diff options
Diffstat (limited to 'kubernetes')
160 files changed, 2078 insertions, 1150 deletions
diff --git a/kubernetes/aaf/charts/aaf-cm/values.yaml b/kubernetes/aaf/charts/aaf-cm/values.yaml index 695e65c9d5..ec7de46b36 100644 --- a/kubernetes/aaf/charts/aaf-cm/values.yaml +++ b/kubernetes/aaf/charts/aaf-cm/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.8 +image: onap/aaf/aaf_cm:2.1.9-SNAPSHOT-latest aaf_register_as: "aaf-cm.onap" pullPolicy: Always diff --git a/kubernetes/aaf/charts/aaf-cs/values.yaml b/kubernetes/aaf/charts/aaf-cs/values.yaml index 1d806bc631..77837451ab 100644 --- a/kubernetes/aaf/charts/aaf-cs/values.yaml +++ b/kubernetes/aaf/charts/aaf-cs/values.yaml @@ -24,7 +24,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cass:2.1.8 +image: onap/aaf/aaf_cass:2.1.9-SNAPSHOT-latest pullPolicy: Always # application configuration diff --git a/kubernetes/aaf/charts/aaf-fs/values.yaml b/kubernetes/aaf/charts/aaf-fs/values.yaml index e18094a562..526a9fd6f8 100644 --- a/kubernetes/aaf/charts/aaf-fs/values.yaml +++ b/kubernetes/aaf/charts/aaf-fs/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.8 +image: onap/aaf/aaf_fs:2.1.9-SNAPSHOT-latest aaf_register_as: "aaf-fs.onap" pullPolicy: Always diff --git a/kubernetes/aaf/charts/aaf-gui/values.yaml b/kubernetes/aaf/charts/aaf-gui/values.yaml index 7ae0e66f34..145dec1538 100644 --- a/kubernetes/aaf/charts/aaf-gui/values.yaml +++ b/kubernetes/aaf/charts/aaf-gui/values.yaml @@ -26,7 +26,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.8 +image: onap/aaf/aaf_gui:2.1.9-SNAPSHOT-latest aaf_register_as: "aaf-gui.onap" pullPolicy: Always diff --git a/kubernetes/aaf/charts/aaf-hello/values.yaml b/kubernetes/aaf/charts/aaf-hello/values.yaml index 3432211cdd..8c46b80945 100644 --- a/kubernetes/aaf/charts/aaf-hello/values.yaml +++ b/kubernetes/aaf/charts/aaf-hello/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.8 +image: onap/aaf/aaf_hello:2.1.9-SNAPSHOT-latest aaf_register_as: "aaf-hello.onap" pullPolicy: Always diff --git a/kubernetes/aaf/charts/aaf-locate/values.yaml b/kubernetes/aaf/charts/aaf-locate/values.yaml index 8cbf7cf526..a3238377ab 100644 --- a/kubernetes/aaf/charts/aaf-locate/values.yaml +++ b/kubernetes/aaf/charts/aaf-locate/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.8 +image: onap/aaf/aaf_locate:2.1.9-SNAPSHOT-latest aaf_register_as: "aaf-locate.onap" pullPolicy: Always diff --git a/kubernetes/aaf/charts/aaf-oauth/values.yaml b/kubernetes/aaf/charts/aaf-oauth/values.yaml index d90b3d7c77..7cb9f3b3cb 100644 --- a/kubernetes/aaf/charts/aaf-oauth/values.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.8 +image: onap/aaf/aaf_oauth:2.1.9-SNAPSHOT-latest aaf_register_as: "aaf-oauth.onap" pullPolicy: Always diff --git a/kubernetes/aaf/charts/aaf-service/values.yaml b/kubernetes/aaf/charts/aaf-service/values.yaml index 7b730a70e0..42cebdee55 100644 --- a/kubernetes/aaf/charts/aaf-service/values.yaml +++ b/kubernetes/aaf/charts/aaf-service/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.8 +image: onap/aaf/aaf_service:2.1.9-SNAPSHOT-latest aaf_register_as: "aaf-service.onap" pullPolicy: Always diff --git a/kubernetes/aaf/values.yaml b/kubernetes/aaf/values.yaml index 24351da9cb..5a095e4cd9 100644 --- a/kubernetes/aaf/values.yaml +++ b/kubernetes/aaf/values.yaml @@ -21,7 +21,7 @@ global: readinessImage: readiness-check:2.0.0 ubuntuInitRepository: registry.hub.docker.com ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - configImage: onap/aaf/aaf_config:2.1.8 + configImage: onap/aaf/aaf_config:2.1.9-SNAPSHOT-latest persistence: enabled: true diff --git a/kubernetes/aai/charts/aai-data-router/values.yaml b/kubernetes/aai/charts/aai-data-router/values.yaml index ddc7fd0ee4..3adec8555d 100644 --- a/kubernetes/aai/charts/aai-data-router/values.yaml +++ b/kubernetes/aai/charts/aai-data-router/values.yaml @@ -21,7 +21,7 @@ global: # global defaults # application image repository: nexus3.onap.org:10001 -image: onap/data-router:1.3.1 +image: onap/data-router:1.4-STAGING-latest pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml index 9172b71e8d..d0050e095c 100644 --- a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml +++ b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml @@ -37,35 +37,28 @@ # HTTP # basic (challenging) # proxy (not challenging, needs xff) -# kerberos (challenging) # clientcert (not challenging, needs https) -# jwt (not challenging) # host (not challenging) #DEPRECATED, will be removed in a future version. # host based authentication is configurable in sg_roles_mapping # Authc # internal # noop -# ldap # Authz -# ldap # noop +# Some SearchGuard functionality is licensed under Apache-2.0, while other functionality is non-free; +# see https://github.com/floragunncom/search-guard. The functionality enabled in this configuration +# file only include those that are licensed under Apache-2.0. Please use care and review SearchGuard's +# license details before enabling any additional features here. + searchguard: dynamic: # Set filtered_alias_mode to 'disallow' to forbid more than 2 filtered aliases per index # Set filtered_alias_mode to 'warn' to allow more than 2 filtered aliases per index but warns about it (default) # Set filtered_alias_mode to 'nowarn' to allow more than 2 filtered aliases per index silently #filtered_alias_mode: warn - #kibana: - # Kibana multitenancy - # see https://github.com/floragunncom/search-guard-docs/blob/master/multitenancy.md - # To make this work you need to install https://github.com/floragunncom/search-guard-module-kibana-multitenancy/wiki - #multitenancy_enabled: true - #server_username: kibanaserver - #index: '.kibana' - #do_not_fail_on_forbidden: false http: anonymous_auth_enabled: false xff: @@ -80,20 +73,6 @@ searchguard: ###### and here https://tools.ietf.org/html/rfc7239 ###### and https://tomcat.apache.org/tomcat-8.0-doc/config/valve.html#Remote_IP_Valve authc: - kerberos_auth_domain: - http_enabled: false - transport_enabled: false - order: 6 - http_authenticator: - type: kerberos - challenge: true - config: - # If true a lot of kerberos/security related debugging output will be logged to standard out - krb_debug: false - # If true then the realm will be stripped from the user name - strip_realm_from_principal: true - authentication_backend: - type: noop basic_internal_auth_domain: http_enabled: true transport_enabled: true @@ -141,81 +120,4 @@ searchguard: challenge: false authentication_backend: type: noop - ldap: - http_enabled: false - transport_enabled: false - order: 5 - http_authenticator: - type: basic - challenge: false - authentication_backend: - # LDAP authentication backend (authenticate users against a LDAP or Active Directory) - type: ldap - config: - # enable ldaps - enable_ssl: false - # enable start tls, enable_ssl should be false - enable_start_tls: false - # send client certificate - enable_ssl_client_auth: false - # verify ldap hostname - verify_hostnames: true - hosts: - - localhost:8389 - bind_dn: null - password: null - userbase: 'ou=people,dc=example,dc=com' - # Filter to search for users (currently in the whole subtree beneath userbase) - # {0} is substituted with the username - usersearch: '(sAMAccountName={0})' - # Use this attribute from the user as username (if not set then DN is used) - username_attribute: null - authz: - roles_from_myldap: - http_enabled: false - transport_enabled: false - authorization_backend: - # LDAP authorization backend (gather roles from a LDAP or Active Directory, you have to configure the above LDAP authentication backend settings too) - type: ldap - config: - # enable ldaps - enable_ssl: false - # enable start tls, enable_ssl should be false - enable_start_tls: false - # send client certificate - enable_ssl_client_auth: false - # verify ldap hostname - verify_hostnames: true - hosts: - - localhost:8389 - bind_dn: null - password: null - rolebase: 'ou=groups,dc=example,dc=com' - # Filter to search for roles (currently in the whole subtree beneath rolebase) - # {0} is substituted with the DN of the user - # {1} is substituted with the username - # {2} is substituted with an attribute value from user's directory entry, of the authenticated user. Use userroleattribute to specify the name of the attribute - rolesearch: '(member={0})' - # Specify the name of the attribute which value should be substituted with {2} above - userroleattribute: null - # Roles as an attribute of the user entry - userrolename: disabled - #userrolename: memberOf - # The attribute in a role entry containing the name of that role, Default is "name". - # Can also be "dn" to use the full DN as rolename. - rolename: cn - # Resolve nested roles transitive (roles which are members of other roles and so on ...) - resolve_nested_roles: true - userbase: 'ou=people,dc=example,dc=com' - # Filter to search for users (currently in the whole subtree beneath userbase) - # {0} is substituted with the username - usersearch: '(uid={0})' - # Skip users matching a user name, a wildcard or a regex pattern - #skip_users: - # - 'cn=Michael Jackson,ou*people,o=TEST' - # - '/\S*/' - roles_from_another_ldap: - enabled: false - authorization_backend: - type: ldap - #config goes here ... + authz:
