summaryrefslogtreecommitdiffstats
path: root/kubernetes/so
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/so')
-rw-r--r--kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml2
-rw-r--r--kubernetes/so/components/so-appc-orchestrator/templates/deployment.yaml2
-rw-r--r--kubernetes/so/components/so-appc-orchestrator/values.yaml26
-rwxr-xr-xkubernetes/so/components/so-bpmn-infra/requirements.yaml3
-rwxr-xr-xkubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml2
-rwxr-xr-xkubernetes/so/components/so-bpmn-infra/templates/deployment.yaml30
-rwxr-xr-xkubernetes/so/components/so-bpmn-infra/values.yaml9
-rwxr-xr-xkubernetes/so/components/so-catalog-db-adapter/requirements.yaml3
-rwxr-xr-xkubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml30
-rwxr-xr-xkubernetes/so/components/so-catalog-db-adapter/values.yaml9
-rwxr-xr-xkubernetes/so/components/so-cnf-adapter/Chart.yaml18
-rwxr-xr-xkubernetes/so/components/so-cnf-adapter/requirements.yaml23
-rwxr-xr-xkubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml50
-rwxr-xr-xkubernetes/so/components/so-cnf-adapter/templates/configmap.yaml29
-rwxr-xr-xkubernetes/so/components/so-cnf-adapter/templates/deployment.yaml136
-rw-r--r--kubernetes/so/components/so-cnf-adapter/templates/secret.yaml17
-rwxr-xr-xkubernetes/so/components/so-cnf-adapter/templates/service.yaml17
-rwxr-xr-xkubernetes/so/components/so-cnf-adapter/values.yaml178
-rwxr-xr-xkubernetes/so/components/so-db-secrets/Chart.yaml17
-rwxr-xr-xkubernetes/so/components/so-db-secrets/requirements.yaml20
-rwxr-xr-xkubernetes/so/components/so-db-secrets/templates/secrets.yaml33
-rw-r--r--kubernetes/so/components/so-db-secrets/values.yaml21
-rw-r--r--kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml4
-rw-r--r--kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml19
-rw-r--r--kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml9
-rwxr-xr-xkubernetes/so/components/so-mariadb/requirements.yaml3
-rw-r--r--kubernetes/so/components/so-mariadb/templates/job.yaml28
-rwxr-xr-xkubernetes/so/components/so-mariadb/values.yaml7
-rw-r--r--kubernetes/so/components/so-monitoring/templates/deployment.yaml10
-rw-r--r--kubernetes/so/components/so-monitoring/values.yaml3
-rwxr-xr-xkubernetes/so/components/so-nssmf-adapter/requirements.yaml3
-rwxr-xr-xkubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml36
-rwxr-xr-xkubernetes/so/components/so-nssmf-adapter/values.yaml10
-rwxr-xr-xkubernetes/so/components/so-oof-adapter/templates/deployment.yaml10
-rwxr-xr-xkubernetes/so/components/so-oof-adapter/values.yaml4
-rwxr-xr-xkubernetes/so/components/so-openstack-adapter/requirements.yaml3
-rwxr-xr-xkubernetes/so/components/so-openstack-adapter/templates/deployment.yaml30
-rwxr-xr-xkubernetes/so/components/so-openstack-adapter/values.yaml9
-rwxr-xr-xkubernetes/so/components/so-request-db-adapter/requirements.yaml3
-rwxr-xr-xkubernetes/so/components/so-request-db-adapter/templates/deployment.yaml30
-rwxr-xr-xkubernetes/so/components/so-request-db-adapter/values.yaml9
-rwxr-xr-xkubernetes/so/components/so-sdc-controller/requirements.yaml3
-rwxr-xr-xkubernetes/so/components/so-sdc-controller/templates/deployment.yaml30
-rwxr-xr-xkubernetes/so/components/so-sdc-controller/values.yaml9
-rwxr-xr-xkubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml12
-rwxr-xr-xkubernetes/so/components/so-sdnc-adapter/values.yaml5
-rw-r--r--kubernetes/so/components/so-secrets/Chart.yaml17
-rwxr-xr-xkubernetes/so/components/so-secrets/requirements.yaml20
-rw-r--r--kubernetes/so/components/so-secrets/resources/certs/org.onap.so.trust.jksbin4641 -> 0 bytes
-rw-r--r--kubernetes/so/components/so-secrets/templates/secrets.yaml42
-rw-r--r--kubernetes/so/components/so-secrets/values.yaml20
-rwxr-xr-xkubernetes/so/components/so-ve-vnfm-adapter/requirements.yaml3
-rwxr-xr-xkubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml19
-rwxr-xr-xkubernetes/so/components/so-ve-vnfm-adapter/values.yaml5
-rwxr-xr-xkubernetes/so/components/so-vfc-adapter/requirements.yaml3
-rwxr-xr-xkubernetes/so/components/so-vfc-adapter/templates/deployment.yaml30
-rwxr-xr-xkubernetes/so/components/so-vfc-adapter/values.yaml9
-rwxr-xr-xkubernetes/so/components/so-vnfm-adapter/resources/config/overrides/override.yaml14
-rwxr-xr-xkubernetes/so/components/so-vnfm-adapter/templates/deployment.yaml11
-rwxr-xr-xkubernetes/so/components/so-vnfm-adapter/values.yaml2
-rw-r--r--kubernetes/so/components/soHelpers/templates/_certificates.tpl4
-rwxr-xr-xkubernetes/so/requirements.yaml46
-rwxr-xr-xkubernetes/so/resources/config/overrides/override.yaml2
-rwxr-xr-xkubernetes/so/templates/deployment.yaml27
-rwxr-xr-xkubernetes/so/values.yaml130
65 files changed, 255 insertions, 1113 deletions
diff --git a/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml b/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml
index 69178fd6c7..661ed64b0e 100644
--- a/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml
@@ -22,7 +22,7 @@ server:
mso:
logPath: ./logs/soappcorch
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.auth.rest.aafEncrypted "value2" .Values.mso.auth )}}
- msoKey: {{ .Values.mso.msoKey }}
+ msoKey: {{ .Values.global.app.msoKey }}
config:
{{ if .Values.global.security.aaf.enabled }}
cadi: {{ include "so.cadi.keys" . | nindent 8}}
diff --git a/kubernetes/so/components/so-appc-orchestrator/templates/deployment.yaml b/kubernetes/so/components/so-appc-orchestrator/templates/deployment.yaml
index 50d42ca44d..24592ba50a 100644
--- a/kubernetes/so/components/so-appc-orchestrator/templates/deployment.yaml
+++ b/kubernetes/so/components/so-appc-orchestrator/templates/deployment.yaml
@@ -58,7 +58,7 @@ spec:
export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
{{- if .Values.global.security.aaf.enabled }}
- export KEYSTORE_PASSWORD="${cadi_keystore_password}"
+ export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}"
{{- end }}
{{- end }}
/app/start-app.sh
diff --git a/kubernetes/so/components/so-appc-orchestrator/values.yaml b/kubernetes/so/components/so-appc-orchestrator/values.yaml
index e63838d3b1..7570116fd5 100644
--- a/kubernetes/so/components/so-appc-orchestrator/values.yaml
+++ b/kubernetes/so/components/so-appc-orchestrator/values.yaml
@@ -30,7 +30,8 @@ global:
security:
aaf:
enabled: false
-
+ app:
+ msoKey: 07a7159d3bf51a0e53be7a8f89699be7
#################################################################
# Secrets metaconfig
#################################################################
@@ -73,7 +74,6 @@ db:
adminName: so_admin
adminPassword: so_Admin123
# adminCredsExternalSecret: some secret
-
server:
actuator:
username: mso_admin
@@ -87,8 +87,8 @@ service:
name: so-appc-orchestrator
type: ClusterIP
ports:
- - port: *containerPort
- name: http
+ - port: *containerPort
+ name: http
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
@@ -96,6 +96,7 @@ updateStrategy:
# Resource Limit flavor -By Default using small
flavor: small
+
#################################################################
# soHelper part
#################################################################
@@ -127,14 +128,14 @@ resources:
cpu: 1000m
unlimited: {}
livenessProbe:
- path: /manage/health
- port: 8083
- scheme: HTTP
- initialDelaySeconds: 600
- periodSeconds: 60
- timeoutSeconds: 10
- successThreshold: 1
- failureThreshold: 3
+ path: /manage/health
+ port: 8083
+ scheme: HTTP
+ initialDelaySeconds: 600
+ periodSeconds: 60
+ timeoutSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
ingress:
enabled: false
nodeSelector: {}
@@ -148,7 +149,6 @@ auth:
mso:
auth: BEA8637716A7EB617DF472BA6552D22F68C1CB17B0D094D77DDA562F4ADAAC4457CAB848E1A4
basicUser: poBpmn
- msoKey: 07a7159d3bf51a0e53be7a8f89699be7
