summaryrefslogtreecommitdiffstats
path: root/kubernetes/so/components
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/so/components')
-rw-r--r--kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml2
-rw-r--r--kubernetes/so/components/so-appc-orchestrator/values.yaml26
-rwxr-xr-xkubernetes/so/components/so-cnf-adapter/Chart.yaml18
-rwxr-xr-xkubernetes/so/components/so-cnf-adapter/requirements.yaml26
-rwxr-xr-xkubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml50
-rwxr-xr-xkubernetes/so/components/so-cnf-adapter/templates/configmap.yaml29
-rwxr-xr-xkubernetes/so/components/so-cnf-adapter/templates/deployment.yaml117
-rw-r--r--kubernetes/so/components/so-cnf-adapter/templates/secret.yaml17
-rwxr-xr-xkubernetes/so/components/so-cnf-adapter/templates/service.yaml17
-rwxr-xr-xkubernetes/so/components/so-cnf-adapter/values.yaml182
10 files changed, 14 insertions, 470 deletions
diff --git a/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml b/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml
index 69178fd6c7..661ed64b0e 100644
--- a/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml
@@ -22,7 +22,7 @@ server:
mso:
logPath: ./logs/soappcorch
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.auth.rest.aafEncrypted "value2" .Values.mso.auth )}}
- msoKey: {{ .Values.mso.msoKey }}
+ msoKey: {{ .Values.global.app.msoKey }}
config:
{{ if .Values.global.security.aaf.enabled }}
cadi: {{ include "so.cadi.keys" . | nindent 8}}
diff --git a/kubernetes/so/components/so-appc-orchestrator/values.yaml b/kubernetes/so/components/so-appc-orchestrator/values.yaml
index e63838d3b1..7570116fd5 100644
--- a/kubernetes/so/components/so-appc-orchestrator/values.yaml
+++ b/kubernetes/so/components/so-appc-orchestrator/values.yaml
@@ -30,7 +30,8 @@ global:
security:
aaf:
enabled: false
-
+ app:
+ msoKey: 07a7159d3bf51a0e53be7a8f89699be7
#################################################################
# Secrets metaconfig
#################################################################
@@ -73,7 +74,6 @@ db:
adminName: so_admin
adminPassword: so_Admin123
# adminCredsExternalSecret: some secret
-
server:
actuator:
username: mso_admin
@@ -87,8 +87,8 @@ service:
name: so-appc-orchestrator
type: ClusterIP
ports:
- - port: *containerPort
- name: http
+ - port: *containerPort
+ name: http
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
@@ -96,6 +96,7 @@ updateStrategy:
# Resource Limit flavor -By Default using small
flavor: small
+
#################################################################
# soHelper part
#################################################################
@@ -127,14 +128,14 @@ resources:
cpu: 1000m
unlimited: {}
livenessProbe:
- path: /manage/health
- port: 8083
- scheme: HTTP
- initialDelaySeconds: 600
- periodSeconds: 60
- timeoutSeconds: 10
- successThreshold: 1
- failureThreshold: 3
+ path: /manage/health
+ port: 8083
+ scheme: HTTP
+ initialDelaySeconds: 600
+ periodSeconds: 60
+ timeoutSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
ingress:
enabled: false
nodeSelector: {}
@@ -148,7 +149,6 @@ auth:
mso:
auth: BEA8637716A7EB617DF472BA6552D22F68C1CB17B0D094D77DDA562F4ADAAC4457CAB848E1A4
basicUser: poBpmn
- msoKey: 07a7159d3bf51a0e53be7a8f89699be7
appc:
client:
diff --git a/kubernetes/so/components/so-cnf-adapter/Chart.yaml b/kubernetes/so/components/so-cnf-adapter/Chart.yaml
deleted file mode 100755
index f2ccd6a707..0000000000
--- a/kubernetes/so/components/so-cnf-adapter/Chart.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-# Copyright © 2020 Huawei Technologies Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-apiVersion: v1
-appVersion: "1.7.1"
-description: A Helm chart for Kubernetes
-name: so-cnf-adapter
-version: 6.0.0
