diff options
Diffstat (limited to 'kubernetes/so')
53 files changed, 186 insertions, 506 deletions
diff --git a/kubernetes/so/components/so-appc-orchestrator/templates/deployment.yaml b/kubernetes/so/components/so-appc-orchestrator/templates/deployment.yaml index 50d42ca44d..24592ba50a 100644 --- a/kubernetes/so/components/so-appc-orchestrator/templates/deployment.yaml +++ b/kubernetes/so/components/so-appc-orchestrator/templates/deployment.yaml @@ -58,7 +58,7 @@ spec: export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) export TRUSTSTORE_PASSWORD="${cadi_truststore_password}" {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password}" + export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" {{- end }} {{- end }} /app/start-app.sh diff --git a/kubernetes/so/components/so-bpmn-infra/requirements.yaml b/kubernetes/so/components/so-bpmn-infra/requirements.yaml index 1feea23842..b0bda362dd 100755 --- a/kubernetes/so/components/so-bpmn-infra/requirements.yaml +++ b/kubernetes/so/components/so-bpmn-infra/requirements.yaml @@ -18,6 +18,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' - name: soHelpers version: ~6.x-0 repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml index cf448cc9cd..11128dd68c 100755 --- a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml @@ -382,7 +382,7 @@ spring: so: vnfm: adapter: - url: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/ + url: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/ auth: {{ .Values.so.vnfm.adapter.auth }} org: onap: diff --git a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml index e7cb3aa782..ac335c859a 100755 --- a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml +++ b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml @@ -39,21 +39,9 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} - - command: - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-so-mariadb-config-job - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + initContainers: + {{ include "so.certificate.container_importer" . | indent 6 | trim }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "common.repository" . }}/{{ .Values.image }} @@ -67,21 +55,15 @@ spec: export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) export TRUSTSTORE_PASSWORD="${cadi_truststore_password}" {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password}" + export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" {{- end }} /app/start-app.sh {{- end }} env: - name: DB_HOST - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.host + value: {{ include "common.mariadbService" . }} - name: DB_PORT - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.port + value: {{ include "common.mariadbPort" . | quote }} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }} - name: DB_PASSWORD diff --git a/kubernetes/so/components/so-bpmn-infra/values.yaml b/kubernetes/so/components/so-bpmn-infra/values.yaml index 034e269d6a..de0fe52518 100755 --- a/kubernetes/so/components/so-bpmn-infra/values.yaml +++ b/kubernetes/so/components/so-bpmn-infra/values.yaml @@ -32,6 +32,13 @@ global: aaf: auth: encrypted: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456 + mariadbGalera: + serviceName: mariadb-galera + servicePort: '3306' + +readinessCheck: + wait_for: + - so-mariadb-config ################################################################# # Secrets metaconfig diff --git a/kubernetes/so/components/so-catalog-db-adapter/requirements.yaml b/kubernetes/so/components/so-catalog-db-adapter/requirements.yaml index 1feea23842..b0bda362dd 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/requirements.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/requirements.yaml @@ -18,6 +18,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' - name: soHelpers version: ~6.x-0 repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml index d58fd86194..0aac5f4b48 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml @@ -39,21 +39,9 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} - - command: - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-so-mariadb-config-job - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + initContainers: + {{ include "so.certificate.container_importer" . | indent 6 | trim }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "common.repository" . }}/{{ .Values.image }} @@ -67,21 +55,15 @@ spec: export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) export TRUSTSTORE_PASSWORD="${cadi_truststore_password}" {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password}" + export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" {{- end }} /app/start-app.sh {{- end }} env: - name: DB_HOST - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.host + value: {{ include "common.mariadbService" . }} - name: DB_PORT - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.port + value: {{ include "common.mariadbPort" . | quote }} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }} - name: DB_PASSWORD diff --git a/kubernetes/so/components/so-catalog-db-adapter/values.yaml b/kubernetes/so/components/so-catalog-db-adapter/values.yaml index 2fadf41e01..334e70e941 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/values.