appc:
client:
diff --git a/kubernetes/so/components/so-bpmn-infra/requirements.yaml b/kubernetes/so/components/so-bpmn-infra/requirements.yaml
index 1feea23842..b0bda362dd 100755
--- a/kubernetes/so/components/so-bpmn-infra/requirements.yaml
+++ b/kubernetes/so/components/so-bpmn-infra/requirements.yaml
@@ -18,6 +18,9 @@ dependencies:
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
+ - name: readinessCheck
+ version: ~6.x-0
+ repository: '@local'
- name: soHelpers
version: ~6.x-0
repository: 'file://../soHelpers'
diff --git a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml
index cf448cc9cd..11128dd68c 100755
--- a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml
@@ -382,7 +382,7 @@ spring:
so:
vnfm:
adapter:
- url: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/
+ url: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/
auth: {{ .Values.so.vnfm.adapter.auth }}
org:
onap:
diff --git a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml
index e7cb3aa782..ac335c859a 100755
--- a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml
+++ b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml
@@ -39,21 +39,9 @@ spec:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }}
- - command:
- - /app/ready.py
- args:
- - --job-name
- - {{ include "common.release" . }}-so-mariadb-config-job
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
+ initContainers:
+ {{ include "so.certificate.container_importer" . | indent 6 | trim }}
+ {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "common.repository" . }}/{{ .Values.image }}
@@ -67,21 +55,15 @@ spec:
export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
{{- if .Values.global.security.aaf.enabled }}
- export KEYSTORE_PASSWORD="${cadi_keystore_password}"
+ export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}"
{{- end }}
/app/start-app.sh
{{- end }}
env:
- name: DB_HOST
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.host
+ value: {{ include "common.mariadbService" . }}
- name: DB_PORT
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.port
+ value: {{ include "common.mariadbPort" . | quote }}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }}
- name: DB_PASSWORD
diff --git a/kubernetes/so/components/so-bpmn-infra/values.yaml b/kubernetes/so/components/so-bpmn-infra/values.yaml
index 034e269d6a..2bb7d7b44c 100755
--- a/kubernetes/so/components/so-bpmn-infra/values.yaml
+++ b/kubernetes/so/components/so-bpmn-infra/values.yaml
@@ -32,6 +32,13 @@ global:
aaf:
auth:
encrypted: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456
+ mariadbGalera:
+ serviceName: mariadb-galera
+ servicePort: '3306'
+
+readinessCheck:
+ wait_for:
+ - so-mariadb-config
#################################################################
# Secrets metaconfig
@@ -60,7 +67,7 @@ secrets:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/bpmn-infra:1.6.4
+image: onap/so/bpmn-infra:1.7.10
pullPolicy: Always
db:
diff --git a/kubernetes/so/components/so-catalog-db-adapter/requirements.yaml b/kubernetes/so/components/so-catalog-db-adapter/requirements.yaml
index 1feea23842..b0bda362dd 100755
--- a/kubernetes/so/components/so-catalog-db-adapter/requirements.yaml
+++ b/kubernetes/so/components/so-catalog-db-adapter/requirements.yaml
@@ -18,6 +18,9 @@ dependencies:
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
+ - name: readinessCheck
+ version: ~6.x-0
+ repository: '@local'
- name: soHelpers
version: ~6.x-0
repository: 'file://../soHelpers'
diff --git a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml
index d58fd86194..0aac5f4b48 100755
--- a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml
@@ -39,21 +39,9 @@ spec:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }}
- - command:
- - /app/ready.py
- args:
- - --job-name
- - {{ include "common.release" . }}-so-mariadb-config-job
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
+ initContainers:
+ {{ include "so.certificate.container_importer" . | indent 6 | trim }}
+ {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "common.repository" . }}/{{ .Values.image }}
@@ -67,21 +55,15 @@ spec:
export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
{{- if .Values.global.security.aaf.enabled }}
- export KEYSTORE_PASSWORD="${cadi_keystore_password}"
+ export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}"
{{- end }}
/app/start-app.sh
{{- end }}
env:
- name: DB_HOST
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.host
+ value: {{ include "common.mariadbService" . }}
- name: DB_PORT
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.port
+ value: {{ include "common.mariadbPort" . | quote }}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }}
- name: DB_PASSWORD
diff --git a/kubernetes/so/components/so-catalog-db-adapter/values.yaml b/kubernetes/so/components/so-catalog-db-adapter/values.yaml
index 2fadf41e01..b27566d336 100755
--- a/kubernetes/so/components/so-catalog-db-adapter/values.yaml
+++ b/kubernetes/so/components/so-catalog-db-adapter/values.yaml
@@ -31,6 +31,13 @@ global:
header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo=
app:
msoKey: 07a7159d3bf51a0e53be7a8f89699be7
+ mariadbGalera:
+ serviceName: mariadb-galera
+ servicePort: '3306'
+
+readinessCheck:
+ wait_for:
+ - so-mariadb-config
#################################################################
# Secrets metaconfig
@@ -59,7 +66,7 @@ secrets:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/catalog-db-adapter:1.6.4
+image: onap/so/catalog-db-adapter:1.7.10
pullPolicy: Always
db:
diff --git a/kubernetes/so/components/so-cnf-adapter/Chart.yaml b/kubernetes/so/components/so-cnf-adapter/Chart.yaml
deleted file mode 100755
index f2ccd6a707..0000000000
--- a/kubernetes/so/components/so-cnf-adapter/Chart.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-# Copyright © 2020 Huawei Technologies Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-apiVersion: v1
-appVersion: "1.7.1"
-description: A Helm chart for Kubernetes
-name: so-cnf-adapter
-version: 6.0.0
diff --git a/kubernetes/so/components/so-cnf-adapter/requirements.yaml b/kubernetes/so/components/so-cnf-adapter/requirements.yaml
deleted file mode 100755
index 1feea23842..0000000000
--- a/kubernetes/so/components/so-cnf-adapter/requirements.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-dependencies:
- - name: common
- version: ~6.x-0
- # local reference to common chart, as it is
- # a part of this chart's package and will not
- # be published independently to a repo (at this point)
- repository: '@local'
- - name: soHelpers
- version: ~6.x-0
- repository: 'file://../soHelpers'
diff --git a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml
deleted file mode 100755
index 37024d4d4d..0000000000
--- a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml
+++ /dev/null
@@ -1,50 +0,0 @@
-{{/*
-# Copyright © 2020 Huawei Technologies Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-aai:
- auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.server.aai.auth ) }}
- endpoint: https://aai.{{ include "common.namespace" . }}:8443
-logging:
- path: logs
-spring:
- security:
- usercredentials:
- - username: ${ACTUATOR_USERNAME}
- password: ${ACTUATOR_PASSWORD}
- role: ACTUATOR
-server:
- port: {{ index .Values.containerPort }}
- tomcat:
- max-threads: 50
-
-mso:
- site-name: localSite
- logPath: ./logs/cnf
- msb-ip: msb-iag.{{ include "common.namespace" . }}
- msb-port: 80
-#Actuator
-management:
- endpoints:
- web:
- base-path: /manage
- exposure:
- include: "*"
- metrics:
- se-global-registry: false
- export:
- prometheus:
- enabled: true # Whether exporting of metrics to Prometheus is enabled.
- step: 1m # Step size (i.e. reporting frequency) to use.