diff --git a/kubernetes/so/components/so-cnf-adapter/requirements.yaml b/kubernetes/so/components/so-cnf-adapter/requirements.yaml
deleted file mode 100755
index b0bda362dd..0000000000
--- a/kubernetes/so/components/so-cnf-adapter/requirements.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-dependencies:
- - name: common
- version: ~6.x-0
- # local reference to common chart, as it is
- # a part of this chart's package and will not
- # be published independently to a repo (at this point)
- repository: '@local'
- - name: readinessCheck
- version: ~6.x-0
- repository: '@local'
- - name: soHelpers
- version: ~6.x-0
- repository: 'file://../soHelpers'
diff --git a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml
deleted file mode 100755
index 37024d4d4d..0000000000
--- a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml
+++ /dev/null
@@ -1,50 +0,0 @@
-{{/*
-# Copyright © 2020 Huawei Technologies Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-aai:
- auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.server.aai.auth ) }}
- endpoint: https://aai.{{ include "common.namespace" . }}:8443
-logging:
- path: logs
-spring:
- security:
- usercredentials:
- - username: ${ACTUATOR_USERNAME}
- password: ${ACTUATOR_PASSWORD}
- role: ACTUATOR
-server:
- port: {{ index .Values.containerPort }}
- tomcat:
- max-threads: 50
-
-mso:
- site-name: localSite
- logPath: ./logs/cnf
- msb-ip: msb-iag.{{ include "common.namespace" . }}
- msb-port: 80
-#Actuator
-management:
- endpoints:
- web:
- base-path: /manage
- exposure:
- include: "*"
- metrics:
- se-global-registry: false
- export:
- prometheus:
- enabled: true # Whether exporting of metrics to Prometheus is enabled.
- step: 1m # Step size (i.e. reporting frequency) to use.
diff --git a/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml b/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml
deleted file mode 100755
index fcdd381e72..0000000000
--- a/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{/*
-# Copyright © 2020 Huawei Technologies Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata: {{- include "common.resourceMetadata" (dict "dot" . "suffix" "env") | nindent 2 }}
-data:
- LOG_PATH: {{ index .Values.logPath }}
- APP: {{ index .Values.app }}
- ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}}
----
-apiVersion: v1
-kind: ConfigMap
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
-data:
-{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml b/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml
deleted file mode 100755
index dfff4341f5..0000000000
--- a/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml
+++ /dev/null
@@ -1,117 +0,0 @@
-{{/*
-# Copyright © 2020 Huawei Technologies Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
-spec:
- selector: {{- include "common.selectors" . | nindent 4 }}
- replicas: {{ index .Values.replicaCount }}
- minReadySeconds: {{ index .Values.minReadySeconds }}
- strategy:
- type: {{ index .Values.updateStrategy.type }}
- rollingUpdate:
- maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
- maxSurge: {{ index .Values.updateStrategy.maxSurge }}
- template:
- metadata:
- labels: {{- include "common.labels" . | nindent 8 }}
- spec:
- initContainers: {{ include "so.certificate.container_importer" . | nindent 8 }}
- - name: {{ include "common.name" . }}-encrypter
- command:
- - sh
- args:
- - -c
- - |
- java Crypto "${AAI_USERNAME}:${AAI_PASSWORD}" "${MSO_KEY}" > /output/.aai_creds
- env:
- - name: AAI_USERNAME
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aai-creds" "key" "login") | indent 14 }}
- - name: AAI_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aai-creds" "key" "password") | indent 14 }}
- - name: MSO_KEY
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cnf-adapter-mso-key" "key" "password") | indent 14 }}