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/values.yaml @@ -31,6 +31,13 @@ global: header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= app: msoKey: 07a7159d3bf51a0e53be7a8f89699be7 + mariadbGalera: + serviceName: mariadb-galera + servicePort: '3306' + +readinessCheck: + wait_for: + - so-mariadb-config ################################################################# # Secrets metaconfig diff --git a/kubernetes/so/components/so-db-secrets/Chart.yaml b/kubernetes/so/components/so-db-secrets/Chart.yaml deleted file mode 100755 index 1739d1fe36..0000000000 --- a/kubernetes/so/components/so-db-secrets/Chart.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright © 2018 AT&T USA -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -description: A Helm chart for DB secrets -name: so-db-secrets -version: 6.0.0
\ No newline at end of file diff --git a/kubernetes/so/components/so-db-secrets/requirements.yaml b/kubernetes/so/components/so-db-secrets/requirements.yaml deleted file mode 100755 index 2eb32d00ed..0000000000 --- a/kubernetes/so/components/so-db-secrets/requirements.yaml +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -dependencies: - - name: common - version: ~6.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' diff --git a/kubernetes/so/components/so-db-secrets/templates/secrets.yaml b/kubernetes/so/components/so-db-secrets/templates/secrets.yaml deleted file mode 100755 index 0ada38595e..0000000000 --- a/kubernetes/so/components/so-db-secrets/templates/secrets.yaml +++ /dev/null @@ -1,33 +0,0 @@ -{{/* -# Copyright © 2018 AT&T USA -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.release" . }}-so-db-secrets - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: - mariadb.readwrite.host : {{ .Values.global.mariadbGalera.serviceName | b64enc | quote }} - mariadb.readwrite.port : {{ .Values.global.mariadbGalera.servicePort | b64enc | quote }} - mariadb.readwrite.rolename: {{ .Values.db_username | b64enc | quote }} - mariadb.readwrite.password: {{ .Values.db_password | b64enc | quote }} - mariadb.admin.rolename: {{ .Values.db_admin_username| b64enc | quote }} - mariadb.admin.password: {{ .Values.db_admin_password | b64enc | quote }} -type: Opaque diff --git a/kubernetes/so/components/so-db-secrets/values.yaml b/kubernetes/so/components/so-db-secrets/values.yaml deleted file mode 100644 index 7e51e3ce5d..0000000000 --- a/kubernetes/so/components/so-db-secrets/values.yaml +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright © 2018 AT&T USA -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -global: - mariadbGalera: - serviceName: mariadb-galera - servicePort: "3306" -db_admin_username: so_admin -db_admin_password: so_Admin123 -db_username: so_user -db_password: so_User123 diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml index c9aa5823bf..20a4284c67 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml @@ -49,7 +49,7 @@ mso: so: adapters: sol003-adapter: - url: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1 + url: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1 auth: {{ .Values.so.sol003.adapter.auth }} etsi-catalog-manager: base: @@ -58,7 +58,7 @@ etsi-catalog-manager: http: client: ssl: - trust-store: ${TRUSTSTORE} + trust-store: file:${TRUSTSTORE} trust-store-password: ${TRUSTSTORE_PASSWORD} {{- else }} endpoint: http://modeling-etsicatalog.{{ include "common.namespace" . }}:8806/api diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml index 9408c1f556..fa5f42d5ab 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml @@ -41,9 +41,8 @@ spec: {{- if .Values.global.aafEnabled }} export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) export TRUSTSTORE_PASSWORD="${cadi_truststore_password}" - export TRUSTSTORE="file:/${TRUSTSTORE}" {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password}" + export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" {{- end }} {{- end }} ./start-app.sh @@ -55,15 +54,9 @@ spec: - name: ETSI_NFVO_PASSWORD_INPUT {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "etsi-nfvo-nslcm-creds" "key" "password") | indent 14 }} - name: DB_HOST - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.host + value: {{ include "common.mariadbService" . }} - name: DB_PORT - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.port + value: {{ include "common.mariadbPort" . | quote }} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 14 }} - name: DB_PASSWORD @@ -83,9 +76,6 @@ spec: - name: config mountPath: /app/config readOnly: true - - name: {{ include "common.fullname" . }}-truststore - mountPath: /app/client - readOnly: true livenessProbe: tcpSocket: port: {{ index .Values.livenessProbe.port }} @@ -100,8 +90,5 @@ spec: - name: config configMap: name: {{ include "common.fullname" . }}-app-configmap - - name: {{ include "common.fullname" . }}-truststore - secret: - secretName: {{ include "common.release" . }}-so-truststore-secret imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml index 6af61820db..82ba0844e8 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml @@ -29,6 +29,9 @@ global: aaf: auth: header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= + mariadbGalera: + serviceName: mariadb-galera + servicePort: '3306' ################################################################# # Secrets metaconfig @@ -57,7 +60,7 @@ secrets: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/so-etsi-nfvo-ns-lcm:1.7.4 +image: onap/so/so-etsi-nfvo-ns-lcm:1.7.7 pullPolicy: Always aai: diff --git a/kubernetes/so/components/so-mariadb/requirements.yaml b/kubernetes/so/components/so-mariadb/requirements.yaml index 2eb32d00ed..22d6333253 100755 --- a/kubernetes/so/components/so-mariadb/requirements.yaml +++ b/kubernetes/so/components/so-mariadb/requirements.yaml @@ -18,3 +18,6 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/so/components/so-mariadb/templates/job.yaml b/kubernetes/so/components/so-mariadb/templates/job.yaml index 36481d461f..b3bacc1ed4 100644 --- a/kubernetes/so/components/so-mariadb/templates/job.yaml +++ b/kubernetes/so/components/so-mariadb/templates/job.yaml @@ -95,23 +95,9 @@ spec: release: {{ include "common.release" . }} name: {{ include "common.name" . }} spec: - initContainers: - - name: {{ include "common.name" . }}-readiness - command: - - /app/ready.py - args: - - --container-name - - {{ .Values.global.mariadbGalera.nameOverride }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + initContainers: {{ include "common.readinessCheck.waitFor" . | nindent 6 }} containers: - - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }}-config image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: @@ -127,15 +113,9 @@ spec: {{- end }} env: - name: DB_HOST - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.host + value: {{ include "common.mariadbService" . }} - name: DB_PORT - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.port + value: {{ include "common.mariadbPort" . | quote }} - name: MYSQL_ROOT_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 10 }} - name: DB_USER diff --git a/kubernetes/so/components/so-mariadb/values.yaml b/kubernetes/so/components/so-mariadb/values.yaml index 9ecf3b0ca6..809dff77a7 100755 --- a/kubernetes/so/components/so-mariadb/values.yaml +++ b/kubernetes/so/components/so-mariadb/values.yaml @@ -24,7 +24,7 @@ global: readinessImage: onap/oom/readiness:3.0.1 ubuntuInitRepository: registry.hub.docker.com mariadbGalera: - nameOverride: mariadb-galera + nameOverride: &mariadbName mariadb-galera serviceName: mariadb-galera servicePort: "3306" migration: @@ -33,6 +33,11 @@ global: dbPort: 3306 dbUser: root dbPassword: secretpassword + +readinessCheck: + wait_for: + - *mariadbName + ################################################################# # Secrets metaconfig ################################################################# diff --git a/kubernetes/so/components/so-monitoring/templates/deployment.yaml b/kubernetes/so/components/so-monitoring/templates/deployment.yaml index 7875893dc8..03eccc2d02 100644 --- a/kubernetes/so/components/so-monitoring/templates/deployment.yaml +++ b/kubernetes/so/components/so-monitoring/templates/deployment.yaml @@ -75,15 +75,9 @@ spec: /app/start-app.sh env: - name: DB_HOST - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.host + value: {{ include "common.mariadbService" . }} - name: DB_PORT - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.port + value: {{ include "common.mariadbPort" . | quote }} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }} - name: DB_PASSWORD diff --git a/kubernetes/so/components/so-monitoring/values.yaml b/kubernetes/so/components/so-monitoring/values.yaml index 9ba1d7b7d8..31ad9d072c 100644 --- a/kubernetes/so/components/so-monitoring/values.yaml +++ b/kubernetes/so/components/so-monitoring/values.yaml @@ -37,6 +37,9 @@ global: aaf: auth: header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= + mariadbGalera: + serviceName: mariadb-galera + servicePort: '3306' ################################################################# # Secrets metaconfig diff --git a/kubernetes/so/components/so-nssmf-adapter/requirements.yaml b/kubernetes/so/components/so-nssmf-adapter/requirements.yaml index 1feea23842..b0bda362dd 100755 --- a/kubernetes/so/components/so-nssmf-adapter/requirements.