diff --git a/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml b/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml
deleted file mode 100755
index fcdd381e72..0000000000
--- a/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{/*
-# Copyright © 2020 Huawei Technologies Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata: {{- include "common.resourceMetadata" (dict "dot" . "suffix" "env") | nindent 2 }}
-data:
- LOG_PATH: {{ index .Values.logPath }}
- APP: {{ index .Values.app }}
- ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}}
----
-apiVersion: v1
-kind: ConfigMap
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
-data:
-{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml b/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml
deleted file mode 100755
index 63e36a6c2c..0000000000
--- a/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml
+++ /dev/null
@@ -1,136 +0,0 @@
-{{/*
-# Copyright © 2020 Huawei Technologies Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
-spec:
- selector: {{- include "common.selectors" . | nindent 4 }}
- replicas: {{ index .Values.replicaCount }}
- minReadySeconds: {{ index .Values.minReadySeconds }}
- strategy:
- type: {{ index .Values.updateStrategy.type }}
- rollingUpdate:
- maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
- maxSurge: {{ index .Values.updateStrategy.maxSurge }}
- template:
- metadata:
- labels: {{- include "common.labels" . | nindent 8 }}
- spec:
- initContainers: {{ include "so.certificate.container_importer" . | nindent 8 }}
- - name: {{ include "common.name" . }}-encrypter
- command:
- - sh
- args:
- - -c
- - |
- java Crypto "${AAI_USERNAME}:${AAI_PASSWORD}" "${MSO_KEY}" > /output/.aai_creds
- env:
- - name: AAI_USERNAME
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aai-creds" "key" "login") | indent 14 }}
- - name: AAI_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aai-creds" "key" "password") | indent 14 }}
- - name: MSO_KEY
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cnf-adapter-mso-key" "key" "password") | indent 14 }}
- image: {{ .Values.global.dockerHubRepository }}/{{ .Values.global.soCryptoImage }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - name: encoder
- mountPath: /output
- - name: {{ include "common.name" . }}-readiness
- command:
- - /app/ready.py
- args:
- - --job-name
- - {{ include "common.release" . }}-so-mariadb-config-job
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "common.repository" . }}/{{ .Values.global.readinessImage }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "common.repository" . }}/{{ .Values.image }}
- command:
- - sh
- args:
- - -c
- - |
- export AAF_BASE64=$(echo -n "${AAF_USERNAME}:${AAF_PASSWORD}" | base64)
- export AAF_AUTH=$(echo "Basic ${AAF_BASE64}")
- export AAI_AUTH=$(cat /input/.aai_creds)
- {{- if .Values.global.aafEnabled }}
- export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
- export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
- {{- if .Values.global.security.aaf.enabled }}
- export KEYSTORE_PASSWORD="${cadi_keystore_password}"
- {{- end }}
- {{- end }}
- ./start-app.sh
- resources: {{ include "common.resources" . | nindent 12 }}
- ports: {{- include "common.containerPorts" . | nindent 12 }}
- env:
- - name: AAF_USERNAME
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aaf-creds" "key" "login") | indent 14 }}
- - name: AAF_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aaf-creds" "key" "password") | indent 14 }}
- - name: ACTUATOR_USERNAME
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "login") | indent 14 }}
- - name: ACTUATOR_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "password") | indent 14 }}
- {{ include "so.certificates.env" . | indent 12 | trim }}
- envFrom:
- - configMapRef:
- name: {{ include "common.fullname" . }}-env
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 12 }}
- - name: logs
- mountPath: /app/logs
- - name: config
- mountPath: /app/config
- readOnly: true
- - name: {{ include "common.fullname" . }}-truststore
- mountPath: /app/client
- readOnly: true
- - name: encoder
- mountPath: /input
- livenessProbe:
- httpGet:
- path: {{ index .Values.livenessProbe.path}}
- port: {{ index .Values.containerPort }}
- scheme: {{ index .Values.livenessProbe.scheme}}
- initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}}
- periodSeconds: {{ index .Values.livenessProbe.periodSeconds}}
- timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}}
- successThreshold: {{ index .Values.livenessProbe.successThreshold}}
- failureThreshold: {{ index .Values.livenessProbe.failureThreshold}}
- volumes: {{ include "so.certificate.volumes" . | nindent 8 }}
- - name: logs
- emptyDir: {}
- - name: config
- configMap:
- name: {{ include "common.fullname" . }}
- - name: encoder
- emptyDir:
- medium: Memory
- - name: {{ include "common.fullname" . }}-truststore
- secret:
- secretName: {{ include "common.release" . }}-so-truststore-secret
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/so/components/so-cnf-adapter/templates/secret.yaml b/kubernetes/so/components/so-cnf-adapter/templates/secret.yaml
deleted file mode 100644
index cc40499c76..0000000000
--- a/kubernetes/so/components/so-cnf-adapter/templates/secret.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-# Copyright © 2020 Huawei Technologies Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.secretFast" . }}
diff --git a/kubernetes/so/components/so-cnf-adapter/templates/service.yaml b/kubernetes/so/components/so-cnf-adapter/templates/service.yaml
deleted file mode 100755
index 665601d832..0000000000
--- a/kubernetes/so/components/so-cnf-adapter/templates/service.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-# Copyright © 2020 Huawei Technologies Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.service" . }}
diff --git a/kubernetes/so/components/so-cnf-adapter/values.yaml b/kubernetes/so/components/so-cnf-adapter/values.yaml
deleted file mode 100755
index 195d62d4b7..0000000000
--- a/kubernetes/so/components/so-cnf-adapter/values.yaml
+++ /dev/null
@@ -1,178 +0,0 @@
-# Copyright © 2020 Huawei Technologies Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- nodePortPrefixExt: 304
- repository: nexus3.onap.org:10001
- readinessImage: oomk8s/readiness-check:2.2.2
- soCryptoImage: sdesbure/so_crypto:latest
- dockerHubRepository: docker.io
- persistence:
- mountPath: /dockerdata-nfs
- security:
- aaf:
- enabled: false
- aaf:
- auth:
- header: ${AAF_AUTH}
-
-#################################################################
-# Secrets metaconfig
-#################################################################
-secrets:
- - uid: db-user-creds
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}'
- login: '{{ .Values.db.userName }}'
- password: '{{ .Values.db.userPassword }}'
- passwordPolicy: required
- - uid: db-admin-creds
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}'
- login: '{{ .Values.db.adminName }}'
- password: '{{ .Values.db.adminPassword }}'
- passwordPolicy: required
- - uid: server-actuator-creds
- name: '{{ include "common.release" . }}-so-cnf-actuator-creds'
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.server.actuatorCredsExternalSecret) . }}'
- login: '{{ .Values.server.actuator.username }}'
- password: '{{ .Values.server.actuator.password }}'
- passwordPolicy: required
- - uid: so-aaf-creds
- name: '{{ include "common.release" . }}-so-cnf-aaf-creds'
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.server.aafCredsExternalSecret) . }}'
- login: '{{ .Values.server.aaf.username }}'
- password: '{{ .Values.server.aaf.password }}'
- passwordPolicy: required
- - uid: so-aai-creds
- name: '{{ include "common.release" . }}-so-cnf-aai-creds'
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.server.aaiCredsExternalSecret) . }}'
- login: '{{ .Values.server.aai.username }}'
- password: '{{ .Values.server.aai.password }}'
- passwordPolicy: required
- - uid: cnf-adapter-mso-key
- name: '{{ include "common.release" . }}-so-cnf-mso-key'
- type: password
- externalSecret: '{{ tpl (default "" .Values.mso.msoKeySecret) . }}'
- password: '{{ .Values.mso.msoKey }}'
-
-#secretsFilePaths: |
-# - 'my file 1'
-# - '{{ include "templateThatGeneratesFileName" . }}'
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-repository: nexus3.onap.org:10001
-image: onap/so/mso-cnf-adapter:1.7.1
-pullPolicy: Always
-
-db:
- userName: so_user
- userPassword: so_User123
- # userCredsExternalSecret: some secret
- adminName: so_admin
- adminPassword: so_Admin123
- # adminCredsExternalSecret: some secret
-
-server:
- aaf:
- username: so@so.onap.org
- password: demo123456
- # aafCredsExternalSecret: some secret
- aai:
- username: aai@aai.onap.org
- password: demo123456!
