summaryrefslogtreecommitdiffstats
path: root/kubernetes/so/components/so-sdc-controller
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/so/components/so-sdc-controller')
-rwxr-xr-xkubernetes/so/components/so-sdc-controller/Chart.yaml18
-rwxr-xr-xkubernetes/so/components/so-sdc-controller/requirements.yaml29
-rwxr-xr-xkubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml94
-rwxr-xr-xkubernetes/so/components/so-sdc-controller/templates/configmap.yaml50
-rwxr-xr-xkubernetes/so/components/so-sdc-controller/templates/deployment.yaml124
-rw-r--r--kubernetes/so/components/so-sdc-controller/templates/secret.yaml17
-rwxr-xr-xkubernetes/so/components/so-sdc-controller/templates/service.yaml40
-rwxr-xr-xkubernetes/so/components/so-sdc-controller/values.yaml143
8 files changed, 515 insertions, 0 deletions
diff --git a/kubernetes/so/components/so-sdc-controller/Chart.yaml b/kubernetes/so/components/so-sdc-controller/Chart.yaml
new file mode 100755
index 0000000000..6d61343a08
--- /dev/null
+++ b/kubernetes/so/components/so-sdc-controller/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2018 AT&T USA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: so-sdc-controller
+version: 7.0.0 \ No newline at end of file
diff --git a/kubernetes/so/components/so-sdc-controller/requirements.yaml b/kubernetes/so/components/so-sdc-controller/requirements.yaml
new file mode 100755
index 0000000000..9a5ba74887
--- /dev/null
+++ b/kubernetes/so/components/so-sdc-controller/requirements.yaml
@@ -0,0 +1,29 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+dependencies:
+ - name: common
+ version: ~7.x-0
+ # local reference to common chart, as it is
+ # a part of this chart's package and will not
+ # be published independently to a repo (at this point)
+ repository: '@local'
+ - name: readinessCheck
+ version: ~7.x-0
+ repository: '@local'
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
+ - name: soHelpers
+ version: ~7.x-0
+ repository: 'file://../soHelpers'
diff --git a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml
new file mode 100755
index 0000000000..b20e33a140
--- /dev/null
+++ b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml
@@ -0,0 +1,94 @@
+{{/*
+# Copyright © 2018 AT&T USA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+aai:
+ auth: {{.Values.aai.auth}}
+server:
+ port: {{ index .Values.containerPort }}
+spring:
+ datasource:
+ hikari:
+ jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
+ username: ${DB_USERNAME}
+ password: ${DB_PASSWORD}
+ driver-class-name: org.mariadb.jdbc.Driver
+ pool-name: catdb-pool
+ registerMbeans: false
+ security:
+ usercredentials:
+ -
+ username: asdc
+ password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
+ role: Asdc-Client
+ -
+ username: mso_admin
+ password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
+ role: ACTUATOR
+request:
+ datasource:
+ hikari:
+ jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
+ username: ${DB_USERNAME}
+ password: ${DB_PASSWORD}
+ driver-class-name: org.mariadb.jdbc.Driver
+ pool-name: reqdb-pool
+ registerMbeans: false
+mso:
+ msoKey: {{ index .Values.mso.msoKey }}
+ logPath: ./logs/sdc
+ config:
+ cadi: {{ include "so.cadi.keys" . | nindent 8}}
+ catalog:
+ db:
+ spring:
+ endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082
+ db:
+ auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.requestDb.auth )}}
+ site-name: onapheat
+ camundaURL: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/
+ adapters:
+ requestDb:
+ endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+ auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.requestDb.auth )}}
+ aai:
+ endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ asdc-connections:
+ asdc-controller1:
+ user: mso
+ consumerGroup: SO-OpenSource-Env11
+ consumerId: SO-COpenSource-Env11
+ environmentName: AUTO
+ asdcAddress: sdc-be.{{ include "common.namespace" . }}:8443
+ password: {{ index .Values "mso" "asdc-connections" "asdc-controller1" "password" }}
+ pollingInterval: 60
