ spec: - /root/ready.py args: - --container-name + {{- if .Values.global.cassandra.localCluster }} - sdc-cs + {{- else }} + - cassandra + {{- end }} env: - name: NAMESPACE valueFrom: @@ -54,8 +58,6 @@ spec: volumeMounts: - name: {{ include "common.fullname" . }}-environments mountPath: /root/chef-solo/environments/ - - name: {{ include "common.fullname" . }}-data - mountPath: /var/lib/cassandra/ - name: {{ include "common.fullname" . }}-chef-cache mountPath: /root/chef-solo/cache env: @@ -81,13 +83,6 @@ spec: configMap: name: {{ .Release.Name }}-sdc-environments-configmap defaultMode: 0755 - - name: {{ include "common.fullname" . }}-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} - name: {{ include "common.fullname" . }}-chef-cache emptyDir: {} imagePullSecrets: diff --git a/kubernetes/sdc/charts/sdc-cs/templates/pv.yaml b/kubernetes/sdc/charts/sdc-cs/templates/pv.yaml deleted file mode 100644 index 9ceef30007..0000000000 --- a/kubernetes/sdc/charts/sdc-cs/templates/pv.yaml +++ /dev/null @@ -1,38 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} diff --git a/kubernetes/sdc/charts/sdc-cs/templates/pvc.yaml b/kubernetes/sdc/charts/sdc-cs/templates/pvc.yaml deleted file mode 100644 index 2f343c83dc..0000000000 --- a/kubernetes/sdc/charts/sdc-cs/templates/pvc.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/kubernetes/sdc/charts/sdc-cs/templates/service.yaml b/kubernetes/sdc/charts/sdc-cs/templates/service.yaml deleted file mode 100644 index 3f66d34f83..0000000000 --- a/kubernetes/sdc/charts/sdc-cs/templates/service.yaml +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName }}2 - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName }}2 - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} diff --git a/kubernetes/sdc/charts/sdc-cs/values.yaml b/kubernetes/sdc/charts/sdc-cs/values.yaml index 8df00783af..64f964681d 100644 --- a/kubernetes/sdc/charts/sdc-cs/values.yaml +++ b/kubernetes/sdc/charts/sdc-cs/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-cassandra:1.4-STAGING-latest -cassandraInitImage: onap/sdc-cassandra-init:1.4-STAGING-latest +image: onap/sdc-cassandra:1.4.0 +cassandraInitImage: onap/sdc-cassandra-init:1.4.0 pullPolicy: Always diff --git a/kubernetes/sdc/charts/sdc-dcae-be/values.yaml b/kubernetes/sdc/charts/sdc-dcae-be/values.yaml index 666c22254d..bf1d9b4584 100644 --- a/kubernetes/sdc/charts/sdc-dcae-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-be/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -88,4 +88,4 @@ resources: requests: cpu: 20m memory: 2Gi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml b/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml index cf0640565c..2b8fd9027f 100644 --- a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -80,4 +80,4 @@ resources: requests: cpu: 20m memory: 2Gi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml b/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml index ab6eaf3fbf..4b40bcea8f 100644 --- a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -85,4 +85,4 @@ resources: requests: cpu: 20m memory: 2Gi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml index f968c59dae..e787948ce2 100644 --- a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -87,4 +87,4 @@ resources: requests: cpu: 20m memory: 2Gi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/sdc/charts/sdc-es/templates/pv.yaml b/kubernetes/sdc/charts/sdc-es/templates/pv.yaml index 9ceef30007..618b23a584 100644 --- a/kubernetes/sdc/charts/sdc-es/templates/pv.yaml +++ b/kubernetes/sdc/charts/sdc-es/templates/pv.yaml @@ -35,4 +35,4 @@ spec: persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} +{{- end -}}
\ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml b/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml index 2f343c83dc..e1f01b67fe 100644 --- a/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml +++ b/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml @@ -46,4 +46,4 @@ spec: storageClassName: "{{ .Values.persistence.storageClass }}" {{- end }} {{- end }} -{{- end -}} +{{- end -}}
\ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-es/values.yaml b/kubernetes/sdc/charts/sdc-es/values.yaml index 33ebbe3799..a84f738583 100644 --- a/kubernetes/sdc/charts/sdc-es/values.yaml +++ b/kubernetes/sdc/charts/sdc-es/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 ubuntuInitRepository: oomk8s @@ -31,8 +31,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-elasticsearch:1.4-STAGING-latest -elasticInitImage: onap/sdc-init-elasticsearch:1.4-STAGING-latest +image: onap/sdc-elasticsearch:1.4.0 +elasticInitImage: onap/sdc-init-elasticsearch:1.4.