diff options
Diffstat (limited to 'kubernetes/so')
45 files changed, 163 insertions, 756 deletions
diff --git a/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml b/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml index 69178fd6c7..661ed64b0e 100644 --- a/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml @@ -22,7 +22,7 @@ server: mso: logPath: ./logs/soappcorch auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.auth.rest.aafEncrypted "value2" .Values.mso.auth )}} - msoKey: {{ .Values.mso.msoKey }} + msoKey: {{ .Values.global.app.msoKey }} config: {{ if .Values.global.security.aaf.enabled }} cadi: {{ include "so.cadi.keys" . | nindent 8}} diff --git a/kubernetes/so/components/so-appc-orchestrator/values.yaml b/kubernetes/so/components/so-appc-orchestrator/values.yaml index e63838d3b1..7570116fd5 100644 --- a/kubernetes/so/components/so-appc-orchestrator/values.yaml +++ b/kubernetes/so/components/so-appc-orchestrator/values.yaml @@ -30,7 +30,8 @@ global: security: aaf: enabled: false - + app: + msoKey: 07a7159d3bf51a0e53be7a8f89699be7 ################################################################# # Secrets metaconfig ################################################################# @@ -73,7 +74,6 @@ db: adminName: so_admin adminPassword: so_Admin123 # adminCredsExternalSecret: some secret - server: actuator: username: mso_admin @@ -87,8 +87,8 @@ service: name: so-appc-orchestrator type: ClusterIP ports: - - port: *containerPort - name: http + - port: *containerPort + name: http updateStrategy: type: RollingUpdate maxUnavailable: 1 @@ -96,6 +96,7 @@ updateStrategy: # Resource Limit flavor -By Default using small flavor: small + ################################################################# # soHelper part ################################################################# @@ -127,14 +128,14 @@ resources: cpu: 1000m unlimited: {} livenessProbe: - path: /manage/health - port: 8083 - scheme: HTTP - initialDelaySeconds: 600 - periodSeconds: 60 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 3 + path: /manage/health + port: 8083 + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 ingress: enabled: false nodeSelector: {} @@ -148,7 +149,6 @@ auth: mso: auth: BEA8637716A7EB617DF472BA6552D22F68C1CB17B0D094D77DDA562F4ADAAC4457CAB848E1A4 basicUser: poBpmn - msoKey: 07a7159d3bf51a0e53be7a8f89699be7 appc: client: diff --git a/kubernetes/so/components/so-bpmn-infra/requirements.yaml b/kubernetes/so/components/so-bpmn-infra/requirements.yaml index 1feea23842..b0bda362dd 100755 --- a/kubernetes/so/components/so-bpmn-infra/requirements.yaml +++ b/kubernetes/so/components/so-bpmn-infra/requirements.yaml @@ -18,6 +18,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' - name: soHelpers version: ~6.x-0 repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml index cf448cc9cd..11128dd68c 100755 --- a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml @@ -382,7 +382,7 @@ spring: so: vnfm: adapter: - url: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/ + url: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/ auth: {{ .Values.so.vnfm.adapter.auth }} org: onap: diff --git a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml index 60745b108b..ac335c859a 100755 --- a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml +++ b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml @@ -39,21 +39,9 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} - - command: - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-so-mariadb-config-job - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + initContainers: + {{ include "so.certificate.container_importer" . | indent 6 | trim }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "common.repository" . }}/{{ .Values.image }} diff --git a/kubernetes/so/components/so-bpmn-infra/values.yaml b/kubernetes/so/components/so-bpmn-infra/values.yaml index dd8b04b09d..de0fe52518 100755 --- a/kubernetes/so/components/so-bpmn-infra/values.yaml +++ b/kubernetes/so/components/so-bpmn-infra/values.yaml @@ -36,6 +36,10 @@ global: serviceName: mariadb-galera servicePort: '3306' +readinessCheck: + wait_for: + - so-mariadb-config + ################################################################# # Secrets metaconfig ################################################################# diff --git a/kubernetes/so/components/so-catalog-db-adapter/requirements.yaml b/kubernetes/so/components/so-catalog-db-adapter/requirements.yaml index 1feea23842..b0bda362dd 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/requirements.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/requirements.yaml @@ -18,6 +18,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' - name: soHelpers version: ~6.x-0 repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml index 25a6842bb9..0aac5f4b48 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml @@ -39,21 +39,9 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} - - command: - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-so-mariadb-config-job - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + initContainers: + {{ include "so.certificate.container_importer" . | indent 6 | trim }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "common.repository" . }}/{{ .Values.image }} diff --git a/kubernetes/so/components/so-catalog-db-adapter/values.yaml b/kubernetes/so/components/so-catalog-db-adapter/values.yaml index 3e98595cbe..334e70e941 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/values.