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/requirements.yaml @@ -18,6 +18,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' - name: soHelpers version: ~6.x-0 repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml b/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml index f1ec31adf1..3b28c5bbdd 100755 --- a/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml @@ -29,21 +29,9 @@ spec: metadata: labels: {{- include "common.labels" . | nindent 8 }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 8 }} - - name: {{ include "common.name" . }}-readiness - command: - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-so-mariadb-config-job - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "common.repository" . }}/{{ .Values.global.readinessImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + initContainers: + {{ include "so.certificate.container_importer" . | indent 6 | trim }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} command: @@ -57,7 +45,7 @@ spec: export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) export TRUSTSTORE_PASSWORD="${cadi_truststore_password}" {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password}" + export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" {{- end }} {{- end }} ./start-app.sh @@ -66,15 +54,9 @@ spec: ports: {{- include "common.containerPorts" . | nindent 12 }} env: - name: DB_HOST - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.host + value: {{ include "common.mariadbService" . }} - name: DB_PORT - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.port + value: {{ include "common.mariadbPort" . | quote }} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 14 }} - name: DB_PASSWORD @@ -102,9 +84,6 @@ spec: - name: config mountPath: /app/config readOnly: true - - name: {{ include "common.fullname" . }}-truststore - mountPath: /app/client - readOnly: true livenessProbe: httpGet: path: {{ index .Values.livenessProbe.path}} @@ -121,8 +100,5 @@ spec: - name: config configMap: name: {{ include "common.fullname" . }} - - name: {{ include "common.fullname" . }}-truststore - secret: - secretName: {{ include "common.release" . }}-so-truststore-secret imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/so/components/so-nssmf-adapter/values.yaml b/kubernetes/so/components/so-nssmf-adapter/values.yaml index 3bfe1b212f..753da870f0 100755 --- a/kubernetes/so/components/so-nssmf-adapter/values.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/values.yaml @@ -29,6 +29,14 @@ global: aaf: auth: header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= + mariadbGalera: + serviceName: mariadb-galera + servicePort: '3306' + +readinessCheck: + wait_for: + - so-mariadb-config + ################################################################# # Secrets metaconfig diff --git a/kubernetes/so/components/so-oof-adapter/templates/deployment.yaml b/kubernetes/so/components/so-oof-adapter/templates/deployment.yaml index f2eae394e7..72799d1f5f 100755 --- a/kubernetes/so/components/so-oof-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-oof-adapter/templates/deployment.yaml @@ -37,15 +37,9 @@ spec: {{ include "common.resources" . | indent 10 }} env: - name: DB_HOST - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.host + value: {{ include "common.mariadbService" . }} - name: DB_PORT - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.port + value: {{ include "common.mariadbPort" . | quote }} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }} - name: DB_PASSWORD diff --git a/kubernetes/so/components/so-oof-adapter/values.yaml b/kubernetes/so/components/so-oof-adapter/values.yaml index 4431ca5513..6bddf29032 100755 --- a/kubernetes/so/components/so-oof-adapter/values.yaml +++ b/kubernetes/so/components/so-oof-adapter/values.yaml @@ -31,6 +31,10 @@ global: aaf: auth: header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= + mariadbGalera: + serviceName: mariadb-galera + servicePort: '3306' + # Secrets metaconfig ################################################################# db: diff --git a/kubernetes/so/components/so-openstack-adapter/requirements.yaml b/kubernetes/so/components/so-openstack-adapter/requirements.yaml index 1feea23842..b0bda362dd 100755 --- a/kubernetes/so/components/so-openstack-adapter/requirements.yaml +++ b/kubernetes/so/components/so-openstack-adapter/requirements.yaml @@ -18,6 +18,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' - name: soHelpers version: ~6.x-0 repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml index e7cb3aa782..ac335c859a 100755 --- a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml @@ -39,21 +39,9 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} - - command: - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-so-mariadb-config-job - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + initContainers: + {{ include "so.certificate.container_importer" . | indent 6 | trim }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "common.repository" . }}/{{ .Values.image }} @@ -67,21 +55,15 @@ spec: export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) export TRUSTSTORE_PASSWORD="${cadi_truststore_password}" {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password}" + export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" {{- end }} /app/start-app.sh {{- end }} env: - name: DB_HOST - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.host + value: {{ include "common.mariadbService" . }} - name: DB_PORT - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.port + value: {{ include "common.mariadbPort" . | quote }} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }} - name: DB_PASSWORD diff --git a/kubernetes/so/components/so-openstack-adapter/values.yaml b/kubernetes/so/components/so-openstack-adapter/values.yaml index 16bbac2afd..64321f47c0 100755 --- a/kubernetes/so/components/so-openstack-adapter/values.yaml +++ b/kubernetes/so/components/so-openstack-adapter/values.yaml @@ -29,6 +29,13 @@ global: aaf: auth: encrypted: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456 + mariadbGalera: + serviceName: mariadb-galera + servicePort: '3306' + +readinessCheck: + wait_for: + - so-mariadb-config ################################################################# # Secrets metaconfig diff --git a/kubernetes/so/components/so-request-db-adapter/requirements.yaml b/kubernetes/so/components/so-request-db-adapter/requirements.yaml index 1feea23842..b0bda362dd 100755 --- a/kubernetes/so/components/so-request-db-adapter/requirements.yaml +++ b/kubernetes/so/components/so-request-db-adapter/requirements.yaml @@ -18,6 +18,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' - name: soHelpers version: ~6.x-0 repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml index d58fd86194..0aac5f4b48 100755 --- a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml @@ -39,21 +39,9 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} - - command: - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-so-mariadb-config-job - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + initContainers: + {{ include "so.certificate.container_importer" . | indent 6 | trim }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "common.repository" . }}/{{ .Values.image }} @@ -67,21 +55,15 @@ spec: export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) export TRUSTSTORE_PASSWORD="${cadi_truststore_password}" {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password}" + export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" {{- end }} /app/start-app.sh {{- end }} env: - name: DB_HOST - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.host + value: {{ include "common.mariadbService" . }} - name: DB_PORT - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.port + value: {{ include "common.mariadbPort" . | quote }} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }} - name: DB_PASSWORD diff --git a/kubernetes/so/components/so-request-db-adapter/values.yaml b/kubernetes/so/components/so-request-db-adapter/values.yaml index 5a3721abbe..84d2944a13 100755 --- a/kubernetes/so/components/so-request-db-adapter/values.yaml +++ b/kubernetes/so/components/so-request-db-adapter/values.yaml @@ -29,6 +29,13 @@ global: aaf: auth: header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= + mariadbGalera: + serviceName: mariadb-galera + servicePort: '3306' + +readinessCheck: + wait_for: + - so-mariadb-config ################################################################# # Secrets metaconfig diff --git a/kubernetes/so/components/so-sdc-controller/requirements.yaml b/kubernetes/so/components/so-sdc-controller/requirements.yaml index 1feea23842..b0bda362dd 100755 --- a/kubernetes/so/components/so-sdc-controller/requirements.yaml +++ b/kubernetes/so/components/so-sdc-controller/requirements.yaml @@ -18,6 +18,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' - name: soHelpers version: ~6.x-0 repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml index e7cb3aa782..ac335c859a 100755 --- a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml +++ b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml @@ -39,21 +39,9 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} - - command: - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-so-mariadb-config-job - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + initContainers: + {{ include "so.certificate.container_importer" . | indent 6 | trim }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "common.repository" . }}/{{ .Values.image }} @@ -67,21 +55,15 @@ spec: export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) export TRUSTSTORE_PASSWORD="${cadi_truststore_password}" {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password}" + export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" {{- end }} /app/start-app.sh {{- end }} env: - name: DB_HOST - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.host + value: {{ include "common.mariadbService" . }} - name: DB_PORT - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.port + value: {{ include "common.mariadbPort" . | quote }} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }} - name: DB_PASSWORD diff --git a/kubernetes/so/components/so-sdc-controller/values.yaml b/kubernetes/so/components/so-sdc-controller/values.yaml index 24de2c6862..8980487cb1 100755 --- a/kubernetes/so/components/so-sdc-controller/values.yaml +++ b/kubernetes/so/components/so-sdc-controller/values.yaml @@ -29,6 +29,13 @@ global: aaf: auth: header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= + mariadbGalera: + serviceName: mariadb-galera + servicePort: '3306' + +readinessCheck: + wait_for: + - so-mariadb-config ################################################################# # Secrets metaconfig diff --git a/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml b/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml index 5797007243..5186523ba1 100755 --- a/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml @@ -53,21 +53,15 @@ spec: export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) export TRUSTSTORE_PASSWORD="${cadi_truststore_password}" {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password}" + export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" {{- end }} /app/start-app.sh {{- end }} env: - name: DB_HOST - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.host + value: {{ include "common.mariadbService" . }} - name: DB_PORT - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.port + value: {{ include "common.mariadbPort" . | quote }} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }} - name: DB_PASSWORD diff --git a/kubernetes/so/components/so-sdnc-adapter/values.yaml b/kubernetes/so/components/so-sdnc-adapter/values.yaml index 4b36815d3d..1c41e4a5a0 100755 --- a/kubernetes/so/components/so-sdnc-adapter/values.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/values.yaml @@ -32,6 +32,9 @@ global: aaf: auth: header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= + mariadbGalera: + serviceName: mariadb-galera + servicePort: '3306' ################################################################# # Secrets metaconfig diff --git a/kubernetes/so/components/so-secrets/Chart.yaml b/kubernetes/so/components/so-secrets/Chart.yaml deleted file mode 100644 index d96245d752..0000000000 --- a/kubernetes/so/components/so-secrets/Chart.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright © 2018 AT&T USA -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -description: A Helm chart for so secrets -name: so-secrets -version: 6.0.0 diff --git a/kubernetes/so/components/so-secrets/requirements.yaml b/kubernetes/so/components/so-secrets/requirements.yaml deleted file mode 100755 index 2eb32d00ed..0000000000 --- a/kubernetes/so/components/so-secrets/requirements.yaml +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -dependencies: - - name: common - version: ~6.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' diff --git a/kubernetes/so/components/so-secrets/resources/certs/org.onap.so.trust.jks b/kubernetes/so/components/so-secrets/resources/certs/org.onap.so.trust.jks Binary files differdeleted file mode 100644 index 31ea6ba650..0000000000 --- a/kubernetes/so/components/so-secrets/resources/certs/org.onap.so.trust.jks +++ /dev/null diff --git a/kubernetes/so/components/so-secrets/templates/secrets.yaml b/kubernetes/so/components/so-secrets/templates/secrets.yaml deleted file mode 100644 index 9388ecbf38..0000000000 --- a/kubernetes/so/components/so-secrets/templates/secrets.yaml +++ /dev/null @@ -1,42 +0,0 @@ -{{/* -# Copyright © 2018 AT&T USA -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} -apiVersion: v1 -kind: Secret -metadata: - name: {{ .Release.Name }}-so-client-certs-secret - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: - trustStorePassword: {{ .Values.global.client.certs.trustStorePassword }} - keyStorePassword: {{ .Values.global.client.certs.keyStorePassword}} -type: Opaque ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.release" . }}-so-truststore-secret - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/so/components/so-secrets/values.yaml b/kubernetes/so/components/so-secrets/values.yaml deleted file mode 100644 index 602ea79084..0000000000 --- a/kubernetes/so/components/so-secrets/values.yaml +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright (c) 2020 Orange -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - client: - certs: - trustStorePassword: LHN4Iy5DKlcpXXdWZ0pDNmNjRkhJIzpI diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/requirements.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/requirements.yaml index 1feea23842..b0bda362dd 100755 --- a/kubernetes/so/components/so-ve-vnfm-adapter/requirements.yaml +++ b/kubernetes/so/components/so-ve-vnfm-adapter/requirements.yaml @@ -18,6 +18,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' - name: soHelpers version: ~6.x-0 repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml index 55177031e4..7c528b0290 100755 --- a/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml @@ -24,23 +24,8 @@ spec: metadata: labels: {{- include "common.labels" . | nindent 8 }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 8 }} - - name: {{ include "common.name" . }}-readiness - command: - - /app/ready.py - args: - - --container-name - - aai - - --container-name - - message-router - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "common.repository" . }}/{{ .Values.global.readinessImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} envFrom: diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml index 6511af320b..9237b994ac 100755 --- a/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml +++ b/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml @@ -22,6 +22,11 @@ global: persistence: mountPath: /dockerdata-nfs +readinessCheck: + wait_for: + - aai + - message-router + ################################################################# # Application configuration defaults. ################################################################# diff --git a/kubernetes/so/components/so-vfc-adapter/requirements.yaml b/kubernetes/so/components/so-vfc-adapter/requirements.yaml index 1feea23842..b0bda362dd 100755 --- a/kubernetes/so/components/so-vfc-adapter/requirements.yaml +++ b/kubernetes/so/components/so-vfc-adapter/requirements.yaml @@ -18,6 +18,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' - name: soHelpers version: ~6.x-0 repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-vfc-adapter/templates/deployment.yaml b/kubernetes/so/components/so-vfc-adapter/templates/deployment.yaml index a85ce0cded..94759ced65 100755 --- a/kubernetes/so/components/so-vfc-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-vfc-adapter/templates/deployment.yaml @@ -39,21 +39,9 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} - - command: - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-so-mariadb-config-job - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + initContainers: + {{ include "so.certificate.container_importer" . | indent 6 | trim }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "common.repository" . }}/{{ .Values.image }} @@ -67,21 +55,15 @@ spec: export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) export TRUSTSTORE_PASSWORD="${cadi_truststore_password}" {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password}" + export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" {{- end }} /app/start-app.sh {{- end }} env: - name: DB_HOST - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.host + value: {{ include "common.mariadbService" . }} - name: DB_PORT - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.port + value: {{ include "common.mariadbPort" . | quote }} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }} - name: DB_PASSWORD diff --git a/kubernetes/so/components/so-vfc-adapter/values.yaml b/kubernetes/so/components/so-vfc-adapter/values.yaml index d0e1d20e75..e4f034d0e5 100755 --- a/kubernetes/so/components/so-vfc-adapter/values.yaml +++ b/kubernetes/so/components/so-vfc-adapter/values.yaml @@ -28,6 +28,13 @@ global: aaf: auth: header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= + mariadbGalera: + serviceName: mariadb-galera + servicePort: '3306' + +readinessCheck: + wait_for: + - so-mariadb-config ################################################################# # Secrets metaconfig diff --git a/kubernetes/so/components/so-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-vnfm-adapter/resources/config/overrides/override.yaml index 7fc4b95b27..d780a76876 100755 --- a/kubernetes/so/components/so-vnfm-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-vnfm-adapter/resources/config/overrides/override.yaml @@ -29,15 +29,7 @@ spring: server: port: {{ index .Values.containerPort }} ssl: - key-alias: so@so.onap.org - key--store-password: 'ywsqCy:EEo#j}HJHM7z^Rk[L' - key-store: classpath:so-vnfm-adapter.p12 - key-store-type: PKCS12 -http: - client: - ssl: - trust-store: classpath:org.onap.so.trust.jks - trust-store-password: ',sx#.C*W)]wVgJC6ccFHI#:H' + enabled: false mso: key: {{ .Values.mso.key }} site-name: localSite @@ -52,7 +44,7 @@ sdc: key: {{ .Values.sdc.key }} endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443 vnfmadapter: - endpoint: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092 + endpoint: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092 etsi-catalog-manager: vnfpkgm: {{- if .Values.global.msbEnabled }} @@ -60,7 +52,7 @@ etsi-catalog-manager: http: client: ssl: - trust-store: ${TRUSTSTORE} + trust-store: file:${TRUSTSTORE} trust-store-password: ${TRUSTSTORE_PASSWORD} {{- else }} endpoint: http://modeling-etsicatalog.