+ pollingTimeout: 60
+ relevantArtifactTypes: HEAT,HEAT_ENV,HEAT_VOL
+ useHttpsWithDmaap: false
+ activateServerTLSAuth: false
+ keyStorePassword:
+ keyStorePath:
+ watchDogTimeout: 300
+ isFitlerInEmptyResources: true
+ messageBusAddress: message-router.{{ include "common.namespace" . }},message-router.{{ include "common.namespace" . }}
+ asdc:
+ config:
+ activity:
+ endpoint: http://sdc-wfd-be:8080
+ key: {{ .Values.mso.asdc.config.key }}
+ components:
+ count: 3,
+ componentNames: SO,AAI,SDNC
+ scheduling:
+ enabled: false
diff --git a/kubernetes/so/components/so-sdc-controller/templates/configmap.yaml b/kubernetes/so/components/so-sdc-controller/templates/configmap.yaml
new file mode 100755
index 0000000000..050aab9732
--- /dev/null
+++ b/kubernetes/so/components/so-sdc-controller/templates/configmap.yaml
@@ -0,0 +1,50 @@
+{{/*
+# Copyright © 2018 AT&T USA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+apiVersion: v1
+data:
+ LOG_PATH: {{ index .Values.logPath }}
+ APP: {{ index .Values.app }}
+ ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}}
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-app-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }}
diff --git a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml
new file mode 100755
index 0000000000..3fee225c03
--- /dev/null
+++ b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml
@@ -0,0 +1,124 @@
+{{/*
+# Copyright © 2018 AT&T USA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ replicas: {{ index .Values.replicaCount }}
+ minReadySeconds: {{ index .Values.minReadySeconds }}
+ strategy:
+ type: {{ index .Values.updateStrategy.type }}
+ rollingUpdate:
+ maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
+ maxSurge: {{ index .Values.updateStrategy.maxSurge }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
+ spec:
+ initContainers:
+ {{ include "so.certificate.container_importer" . | indent 6 | trim }}
+ {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
+ containers:
+ - name: {{ include "common.name" . }}
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
+ resources: {{ include "common.resources" . | nindent 12 }}
+ {{- if .Values.global.aafEnabled }}
+ command:
+ - sh
+ args:
+ - -c
+ - |
+ export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+ export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
+ {{- if .Values.global.security.aaf.enabled }}
+ export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}"
+ {{- end }}
+ /app/start-app.sh
+ {{- end }}
+ env:
+ - name: DB_HOST
+ value: {{ include "common.mariadbService" . }}
+ - name: DB_PORT
+ value: {{ include "common.mariadbPort" . | quote }}
+ - name: DB_USERNAME
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }}
+ - name: DB_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 10 }}
+ - name: DB_ADMIN_USERNAME
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }}
+ - name: DB_ADMIN_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }}
+ {{ include "so.certificates.env" . | indent 8 | trim }}
+ envFrom:
+ - configMapRef:
+ name: {{ include "common.fullname" . }}-configmap
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }}
+ - name: logs
+ mountPath: /app/logs
+ - name: config
+ mountPath: /app/config
+ readOnly: true
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /var/log/onap
+{{ include "so.helpers.livenessProbe" .| indent 8 }}
+ ports:
+ - containerPort: {{ index .Values.containerPort }}
+ name: {{ .Values.service.portName }}
+ protocol: TCP
+ # Filebeat sidecar container
+ - name: {{ include "common.name" . }}-filebeat-onap
+ image: {{ include "repositoryGenerator.image.logging" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ mountPath: /usr/share/filebeat/data
+ - name: logs
+ mountPath: /var/log/onap/so
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /var/log/onap
+ volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
+ - name: logs
+ emptyDir: {}
+ - name: config
+ configMap:
+ name: {{ include "common.fullname" . }}-app-configmap
