diff options
Diffstat (limited to 'kubernetes/sdnc')
-rw-r--r-- | kubernetes/sdnc/components/dmaap-listener/values.yaml | 2 | ||||
-rw-r--r-- | kubernetes/sdnc/components/sdnc-ansible-server/values.yaml | 2 | ||||
-rw-r--r-- | kubernetes/sdnc/components/sdnc-web/values.yaml | 2 | ||||
-rw-r--r-- | kubernetes/sdnc/components/ueb-listener/values.yaml | 2 | ||||
-rw-r--r-- | kubernetes/sdnc/requirements.yaml | 4 | ||||
-rwxr-xr-x | kubernetes/sdnc/resources/config/bin/createLinks.sh | 69 | ||||
-rwxr-xr-x | kubernetes/sdnc/resources/config/conf/org.opendaylight.aaa.filterchain.cfg | 1 | ||||
-rw-r--r-- | kubernetes/sdnc/templates/pv-data.yaml | 57 | ||||
-rw-r--r-- | kubernetes/sdnc/templates/statefulset.yaml | 83 | ||||
-rw-r--r-- | kubernetes/sdnc/values.yaml | 40 |
10 files changed, 126 insertions, 136 deletions
diff --git a/kubernetes/sdnc/components/dmaap-listener/values.yaml b/kubernetes/sdnc/components/dmaap-listener/values.yaml index 27876cb47b..5378d64e9f 100644 --- a/kubernetes/sdnc/components/dmaap-listener/values.yaml +++ b/kubernetes/sdnc/components/dmaap-listener/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-dmaap-listener-image:2.0.4 +image: onap/sdnc-dmaap-listener-image:2.0.5 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml index 858ff71d31..6c32c9036e 100644 --- a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml +++ b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-ansible-server-image:2.0.4 +image: onap/sdnc-ansible-server-image:2.0.5 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/components/sdnc-web/values.yaml b/kubernetes/sdnc/components/sdnc-web/values.yaml index f040736794..8648ac4dcc 100644 --- a/kubernetes/sdnc/components/sdnc-web/values.yaml +++ b/kubernetes/sdnc/components/sdnc-web/values.yaml @@ -23,7 +23,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: "onap/sdnc-web-image:2.0.4" +image: "onap/sdnc-web-image:2.0.5" pullPolicy: Always config: diff --git a/kubernetes/sdnc/components/ueb-listener/values.yaml b/kubernetes/sdnc/components/ueb-listener/values.yaml index 6de8947d77..96b37092f9 100644 --- a/kubernetes/sdnc/components/ueb-listener/values.yaml +++ b/kubernetes/sdnc/components/ueb-listener/values.yaml @@ -55,7 +55,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-ueb-listener-image:2.0.4 +image: onap/sdnc-ueb-listener-image:2.0.5 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/requirements.yaml b/kubernetes/sdnc/requirements.yaml index 57c165c4c0..f58ecb16be 100644 --- a/kubernetes/sdnc/requirements.yaml +++ b/kubernetes/sdnc/requirements.yaml @@ -1,5 +1,6 @@ # Copyright © 2017 Amdocs, Bell Canada, # Copyright © 2020 highstreet technologies GmbH +# Copyright © 2021 Nokia # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -20,6 +21,9 @@ dependencies: - name: certInitializer version: ~7.x-0 repository: '@local' + - name: cmpv2Certificate + version: ~7.x-0 + repository: '@local' - name: logConfiguration version: ~7.x-0 repository: '@local' diff --git a/kubernetes/sdnc/resources/config/bin/createLinks.sh b/kubernetes/sdnc/resources/config/bin/createLinks.sh new file mode 100755 index 0000000000..1999dabb37 --- /dev/null +++ b/kubernetes/sdnc/resources/config/bin/createLinks.sh @@ -0,0 +1,69 @@ +#!/bin/sh + +### +# ============LICENSE_START======================================================= +# ONAP : SDN-C +# ================================================================================ +# Copyright (C) 2017 AT&T Intellectual Property. All rights +# reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### + + +if [ "$MDSAL_PATH" = "" ] +then + MDSAL_PATH=/opt/opendaylight/mdsal +fi + +if [ "$DAEXIM_PATH" = "" ] +then + DAEXIM_PATH=/opt/opendaylight/daexim +fi + +if [ "$JOURNAL_PATH" = "" ] +then + JOURNAL_PATH=/opt/opendaylight/journal +fi + +if [ "$SNAPSHOTS_PATH" = "" ] +then + SNAPSHOTS_PATH=/opt/opendaylight/snapshots +fi + + +if [ ! -L $DAEXIM_PATH ] +then + ln -s $MDSAL_PATH/daexim $DAEXIM_PATH +fi + +if [ ! -L $JOURNAL_PATH ] +then + if [ -d $JOURNAL_PATH ] + then + mv $JOURNAL_PATH/* $MDSAL_PATH/journal + rm -f $JOURNAL_PATH + fi + ln -s $MDSAL_PATH/journal $JOURNAL_PATH +fi + +if [ ! -L $SNAPSHOTS_PATH ] +then + if [ -d $SNAPSHOTS_PATH ] + then + mv $SNAPSHOTS_PATH/* $MDSAL_PATH/snapshots + rm -f $SNAPSHOTS_PATH + fi + ln -s $MDSAL_PATH/snapshots $SNAPSHOTS_PATH +fi diff --git a/kubernetes/sdnc/resources/config/conf/org.opendaylight.aaa.filterchain.cfg b/kubernetes/sdnc/resources/config/conf/org.opendaylight.aaa.filterchain.cfg new file mode 100755 index 0000000000..cffc526fb6 --- /dev/null +++ b/kubernetes/sdnc/resources/config/conf/org.opendaylight.aaa.filterchain.cfg @@ -0,0 +1 @@ +customFilterList=org.onap.ccsdk.sli.core.filters.ControllerAuditLogFilter,org.onap.ccsdk.sli.core.filters.ControllerPayloadLoggingFilter diff --git a/kubernetes/sdnc/templates/pv-data.yaml b/kubernetes/sdnc/templates/pv-data.yaml index e40bdd6ea3..a0d998cd07 100644 --- a/kubernetes/sdnc/templates/pv-data.yaml +++ b/kubernetes/sdnc/templates/pv-data.yaml @@ -1,46 +1,17 @@ {{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. */}} -{{- $global := . }} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if eq "True" (include "common.needPV" .) -}} -{{- range $i := until (int $global.Values.replicaCount)}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" $global }}-data-{{ $i }} - namespace: {{ include "common.namespace" $global }} - labels: - app: {{ include "common.fullname" $global }} - chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" - release: "{{ include "common.release" $global }}" - heritage: "{{ $global.Release.Service }}" - name: {{ include "common.fullname" $global }} -spec: - capacity: - storage: {{ $global.Values.persistence.size}} - accessModes: - - {{ $global.Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" $global }}-data" - persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} -{{if ne $i (int $global.Values.replicaCount) }} ---- -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} +{{ include "common.replicaPV" . }} diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index 91ad64cc77..2158fefe19 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -1,6 +1,7 @@ {{/* # Copyright © 2020 Samsung Electronics # Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2021 Nokia # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -105,58 +106,20 @@ spec: name: {{ include "common.name" . }}-readiness {{ end -}} {{ include "common.certInitializer.initContainer" . | indent 6 }} - - {{ if .Values.global.cmpv2Enabled }} - - name: certs-init - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.platform.certServiceClient.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: REQUEST_URL - value: {{ .Values.global.platform.certServiceClient.envVariables.requestURL }} - - name: REQUEST_TIMEOUT - value: "30000" - - name: OUTPUT_PATH - value: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }} - - name: CA_NAME - value: {{ .Values.global.platform.certServiceClient.envVariables.caName }} - - name: COMMON_NAME - value: {{ .Values.global.platform.certServiceClient.envVariables.common_name }} - - name: ORGANIZATION - value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Organization }} - - name: ORGANIZATION_UNIT - value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2OrganizationalUnit }} - - name: LOCATION - value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Location }} - - name: STATE - value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2State }} - - name: COUNTRY - value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Country }} - - name: KEYSTORE_PATH - value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePath }} - - name: KEYSTORE_PASSWORD - value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePassword }} - - name: TRUSTSTORE_PATH - value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePath }} - - name: TRUSTSTORE_PASSWORD - value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePassword }} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }} - name: certs - - mountPath: {{ .Values.global.platform.certServiceClient.secret.mountPath }} - name: certservice-tls-volume - {{ end }} - +{{ include "common.certServiceClient.initContainer" . | indent 6 }} - name: {{ include "common.name" . }}-chown image: {{ include "repositoryGenerator.image.busybox" . }} command: - sh args: - -c - - chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} + - | + mkdir {{ .Values.persistence.mdsalPath }}/daexim + mkdir {{ .Values.persistence.mdsalPath }}/journal + mkdir {{ .Values.persistence.mdsalPath }}/snapshots + chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} {{- if .Values.global.aafEnabled }} - - chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }} + chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }} {{- end }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | indent 10 }} @@ -167,7 +130,7 @@ spec: image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/bin/bash"] - args: ["-c", "/opt/onap/sdnc/bin/startODL.sh"] + args: ["-c", "/opt/onap/sdnc/bin/createLinks.sh ; /opt/onap/sdnc/bin/startODL.sh"] ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} @@ -207,6 +170,14 @@ spec: value: "{{ .Values.replicaCount }}" - name: MYSQL_HOST value: {{ include "common.mariadbService" . }} + - name: MDSAL_PATH + value: {{ .Values.persistence.mdsalPath }} + - name: DAEXIM_PATH + value: {{ .Values.persistence.daeximPath }} + - name: JOURNAL_PATH + value: {{ .Values.persistence.journalPath }} + - name: SNAPSHOTS_PATH + value: {{ .Values.persistence.snapshotsPath }} - name: JAVA_HOME value: "{{ .Values.config.javaHome}}" - name: JAVA_OPTS @@ -231,6 +202,7 @@ spec: volumeMounts: {{ include "common.certInitializer.volumeMount" . | indent 10 }} +{{ include "common.certServiceClient.volumeMounts" . | indent 10 }} - mountPath: /etc/localtime name: localtime readOnly: true @@ -240,6 +212,9 @@ spec: - mountPath: {{ .Values.config.binDir }}/installSdncDb.sh name: bin subPath: installSdncDb.sh + - mountPath: {{ .Values.config.binDir }}/createLinks.sh + name: bin + subPath: createLinks.sh - mountPath: {{ .Values.config.ccsdkConfigDir }}/aaiclient.properties name: properties subPath: aaiclient.properties @@ -274,6 +249,9 @@ spec: - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.controller.cluster.datastore.cfg name: properties subPath: org.opendaylight.controller.cluster.datastore.cfg + - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.aaa.filterchain.cfg + name: properties + subPath: org.opendaylight.aaa.filterchain.cfg - mountPath: {{ .Values.config.odl.binDir }}/setenv name: properties subPath: setenv @@ -283,10 +261,6 @@ spec: - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-state-provider.properties name: properties subPath: mountpoint-state-provider.properties - {{ if .Values.global.cmpv2Enabled }} - - mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }} - name: certs - {{- end }} resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -337,19 +311,12 @@ spec: - name: properties emptyDir: medium: Memory - {{ if .Values.global.cmpv2Enabled }} - - name: certs - emptyDir: - medium: Memory - - name: certservice-tls-volume - secret: - secretName: {{ .Values.global.platform.certServiceClient.secret.name }} - {{- end }} {{ if not .Values.persistence.enabled }} - name: {{ include "common.fullname" . }}-data emptyDir: {} {{ else }} {{ include "common.certInitializer.volumes" . | nindent 8 }} +{{ include "common.certServiceClient.volumes" . | nindent 8 }} volumeClaimTemplates: - metadata: name: {{ include "common.fullname" . }}-data diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index dac0be2a07..c02d5592e6 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -1,5 +1,6 @@ # Copyright © 2020 Samsung Electronics, highstreet technologies GmbH # Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2021 Nokia # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -29,33 +30,8 @@ global: service: mariadb-galera internalPort: 3306 nameOverride: mariadb-galera - service: mariadb-galera - # Enabling CMPv2 - cmpv2Enabled: true + # Enabling CMPv2 with CertManager CMPv2CertManagerIntegration: false - platform: - certServiceClient: - image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.2 - secret: - name: oom-cert-service-client-tls-secret - mountPath: /etc/onap/oom/certservice/certs/ - envVariables: - # Certificate related - cert_path: /var/custom-certs - cmpv2Organization: "Linux-Foundation" - cmpv2OrganizationalUnit: "ONAP" - cmpv2Location: "San-Francisco" - cmpv2Country: "US" - # Client configuration related - caName: "RA" - common_name: "sdnc.simpledemo.onap.org" - requestURL: "https://oom-cert-service:8443/v1/certificate/" - requestTimeout: "30000" - keystorePath: "/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks" - outputType: "P12" - keystorePassword: "secret" - truststorePath: "/etc/onap/oom/certservice/certs/truststore.jks" - truststorePassword: "secret" ################################################################# # Secrets metaconfig @@ -149,8 +125,7 @@ secrets: # Certificates ################################################################# certificates: - - name: onap-sdnc-certificate - secretName: onap-sdnc-certificate + - mountPath: /var/custom-certs commonName: sdnc.simpledemo.onap.org dnsNames: - sdnc.simpledemo.onap.org @@ -170,7 +145,7 @@ certificates: # application images pullPolicy: Always -image: onap/sdnc-image:2.0.4 +image: onap/sdnc-image:2.0.5 # flag to enable debugging - application support required debugEnabled: false @@ -225,7 +200,7 @@ config: binDir: /opt/opendaylight/bin gcLogDir: /opt/opendaylight/data/log salConfigDir: /opt/opendaylight/system/org/opendaylight/controller/sal-clustering-config - salConfigVersion: 1.9.1 + salConfigVersion: 1.10.4 akka: seedNodeTimeout: 15s circuitBreaker: @@ -488,7 +463,10 @@ persistence: size: 1Gi mountPath: /dockerdata-nfs mountSubPath: sdnc/mdsal - mdsalPath: /opt/opendaylight/current/daexim + mdsalPath: /opt/opendaylight/mdsal + daeximPath: /opt/opendaylight/daexim + journalPath: /opt/opendaylight/journal + snapshotsPath: /opt/opendaylight/snapshots certpersistence: enabled: true |