- auth: ${AAI_AUTH}
- # aaiCredsExternalSecret: some secret
- actuator:
- username: mso_admin
- password: password1$
- # actuatorCredsExternalSecret: some secret
-
-mso:
- msoKey: 07a7159d3bf51a0e53be7a8f89699be7
- # msoKeySecret: some secret
- adapters:
- requestDb:
- auth: ${REQUEST_AUTH}
-
-replicaCount: 1
-minReadySeconds: 10
-containerPort: &containerPort 8090
-logPath: ./logs/cnf/
-app: cnf-adapter
-service:
- type: ClusterIP
- ports:
- - name: http-api
- port: *containerPort
-updateStrategy:
- type: RollingUpdate
- maxUnavailable: 1
- maxSurge: 1
-
-soHelpers:
- nameOverride: so-cnf-cert-init
- certInitializer:
- nameOverride: so-cnf-cert-init
- credsPath: /opt/app/osaaf/local
- cadi:
- apiEnforcement: org.onap.so.openStackAdapterPerm
- containerPort: *containerPort
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- memory: 4Gi
- cpu: 2000m
- requests:
- memory: 1Gi
- cpu: 500m
- large:
- limits:
- memory: 8Gi
- cpu: 4000m
- requests:
- memory: 2Gi
- cpu: 1000m
- unlimited: {}
-
-livenessProbe:
- path: /manage/health
- port: 8090
- scheme: HTTP
- initialDelaySeconds: 600
- periodSeconds: 60
- timeoutSeconds: 10
- successThreshold: 1
- failureThreshold: 3
-
-ingress:
- enabled: false
-
-nodeSelector: {}
-
-tolerations: []
-
-affinity: {}
diff --git a/kubernetes/so/components/so-db-secrets/Chart.yaml b/kubernetes/so/components/so-db-secrets/Chart.yaml
deleted file mode 100755
index 1739d1fe36..0000000000
--- a/kubernetes/so/components/so-db-secrets/Chart.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-# Copyright © 2018 AT&T USA
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-apiVersion: v1
-description: A Helm chart for DB secrets
-name: so-db-secrets
-version: 6.0.0 \ No newline at end of file
diff --git a/kubernetes/so/components/so-db-secrets/requirements.yaml b/kubernetes/so/components/so-db-secrets/requirements.yaml
deleted file mode 100755
index 2eb32d00ed..0000000000
--- a/kubernetes/so/components/so-db-secrets/requirements.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-dependencies:
- - name: common
- version: ~6.x-0
- # local reference to common chart, as it is
- # a part of this chart's package and will not
- # be published independently to a repo (at this point)
- repository: '@local'
diff --git a/kubernetes/so/components/so-db-secrets/templates/secrets.yaml b/kubernetes/so/components/so-db-secrets/templates/secrets.yaml
deleted file mode 100755
index 0ada38595e..0000000000
--- a/kubernetes/so/components/so-db-secrets/templates/secrets.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{/*
-# Copyright © 2018 AT&T USA
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.release" . }}-so-db-secrets
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
- mariadb.readwrite.host : {{ .Values.global.mariadbGalera.serviceName | b64enc | quote }}
- mariadb.readwrite.port : {{ .Values.global.mariadbGalera.servicePort | b64enc | quote }}
- mariadb.readwrite.rolename: {{ .Values.db_username | b64enc | quote }}
- mariadb.readwrite.password: {{ .Values.db_password | b64enc | quote }}
- mariadb.admin.rolename: {{ .Values.db_admin_username| b64enc | quote }}
- mariadb.admin.password: {{ .Values.db_admin_password | b64enc | quote }}
-type: Opaque
diff --git a/kubernetes/so/components/so-db-secrets/values.yaml b/kubernetes/so/components/so-db-secrets/values.yaml
deleted file mode 100644
index 7e51e3ce5d..0000000000
--- a/kubernetes/so/components/so-db-secrets/values.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-# Copyright © 2018 AT&T USA
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-global:
- mariadbGalera:
- serviceName: mariadb-galera
- servicePort: "3306"
-db_admin_username: so_admin
-db_admin_password: so_Admin123
-db_username: so_user
-db_password: so_User123
diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml
index c9aa5823bf..20a4284c67 100644
--- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml
@@ -49,7 +49,7 @@ mso:
so:
adapters:
sol003-adapter:
- url: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1
+ url: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1
auth: {{ .Values.so.sol003.adapter.auth }}
etsi-catalog-manager:
base:
@@ -58,7 +58,7 @@ etsi-catalog-manager:
http:
client:
ssl:
- trust-store: ${TRUSTSTORE}
+ trust-store: file:${TRUSTSTORE}
trust-store-password: ${TRUSTSTORE_PASSWORD}
{{- else }}
endpoint: http://modeling-etsicatalog.{{ include "common.namespace" . }}:8806/api
diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml
index 9408c1f556..fa5f42d5ab 100644
--- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml
+++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml
@@ -41,9 +41,8 @@ spec:
{{- if .Values.global.aafEnabled }}
export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
- export TRUSTSTORE="file:/${TRUSTSTORE}"
{{- if .Values.global.security.aaf.enabled }}
- export KEYSTORE_PASSWORD="${cadi_keystore_password}"
+ export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}"
{{- end }}
{{- end }}
./start-app.sh
@@ -55,15 +54,9 @@ spec:
- name: ETSI_NFVO_PASSWORD_INPUT
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "etsi-nfvo-nslcm-creds" "key" "password") | indent 14 }}
- name: DB_HOST
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.host
+ value: {{ include "common.mariadbService" . }}
- name: DB_PORT
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.port
+ value: {{ include "common.mariadbPort" . | quote }}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 14 }}
- name: DB_PASSWORD
@@ -83,9 +76,6 @@ spec:
- name: config
mountPath: /app/config
readOnly: true
- - name: {{ include "common.fullname" . }}-truststore
- mountPath: /app/client
- readOnly: true
livenessProbe:
tcpSocket:
port: {{ index .Values.livenessProbe.port }}
@@ -100,8 +90,5 @@ spec:
- name: config
configMap:
name: {{ include "common.fullname" . }}-app-configmap
- - name: {{ include "common.fullname" . }}-truststore
- secret:
- secretName: {{ include "common.release" . }}-so-truststore-secret
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml
index 6af61820db..0612f506c5 100644
--- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml
+++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml
@@ -29,6 +29,9 @@ global:
aaf:
auth:
header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo=
+ mariadbGalera:
+ serviceName: mariadb-galera
+ servicePort: '3306'
#################################################################
# Secrets metaconfig
@@ -57,7 +60,7 @@ secrets:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/so-etsi-nfvo-ns-lcm:1.7.4
+image: onap/so/so-etsi-nfvo-ns-lcm:1.7.7
pullPolicy: Always
aai:
@@ -91,13 +94,13 @@ service:
annotations:
service.alpha.kubernetes.io/tolerate-unready-endpoints: 'true'
msb.onap.org/service-info: |
- {{ if not .Values.global.msbDisabled -}}[
+ {{ if .Values.global.msbEnabled -}}[
{
"serviceName": "{{ include "common.servicename" . }}",
"version": "v1",
"url": "/so/so-etsi-nfvo-ns-lcm/v1",
"protocol": "REST",
- "port": "{{ include "common.getPort" (dict "global" . "name" "nfvo-nslcm-port") }}",
+ "port": "{{ include "common.getPort" (dict "global" . "name" "http-api") }}",
"visualRange":"1"
}
]{{ end }}
diff --git a/kubernetes/so/components/so-mariadb/requirements.yaml b/kubernetes/so/components/so-mariadb/requirements.yaml
index 2eb32d00ed..22d6333253 100755
--- a/kubernetes/so/components/so-mariadb/requirements.yaml
+++ b/kubernetes/so/components/so-mariadb/requirements.yaml
@@ -18,3 +18,6 @@ dependencies:
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
+ - name: readinessCheck
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/so/components/so-mariadb/templates/job.yaml b/kubernetes/so/components/so-mariadb/templates/job.yaml
index 36481d461f..b3bacc1ed4 100644
--- a/kubernetes/so/components/so-mariadb/templates/job.yaml
+++ b/kubernetes/so/components/so-mariadb/templates/job.yaml
@@ -95,23 +95,9 @@ spec:
release: {{ include "common.release" . }}
name: {{ include "common.name" . }}
spec:
- initContainers:
- - name: {{ include "common.name" . }}-readiness
- command:
- - /app/ready.py
- args:
- - --container-name
- - {{ .Values.global.mariadbGalera.nameOverride }}
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ initContainers: {{ include "common.readinessCheck.waitFor" . | nindent 6 }}
containers:
- - name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}-config
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command:
@@ -127,15 +113,9 @@ spec:
{{- end }}
env:
- name: DB_HOST
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.host
+ value: {{ include "common.mariadbService" . }}
- name: DB_PORT
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.port
+ value: {{ include "common.mariadbPort" . | quote }}
- name: MYSQL_ROOT_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 10 }}
- name: DB_USER
diff --git a/kubernetes/so/components/so-mariadb/values.yaml b/kubernetes/so/components/so-mariadb/values.yaml
index 9ecf3b0ca6..809dff77a7 100755
--- a/kubernetes/so/components/so-mariadb/values.yaml
+++ b/kubernetes/so/components/so-mariadb/values.yaml
@@ -24,7 +24,7 @@ global:
readinessImage: onap/oom/readiness:3.0.1
ubuntuInitRepository: registry.hub.docker.com
mariadbGalera:
- nameOverride: mariadb-galera
+ nameOverride: &mariadbName mariadb-galera
serviceName: mariadb-galera
servicePort: "3306"
migration:
@@ -33,6 +33,11 @@ global:
dbPort: 3306
dbUser: root
dbPassword: secretpassword
+
+readinessCheck:
+ wait_for:
+ - *mariadbName
+
#################################################################
# Secrets metaconfig
#################################################################
