diff options
Diffstat (limited to 'kubernetes/so/components/so-admin-cockpit')
9 files changed, 489 insertions, 0 deletions
diff --git a/kubernetes/so/components/so-admin-cockpit/Chart.yaml b/kubernetes/so/components/so-admin-cockpit/Chart.yaml new file mode 100644 index 0000000000..2bebdfd49a --- /dev/null +++ b/kubernetes/so/components/so-admin-cockpit/Chart.yaml @@ -0,0 +1,22 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2018 Ericsson. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# @author: gareth.roper@ericsson.com +apiVersion: v1 +description: A Helm chart for ONAP Service Orchestration Monitoring +name: so-admin-cockpit +version: 8.0.0 diff --git a/kubernetes/so/components/so-admin-cockpit/requirements.yaml b/kubernetes/so/components/so-admin-cockpit/requirements.yaml new file mode 100755 index 0000000000..730d75ae80 --- /dev/null +++ b/kubernetes/so/components/so-admin-cockpit/requirements.yaml @@ -0,0 +1,27 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications © 2020 Nokia +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +dependencies: + - name: common + version: ~8.x-0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: soHelpers + version: ~8.x-0 + repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-admin-cockpit/resources/config/overrides/override.yaml b/kubernetes/so/components/so-admin-cockpit/resources/config/overrides/override.yaml new file mode 100644 index 0000000000..e1bac69fe3 --- /dev/null +++ b/kubernetes/so/components/so-admin-cockpit/resources/config/overrides/override.yaml @@ -0,0 +1,35 @@ +server: + port: {{ index .Values.containerPort }} + {{- if .Values.global.aafEnabled }} + ssl: + keyStore: ${KEYSTORE} + keyStorePassword: ${KEYSTORE_PASSWORD} + trustStore: ${TRUSTSTORE} + trustStorePassword: ${TRUSTSTORE_PASSWORD} + {{- end }} + tomcat: + max-threads: 50 + {{- if not .Values.global.aafEnabled }} +ssl-enable: false + {{- end }} +camunda: + rest: + api: + url: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/sobpmnengine/engine/ + engine: default + auth: Basic YXBpaEJwbW46cGFzc3dvcmQxJA== +mso: + database: + rest: + api: + url: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/infraActiveRequests/ + auth: Basic YnBlbDpwYXNzd29yZDEk +spring: + main: + allow-bean-definition-overriding: true + security: + usercredentials: + - + username: ${SO_COCKPIT_USERNAME} + password: ${SO_COCKPIT_PASSWORD} + role: GUI-Client diff --git a/kubernetes/so/components/so-admin-cockpit/templates/configmap.yaml b/kubernetes/so/components/so-admin-cockpit/templates/configmap.yaml new file mode 100644 index 0000000000..95839f230b --- /dev/null +++ b/kubernetes/so/components/so-admin-cockpit/templates/configmap.yaml @@ -0,0 +1,46 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2018 Ericsson. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# @author: gareth.roper@ericsson.com +*/}} +apiVersion: v1 +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-app + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }} diff --git a/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml b/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml new file mode 100644 index 0000000000..9de1b50c8c --- /dev/null +++ b/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml @@ -0,0 +1,128 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2018 Ericsson. All rights reserved. +# Modifications Copyright © 2020 Nokia +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# @author: gareth.roper@ericsson.com +*/}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }} + replicas: {{ index .Values.replicaCount }} + minReadySeconds: {{ index .Values.minReadySeconds }} + strategy: + type: {{ index .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ index .Values.updateStrategy.maxSurge }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} + - name: so-chown + image: {{ include "repositoryGenerator.image.busybox" . }} + volumeMounts: + - name: logs + mountPath: /app/logs + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /app/logs"] + restartPolicy: Always + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + resources: {{ include "common.resources" . | nindent 12 }} + command: + - /bin/sh + args: + - -c + - | + export SO_COCKPIT_PASSWORD=`htpasswd -bnBC 10 "" $SO_COCKPIT_PASS | tr -d ':\n' | sed 's/\$2y/\$2a/'` + {{- if .Values.global.aafEnabled }} + export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/org.onap.so.cred.props | xargs -0) + export $(cat {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) + export KEYSTORE=file://$cadi_keystore + export KEYSTORE_PASSWORD=$cadi_keystore_password_p12 + export TRUSTSTORE=file://$cadi_truststore + export TRUSTSTORE_PASSWORD=$cadi_truststore_password + {{- end }} + /app/start-app.sh + env: + - name: DB_HOST + value: {{ include "common.mariadbService" . }} + - name: DB_PORT + value: {{ include "common.mariadbPort" . | quote }} + - name: DB_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }} + - name: DB_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 10 }} + - name: DB_ADMIN_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }} + - name: DB_ADMIN_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }} + - name: SO_COCKPIT_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "login") | indent 10 }} + - name: SO_COCKPIT_PASS + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "password") | indent 10 }} + + envFrom: + - configMapRef: + name: {{ include "common.fullname" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }} + - name: logs + mountPath: /app/logs + - name: config + mountPath: /app/config + readOnly: true + readinessProbe: + tcpSocket: + port: {{ index .Values.readinessProbe.port }} + initialDelaySeconds: {{ index .Values.readinessProbe.initialDelaySeconds}} + periodSeconds: {{ index .Values.readinessProbe.periodSeconds}} + livenessProbe: + tcpSocket: + port: {{ index .Values.livenessProbe.port }} + initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}} + periodSeconds: {{ index .Values.livenessProbe.periodSeconds}} + successThreshold: {{ index .Values.livenessProbe.successThreshold}} + failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} + + ports: + - containerPort: {{ index .Values.containerPort }} + name: {{ .Values.service.portName }} + protocol: TCP + volumes: {{ include "so.certificate.volumes" . | nindent 6 }} + - name: logs + emptyDir: {} + - name: config + configMap: + name: {{ include "common.fullname" . }}-app + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/so/components/so-admin-cockpit/templates/ingress.yaml b/kubernetes/so/components/so-admin-cockpit/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/so/components/so-admin-cockpit/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/so/components/so-admin-cockpit/templates/secret.yaml b/kubernetes/so/components/so-admin-cockpit/templates/secret.yaml new file mode 100644 index 0000000000..34932b713d --- /dev/null +++ b/kubernetes/so/components/so-admin-cockpit/templates/secret.yaml @@ -0,0 +1,17 @@ +{{/* +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/so/components/so-admin-cockpit/templates/service.yaml b/kubernetes/so/components/so-admin-cockpit/templates/service.yaml new file mode 100644 index 0000000000..c4439784ca --- /dev/null +++ b/kubernetes/so/components/so-admin-cockpit/templates/service.yaml @@ -0,0 +1,52 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2018 Ericsson. All rights reserved. +# Modifications © 2020 Nokia +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# @author: gareth.roper@ericsson.com +*/}} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + {{if .Values.global.aafEnabled -}} + type: {{ .Values.service.type }} + {{- else -}} + type: ClusterIP + {{- end }} + ports: + {{if and (eq .Values.service.type "NodePort") (.Values.global.aafEnabled) -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + + diff --git a/kubernetes/so/components/so-admin-cockpit/values.yaml b/kubernetes/so/components/so-admin-cockpit/values.yaml new file mode 100644 index 0000000000..d59189b98b --- /dev/null +++ b/kubernetes/so/components/so-admin-cockpit/values.yaml @@ -0,0 +1,161 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2018 Ericsson. All rights reserved. +# Copyright (C) 2020 Huawei +# Modifications Copyright © 2020 Nokia +# Modifications Copyright © 2021 Orange +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# @author: gareth.roper@ericsson.com +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + repository: nexus3.onap.org:10001 + readinessImage: onap/oom/readiness:3.0.1 + aafAgentImage: onap/aaf/aaf_agent:2.1.20 + envsubstImage: dibi/envsubst + aafEnabled: true + persistence: + mountPath: /dockerdata-nfs + security: + aaf: + enabled: true + aaf: + auth: + header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= + mariadbGalera: + serviceName: mariadb-galera + servicePort: '3306' + +################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: db-user-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}' + login: '{{ .Values.db.userName }}' + password: '{{ .Values.db.userPassword }}' + passwordPolicy: required + - uid: db-admin-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}' + login: '{{ .Values.db.adminName }}' + password: '{{ .Values.db.adminPassword }}' + passwordPolicy: required + - uid: app-user-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.server.cockpit.soMonitoringCredsExternalSecret) . }}' + login: '{{ .Values.server.cockpit.username }}' + password: '{{ .Values.server.cockpit.password }}' + +#secretsFilePaths: | +# - 'my file 1' +# - '{{ include "templateThatGeneratesFileName" . }}' + +################################################################# +# Application configuration defaults. +################################################################# +repository: nexus3.onap.org:10001 +image: onap/so/so-admin-cockpit:1.8.2 +pullPolicy: Always + +db: + userName: so_user + userPassword: so_User123 + # userCredsExternalSecret: some secret + adminName: so_admin + adminPassword: so_Admin123 + # adminCredsExternalSecret: some secret + +replicaCount: 1 +minReadySeconds: 10 +containerPort: &containerPort 9091 +logPath: app/logs/ +app: so-admin-cockpit + +################################################################# +# soHelpers part +################################################################# +soHelpers: + nameOverride: so-cockpit-cert-init + certInitializer: + nameOverride: so-cockpit-cert-init + credsPath: /opt/app/osaaf/local + cadi: + apiEnforcement: org.onap.so.monitoringPerm + containerPort: *containerPort + +server: + cockpit: + username: demo + # password: demo123456! + # soMonitoringCredsExternalSecret: some secret + +service: +#Since this is a feature for monitoring the service type is changed to internal, users can change it to NodePort on need basis... + type: NodePort + nodePort: 24 + internalPort: *containerPort + externalPort: *containerPort + portName: http +updateStrategy: + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 +# Resource Limit flavor -By Default using small +flavor: small +#Segregation for different environment (Small or large) +resources: + small: + requests: + memory: 1Gi + cpu: 10m + limits: + memory: 4Gi + cpu: 1 + large: + requests: + memory: 2Gi + cpu: 20m + limits: + memory: 8Gi + cpu: 2 +readinessProbe: + port: 9091 + initialDelaySeconds: 20 + periodSeconds: 10 + timeoutSeconds: 10 +livenessProbe: + port: 9091 + initialDelaySeconds: 40 + periodSeconds: 10 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 +ingress: + enabled: false + service: + - baseaddr: "soadmincockpit" + name: "so-admin-cockpit" + port: 9091 + config: + ssl: "none" +nodeSelector: {} +tolerations: [] +affinity: {} |