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdc/charts/sdc-fe/values.yaml b/kubernetes/sdc/charts/sdc-fe/values.yaml index e9b329c9e7..e95223bf43 100644 --- a/kubernetes/sdc/charts/sdc-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-fe/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-frontend:1.4-STAGING-latest +image: onap/sdc-frontend:1.4.0 pullPolicy: Always config: diff --git a/kubernetes/sdc/charts/sdc-kb/values.yaml b/kubernetes/sdc/charts/sdc-kb/values.yaml index 02e1728f9a..21b0b05ff6 100644 --- a/kubernetes/sdc/charts/sdc-kb/values.yaml +++ b/kubernetes/sdc/charts/sdc-kb/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-kibana:1.4-STAGING-latest +image: onap/sdc-kibana:1.4.0 pullPolicy: Always config: diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml index 87556b0b55..70895d308d 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml @@ -88,6 +88,8 @@ spec: - name: SDC_PASSWORD valueFrom: secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_password} + - name: SDC_CERT_DIR + value: {{ .Values.cert.certDir }} volumeMounts: - name: {{ include "common.fullname" . }}-environments mountPath: /root/chef-solo/environments/ @@ -99,6 +101,8 @@ spec: - name: {{ include "common.fullname" . }}-logback mountPath: /tmp/logback.xml subPath: logback.xml + - name: {{ include "common.fullname" . }}-cert-storage + mountPath: "{{ .Values.cert.certDir }}" lifecycle: postStart: exec: @@ -133,5 +137,8 @@ spec: defaultMode: 0755 - name: {{ include "common.fullname" . }}-logs emptyDir: {} + - name: {{ include "common.fullname" . }}-cert-storage + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-cert imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/job.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/job.yaml index 320918507f..8d56f0ab2c 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/job.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/job.yaml @@ -54,8 +54,6 @@ spec: volumeMounts: - name: {{ include "common.fullname" . }}-environments mountPath: /root/chef-solo/environments/ - - name: {{ include "common.fullname" . }}-data - mountPath: /var/lib/cassandra/ env: - name: ENVNAME value: {{ .Values.global.env.name }} @@ -73,19 +71,12 @@ spec: valueFrom: secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: cs_password} - name: CS_HOST_IP - value: "sdc-cs" + value: "{{ .Values.global.cassandra.serviceName }}" volumes: - name: {{ include "common.fullname" . }}-environments configMap: name: {{ .Release.Name }}-sdc-environments-configmap defaultMode: 0755 - - name: {{ include "common.fullname" . }}-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" restartPolicy: Never diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml index 9ceef30007..b292ff9448 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml @@ -1,6 +1,7 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE +# ================================================================================ +# Copyright (C) 2019, Nordix Foundation. All rights reserved. +# ================================================================================ # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,12 +15,11 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if and .Values.persistence.enabled (not .Values.cert.persistence.existingClaim) -}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-cert namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -29,10 +29,10 @@ metadata: name: {{ include "common.fullname" . }} spec: capacity: - storage: {{ .Values.persistence.size}} + storage: {{ .Values.cert.persistence.size}} accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + - {{ .Values.cert.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.cert.persistence.volumeReclaimPolicy }} hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.cert.persistence.mountSubPath }} +{{- end -}}
\ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml index 2f343c83dc..eb2c372a33 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml @@ -1,6 +1,7 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE +# ================================================================================ +# Copyright (C) 2019, Nordix Foundation. All rights reserved. +# ================================================================================ # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,36 +15,35 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if and .Values.cert.persistence.enabled (not .Values.cert.persistence.existingClaim) -}} kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-cert namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} +{{- if .Values.cert.persistence.annotations }} annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} +{{ toYaml .Values.cert.persistence.annotations | indent 4 }} {{- end }} spec: selector: matchLabels: name: {{ include "common.fullname" . }} accessModes: - - {{ .Values.persistence.accessMode }} + - {{ .Values.cert.persistence.accessMode }} resources: requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} + storage: {{ .Values.cert.persistence.size }} +{{- if .Values.cert.persistence.storageClass }} +{{- if (eq "-" .Values.cert.persistence.storageClass) }} storageClassName: "" {{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" + storageClassName: "{{ .Values.cert.persistence.storageClass }}" {{- end }} {{- end }} -{{- end -}} +{{- end -}}
\ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml index c2a52b43b0..2b7edd97ed 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-onboard-backend:1.4-STAGING-latest -onboardingInitImage: onap/sdc-onboard-cassandra-init:1.4-STAGING-latest +image: onap/sdc-onboard-backend:1.4.0 +onboardingInitImage: onap/sdc-onboard-cassandra-init:1.4.0 pullPolicy: Always # flag to enable debugging - application support required @@ -90,6 +90,18 @@ persistence: mountPath: /dockerdata-nfs mountSubPath: /sdc/sdc-cs/CS +##Certificate storage persistence +##This is temporary solution for SDC-1980 +cert: + certDir: /var/lib/jetty/cert + persistence: + enabled: true + size: 10Mi + accessMode: ReadOnlyMany + volumeReclaimPolicy: Retain + mountSubPath: /sdc/onbaording/cert + + ingress: enabled: false @@ -111,4 +123,4 @@ resources: requests: cpu: 20m memory: 2Gi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml index bb96d342f7..0bf1bf5d31 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml @@ -73,7 +73,7 @@ spec: - name: JAVA_OPTIONS value: {{ .Values.config.javaOptions }} - name: CS_HOSTS - value: "{{ .Values.config.cassandraHosts }}" + value: "{{ .Values.global.cassandra.serviceName }}" - name: CS_PORT value: "{{ .Values.config.cassandraClientPort }}" - name: CS_AUTHENTICATE diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml index 38f526d215..90ff1b46ba 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml @@ -54,7 +54,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: CS_HOST - value: "sdc-cs" + value: "{{ .Values.global.cassandra.serviceName }}" - name: CS_PORT value: "{{ .Values.config.cassandraThriftClientPort }}" - name: CS_AUTHENTICATE @@ -67,4 +67,4 @@ spec: secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_password} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" -{{ end }}
\ No newline at end of file +{{ end }} diff --git a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml index 63554369ed..8859b89018 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-backend:1.4.0-SNAPSHOT -configInitImage: onap/workflow-init:1.4.0-SNAPSHOT +image: onap/workflow-backend:1.4.0 +configInitImage: onap/workflow-init:1.4.0 pullPolicy: Always # flag to enable debugging - application support required @@ -41,7 +41,6 @@ initJob: config: javaOptions: "-Xdebug -agentlib:jdwp=transport=dt_socket,address=7001,server=y,suspend=n -Xmx1536m -Xms1536m" cassandraAuthenticationEnabled: true - cassandraHosts: sdc-cs cassandraThriftClientPort: 9160 cassandraClientPort: 9042 sdcProtocol: HTTP diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml index c284f2dfd0..0be06f3985 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml @@ -51,6 +51,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.internalPort2 }} {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: @@ -70,7 +71,45 @@ spec: value: {{ .Values.config.javaOptions }} - name: BACKEND value: {{ .Values.config.backendServerURL }} + - name: IS_HTTPS + value: "{{ .Values.config.isHttpsEnabled}}" + {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }} + - name: KEYSTORE_PASS + {{- if .Values.global.security.keysFromCa }} + valueFrom: + secretKeyRef: + name: mft-sdc + key: keystore-password.txt + {{ else }} + value: {{ .Values.global.security.keyStorePass}} + {{- end }} + - name: TRUSTSTORE_PASS + {{- if .Values.global.security.keysFromCa }} + valueFrom: + secretKeyRef: + name: mft-catruststore + key: keystore-password.txt + {{ else }} + value: {{ .Values.global.security.trustStorePass}} + {{- end }} + - name: TRUSTSTORE_PATH + value: "{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }}" + - name: KEYSTORE_PATH + value: "{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }}" + - name: TRUSTSTORE_TYPE + value: {{ .Values.security.truststore.type }} + - name: KEYSTORE_TYPE + value: {{ .Values.security.keystore.type }} + {{ end }} volumeMounts: + {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }} + - name: {{ include "common.fullname" . }}-jetty-https-truststore + mountPath: /var/lib/jetty/{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }} + subPath: {{ .Values.security.truststoreFilename }} + - name: {{ include "common.fullname" . }}-jetty-https-keystore + mountPath: /var/lib/jetty/etc/{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }} + subPath: {{ .Values.security.keystoreFilename }} + {{ end }} - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime readOnly: true diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml index 2990de3f1a..87ca3607d7 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml @@ -40,10 +40,16 @@ spec: - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} name: {{ .Values.service.portName | default "http" }} + - port: {{ .Values.service.internalPort2 }} + nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.portName2 | default "https" }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} name: {{ .Values.service.portName | default "http" }} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName2 | default "https" }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml index d9b4dee17e..a217de5e4b 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml @@ -17,8 +17,9 @@ ################################################################# global: nodePortPrefix: 302 + nodePortPrefixExt: 304 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -27,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-frontend:1.4.0-SNAPSHOT +image: onap/workflow-frontend:1.4.0 pullPolicy: Always # flag to enable debugging - application support required @@ -36,6 +37,16 @@ debugEnabled: false config: javaOptions: "-Xdebug -agentlib:jdwp=transport=dt_socket,address=7000,server=y,suspend=n -Xmx256m -Xms256m" backendServerURL: "http://sdc-wfd-be:8080" + isHttpsEnabled: false + +# https relevant settings. Change in case you have other trust files then default ones. +security: + isDefaultStore: true + truststoreType: "JKS" + keystoreType: "JKS" + truststoreFilename: "truststore" + keystoreFilename: "keystore" + storePath: "etc" # default number of instances replicaCount: 1 @@ -62,6 +73,10 @@ service: externalPort: 8080 portName: sdc-wfd-fe nodePort: "56" + portName2: sdc-wfd-fe2 + internalPort2: 8443 + externalPort2: 8443 + nodePort2: "31" ingress: enabled: false diff --git a/kubernetes/sdc/requirements.yaml b/kubernetes/sdc/requirements.yaml index 6f49b16ca9..e9661315f3 100644 --- a/kubernetes/sdc/requirements.yaml +++ b/kubernetes/sdc/requirements.yaml @@ -17,3 +17,12 @@ dependencies: - name: common version: ~4.x-0 repository: '@local' + + - name: cassandra + version: ~4.x-0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' + condition: global.cassandra.localCluster + diff --git a/kubernetes/sdc/resources/config/environments/AUTO.json b/kubernetes/sdc/resources/config/environments/AUTO.json index be9db4cd52..0c42d860ca 100755 --- a/kubernetes/sdc/resources/config/environments/AUTO.json +++ b/kubernetes/sdc/resources/config/environments/AUTO.json @@ -9,7 +9,7 @@ "default_attributes": { "disableHttp": false, - "CS_VIP": "sdc-cs.{{include "common.namespace" .}}", + "CS_VIP": "{{.Values.global.cassandra.serviceName}}.{{include "common.namespace" .}}", "BE_VIP": "sdc-be.{{include "common.namespace" .}}", "ONBOARDING_BE_VIP": "sdc-onboarding-be.{{include "common.namespace" .}}", "DCAE_BE_VIP": "sdc-dcae-be.{{include "common.namespace" .}}", @@ -42,7 +42,7 @@ }, "Nodes": { "CS": [ - "sdc-cs.{{include "common.namespace" .}}" + "{{.Values.global.cassandra.serviceName}}.{{include "common.namespace" .}}" ], "BE": "sdc-be.{{include "common.namespace" .}}", "ONBOARDING_BE": "sdc-onboarding-be.{{include "common.namespace" .}}", @@ -88,8 +88,8 @@ "cassandra_user": "asdc_user", "cassandra_password": "Aa1234%^!", "concurrent_writes": "32", - "cluster_name": "SDC-CS-", - "datacenter_name": "SDC-CS-", + "cluster_name": "{{.Values.global.cassandra.clusterName}}", + "datacenter_name": "{{.Values.global.cassandra.dataCenter}}", "multithreaded_compaction": "false", "cache_dir": "/var/lib/cassandra/saved_caches", "log_file": "/var/lib/cassandra/log/system.log", @@ -97,7 +97,8 @@ "commitlog_dir": "/var/lib/cassandra/commitlog", "socket_read_timeout": "20000", "socket_connect_timeout": "20000", - "titan_connection_timeout": "10000" + "titan_connection_timeout": "10000", + "replication_factor": "{{.Values.global.cassandra.replicaCount}}" } } } diff --git a/kubernetes/sdc/values.yaml b/kubernetes/sdc/values.yaml index ea95bd7f53..cafa59ad77 100644 --- a/kubernetes/sdc/values.yaml +++ b/kubernetes/sdc/values.yaml @@ -20,10 +20,21 @@ global: secrets: sdc_user: YXNkY191c2Vy sdc_password: QWExMjM0JV4h - cs_password: b25hcDEyMyNAIQ== + #Should be the password of shared cassandra instance/chart + cs_password: Y2Fzc2FuZHJh ubuntuInitRepository: oomk8s ubuntuInitImage: ubuntu-init:1.0.0 - + cassandra: + #This flag allows SDC to instantiate its own cluster, serviceName + #should be sdc-cs if this flag is enabled + localCluster: false + #The cassandra service name to connect to (default: shared cassandra service) + serviceName: cassandra + #Shared cassandra cluster replicaCount, should be changed if localCluster is enabled + #to match with its own cluster replica + replicaCount: 3 + clusterName: cassandra + dataCenter: Pod config: logstashServiceName: log-ls @@ -32,7 +43,16 @@ config: workflowUrl: 10.0.2.15 vnfRepoPort: 8702 - sdc-es: service: name: sdc-es + +#Used only if localCluster is enabled. Instantiates SDC's own cassandra cluster +cassandra: + nameOverride: sdc-cs + replicaCount: 1 + service: + name: sdc-cs + persistence: + mountSubPath: sdc/sdc-cs/CS + enabled: true |