diff --git a/kubernetes/so/components/so-monitoring/templates/deployment.yaml b/kubernetes/so/components/so-monitoring/templates/deployment.yaml
index 7875893dc8..03eccc2d02 100644
--- a/kubernetes/so/components/so-monitoring/templates/deployment.yaml
+++ b/kubernetes/so/components/so-monitoring/templates/deployment.yaml
@@ -75,15 +75,9 @@ spec:
/app/start-app.sh
env:
- name: DB_HOST
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.host
+ value: {{ include "common.mariadbService" . }}
- name: DB_PORT
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.port
+ value: {{ include "common.mariadbPort" . | quote }}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }}
- name: DB_PASSWORD
diff --git a/kubernetes/so/components/so-monitoring/values.yaml b/kubernetes/so/components/so-monitoring/values.yaml
index 9ba1d7b7d8..31ad9d072c 100644
--- a/kubernetes/so/components/so-monitoring/values.yaml
+++ b/kubernetes/so/components/so-monitoring/values.yaml
@@ -37,6 +37,9 @@ global:
aaf:
auth:
header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo=
+ mariadbGalera:
+ serviceName: mariadb-galera
+ servicePort: '3306'
#################################################################
# Secrets metaconfig
diff --git a/kubernetes/so/components/so-nssmf-adapter/requirements.yaml b/kubernetes/so/components/so-nssmf-adapter/requirements.yaml
index 1feea23842..b0bda362dd 100755
--- a/kubernetes/so/components/so-nssmf-adapter/requirements.yaml
+++ b/kubernetes/so/components/so-nssmf-adapter/requirements.yaml
@@ -18,6 +18,9 @@ dependencies:
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
+ - name: readinessCheck
+ version: ~6.x-0
+ repository: '@local'
- name: soHelpers
version: ~6.x-0
repository: 'file://../soHelpers'
diff --git a/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml b/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml
index f1ec31adf1..3b28c5bbdd 100755
--- a/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml
@@ -29,21 +29,9 @@ spec:
metadata:
labels: {{- include "common.labels" . | nindent 8 }}
spec:
- initContainers: {{ include "so.certificate.container_importer" . | nindent 8 }}
- - name: {{ include "common.name" . }}-readiness
- command:
- - /app/ready.py
- args:
- - --job-name
- - {{ include "common.release" . }}-so-mariadb-config-job
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "common.repository" . }}/{{ .Values.global.readinessImage }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ initContainers:
+ {{ include "so.certificate.container_importer" . | indent 6 | trim }}
+ {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
containers:
- name: {{ include "common.name" . }}
command:
@@ -57,7 +45,7 @@ spec:
export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
{{- if .Values.global.security.aaf.enabled }}
- export KEYSTORE_PASSWORD="${cadi_keystore_password}"
+ export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}"
{{- end }}
{{- end }}
./start-app.sh
@@ -66,15 +54,9 @@ spec:
ports: {{- include "common.containerPorts" . | nindent 12 }}
env:
- name: DB_HOST
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.host
+ value: {{ include "common.mariadbService" . }}
- name: DB_PORT
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.port
+ value: {{ include "common.mariadbPort" . | quote }}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 14 }}
- name: DB_PASSWORD
@@ -102,9 +84,6 @@ spec:
- name: config
mountPath: /app/config
readOnly: true
- - name: {{ include "common.fullname" . }}-truststore
- mountPath: /app/client
- readOnly: true
livenessProbe:
httpGet:
path: {{ index .Values.livenessProbe.path}}
@@ -121,8 +100,5 @@ spec:
- name: config
configMap:
name: {{ include "common.fullname" . }}
- - name: {{ include "common.fullname" . }}-truststore
- secret:
- secretName: {{ include "common.release" . }}-so-truststore-secret
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/so/components/so-nssmf-adapter/values.yaml b/kubernetes/so/components/so-nssmf-adapter/values.yaml
index 3bfe1b212f..40a55c6c0b 100755
--- a/kubernetes/so/components/so-nssmf-adapter/values.yaml
+++ b/kubernetes/so/components/so-nssmf-adapter/values.yaml
@@ -29,6 +29,14 @@ global:
aaf:
auth:
header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo=
+ mariadbGalera:
+ serviceName: mariadb-galera
+ servicePort: '3306'
+
+readinessCheck:
+ wait_for:
+ - so-mariadb-config
+
#################################################################
# Secrets metaconfig
@@ -71,7 +79,7 @@ secrets:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/nssmf-adapter:1.6.4
+image: onap/so/nssmf-adapter:1.7.10
pullPolicy: Always
db:
diff --git a/kubernetes/so/components/so-oof-adapter/templates/deployment.yaml b/kubernetes/so/components/so-oof-adapter/templates/deployment.yaml
index f2eae394e7..72799d1f5f 100755
--- a/kubernetes/so/components/so-oof-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-oof-adapter/templates/deployment.yaml
@@ -37,15 +37,9 @@ spec:
{{ include "common.resources" . | indent 10 }}
env:
- name: DB_HOST
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.host
+ value: {{ include "common.mariadbService" . }}
- name: DB_PORT
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.port
+ value: {{ include "common.mariadbPort" . | quote }}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }}
- name: DB_PASSWORD
diff --git a/kubernetes/so/components/so-oof-adapter/values.yaml b/kubernetes/so/components/so-oof-adapter/values.yaml
index 4431ca5513..6bddf29032 100755
--- a/kubernetes/so/components/so-oof-adapter/values.yaml
+++ b/kubernetes/so/components/so-oof-adapter/values.yaml
@@ -31,6 +31,10 @@ global:
aaf:
auth:
header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo=
+ mariadbGalera:
+ serviceName: mariadb-galera
+ servicePort: '3306'
+
# Secrets metaconfig
#################################################################
db:
diff --git a/kubernetes/so/components/so-openstack-adapter/requirements.yaml b/kubernetes/so/components/so-openstack-adapter/requirements.yaml
index 1feea23842..b0bda362dd 100755
--- a/kubernetes/so/components/so-openstack-adapter/requirements.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/requirements.yaml
@@ -18,6 +18,9 @@ dependencies:
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
+ - name: readinessCheck
+ version: ~6.x-0
+ repository: '@local'
- name: soHelpers
version: ~6.x-0
repository: 'file://../soHelpers'
diff --git a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml
index e7cb3aa782..ac335c859a 100755
--- a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml
@@ -39,21 +39,9 @@ spec:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }}
- - command:
- - /app/ready.py
- args:
- - --job-name
- - {{ include "common.release" . }}-so-mariadb-config-job
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
+ initContainers:
+ {{ include "so.certificate.container_importer" . | indent 6 | trim }}
+ {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "common.repository" . }}/{{ .Values.image }}
@@ -67,21 +55,15 @@ spec:
export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
{{- if .Values.global.security.aaf.enabled }}
- export KEYSTORE_PASSWORD="${cadi_keystore_password}"
+ export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}"
{{- end }}
/app/start-app.sh
{{- end }}
env:
- name: DB_HOST
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.host
+ value: {{ include "common.mariadbService" . }}
- name: DB_PORT
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.port
+ value: {{ include "common.mariadbPort" . | quote }}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }}
- name: DB_PASSWORD
diff --git a/kubernetes/so/components/so-openstack-adapter/values.yaml b/kubernetes/so/components/so-openstack-adapter/values.yaml
index 16bbac2afd..129ad59385 100755
--- a/kubernetes/so/components/so-openstack-adapter/values.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/values.yaml
@@ -29,6 +29,13 @@ global:
aaf:
auth:
encrypted: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456
+ mariadbGalera:
+ serviceName: mariadb-galera
+ servicePort: '3306'
+
+readinessCheck:
+ wait_for:
+ - so-mariadb-config
#################################################################
# Secrets metaconfig
@@ -54,7 +61,7 @@ secrets:
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/openstack-adapter:1.6.4
+image: onap/so/openstack-adapter:1.7.10
pullPolicy: Always
repository: nexus3.onap.org:10001
diff --git a/kubernetes/so/components/so-request-db-adapter/requirements.yaml b/kubernetes/so/components/so-request-db-adapter/requirements.yaml
index 1feea23842..b0bda362dd 100755
--- a/kubernetes/so/components/so-request-db-adapter/requirements.yaml
+++ b/kubernetes/so/components/so-request-db-adapter/requirements.yaml
@@ -18,6 +18,9 @@ dependencies:
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
+ - name: readinessCheck
+ version: ~6.x-0
+ repository: '@local'
- name: soHelpers
version: ~6.x-0
repository: 'file://../soHelpers'
diff --git a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml
index d58fd86194..0aac5f4b48 100755
--- a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml
@@ -39,21 +39,9 @@ spec:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }}
- - command:
- - /app/ready.py
- args:
- - --job-name
- - {{ include "common.release" . }}-so-mariadb-config-job
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
+ initContainers:
+ {{ include "so.certificate.container_importer" . | indent 6 | trim }}
+ {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "common.repository" . }}/{{ .Values.image }}