- image: {{ .Values.global.dockerHubRepository }}/{{ .Values.global.soCryptoImage }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - name: encoder
- mountPath: /output
- {{ include "common.readinessCheck.waitFor" . | indent 8 | trim }}
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "common.repository" . }}/{{ .Values.image }}
- command:
- - sh
- args:
- - -c
- - |
- export AAF_BASE64=$(echo -n "${AAF_USERNAME}:${AAF_PASSWORD}" | base64)
- export AAF_AUTH=$(echo "Basic ${AAF_BASE64}")
- export AAI_AUTH=$(cat /input/.aai_creds)
- {{- if .Values.global.aafEnabled }}
- export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
- export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
- {{- if .Values.global.security.aaf.enabled }}
- export KEYSTORE_PASSWORD="${cadi_keystore_password}"
- {{- end }}
- {{- end }}
- ./start-app.sh
- resources: {{ include "common.resources" . | nindent 12 }}
- ports: {{- include "common.containerPorts" . | nindent 12 }}
- env:
- - name: AAF_USERNAME
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aaf-creds" "key" "login") | indent 14 }}
- - name: AAF_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aaf-creds" "key" "password") | indent 14 }}
- - name: ACTUATOR_USERNAME
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "login") | indent 14 }}
- - name: ACTUATOR_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "password") | indent 14 }}
- {{ include "so.certificates.env" . | indent 12 | trim }}
- envFrom:
- - configMapRef:
- name: {{ include "common.fullname" . }}-env
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 12 }}
- - name: logs
- mountPath: /app/logs
- - name: config
- mountPath: /app/config
- readOnly: true
- - name: encoder
- mountPath: /input
- livenessProbe:
- httpGet:
- path: {{ index .Values.livenessProbe.path}}
- port: {{ index .Values.containerPort }}
- scheme: {{ index .Values.livenessProbe.scheme}}
- initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}}
- periodSeconds: {{ index .Values.livenessProbe.periodSeconds}}
- timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}}
- successThreshold: {{ index .Values.livenessProbe.successThreshold}}
- failureThreshold: {{ index .Values.livenessProbe.failureThreshold}}
- volumes: {{ include "so.certificate.volumes" . | nindent 8 }}
- - name: logs
- emptyDir: {}
- - name: config
- configMap:
- name: {{ include "common.fullname" . }}
- - name: encoder
- emptyDir:
- medium: Memory
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/so/components/so-cnf-adapter/templates/secret.yaml b/kubernetes/so/components/so-cnf-adapter/templates/secret.yaml
deleted file mode 100644
index cc40499c76..0000000000
--- a/kubernetes/so/components/so-cnf-adapter/templates/secret.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-# Copyright © 2020 Huawei Technologies Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.secretFast" . }}
diff --git a/kubernetes/so/components/so-cnf-adapter/templates/service.yaml b/kubernetes/so/components/so-cnf-adapter/templates/service.yaml
deleted file mode 100755
index 665601d832..0000000000
--- a/kubernetes/so/components/so-cnf-adapter/templates/service.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-# Copyright © 2020 Huawei Technologies Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.service" . }}
diff --git a/kubernetes/so/components/so-cnf-adapter/values.yaml b/kubernetes/so/components/so-cnf-adapter/values.yaml
deleted file mode 100755
index 66703f2597..0000000000
--- a/kubernetes/so/components/so-cnf-adapter/values.yaml
+++ /dev/null
@@ -1,182 +0,0 @@
-# Copyright © 2020 Huawei Technologies Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- nodePortPrefixExt: 304
- repository: nexus3.onap.org:10001
- readinessImage: oomk8s/readiness-check:2.2.2