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/values.yaml @@ -35,6 +35,10 @@ global: serviceName: mariadb-galera servicePort: '3306' +readinessCheck: + wait_for: + - so-mariadb-config + ################################################################# # Secrets metaconfig ################################################################# diff --git a/kubernetes/so/components/so-cnf-adapter/Chart.yaml b/kubernetes/so/components/so-cnf-adapter/Chart.yaml deleted file mode 100755 index f2ccd6a707..0000000000 --- a/kubernetes/so/components/so-cnf-adapter/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2020 Huawei Technologies Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -appVersion: "1.7.1" -description: A Helm chart for Kubernetes -name: so-cnf-adapter -version: 6.0.0 diff --git a/kubernetes/so/components/so-cnf-adapter/requirements.yaml b/kubernetes/so/components/so-cnf-adapter/requirements.yaml deleted file mode 100755 index 1feea23842..0000000000 --- a/kubernetes/so/components/so-cnf-adapter/requirements.yaml +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -dependencies: - - name: common - version: ~6.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' - - name: soHelpers - version: ~6.x-0 - repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml deleted file mode 100755 index 37024d4d4d..0000000000 --- a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml +++ /dev/null @@ -1,50 +0,0 @@ -{{/* -# Copyright © 2020 Huawei Technologies Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -aai: - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.server.aai.auth ) }} - endpoint: https://aai.{{ include "common.namespace" . }}:8443 -logging: - path: logs -spring: - security: - usercredentials: - - username: ${ACTUATOR_USERNAME} - password: ${ACTUATOR_PASSWORD} - role: ACTUATOR -server: - port: {{ index .Values.containerPort }} - tomcat: - max-threads: 50 - -mso: - site-name: localSite - logPath: ./logs/cnf - msb-ip: msb-iag.{{ include "common.namespace" . }} - msb-port: 80 -#Actuator -management: - endpoints: - web: - base-path: /manage - exposure: - include: "*" - metrics: - se-global-registry: false - export: - prometheus: - enabled: true # Whether exporting of metrics to Prometheus is enabled. - step: 1m # Step size (i.e. reporting frequency) to use. diff --git a/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml b/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml deleted file mode 100755 index fcdd381e72..0000000000 --- a/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{/* -# Copyright © 2020 Huawei Technologies Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: {{- include "common.resourceMetadata" (dict "dot" . "suffix" "env") | nindent 2 }} -data: - LOG_PATH: {{ index .Values.logPath }} - APP: {{ index .Values.app }} - ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} ---- -apiVersion: v1 -kind: ConfigMap -metadata: {{- include "common.resourceMetadata" . | nindent 2 }} -data: -{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }} diff --git a/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml b/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml deleted file mode 100755 index 8c894ad49a..0000000000 --- a/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml +++ /dev/null @@ -1,130 +0,0 @@ -{{/* -# Copyright © 2020 Huawei Technologies Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: {{- include "common.resourceMetadata" . | nindent 2 }} -spec: - selector: {{- include "common.selectors" . | nindent 4 }} - replicas: {{ index .Values.replicaCount }} - minReadySeconds: {{ index .Values.minReadySeconds }} - strategy: - type: {{ index .Values.updateStrategy.type }} - rollingUpdate: - maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} - maxSurge: {{ index .Values.updateStrategy.maxSurge }} - template: - metadata: - labels: {{- include "common.labels" . | nindent 8 }} - spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 8 }} - - name: {{ include "common.name" . }}-encrypter - command: - - sh - args: - - -c - - | - java Crypto "${AAI_USERNAME}:${AAI_PASSWORD}" "${MSO_KEY}" > /output/.aai_creds - env: - - name: AAI_USERNAME - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aai-creds" "key" "login") | indent 14 }} - - name: AAI_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aai-creds" "key" "password") | indent 14 }} - - name: MSO_KEY - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cnf-adapter-mso-key" "key" "password") | indent 14 }} - image: {{ .Values.global.dockerHubRepository }}/{{ .Values.global.soCryptoImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: encoder - mountPath: /output - - name: {{ include "common.name" . }}-readiness - command: - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-so-mariadb-config-job - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "common.repository" . }}/{{ .Values.global.readinessImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - containers: - - name: {{ include "common.name" . }} - image: {{ include "common.repository" . }}/{{ .Values.image }} - command: - - sh - args: - - -c - - | - export AAF_BASE64=$(echo -n "${AAF_USERNAME}:${AAF_PASSWORD}" | base64) - export AAF_AUTH=$(echo "Basic ${AAF_BASE64}") - export AAI_AUTH=$(cat /input/.aai_creds) - {{- if .Values.global.aafEnabled }} - export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) - export TRUSTSTORE_PASSWORD="${cadi_truststore_password}" - {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password}" - {{- end }} - {{- end }} - ./start-app.sh - resources: {{ include "common.resources" . | nindent 12 }} - ports: {{- include "common.containerPorts" . | nindent 12 }} - env: - - name: AAF_USERNAME - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aaf-creds" "key" "login") | indent 14 }} - - name: AAF_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aaf-creds" "key" "password") | indent 14 }} - - name: ACTUATOR_USERNAME - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "login") | indent 14 }} - - name: ACTUATOR_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "password") | indent 14 }} - {{ include "so.certificates.env" . | indent 12 | trim }} - envFrom: - - configMapRef: - name: {{ include "common.fullname" . }}-env - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 12 }} - - name: logs - mountPath: /app/logs - - name: config - mountPath: /app/config - readOnly: true - - name: encoder - mountPath: /input - livenessProbe: - httpGet: - path: {{ index .Values.livenessProbe.path}} - port: {{ index .Values.containerPort }} - scheme: {{ index .Values.livenessProbe.scheme}} - initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}} - periodSeconds: {{ index .Values.livenessProbe.periodSeconds}} - timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}} - successThreshold: {{ index .Values.livenessProbe.successThreshold}} - failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} - volumes: {{ include "so.certificate.volumes" . | nindent 8 }} - - name: logs - emptyDir: {} - - name: config - configMap: - name: {{ include "common.fullname" . }} - - name: encoder - emptyDir: - medium: Memory - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/so/components/so-cnf-adapter/templates/secret.yaml b/kubernetes/so/components/so-cnf-adapter/templates/secret.yaml deleted file mode 100644 index cc40499c76..0000000000 --- a/kubernetes/so/components/so-cnf-adapter/templates/secret.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{/* -# Copyright © 2020 Huawei Technologies Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.secretFast" . }} diff --git a/kubernetes/so/components/so-cnf-adapter/templates/service.yaml b/kubernetes/so/components/so-cnf-adapter/templates/service.yaml deleted file mode 100755 index 665601d832..0000000000 --- a/kubernetes/so/components/so-cnf-adapter/templates/service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{/* -# Copyright © 2020 Huawei Technologies Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.service" . }} diff --git a/kubernetes/so/components/so-cnf-adapter/values.yaml b/kubernetes/so/components/so-cnf-adapter/values.yaml deleted file mode 100755 index 195d62d4b7..0000000000 --- a/kubernetes/so/components/so-cnf-adapter/values.yaml +++ /dev/null @@ -1,178 +0,0 @@ -# Copyright © 2020 Huawei Technologies Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - nodePortPrefixExt: 304 - repository: nexus3.onap.org:10001 - readinessImage: oomk8s/readiness-check:2.2.2 - soCryptoImage: sdesbure/so_crypto:latest - dockerHubRepository: docker.io - persistence: - mountPath: /dockerdata-nfs - security: - aaf: - enabled: false - aaf: - auth: - header: ${AAF_AUTH} - -################################################################# -# Secrets metaconfig -################################################################# -secrets: - - uid: db-user-creds - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}' - login: '{{ .Values.db.userName }}' - password: '{{ .Values.db.userPassword }}' - passwordPolicy: required - - uid: db-admin-creds - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}' - login: '{{ .Values.db.adminName }}' - password: '{{ .Values.db.adminPassword }}' - passwordPolicy: required - - uid: server-actuator-creds - name: '{{ include "common.release" . }}-so-cnf-actuator-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.server.actuatorCredsExternalSecret) . }}' - login: '{{ .Values.server.actuator.username }}' - password: '{{ .Values.server.actuator.password }}' - passwordPolicy: required - - uid: so-aaf-creds - name: '{{ include "common.release" . }}-so-cnf-aaf-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.server.aafCredsExternalSecret) . }}' - login: '{{ .Values.server.aaf.username }}' - password: '{{ .Values.server.aaf.password }}' - passwordPolicy: required - - uid: so-aai-creds - name: '{{ include "common.release" . }}-so-cnf-aai-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.server.aaiCredsExternalSecret) . }}' - login: '{{ .Values.server.aai.username }}' - password: '{{ .Values.server.aai.password }}' - passwordPolicy: required - - uid: cnf-adapter-mso-key - name: '{{ include "common.release" . }}-so-cnf-mso-key' - type: password - externalSecret: '{{ tpl (default "" .Values.mso.msoKeySecret) . }}' - password: '{{ .Values.mso.msoKey }}' - -#secretsFilePaths: | -# - 'my file 1' -# - '{{ include "templateThatGeneratesFileName" . }}' - -################################################################# -# Application configuration defaults. -################################################################# -repository: nexus3.onap.org:10001 -image: onap/so/mso-cnf-adapter:1.7.1 -pullPolicy: Always - -db: - userName: so_user - userPassword: so_User123 - # userCredsExternalSecret: some secret - adminName: so_admin - adminPassword: so_Admin123 - # adminCredsExternalSecret: some secret - -server: - aaf: - username: so@so.onap.org - password: demo123456 - # aafCredsExternalSecret: some secret - aai: - username: aai@aai.onap.org - password: demo123456! - auth: ${AAI_AUTH} - # aaiCredsExternalSecret: some secret - actuator: - username: mso_admin - password: password1$ - # actuatorCredsExternalSecret: some secret - -mso: - msoKey: 07a7159d3bf51a0e53be7a8f89699be7 - # msoKeySecret: some secret - adapters: - requestDb: - auth: ${REQUEST_AUTH} - -replicaCount: 1 -minReadySeconds: 10 -containerPort: &containerPort 8090 -logPath: ./logs/cnf/ -app: cnf-adapter -service: - type: ClusterIP - ports: - - name: http-api - port: *containerPort -updateStrategy: - type: RollingUpdate - maxUnavailable: 1 - maxSurge: 1 - -soHelpers: - nameOverride: so-cnf-cert-init - certInitializer: - nameOverride: so-cnf-cert-init - credsPath: /opt/app/osaaf/local - cadi: - apiEnforcement: org.onap.so.openStackAdapterPerm - containerPort: *containerPort - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - memory: 4Gi - cpu: 2000m - requests: - memory: 1Gi - cpu: 500m - large: - limits: - memory: 8Gi - cpu: 4000m - requests: - memory: 2Gi - cpu: 1000m - unlimited: {} - -livenessProbe: - path: /manage/health - port: 8090 - scheme: HTTP - initialDelaySeconds: 600 - periodSeconds: 60 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 3 - -ingress: - enabled: false - -nodeSelector: {} - -tolerations: [] - -affinity: {} diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml index 7b85b445a2..20a4284c67 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml @@ -49,7 +49,7 @@ mso: so: adapters: sol003-adapter: - url: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1 + url: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1 auth: {{ .Values.so.sol003.adapter.auth }} etsi-catalog-manager: base: diff --git a/kubernetes/so/components/so-mariadb/requirements.yaml b/kubernetes/so/components/so-mariadb/requirements.yaml index 2eb32d00ed..22d6333253 100755 --- a/kubernetes/so/components/so-mariadb/requirements.yaml +++ b/kubernetes/so/components/so-mariadb/requirements.yaml @@ -18,3 +18,6 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/so/components/so-mariadb/templates/job.yaml b/kubernetes/so/components/so-mariadb/templates/job.yaml index cb7fcb352a..b3bacc1ed4 100644 --- a/kubernetes/so/components/so-mariadb/templates/job.yaml +++ b/kubernetes/so/components/so-mariadb/templates/job.yaml @@ -95,23 +95,9 @@ spec: release: {{ include "common.release" . }} name: {{ include "common.name" . }} spec: - initContainers: - - name: {{ include "common.name" . }}-readiness - command: - - /app/ready.py - args: - - --container-name - - {{ .Values.global.mariadbGalera.nameOverride }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + initContainers: {{ include "common.readinessCheck.waitFor" . | nindent 6 }} containers: - - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }}-config image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: diff --git a/kubernetes/so/components/so-mariadb/values.yaml b/kubernetes/so/components/so-mariadb/values.yaml index 9ecf3b0ca6..809dff77a7 100755 --- a/kubernetes/so/components/so-mariadb/values.yaml +++ b/kubernetes/so/components/so-mariadb/values.yaml @@ -24,7 +24,7 @@ global: readinessImage: onap/oom/readiness:3.0.1 ubuntuInitRepository: registry.hub.docker.com mariadbGalera: - nameOverride: mariadb-galera + nameOverride: &mariadbName mariadb-galera serviceName: mariadb-galera servicePort: "3306" migration: @@ -33,6 +33,11 @@ global: dbPort: 3306 dbUser: root dbPassword: secretpassword + +readinessCheck: + wait_for: + - *mariadbName + ################################################################# # Secrets metaconfig ################################################################# diff --git a/kubernetes/so/components/so-nssmf-adapter/requirements.yaml b/kubernetes/so/components/so-nssmf-adapter/requirements.yaml index 1feea23842..b0bda362dd 100755 --- a/kubernetes/so/components/so-nssmf-adapter/requirements.