{{ include "common.namespace" . }}:8806/api/vnfpkgm/v1 diff --git a/kubernetes/so/components/so-vnfm-adapter/templates/deployment.yaml b/kubernetes/so/components/so-vnfm-adapter/templates/deployment.yaml index 4f73fb39e7..24dd3d6d21 100755 --- a/kubernetes/so/components/so-vnfm-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-vnfm-adapter/templates/deployment.yaml @@ -52,9 +52,8 @@ spec: - | export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) export TRUSTSTORE_PASSWORD="${cadi_truststore_password}" - {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password}" - {{- end }} + export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" + export KEYSTORE="{{ .Values.soHelpers.certInitializer.credsPath }}/org.onap.so.p12" /app/start-app.sh {{- end }} env: @@ -69,9 +68,6 @@ spec: - name: config mountPath: /app/config readOnly: true - - name: {{ include "common.fullname" . }}-truststore - mountPath: /app/client - readOnly: true livenessProbe: tcpSocket: port: {{ index .Values.livenessProbe.port }} @@ -89,8 +85,5 @@ spec: - name: config configMap: name: {{ include "common.fullname" . }}-app-configmap - - name: {{ include "common.fullname" . }}-truststore - secret: - secretName: {{ include "common.release" . }}-so-truststore-secret imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/so/components/soHelpers/templates/_certificates.tpl b/kubernetes/so/components/soHelpers/templates/_certificates.tpl index ef3b0768f5..d148a1cd60 100644 --- a/kubernetes/so/components/soHelpers/templates/_certificates.tpl +++ b/kubernetes/so/components/soHelpers/templates/_certificates.tpl @@ -5,7 +5,7 @@ {{ include "common.certInitializer.initContainer" $subchartDot }} {{- if $dot.Values.global.aafEnabled }} - name: {{ include "common.name" $dot }}-msb-cert-importer - image: "{{ include "common.repository" $dot }}/{{ $dot.Values.global.aafAgentImage }}" + image: "{{ include "common.repository" $subchartDot }}/{{ $dot.Values.global.aafAgentImage }}" imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }} command: - "/bin/sh" @@ -56,7 +56,7 @@ value: {{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }} {{- if $dot.Values.global.security.aaf.enabled }} - name: KEYSTORE - value: {{ $subchartDot.Values.certInitializer.credsPath }}/org.onap.so.jks + value: {{ $subchartDot.Values.certInitializer.credsPath }}/org.onap.so.p12 {{- end }} {{- end }} {{- end -}} diff --git a/kubernetes/so/requirements.yaml b/kubernetes/so/requirements.yaml index 82cf3e927f..bbd84cfcfd 100755 --- a/kubernetes/so/requirements.yaml +++ b/kubernetes/so/requirements.yaml @@ -18,6 +18,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' - name: mariadb-galera version: ~6.x-0 repository: '@local' @@ -36,10 +39,6 @@ dependencies: version: ~6.x-0 repository: 'file://components/so-catalog-db-adapter' condition: so-catalog-db-adapter.enabled - - name: so-db-secrets - version: ~6.x-0 - repository: 'file://components/so-db-secrets' - condition: so-etsi-nfvo-ns-lcm.enabled - name: so-etsi-nfvo-ns-lcm version: ~6.x-0 repository: 'file://components/so-etsi-nfvo-ns-lcm' @@ -73,9 +72,6 @@ dependencies: version: ~6.x-0 repository: 'file://components/so-sdnc-adapter' condition: so-sdnc-adapter.enabled - - name: so-secrets - version: ~6.x-0 - repository: 'file://components/so-secrets' - name: so-ve-vnfm-adapter version: ~6.x-0 repository: 'file://components/so-ve-vnfm-adapter' diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml index 1ff897e051..ac335c859a 100755 --- a/kubernetes/so/templates/deployment.yaml +++ b/kubernetes/so/templates/deployment.yaml @@ -41,20 +41,7 @@ spec: spec: initContainers: {{ include "so.certificate.container_importer" . | indent 6 | trim }} - - name: {{ include "common.name" . }}-readiness - command: - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-so-mariadb-config-job - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "common.repository" . }}/{{ .Values.image }} @@ -68,21 +55,15 @@ spec: export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) export TRUSTSTORE_PASSWORD="${cadi_truststore_password}" {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password}" + export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" {{- end }} /app/start-app.sh {{- end }} env: - name: DB_HOST - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.host + value: {{ include "common.mariadbService" . }} - name: DB_PORT - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.port + value: {{ include "common.mariadbPort" . | quote }} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }} - name: DB_PASSWORD diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index 0a9dbf4f4e..be06267737 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -27,6 +27,8 @@ global: nameOverride: mariadb-galera serviceName: mariadb-galera servicePort: '3306' + service: mariadb-galera + internalPort: '3306' # mariadbRootPassword: secretpassword # rootPasswordExternalSecret: some secret #This flag allows SO to instantiate its own mariadb-galera cluster, @@ -69,6 +71,10 @@ global: path: /etc/ssl/certs share_path: /usr/local/share/ca-certificates/ +readinessCheck: + wait_for: + - so-mariadb-config + ################################################################# # Secrets metaconfig ################################################################# @@ -246,7 +252,7 @@ mso: auth: basic bXNvX2FkbWlufHBhc3N3b3JkMSQ= so-appc-orchestrator: - enabled: true + enabled: false db: <<: *dbSecrets @@ -288,7 +294,7 @@ so-sdnc-adapter: <<: *dbSecrets so-ve-vnfm-adapter: - enabled: true + enabled: false so-vfc-adapter: enabled: true |