- soCryptoImage: sdesbure/so_crypto:latest
- dockerHubRepository: docker.io
- persistence:
- mountPath: /dockerdata-nfs
- security:
- aaf:
- enabled: false
- aaf:
- auth:
- header: ${AAF_AUTH}
-
-readinessCheck:
- wait_for:
- - so-mariadb-config
-
-#################################################################
-# Secrets metaconfig
-#################################################################
-secrets:
- - uid: db-user-creds
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}'
- login: '{{ .Values.db.userName }}'
- password: '{{ .Values.db.userPassword }}'
- passwordPolicy: required
- - uid: db-admin-creds
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}'
- login: '{{ .Values.db.adminName }}'
- password: '{{ .Values.db.adminPassword }}'
- passwordPolicy: required
- - uid: server-actuator-creds
- name: '{{ include "common.release" . }}-so-cnf-actuator-creds'
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.server.actuatorCredsExternalSecret) . }}'
- login: '{{ .Values.server.actuator.username }}'
- password: '{{ .Values.server.actuator.password }}'
- passwordPolicy: required
- - uid: so-aaf-creds
- name: '{{ include "common.release" . }}-so-cnf-aaf-creds'
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.server.aafCredsExternalSecret) . }}'
- login: '{{ .Values.server.aaf.username }}'
- password: '{{ .Values.server.aaf.password }}'
- passwordPolicy: required
- - uid: so-aai-creds
- name: '{{ include "common.release" . }}-so-cnf-aai-creds'
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.server.aaiCredsExternalSecret) . }}'
- login: '{{ .Values.server.aai.username }}'
- password: '{{ .Values.server.aai.password }}'
- passwordPolicy: required
- - uid: cnf-adapter-mso-key
- name: '{{ include "common.release" . }}-so-cnf-mso-key'
- type: password
- externalSecret: '{{ tpl (default "" .Values.mso.msoKeySecret) . }}'
- password: '{{ .Values.mso.msoKey }}'
-
-#secretsFilePaths: |
-# - 'my file 1'
-# - '{{ include "templateThatGeneratesFileName" . }}'
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-repository: nexus3.onap.org:10001
-image: onap/so/mso-cnf-adapter:1.7.1
-pullPolicy: Always
-
-db:
- userName: so_user
- userPassword: so_User123
- # userCredsExternalSecret: some secret
- adminName: so_admin
- adminPassword: so_Admin123
- # adminCredsExternalSecret: some secret
-
-server:
- aaf:
- username: so@so.onap.org
- password: demo123456
- # aafCredsExternalSecret: some secret
- aai:
- username: aai@aai.onap.org
- password: demo123456!
- auth: ${AAI_AUTH}
- # aaiCredsExternalSecret: some secret
- actuator:
- username: mso_admin
- password: password1$
- # actuatorCredsExternalSecret: some secret
-
-mso:
- msoKey: 07a7159d3bf51a0e53be7a8f89699be7
- # msoKeySecret: some secret
- adapters:
- requestDb:
- auth: ${REQUEST_AUTH}
-
-replicaCount: 1
-minReadySeconds: 10
-containerPort: &containerPort 8090
-logPath: ./logs/cnf/
-app: cnf-adapter
-service:
- type: ClusterIP
- ports:
- - name: http-api
- port: *containerPort
-updateStrategy:
- type: RollingUpdate
- maxUnavailable: 1
- maxSurge: 1
-
-soHelpers:
- nameOverride: so-cnf-cert-init
- certInitializer:
- nameOverride: so-cnf-cert-init
- credsPath: /opt/app/osaaf/local
- cadi:
- apiEnforcement: org.onap.so.openStackAdapterPerm
- containerPort: *containerPort
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- memory: 4Gi
- cpu: 2000m
- requests:
- memory: 1Gi
- cpu: 500m
- large:
- limits:
- memory: 8Gi
- cpu: 4000m
- requests:
- memory: 2Gi
- cpu: 1000m
- unlimited: {}
-
-livenessProbe:
- path: /manage/health
- port: 8090
- scheme: HTTP
- initialDelaySeconds: 600
- periodSeconds: 60
- timeoutSeconds: 10
- successThreshold: 1
- failureThreshold: 3
-
-ingress:
- enabled: false
-
-nodeSelector: {}
-
-tolerations: []
-
-affinity: {}