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/requirements.yaml @@ -18,6 +18,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' - name: soHelpers version: ~6.x-0 repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml b/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml index c213319714..3b28c5bbdd 100755 --- a/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml @@ -29,21 +29,9 @@ spec: metadata: labels: {{- include "common.labels" . | nindent 8 }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 8 }} - - name: {{ include "common.name" . }}-readiness - command: - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-so-mariadb-config-job - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "common.repository" . }}/{{ .Values.global.readinessImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + initContainers: + {{ include "so.certificate.container_importer" . | indent 6 | trim }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} command: diff --git a/kubernetes/so/components/so-nssmf-adapter/values.yaml b/kubernetes/so/components/so-nssmf-adapter/values.yaml index da36e9a3a7..753da870f0 100755 --- a/kubernetes/so/components/so-nssmf-adapter/values.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/values.yaml @@ -33,6 +33,11 @@ global: serviceName: mariadb-galera servicePort: '3306' +readinessCheck: + wait_for: + - so-mariadb-config + + ################################################################# # Secrets metaconfig ################################################################# diff --git a/kubernetes/so/components/so-openstack-adapter/requirements.yaml b/kubernetes/so/components/so-openstack-adapter/requirements.yaml index 1feea23842..b0bda362dd 100755 --- a/kubernetes/so/components/so-openstack-adapter/requirements.yaml +++ b/kubernetes/so/components/so-openstack-adapter/requirements.yaml @@ -18,6 +18,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' - name: soHelpers version: ~6.x-0 repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml index 60745b108b..ac335c859a 100755 --- a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml @@ -39,21 +39,9 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} - - command: - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-so-mariadb-config-job - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + initContainers: + {{ include "so.certificate.container_importer" . | indent 6 | trim }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "common.repository" . }}/{{ .Values.image }} diff --git a/kubernetes/so/components/so-openstack-adapter/values.yaml b/kubernetes/so/components/so-openstack-adapter/values.yaml index 41ccb955eb..64321f47c0 100755 --- a/kubernetes/so/components/so-openstack-adapter/values.yaml +++ b/kubernetes/so/components/so-openstack-adapter/values.yaml @@ -33,6 +33,10 @@ global: serviceName: mariadb-galera servicePort: '3306' +readinessCheck: + wait_for: + - so-mariadb-config + ################################################################# # Secrets metaconfig ################################################################# diff --git a/kubernetes/so/components/so-request-db-adapter/requirements.yaml b/kubernetes/so/components/so-request-db-adapter/requirements.yaml index 1feea23842..b0bda362dd 100755 --- a/kubernetes/so/components/so-request-db-adapter/requirements.yaml +++ b/kubernetes/so/components/so-request-db-adapter/requirements.yaml @@ -18,6 +18,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' - name: soHelpers version: ~6.x-0 repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml index 25a6842bb9..0aac5f4b48 100755 --- a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml @@ -39,21 +39,9 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} - - command: - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-so-mariadb-config-job - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + initContainers: + {{ include "so.certificate.container_importer" . | indent 6 | trim }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "common.repository" . }}/{{ .Values.image }} diff --git a/kubernetes/so/components/so-request-db-adapter/values.yaml b/kubernetes/so/components/so-request-db-adapter/values.yaml index 02b382fe72..84d2944a13 100755 --- a/kubernetes/so/components/so-request-db-adapter/values.yaml +++ b/kubernetes/so/components/so-request-db-adapter/values.yaml @@ -33,6 +33,10 @@ global: serviceName: mariadb-galera servicePort: '3306' +readinessCheck: + wait_for: + - so-mariadb-config + ################################################################# # Secrets metaconfig ################################################################# diff --git a/kubernetes/so/components/so-sdc-controller/requirements.yaml b/kubernetes/so/components/so-sdc-controller/requirements.yaml index 1feea23842..b0bda362dd 100755 --- a/kubernetes/so/components/so-sdc-controller/requirements.yaml +++ b/kubernetes/so/components/so-sdc-controller/requirements.yaml @@ -18,6 +18,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' - name: soHelpers version: ~6.x-0 repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml index 60745b108b..ac335c859a 100755 --- a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml +++ b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml @@ -39,21 +39,9 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} - - command: - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-so-mariadb-config-job - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + initContainers: + {{ include "so.certificate.container_importer" . | indent 6 | trim }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "common.repository" . }}/{{ .Values.image }} diff --git a/kubernetes/so/components/so-sdc-controller/values.yaml b/kubernetes/so/components/so-sdc-controller/values.yaml index 9f858aa271..8980487cb1 100755 --- a/kubernetes/so/components/so-sdc-controller/values.yaml +++ b/kubernetes/so/components/so-sdc-controller/values.yaml @@ -33,6 +33,10 @@ global: serviceName: mariadb-galera servicePort: '3306' +readinessCheck: + wait_for: + - so-mariadb-config + ################################################################# # Secrets metaconfig ################################################################# diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/requirements.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/requirements.yaml index 1feea23842..b0bda362dd 100755 --- a/kubernetes/so/components/so-ve-vnfm-adapter/requirements.yaml +++ b/kubernetes/so/components/so-ve-vnfm-adapter/requirements.yaml @@ -18,6 +18,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' - name: soHelpers version: ~6.x-0 repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml index 55177031e4..7c528b0290 100755 --- a/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml @@ -24,23 +24,8 @@ spec: metadata: labels: {{- include "common.labels" . | nindent 8 }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 8 }} - - name: {{ include "common.name" . }}-readiness - command: - - /app/ready.py - args: - - --container-name - - aai - - --container-name - - message-router - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "common.repository" . }}/{{ .Values.global.readinessImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} envFrom: diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml index 6511af320b..9237b994ac 100755 --- a/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml +++ b/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml @@ -22,6 +22,11 @@ global: persistence: mountPath: /dockerdata-nfs +readinessCheck: + wait_for: + - aai + - message-router + ################################################################# # Application configuration defaults. ################################################################# diff --git a/kubernetes/so/components/so-vfc-adapter/requirements.yaml b/kubernetes/so/components/so-vfc-adapter/requirements.yaml index 1feea23842..b0bda362dd 100755 --- a/kubernetes/so/components/so-vfc-adapter/requirements.yaml +++ b/kubernetes/so/components/so-vfc-adapter/requirements.yaml @@ -18,6 +18,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' - name: soHelpers version: ~6.x-0 repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-vfc-adapter/templates/deployment.yaml b/kubernetes/so/components/so-vfc-adapter/templates/deployment.yaml index 35ed9de20c..94759ced65 100755 --- a/kubernetes/so/components/so-vfc-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-vfc-adapter/templates/deployment.yaml @@ -39,21 +39,9 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} - - command: - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-so-mariadb-config-job - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + initContainers: + {{ include "so.certificate.container_importer" . | indent 6 | trim }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "common.repository" . }}/{{ .Values.image }} diff --git a/kubernetes/so/components/so-vfc-adapter/values.yaml b/kubernetes/so/components/so-vfc-adapter/values.yaml index c46f118b6f..e4f034d0e5 100755 --- a/kubernetes/so/components/so-vfc-adapter/values.yaml +++ b/kubernetes/so/components/so-vfc-adapter/values.yaml @@ -32,6 +32,10 @@ global: serviceName: mariadb-galera servicePort: '3306' +readinessCheck: + wait_for: + - so-mariadb-config + ################################################################# # Secrets metaconfig ################################################################# diff --git a/kubernetes/so/components/so-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-vnfm-adapter/resources/config/overrides/override.yaml index 9d98803c8e..d780a76876 100755 --- a/kubernetes/so/components/so-vnfm-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-vnfm-adapter/resources/config/overrides/override.yaml @@ -29,15 +29,7 @@ spring: server: port: {{ index .Values.containerPort }} ssl: - key-alias: so@so.onap.org - key-store-password: ${KEYSTORE_PASSWORD} - key-store: file:${KEYSTORE} - key-store-type: PKCS12 -http: - client: - ssl: - trust-store: file:${TRUSTSTORE} - trust-store-password: ${TRUSTSTORE_PASSWORD} + enabled: false mso: key: {{ .Values.mso.key }} site-name: localSite @@ -52,7 +44,7 @@ sdc: key: {{ .Values.sdc.key }} endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443 vnfmadapter: - endpoint: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092 + endpoint: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092 etsi-catalog-manager: vnfpkgm: {{- if .Values.global.msbEnabled }} diff --git a/kubernetes/so/components/soHelpers/templates/_certificates.tpl b/kubernetes/so/components/soHelpers/templates/_certificates.tpl index 98876e3cea..d148a1cd60 100644 --- a/kubernetes/so/components/soHelpers/templates/_certificates.tpl +++ b/kubernetes/so/components/soHelpers/templates/_certificates.tpl @@ -5,7 +5,7 @@ {{ include "common.certInitializer.initContainer" $subchartDot }} {{- if $dot.Values.global.aafEnabled }} - name: {{ include "common.name" $dot }}-msb-cert-importer - image: "{{ include "common.repository" $dot }}/{{ $dot.Values.global.aafAgentImage }}" + image: "{{ include "common.repository" $subchartDot }}/{{ $dot.Values.global.aafAgentImage }}" imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }} command: - "/bin/sh" diff --git a/kubernetes/so/requirements.yaml b/kubernetes/so/requirements.yaml index 41a781ba6e..bbd84cfcfd 100755 --- a/kubernetes/so/requirements.yaml +++ b/kubernetes/so/requirements.yaml @@ -17,43 +17,42 @@ dependencies: # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) - repository: "@local" + repository: '@local' + - name: readinessCheck + version: ~6.x-0 + repository: '@local' - name: mariadb-galera version: ~6.x-0 - repository: "@local" + repository: '@local' condition: global.mariadbGalera.localCluster - name: soHelpers version: ~6.x-0 - repository: "file://components/soHelpers" + repository: 'file://components/soHelpers' - name: so-appc-orchestrator version: ~6.x-0 - repository: "file://components/so-appc-orchestrator" + repository: 'file://components/so-appc-orchestrator' condition: so-appc-orchestrator.enabled - name: so-bpmn-infra version: ~6.x-0 - repository: "file://components/so-bpmn-infra" + repository: 'file://components/so-bpmn-infra' - name: so-catalog-db-adapter version: ~6.x-0 - repository: "file://components/so-catalog-db-adapter" + repository: 'file://components/so-catalog-db-adapter' condition: so-catalog-db-adapter.enabled - - name: so-cnf-adapter - version: ~6.x-0 - repository: "file://components/so-cnf-adapter" - condition: so-cnf-adapter.enabled - name: so-etsi-nfvo-ns-lcm version: ~6.x-0 repository: 'file://components/so-etsi-nfvo-ns-lcm' condition: so-etsi-nfvo-ns-lcm.enabled - name: so-mariadb version: ~6.x-0 - repository: "file://components/so-mariadb" + repository: 'file://components/so-mariadb' - name: so-monitoring version: ~6.x-0 - repository: "file://components/so-monitoring" + repository: 'file://components/so-monitoring' condition: so-monitoring.enabled - name: so-nssmf-adapter version: ~6.x-0 - repository: "file://components/so-nssmf-adapter" + repository: 'file://components/so-nssmf-adapter' condition: so-nssmf-adapter.enabled - name: so-oof-adapter version: ~6.x-0 @@ -61,27 +60,27 @@ dependencies: condition: so-oof-adapter.enabled - name: so-openstack-adapter version: ~6.x-0 - repository: "file://components/so-openstack-adapter" + repository: 'file://components/so-openstack-adapter' condition: so-openstack-adapter.enabled - name: so-request-db-adapter version: ~6.x-0 - repository: "file://components/so-request-db-adapter" + repository: 'file://components/so-request-db-adapter' - name: so-sdc-controller version: ~6.x-0 - repository: "file://components/so-sdc-controller" + repository: 'file://components/so-sdc-controller' - name: so-sdnc-adapter version: ~6.x-0 - repository: "file://components/so-sdnc-adapter" + repository: 'file://components/so-sdnc-adapter' condition: so-sdnc-adapter.enabled - name: so-ve-vnfm-adapter version: ~6.x-0 - repository: "file://components/so-ve-vnfm-adapter" + repository: 'file://components/so-ve-vnfm-adapter' condition: so-ve-vnfm-adapter.enabled - name: so-vfc-adapter version: ~6.x-0 - repository: "file://components/so-vfc-adapter" + repository: 'file://components/so-vfc-adapter' condition: so-vfc-adapter.enabled - name: so-vnfm-adapter version: ~6.x-0 - repository: "file://components/so-vnfm-adapter" + repository: 'file://components/so-vnfm-adapter' condition: so-vnfm-adapter.enabled diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml index 8ed9fd6401..efcf029fbc 100755 --- a/kubernetes/so/resources/config/overrides/override.yaml +++ b/kubernetes/so/resources/config/overrides/override.yaml @@ -124,4 +124,4 @@ org: cloud-owner: CloudOwner adapters: network: - encryptionKey: {{ .Values.mso.msoKey }} + encryptionKey: {{ .Values.global.app.msoKey }} diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml index f846a03370..ac335c859a 100755 --- a/kubernetes/so/templates/deployment.yaml +++ b/kubernetes/so/templates/deployment.yaml @@ -41,20 +41,7 @@ spec: spec: initContainers: {{ include "so.certificate.container_importer" . | indent 6 | trim }} - - name: {{ include "common.name" . }}-readiness - command: - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-so-mariadb-config-job - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "common.repository" . }}/{{ .Values.image }} diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index 464801570b..d47d1fb429 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -60,6 +60,7 @@ global: siteName: onapheat auth: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456 defaultCloudOwner: onap + msoKey: 07a7159d3bf51a0e53be7a8f89699be7 client: certs: truststore: /app/client/org.onap.so.trust.jks @@ -70,6 +71,10 @@ global: path: /etc/ssl/certs share_path: /usr/local/share/ca-certificates/ +readinessCheck: + wait_for: + - so-mariadb-config + ################################################################# # Secrets metaconfig ################################################################# @@ -110,44 +115,16 @@ secrets: type: generic filePaths: - resources/config/certificates/msb-ca.crt - - uid: 'mso-key' + - uid: "mso-key" name: &mso-key '{{ include "common.release" . }}-mso-key' type: password - password: '{{ .Values.mso.msoKey }}' + password: '{{ .Values.global.app.msoKey }}' - uid: mso-oof-auth name: &mso-oof-auth '{{ include "common.release" . }}-mso-oof-auth' type: basicAuth login: '{{ .Values.mso.oof.login }}' password: '{{ .Values.mso.oof.password }}' passwordPolicy: required - - uid: server-actuator-creds - name: &actuator-secrets '{{ include "common.release" . }}-so-server-actuator-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.server.actuatorCredsExternalSecret) . }}' - login: '{{ .Values.server.actuator.username }}' - password: '{{ .Values.server.actuator.password }}' - passwordPolicy: required - - uid: server-bpel-creds - name: &bpel-secrets '{{ include "common.release" . }}-so-server-bpel-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.server.bpelCredsExternalSecret) . }}' - login: '{{ .Values.server.bpel.username }}' - password: '{{ .Values.server.bpel.password }}' - passwordPolicy: required - - uid: so-aaf-creds - name: &aaf-secrets '{{ include "common.release" . }}-so-server-aaf-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.server.aafCredsExternalSecret) . }}' - login: '{{ .Values.server.aaf.username }}' - password: '{{ .Values.server.aaf.password }}' - passwordPolicy: required - - uid: so-aai-creds - name: &aai-secrets '{{ include "common.release" . }}-so-server-aai-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.server.aaiCredsExternalSecret) . }}' - login: '{{ .Values.server.aai.username }}' - password: '{{ .Values.server.aai.password }}' - passwordPolicy: required aafConfig: permission_user: 1000 @@ -169,44 +146,20 @@ dbCreds: userName: so_user adminName: so_admin -server: - aaf: - username: so@so.onap.org - password: demo123456 - # aafCredsExternalSecret: some secret - aai: - username: aai@aai.onap.org - password: demo123456! - # aaiCredsExternalSecret: some secret - actuator: - username: mso_admin - password: password1$ - # actuatorCredsExternalSecret: some secret - bpel: - username: bpel - password: password1$ - # bpelCredsExternalSecret: some secret - repository: nexus3.onap.org:10001 image: onap/so/api-handler-infra:1.6.4 pullPolicy: Always - replicaCount: 1 minReadySeconds: 10 - containerPort: &containerPort 8080 - logPath: ./logs/apih/ - app: api-handler-infra - service: type: NodePort nodePort: 77 internalPort: *containerPort externalPort: *containerPort portName: so-apih-port - updateStrategy: type: RollingUpdate maxUnavailable: 1 @@ -283,7 +236,6 @@ mso: requestDb: auth: Basic YnBlbDpwYXNzd29yZDEk camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A - msoKey: 07a7159d3bf51a0e53be7a8f89699be7 sdc: client: auth: 878785F4F31BC9CFA5AB52A172008212D8845ED2DE08AD5E56AF114720A4E49768B8F95CDA2EB971765D28EDCDAA24 @@ -300,9 +252,7 @@ mso: auth: basic bXNvX2FkbWlufHBhc3N3b3JkMSQ= so-appc-orchestrator: - enabled: true - server: - actuatorCredsExternalSecret: *actuator-secrets + enabled: false db: <<: *dbSecrets @@ -315,51 +265,16 @@ so-catalog-db-adapter: db: <<: *dbSecrets -so-cnf-adapter: - enabled: true - server: - aafCredsExternalSecret: *aaf-secrets - aaiCredsExternalSecret: *aai-secrets - actuatorCredsExternalSecret: *actuator-secrets - mso: - msoKeySecret: *mso-key - so-etsi-nfvo-ns-lcm: enabled: true db: <<: *dbSecrets -so-mariadb: - db: - rootPasswordExternalSecretLocalDb: *dbRootPassSecretName - rootPasswordExternalSecret: '{{ ternary .Values.db.rootPasswordExternalSecretLocalDb (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.localCluster }}' - backupCredsExternalSecret: *dbBackupCredsSecretName - userCredsExternalSecret: *dbUserCredsSecretName - adminCredsExternalSecret: *dbAdminCredsSecretName - so-monitoring: enabled: true db: <<: *dbSecrets -so-nssmf-adapter: - enabled: true - server: - actuatorCredsExternalSecret: *actuator-secrets - bpelCredsExternalSecret: *bpel-secrets - db: - <<: *dbSecrets - -so-oof-adapter: - enabled: true - db: - <<: *dbSecrets - mso: - msoKeySecret: *mso-key - camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A - oof: - authSecret: *mso-oof-auth - so-openstack-adapter: enabled: true db: @@ -386,5 +301,28 @@ so-vfc-adapter: db: <<: *dbSecrets +so-nssmf-adapter: + enabled: true + db: + <<: *dbSecrets + +so-oof-adapter: + enabled: true + db: + <<: *dbSecrets + mso: + msoKeySecret: *mso-key + camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A + oof: + authSecret: *mso-oof-auth + so-vnfm-adapter: enabled: true + +so-mariadb: + db: + rootPasswordExternalSecretLocalDb: *dbRootPassSecretName + rootPasswordExternalSecret: '{{ ternary .Values.db.rootPasswordExternalSecretLocalDb (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.localCluster }}' + backupCredsExternalSecret: *dbBackupCredsSecretName + userCredsExternalSecret: *dbUserCredsSecretName + adminCredsExternalSecret: *dbAdminCredsSecretName |