+ - name: {{ include "common.fullname" . }}-log-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-log
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ configMap:
+ name: {{ .Release.Name }}-so-filebeat-configmap
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/so/components/so-sdc-controller/templates/secret.yaml b/kubernetes/so/components/so-sdc-controller/templates/secret.yaml
new file mode 100644
index 0000000000..34932b713d
--- /dev/null
+++ b/kubernetes/so/components/so-sdc-controller/templates/secret.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/so/components/so-sdc-controller/templates/service.yaml b/kubernetes/so/components/so-sdc-controller/templates/service.yaml
new file mode 100755
index 0000000000..6eb6f27e26
--- /dev/null
+++ b/kubernetes/so/components/so-sdc-controller/templates/service.yaml
@@ -0,0 +1,40 @@
+{{/*
+# Copyright © 2018 AT&T USA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
diff --git a/kubernetes/so/components/so-sdc-controller/values.yaml b/kubernetes/so/components/so-sdc-controller/values.yaml
new file mode 100755
index 0000000000..6dd662e9b2
--- /dev/null
+++ b/kubernetes/so/components/so-sdc-controller/values.yaml
@@ -0,0 +1,143 @@
+# Copyright © 2018 AT&T USA
+# Copyright © 2020 Huawei
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ nodePortPrefixExt: 304
+ persistence:
+ mountPath: /dockerdata-nfs
+ security:
+ aaf:
+ enabled: false
+ aaf:
+ auth:
+ header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo=
+ mariadbGalera:
+ serviceName: mariadb-galera
+ servicePort: '3306'
+
+readinessCheck:
+ wait_for:
+ - so-mariadb-config
+
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: db-user-creds
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}'
+ login: '{{ .Values.db.userName }}'
+ password: '{{ .Values.db.userPassword }}'
+ passwordPolicy: required
+ - uid: db-admin-creds
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}'
+ login: '{{ .Values.db.adminName }}'
+ password: '{{ .Values.db.adminPassword }}'
+ passwordPolicy: required
+
+#secretsFilePaths: |
+# - 'my file 1'
+# - '{{ include "templateThatGeneratesFileName" . }}'
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+image: onap/so/sdc-controller:1.7.10
+pullPolicy: Always
+
+db:
+ userName: so_user
+ userPassword: so_User123
+ # userCredsExternalSecret: some secret
+ adminName: so_admin
+ adminPassword: so_Admin123
+ # adminCredsExternalSecret: some secret
+
+aai:
+ auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586
+mso:
+ msoKey: 07a7159d3bf51a0e53be7a8f89699be7
+ requestDb:
+ auth: Basic YnBlbDpwYXNzd29yZDEk
+ asdc:
+ config:
+ key: 566B754875657232314F5548556D3665
+ asdc-connections:
+ asdc-controller1:
+ password: 76966BDD3C7414A03F7037264FF2E6C8EEC6C28F2B67F2840A1ED857C0260FEE731D73F47F828E5527125D29FD25D3E0DE39EE44C058906BF1657DE77BF897EECA93BDC07FA64F
+
+replicaCount: 1
+minReadySeconds: 10
+containerPort: &containerPort 8085
+logPath: ./logs/sdc/
+app: sdc-controller
+service:
+ type: ClusterIP
+ internalPort: *containerPort
+ externalPort: *containerPort
+ portName: so-sdc-port
+updateStrategy:
+ type: RollingUpdate
+ maxUnavailable: 1
+ maxSurge: 1
+
+#################################################################
+# soHelpers part
+#################################################################
+soHelpers:
+ nameOverride: so-sdc-cert-init
+ certInitializer:
+ nameOverride: so-sdc-cert-init
+ credsPath: /opt/app/osaaf/local
+ cadi:
+ apiEnforcement: org.onap.so.sdcControllerPerm
+ containerPort: *containerPort
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ memory: 4Gi
+ cpu: 2000m
+ requests:
+ memory: 1Gi
+ cpu: 500m
+ large:
+ limits:
+ memory: 8Gi
+ cpu: 4000m
+ requests:
+ memory: 2Gi
+ cpu: 1000m
+ unlimited: {}
+livenessProbe:
+ path: /manage/health
+ port: 8085
+ scheme: HTTP
+ initialDelaySeconds: 600
+ periodSeconds: 60
+ timeoutSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
+ingress:
+ enabled: false
+nodeSelector: {}
+tolerations: []
+affinity: {}