@@ -67,21 +55,15 @@ spec:
export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
{{- if .Values.global.security.aaf.enabled }}
- export KEYSTORE_PASSWORD="${cadi_keystore_password}"
+ export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}"
{{- end }}
/app/start-app.sh
{{- end }}
env:
- name: DB_HOST
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.host
+ value: {{ include "common.mariadbService" . }}
- name: DB_PORT
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.port
+ value: {{ include "common.mariadbPort" . | quote }}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }}
- name: DB_PASSWORD
diff --git a/kubernetes/so/components/so-request-db-adapter/values.yaml b/kubernetes/so/components/so-request-db-adapter/values.yaml
index 5a3721abbe..e221870306 100755
--- a/kubernetes/so/components/so-request-db-adapter/values.yaml
+++ b/kubernetes/so/components/so-request-db-adapter/values.yaml
@@ -29,6 +29,13 @@ global:
aaf:
auth:
header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo=
+ mariadbGalera:
+ serviceName: mariadb-galera
+ servicePort: '3306'
+
+readinessCheck:
+ wait_for:
+ - so-mariadb-config
#################################################################
# Secrets metaconfig
@@ -55,7 +62,7 @@ secrets:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/request-db-adapter:1.6.4
+image: onap/so/request-db-adapter:1.7.10
pullPolicy: Always
db:
diff --git a/kubernetes/so/components/so-sdc-controller/requirements.yaml b/kubernetes/so/components/so-sdc-controller/requirements.yaml
index 1feea23842..b0bda362dd 100755
--- a/kubernetes/so/components/so-sdc-controller/requirements.yaml
+++ b/kubernetes/so/components/so-sdc-controller/requirements.yaml
@@ -18,6 +18,9 @@ dependencies:
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
+ - name: readinessCheck
+ version: ~6.x-0
+ repository: '@local'
- name: soHelpers
version: ~6.x-0
repository: 'file://../soHelpers'
diff --git a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml
index e7cb3aa782..ac335c859a 100755
--- a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml
+++ b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml
@@ -39,21 +39,9 @@ spec:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }}
- - command:
- - /app/ready.py
- args:
- - --job-name
- - {{ include "common.release" . }}-so-mariadb-config-job
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
+ initContainers:
+ {{ include "so.certificate.container_importer" . | indent 6 | trim }}
+ {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "common.repository" . }}/{{ .Values.image }}
@@ -67,21 +55,15 @@ spec:
export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
{{- if .Values.global.security.aaf.enabled }}
- export KEYSTORE_PASSWORD="${cadi_keystore_password}"
+ export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}"
{{- end }}
/app/start-app.sh
{{- end }}
env:
- name: DB_HOST
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.host
+ value: {{ include "common.mariadbService" . }}
- name: DB_PORT
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.port
+ value: {{ include "common.mariadbPort" . | quote }}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }}
- name: DB_PASSWORD
diff --git a/kubernetes/so/components/so-sdc-controller/values.yaml b/kubernetes/so/components/so-sdc-controller/values.yaml
index 24de2c6862..be3be26bc3 100755
--- a/kubernetes/so/components/so-sdc-controller/values.yaml
+++ b/kubernetes/so/components/so-sdc-controller/values.yaml
@@ -29,6 +29,13 @@ global:
aaf:
auth:
header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo=
+ mariadbGalera:
+ serviceName: mariadb-galera
+ servicePort: '3306'
+
+readinessCheck:
+ wait_for:
+ - so-mariadb-config
#################################################################
# Secrets metaconfig
@@ -55,7 +62,7 @@ secrets:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/sdc-controller:1.6.4
+image: onap/so/sdc-controller:1.7.10
pullPolicy: Always
db:
diff --git a/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml b/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml
index 5797007243..5186523ba1 100755
--- a/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml
@@ -53,21 +53,15 @@ spec:
export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
{{- if .Values.global.security.aaf.enabled }}
- export KEYSTORE_PASSWORD="${cadi_keystore_password}"
+ export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}"
{{- end }}
/app/start-app.sh
{{- end }}
env:
- name: DB_HOST
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.host
+ value: {{ include "common.mariadbService" . }}
- name: DB_PORT
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.port
+ value: {{ include "common.mariadbPort" . | quote }}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }}
- name: DB_PASSWORD
diff --git a/kubernetes/so/components/so-sdnc-adapter/values.yaml b/kubernetes/so/components/so-sdnc-adapter/values.yaml
index 4b36815d3d..cabd60e011 100755
--- a/kubernetes/so/components/so-sdnc-adapter/values.yaml
+++ b/kubernetes/so/components/so-sdnc-adapter/values.yaml
@@ -32,6 +32,9 @@ global:
aaf:
auth:
header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo=
+ mariadbGalera:
+ serviceName: mariadb-galera
+ servicePort: '3306'
#################################################################
# Secrets metaconfig
@@ -58,7 +61,7 @@ secrets:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/sdnc-adapter:1.6.4
+image: onap/so/sdnc-adapter:1.7.10
pullPolicy: Always
org:
diff --git a/kubernetes/so/components/so-secrets/Chart.yaml b/kubernetes/so/components/so-secrets/Chart.yaml
deleted file mode 100644
index d96245d752..0000000000
--- a/kubernetes/so/components/so-secrets/Chart.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-# Copyright © 2018 AT&T USA
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-apiVersion: v1
-description: A Helm chart for so secrets
-name: so-secrets
-version: 6.0.0
diff --git a/kubernetes/so/components/so-secrets/requirements.yaml b/kubernetes/so/components/so-secrets/requirements.yaml
deleted file mode 100755
index 2eb32d00ed..0000000000
--- a/kubernetes/so/components/so-secrets/requirements.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-dependencies:
- - name: common
- version: ~6.x-0
- # local reference to common chart, as it is
- # a part of this chart's package and will not
- # be published independently to a repo (at this point)
- repository: '@local'
diff --git a/kubernetes/so/components/so-secrets/resources/certs/org.onap.so.trust.jks b/kubernetes/so/components/so-secrets/resources/certs/org.onap.so.trust.jks
deleted file mode 100644
index 31ea6ba650..0000000000
--- a/kubernetes/so/components/so-secrets/resources/certs/org.onap.so.trust.jks
+++ /dev/null
Binary files differ
diff --git a/kubernetes/so/components/so-secrets/templates/secrets.yaml b/kubernetes/so/components/so-secrets/templates/secrets.yaml
deleted file mode 100644
index 9388ecbf38..0000000000
--- a/kubernetes/so/components/so-secrets/templates/secrets.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-{{/*
-# Copyright © 2018 AT&T USA
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ .Release.Name }}-so-client-certs-secret
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
- trustStorePassword: {{ .Values.global.client.certs.trustStorePassword }}
- keyStorePassword: {{ .Values.global.client.certs.keyStorePassword}}
-type: Opaque
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.release" . }}-so-truststore-secret
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
diff --git a/kubernetes/so/components/so-secrets/values.yaml b/kubernetes/so/components/so-secrets/values.yaml
deleted file mode 100644
index 602ea79084..0000000000
--- a/kubernetes/so/components/so-secrets/values.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-# Copyright (c) 2020 Orange
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- client:
- certs:
- trustStorePassword: LHN4Iy5DKlcpXXdWZ0pDNmNjRkhJIzpI
diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/requirements.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/requirements.yaml
index 1feea23842..b0bda362dd 100755
--- a/kubernetes/so/components/so-ve-vnfm-adapter/requirements.yaml
+++ b/kubernetes/so/components/so-ve-vnfm-adapter/requirements.yaml
@@ -18,6 +18,9 @@ dependencies:
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
+ - name: readinessCheck
+ version: ~6.x-0
+ repository: '@local'
- name: soHelpers
version: ~6.x-0
repository: 'file://../soHelpers'
diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml
index 55177031e4..7c528b0290 100755
--- a/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml
@@ -24,23 +24,8 @@ spec:
metadata:
labels: {{- include "common.labels" . | nindent 8 }}
spec:
- initContainers: {{ include "so.certificate.container_importer" . | nindent 8 }}
- - name: {{ include "common.name" . }}-readiness
- command:
- - /app/ready.py
- args:
- - --container-name
- - aai
- - --container-name
- - message-router
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "common.repository" . }}/{{ .Values.global.readinessImage }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }}
+ {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
containers:
- name: {{ include "common.name" . }}
envFrom:
diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml
index 6511af320b..9237b994ac 100755
--- a/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml
+++ b/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml
@@ -22,6 +22,11 @@ global:
persistence:
mountPath: /dockerdata-nfs
+readinessCheck:
+ wait_for:
+ - aai
+ - message-router
+
#################################################################
# Application configuration defaults.
#################################################################
diff --git a/kubernetes/so/components/so-vfc-adapter/requirements.yaml b/kubernetes/so/components/so-vfc-adapter/requirements.yaml
index 1feea23842..b0bda362dd 100755
--- a/kubernetes/so/components/so-vfc-adapter/requirements.yaml
+++ b/kubernetes/so/components/so-vfc-adapter/requirements.yaml
@@ -18,6 +18,9 @@ dependencies:
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
+ - name: readinessCheck
+ version: ~6.x-0
+ repository: '@local'
- name: soHelpers
version: ~6.x-0
repository: 'file://../soHelpers'
diff --git a/kubernetes/so/components/so-vfc-adapter/templates/deployment.yaml b/kubernetes/so/components/so-vfc-adapter/templates/deployment.yaml
index a85ce0cded..94759ced65 100755
--- a/kubernetes/so/components/so-vfc-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-vfc-adapter/templates/deployment.yaml
@@ -39,21 +39,9 @@ spec:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }}
- - command:
- - /app/ready.py
- args:
- - --job-name
- - {{ include "common.release" . }}-so-mariadb-config-job
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
+ initContainers:
+ {{ include "so.certificate.container_importer" . | indent 6 | trim }}
+ {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "common.repository" . }}/{{ .Values.image }}
@@ -67,21 +55,15 @@ spec:
export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
{{- if .Values.global.security.aaf.enabled }}
- export KEYSTORE_PASSWORD="${cadi_keystore_password}"
+ export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}"
{{- end }}
/app/start-app.sh
{{- end }}
env:
- name: DB_HOST
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.host
+ value: {{ include "common.mariadbService" . }}
- name: DB_PORT
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.port
+ value: {{ include "common.mariadbPort" . | quote }}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }}
- name: DB_PASSWORD
diff --git a/kubernetes/so/components/so-vfc-adapter/values.yaml b/kubernetes/so/components/so-vfc-adapter/values.yaml
index d0e1d20e75..f88e117fae 100755
--- a/kubernetes/so/components/so-vfc-adapter/values.yaml
+++ b/kubernetes/so/components/so-vfc-adapter/values.yaml
@@ -28,6 +28,13 @@ global:
aaf:
auth:
header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo=
+ mariadbGalera:
+ serviceName: mariadb-galera
+ servicePort: '3306'
+
+readinessCheck:
+ wait_for:
+ - so-mariadb-config
#################################################################
# Secrets metaconfig
@@ -54,7 +61,7 @@ secrets:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/vfc-adapter:1.6.4
+image: onap/so/vfc-adapter:1.7.10
pullPolicy: Always
db:
diff --git a/kubernetes/so/components/so-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-vnfm-adapter/resources/config/overrides/override.yaml
index 7fc4b95b27..d780a76876 100755
--- a/kubernetes/so/components/so-vnfm-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-vnfm-adapter/resources/config/overrides/override.yaml
@@ -29,15 +29,7 @@ spring:
server:
port: {{ index .Values.containerPort }}
ssl:
- key-alias: so@so.onap.org
- key--store-password: 'ywsqCy:EEo#j}HJHM7z^Rk[L'
- key-store: classpath:so-vnfm-adapter.p12
- key-store-type: PKCS12
-http:
- client:
- ssl:
- trust-store: classpath:org.onap.so.trust.jks
- trust-store-password: ',sx#.C*W)]wVgJC6ccFHI#:H'
+ enabled: false
mso:
key: {{ .Values.mso.key }}
site-name: localSite
@@ -52,7 +44,7 @@ sdc:
key: {{ .Values.sdc.key }}
endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443
vnfmadapter:
- endpoint: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092
+ endpoint: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092
etsi-catalog-manager:
vnfpkgm:
{{- if .Values.global.msbEnabled }}
@@ -60,7 +52,7 @@ etsi-catalog-manager:
http:
client:
ssl:
- trust-store: ${TRUSTSTORE}
+ trust-store: file:${TRUSTSTORE}
trust-store-password: ${TRUSTSTORE_PASSWORD}
{{- else }}
endpoint: http://modeling-etsicatalog.{{ include "common.namespace" . }}:8806/api/vnfpkgm/v1
diff --git a/kubernetes/so/components/so-vnfm-adapter/templates/deployment.yaml b/kubernetes/so/components/so-vnfm-adapter/templates/deployment.yaml
index 4f73fb39e7..24dd3d6d21 100755
--- a/kubernetes/so/components/so-vnfm-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-vnfm-adapter/templates/deployment.yaml
@@ -52,9 +52,8 @@ spec:
- |
export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
- {{- if .Values.global.security.aaf.enabled }}
- export KEYSTORE_PASSWORD="${cadi_keystore_password}"
- {{- end }}
+ export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}"
+ export KEYSTORE="{{ .Values.soHelpers.certInitializer.credsPath }}/org.onap.so.p12"
/app/start-app.sh
{{- end }}
env:
@@ -69,9 +68,6 @@ spec:
- name: config
mountPath: /app/config
readOnly: true
- - name: {{ include "common.fullname" . }}-truststore
- mountPath: /app/client
- readOnly: true
livenessProbe:
tcpSocket:
port: {{ index .Values.livenessProbe.port }}
@@ -89,8 +85,5 @@ spec:
- name: config
configMap:
name: {{ include "common.fullname" . }}-app-configmap
- - name: {{ include "common.fullname" . }}-truststore
- secret:
- secretName: {{ include "common.release" . }}-so-truststore-secret
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/so/components/so-vnfm-adapter/values.yaml b/kubernetes/so/components/so-vnfm-adapter/values.yaml
index f15fffb055..f8fa7c93be 100755
--- a/kubernetes/so/components/so-vnfm-adapter/values.yaml
+++ b/kubernetes/so/components/so-vnfm-adapter/values.yaml
@@ -33,7 +33,7 @@ global:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/vnfm-adapter:1.6.4
+image: onap/so/vnfm-adapter:1.7.10
pullPolicy: Always
aaf:
diff --git a/kubernetes/so/components/soHelpers/templates/_certificates.tpl b/kubernetes/so/components/soHelpers/templates/_certificates.tpl
index ef3b0768f5..d148a1cd60 100644
--- a/kubernetes/so/components/soHelpers/templates/_certificates.tpl
+++ b/kubernetes/so/components/soHelpers/templates/_certificates.tpl
@@ -5,7 +5,7 @@
{{ include "common.certInitializer.initContainer" $subchartDot }}
{{- if $dot.Values.global.aafEnabled }}
- name: {{ include "common.name" $dot }}-msb-cert-importer
- image: "{{ include "common.repository" $dot }}/{{ $dot.Values.global.aafAgentImage }}"
+ image: "{{ include "common.repository" $subchartDot }}/{{ $dot.Values.global.aafAgentImage }}"
imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }}
command:
- "/bin/sh"
@@ -56,7 +56,7 @@
value: {{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}
{{- if $dot.Values.global.security.aaf.enabled }}
- name: KEYSTORE
- value: {{ $subchartDot.Values.certInitializer.credsPath }}/org.onap.so.jks
+ value: {{ $subchartDot.Values.certInitializer.credsPath }}/org.onap.so.p12
{{- end }}
{{- end }}
{{- end -}}
diff --git a/kubernetes/so/requirements.yaml b/kubernetes/so/requirements.yaml
index c982bffa9d..bbd84cfcfd 100755
--- a/kubernetes/so/requirements.yaml
+++ b/kubernetes/so/requirements.yaml
@@ -17,47 +17,42 @@ dependencies:
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
- repository: "@local"
+ repository: '@local'
+ - name: readinessCheck
+ version: ~6.x-0
+ repository: '@local'
- name: mariadb-galera
version: ~6.x-0
- repository: "@local"
+ repository: '@local'
condition: global.mariadbGalera.localCluster
- name: soHelpers
version: ~6.x-0
- repository: "file://components/soHelpers"
+ repository: 'file://components/soHelpers'
- name: so-appc-orchestrator
version: ~6.x-0
- repository: "file://components/so-appc-orchestrator"
+ repository: 'file://components/so-appc-orchestrator'
condition: so-appc-orchestrator.enabled
- name: so-bpmn-infra
version: ~6.x-0
- repository: "file://components/so-bpmn-infra"
+ repository: 'file://components/so-bpmn-infra'
- name: so-catalog-db-adapter
version: ~6.x-0
- repository: "file://components/so-catalog-db-adapter"
+ repository: 'file://components/so-catalog-db-adapter'
condition: so-catalog-db-adapter.enabled
- - name: so-cnf-adapter
- version: ~6.x-0
- repository: "file://components/so-cnf-adapter"
- condition: so-cnf-adapter.enabled
- - name: so-db-secrets
- version: ~6.x-0
- repository: "file://components/so-db-secrets"
- condition: so-etsi-nfvo-ns-lcm.enabled
- name: so-etsi-nfvo-ns-lcm
version: ~6.x-0
repository: 'file://components/so-etsi-nfvo-ns-lcm'
condition: so-etsi-nfvo-ns-lcm.enabled
- name: so-mariadb
version: ~6.x-0
- repository: "file://components/so-mariadb"
+ repository: 'file://components/so-mariadb'
- name: so-monitoring
version: ~6.x-0
- repository: "file://components/so-monitoring"
+ repository: 'file://components/so-monitoring'
condition: so-monitoring.enabled
- name: so-nssmf-adapter
version: ~6.x-0
- repository: "file://components/so-nssmf-adapter"
+ repository: 'file://components/so-nssmf-adapter'
condition: so-nssmf-adapter.enabled
- name: so-oof-adapter
version: ~6.x-0
@@ -65,30 +60,27 @@ dependencies:
condition: so-oof-adapter.enabled
- name: so-openstack-adapter
version: ~6.x-0
- repository: "file://components/so-openstack-adapter"
+ repository: 'file://components/so-openstack-adapter'
condition: so-openstack-adapter.enabled
- name: so-request-db-adapter
version: ~6.x-0
- repository: "file://components/so-request-db-adapter"
+ repository: 'file://components/so-request-db-adapter'
- name: so-sdc-controller
version: ~6.x-0
- repository: "file://components/so-sdc-controller"
+ repository: 'file://components/so-sdc-controller'
- name: so-sdnc-adapter
version: ~6.x-0
- repository: "file://components/so-sdnc-adapter"
+ repository: 'file://components/so-sdnc-adapter'
condition: so-sdnc-adapter.enabled
- - name: so-secrets
- version: ~6.x-0
- repository: "file://components/so-secrets"
- name: so-ve-vnfm-adapter
version: ~6.x-0
- repository: "file://components/so-ve-vnfm-adapter"
+ repository: 'file://components/so-ve-vnfm-adapter'
condition: so-ve-vnfm-adapter.enabled
- name: so-vfc-adapter
version: ~6.x-0
- repository: "file://components/so-vfc-adapter"
+ repository: 'file://components/so-vfc-adapter'
condition: so-vfc-adapter.enabled
- name: so-vnfm-adapter
version: ~6.x-0
- repository: "file://components/so-vnfm-adapter"
+ repository: 'file://components/so-vnfm-adapter'
condition: so-vnfm-adapter.enabled
diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml
index 8ed9fd6401..efcf029fbc 100755
--- a/kubernetes/so/resources/config/overrides/override.yaml
+++ b/kubernetes/so/resources/config/overrides/override.yaml
@@ -124,4 +124,4 @@ org:
cloud-owner: CloudOwner
adapters:
network:
- encryptionKey: {{ .Values.mso.msoKey }}
+ encryptionKey: {{ .Values.global.app.msoKey }}
diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml
index 1ff897e051..ac335c859a 100755
--- a/kubernetes/so/templates/deployment.yaml
+++ b/kubernetes/so/templates/deployment.yaml
@@ -41,20 +41,7 @@ spec:
spec:
initContainers:
{{ include "so.certificate.container_importer" . | indent 6 | trim }}
- - name: {{ include "common.name" . }}-readiness
- command:
- - /app/ready.py
- args:
- - --job-name
- - {{ include "common.release" . }}-so-mariadb-config-job
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "common.repository" . }}/{{ .Values.image }}
@@ -68,21 +55,15 @@ spec:
export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
{{- if .Values.global.security.aaf.enabled }}
- export KEYSTORE_PASSWORD="${cadi_keystore_password}"
+ export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}"
{{- end }}
/app/start-app.sh
{{- end }}
env:
- name: DB_HOST
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.host
+ value: {{ include "common.mariadbService" . }}
- name: DB_PORT
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.port
+ value: {{ include "common.mariadbPort" . | quote }}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }}
- name: DB_PASSWORD
diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml
index 3e196ceda2..05df60bb0b 100755
--- a/kubernetes/so/values.yaml
+++ b/kubernetes/so/values.yaml
@@ -27,6 +27,8 @@ global:
nameOverride: mariadb-galera
serviceName: mariadb-galera
servicePort: '3306'
+ service: mariadb-galera
+ internalPort: '3306'
# mariadbRootPassword: secretpassword
# rootPasswordExternalSecret: some secret
#This flag allows SO to instantiate its own mariadb-galera cluster,
@@ -58,6 +60,7 @@ global:
siteName: onapheat
auth: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456
defaultCloudOwner: onap
+ msoKey: 07a7159d3bf51a0e53be7a8f89699be7
client:
certs:
truststore: /app/client/org.onap.so.trust.jks
@@ -68,6 +71,10 @@ global:
path: /etc/ssl/certs
share_path: /usr/local/share/ca-certificates/
+readinessCheck:
+ wait_for:
+ - so-mariadb-config
+
#################################################################
# Secrets metaconfig
#################################################################
@@ -108,44 +115,16 @@ secrets:
type: generic
filePaths:
- resources/config/certificates/msb-ca.crt
- - uid: 'mso-key'
+ - uid: "mso-key"
name: &mso-key '{{ include "common.release" . }}-mso-key'
type: password
- password: '{{ .Values.mso.msoKey }}'
+ password: '{{ .Values.global.app.msoKey }}'
- uid: mso-oof-auth
name: &mso-oof-auth '{{ include "common.release" . }}-mso-oof-auth'
type: basicAuth
login: '{{ .Values.mso.oof.login }}'
password: '{{ .Values.mso.oof.password }}'
passwordPolicy: required
- - uid: server-actuator-creds
- name: &actuator-secrets '{{ include "common.release" . }}-so-server-actuator-creds'
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.server.actuatorCredsExternalSecret) . }}'
- login: '{{ .Values.server.actuator.username }}'
- password: '{{ .Values.server.actuator.password }}'
- passwordPolicy: required
- - uid: server-bpel-creds
- name: &bpel-secrets '{{ include "common.release" . }}-so-server-bpel-creds'
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.server.bpelCredsExternalSecret) . }}'
- login: '{{ .Values.server.bpel.username }}'
- password: '{{ .Values.server.bpel.password }}'
- passwordPolicy: required
- - uid: so-aaf-creds
- name: &aaf-secrets '{{ include "common.release" . }}-so-server-aaf-creds'
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.server.aafCredsExternalSecret) . }}'
- login: '{{ .Values.server.aaf.username }}'
- password: '{{ .Values.server.aaf.password }}'
- passwordPolicy: required
- - uid: so-aai-creds
- name: &aai-secrets '{{ include "common.release" . }}-so-server-aai-creds'
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.server.aaiCredsExternalSecret) . }}'
- login: '{{ .Values.server.aai.username }}'
- password: '{{ .Values.server.aai.password }}'
- passwordPolicy: required
aafConfig:
permission_user: 1000
@@ -167,44 +146,20 @@ dbCreds:
userName: so_user
adminName: so_admin
-server:
- aaf:
- username: so@so.onap.org
- password: demo123456
- # aafCredsExternalSecret: some secret
- aai:
- username: aai@aai.onap.org
- password: demo123456!
- # aaiCredsExternalSecret: some secret
- actuator:
- username: mso_admin
- password: password1$
- # actuatorCredsExternalSecret: some secret
- bpel:
- username: bpel
- password: password1$
- # bpelCredsExternalSecret: some secret
-
repository: nexus3.onap.org:10001
-image: onap/so/api-handler-infra:1.6.4
+image: onap/so/api-handler-infra:1.7.10
pullPolicy: Always
-
replicaCount: 1
minReadySeconds: 10
-
containerPort: &containerPort 8080
-
logPath: ./logs/apih/
-
app: api-handler-infra
-
service:
type: NodePort
nodePort: 77
internalPort: *containerPort
externalPort: *containerPort
portName: so-apih-port
-
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
@@ -281,7 +236,6 @@ mso:
requestDb:
auth: Basic YnBlbDpwYXNzd29yZDEk
camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A
- msoKey: 07a7159d3bf51a0e53be7a8f89699be7
sdc:
client:
auth: 878785F4F31BC9CFA5AB52A172008212D8845ED2DE08AD5E56AF114720A4E49768B8F95CDA2EB971765D28EDCDAA24
@@ -298,9 +252,7 @@ mso:
auth: basic bXNvX2FkbWlufHBhc3N3b3JkMSQ=
so-appc-orchestrator:
- enabled: true
- server:
- actuatorCredsExternalSecret: *actuator-secrets
+ enabled: false
db:
<<: *dbSecrets
@@ -313,51 +265,16 @@ so-catalog-db-adapter:
db:
<<: *dbSecrets
-so-cnf-adapter:
- enabled: true
- server:
- aafCredsExternalSecret: *aaf-secrets
- aaiCredsExternalSecret: *aai-secrets
- actuatorCredsExternalSecret: *actuator-secrets
- mso:
- msoKeySecret: *mso-key
-
so-etsi-nfvo-ns-lcm:
enabled: true
db:
<<: *dbSecrets
-so-mariadb:
- db:
- rootPasswordExternalSecretLocalDb: *dbRootPassSecretName
- rootPasswordExternalSecret: '{{ ternary .Values.db.rootPasswordExternalSecretLocalDb (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.localCluster }}'
- backupCredsExternalSecret: *dbBackupCredsSecretName
- userCredsExternalSecret: *dbUserCredsSecretName
- adminCredsExternalSecret: *dbAdminCredsSecretName
-
so-monitoring:
enabled: true
db:
<<: *dbSecrets
-so-nssmf-adapter:
- enabled: true
- server:
- actuatorCredsExternalSecret: *actuator-secrets
- bpelCredsExternalSecret: *bpel-secrets
- db:
- <<: *dbSecrets
-
-so-oof-adapter:
- enabled: true
- db:
- <<: *dbSecrets
- mso:
- msoKeySecret: *mso-key
- camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A
- oof:
- authSecret: *mso-oof-auth
-
so-openstack-adapter:
enabled: true
db:
@@ -377,12 +294,35 @@ so-sdnc-adapter:
<<: *dbSecrets
so-ve-vnfm-adapter:
- enabled: true
+ enabled: false
so-vfc-adapter:
enabled: true
db:
<<: *dbSecrets
+so-nssmf-adapter:
+ enabled: true
+ db:
+ <<: *dbSecrets
+
+so-oof-adapter:
+ enabled: true
+ db:
+ <<: *dbSecrets
+ mso:
+ msoKeySecret: *mso-key
+ camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A
+ oof:
+ authSecret: *mso-oof-auth
+
so-vnfm-adapter:
enabled: true
+
+so-mariadb:
+ db:
+ rootPasswordExternalSecretLocalDb: *dbRootPassSecretName
+ rootPasswordExternalSecret: '{{ ternary .Values.db.rootPasswordExternalSecretLocalDb (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.localCluster }}'
+ backupCredsExternalSecret: *dbBackupCredsSecretName
+ userCredsExternalSecret: *dbUserCredsSecretName
+ adminCredsExternalSecret: *dbAdminCredsSecretName