\ No newline at end of file diff --git a/kubernetes/aai/charts/aai-graphadmin/resources/config/migration/janusgraph-migration-cached.properties b/kubernetes/aai/charts/aai-graphadmin/resources/config/migration/janusgraph-migration-cached.properties new file mode 100644 index 0000000000..28e3089b88 --- /dev/null +++ b/kubernetes/aai/charts/aai-graphadmin/resources/config/migration/janusgraph-migration-cached.properties @@ -0,0 +1,70 @@ +# +# ============LICENSE_START======================================================= +# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +query.fast-property=true +query.smart-limit=false + +{{- if eq .Values.global.jobs.migration.remoteCassandra.enabled false }} + +storage.backend=cassandra + +#In case of upgrades from Casablanca provide the override aai.global.cassandra.existingInstServiceName=aai-cassandra +storage.hostname={{ .Values.global.cassandra.existingInstServiceName | default .Values.global.cassandra.serviceName }} + +storage.cassandra.keyspace=aaigraph +storage.cassandra.read-consistency-level=LOCAL_QUORUM +storage.cassandra.write-consistency-level=LOCAL_QUORUM +storage.cassandra.replication-factor=3 +storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy +{{- else }} +{{- if .Values.global.jobs.migration.remoteCassandra.storage }} +storage.backend={{ .Values.global.jobs.migration.remoteCassandra.storage.backend }} +storage.hostname={{ .Values.global.jobs.migration.remoteCassandra.storage.hostname }} +{{- if eq .Values.global.jobs.migration.remoteCassandra.storage.backend "cassandra" }} +storage.cassandra.keyspace={{ .Values.global.jobs.migration.remoteCassandra.storage.name }} +storage.cassandra.read-consistency-level={{ .Values.global.jobs.migration.remoteCassandra.storage.cassandra.readConsistency }} +storage.cassandra.write-consistency-level={{ .Values.global.jobs.migration.remoteCassandra.storage.cassandra.writeConsistency }} +storage.cassandra.replication-factor={{ .Values.global.jobs.migration.remoteCassandra.storage.cassandra.replicationFactor | int }} +storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy + +{{- else if eq .Values.global.jobs.migration.remoteCassandra.storage.backend "cql" }} +storage.cql.keyspace={{ .Values.global.jobs.migration.remoteCassandra.storage.name }} +storage.cql.read-consistency-level={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.readConsistency }} +storage.cql.write-consistency-level={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.readConsistency }} +storage.cql.replication-factor={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.replicationFactor | int }} +storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.localConsistencyForSysOps }} +storage.cql.cluster-name={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.clusterName }} +storage.cql.local-datacenter={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.localDataCenter }} + +{{- else if eq .Values.global.jobs.migration.remoteCassandra.storage.backend "hbase" }} +storage.hbase.table={{ .Values.global.jobs.migration.remoteCassandra.storage.name }} +{{- end }} +storage.connection-timeout={{ .Values.global.jobs.migration.remoteCassandra.storage.connectionTimeout | int }} +cache.tx-cache-size={{ .Values.global.jobs.migration.remoteCassandra.storage.cacheSize | int }} +log.tx.key-consistent={{ .Values.global.jobs.migration.remoteCassandra.storage.keyConsistent }} +{{- end }} +{{- end }} +storage.lock.wait-time=300 + +#caching on +cache.db-cache = true +cache.db-cache-clean-wait = 20 +cache.db-cache-time = 180000 +cache.db-cache-size = 0.3 + +#load graphson file on startup +load.snapshot.file=false diff --git a/kubernetes/aai/charts/aai-graphadmin/resources/config/migration/janusgraph-migration-real.properties b/kubernetes/aai/charts/aai-graphadmin/resources/config/migration/janusgraph-migration-real.properties new file mode 100644 index 0000000000..4c28b20781 --- /dev/null +++ b/kubernetes/aai/charts/aai-graphadmin/resources/config/migration/janusgraph-migration-real.properties @@ -0,0 +1,65 @@ +# +# ============LICENSE_START======================================================= +# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +query.fast-property=true +query.smart-limit=false + +{{- if eq .Values.global.jobs.migration.remoteCassandra.enabled false }} + +storage.backend=cassandra + +#In case of upgrades from Casablanca provide the override aai.global.cassandra.existingInstServiceName=aai-cassandra +storage.hostname={{ .Values.global.cassandra.existingInstServiceName | default .Values.global.cassandra.serviceName }} + +storage.cassandra.keyspace=aaigraph +storage.cassandra.read-consistency-level=LOCAL_QUORUM +storage.cassandra.write-consistency-level=LOCAL_QUORUM +storage.cassandra.replication-factor=3 +storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy +{{- else }} +{{- if .Values.global.jobs.migration.remoteCassandra.storage }} +storage.backend={{ .Values.global.jobs.migration.remoteCassandra.storage.backend }} +storage.hostname={{ .Values.global.jobs.migration.remoteCassandra.storage.hostname }} +{{- if eq .Values.global.jobs.migration.remoteCassandra.storage.backend "cassandra" }} +storage.cassandra.keyspace={{ .Values.global.jobs.migration.remoteCassandra.storage.name }} +storage.cassandra.read-consistency-level={{ .Values.global.jobs.migration.remoteCassandra.storage.cassandra.readConsistency }} +storage.cassandra.write-consistency-level={{ .Values.global.jobs.migration.remoteCassandra.storage.cassandra.writeConsistency }} +storage.cassandra.replication-factor={{ .Values.global.jobs.migration.remoteCassandra.storage.cassandra.replicationFactor | int }} +storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy + +{{- else if eq .Values.global.jobs.migration.remoteCassandra.storage.backend "cql" }} +storage.cql.keyspace={{ .Values.global.jobs.migration.remoteCassandra.storage.name }} +storage.cql.read-consistency-level={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.readConsistency }} +storage.cql.write-consistency-level={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.readConsistency }} +storage.cql.replication-factor={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.replicationFactor | int }} +storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.localConsistencyForSysOps }} +storage.cql.cluster-name={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.clusterName }} +storage.cql.local-datacenter={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.localDataCenter }} + +{{- else if eq .Values.global.jobs.migration.remoteCassandra.storage.backend "hbase" }} +storage.hbase.table={{ .Values.global.jobs.migration.remoteCassandra.storage.name }} +{{- end }} +storage.connection-timeout={{ .Values.global.jobs.migration.remoteCassandra.storage.connectionTimeout | int }} +cache.tx-cache-size={{ .Values.global.jobs.migration.remoteCassandra.storage.cacheSize | int }} +log.tx.key-consistent={{ .Values.global.jobs.migration.remoteCassandra.storage.keyConsistent }} +{{- end }} +{{- end }} +storage.lock.wait-time=300 +# Setting db-cache to false ensure the fastest propagation of changes across servers +cache.db-cache = false +#load graphson file on startup +load.snapshot.file=false diff --git a/kubernetes/aai/charts/aai-graphadmin/templates/configmap.yaml b/kubernetes/aai/charts/aai-graphadmin/templates/configmap.yaml index 281bac6915..bd229d3fb0 100644 --- a/kubernetes/aai/charts/aai-graphadmin/templates/configmap.yaml +++ b/kubernetes/aai/charts/aai-graphadmin/templates/configmap.yaml @@ -20,90 +20,44 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-log + name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} + {{- if .Values.global.jobs.migration.enabled }} + annotations: + "helm.sh/hook": pre-upgrade,pre-install + "helm.sh/hook-weight": "0" + "helm.sh/hook-delete-policy": before-hook-creation + {{- end }} data: {{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-localhost-access-log-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: {{ tpl (.Files.Glob "resources/config/localhost-access-logback.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-db-real-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: {{ tpl (.Files.Glob "resources/config/janusgraph-realtime.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-db-cached-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: {{ tpl (.Files.Glob "resources/config/janusgraph-cached.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-aaiconfig-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: {{ tpl (.Files.Glob "resources/config/aaiconfig.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-springapp-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: {{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }} + +{{- if .Values.global.jobs.migration.enabled }} --- apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-realm-configmap + name: {{ include "common.fullname" . }}-migration-configmap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} + annotations: + "helm.sh/hook": pre-upgrade,pre-install + "helm.sh/hook-weight": "0" + "helm.sh/hook-delete-policy": before-hook-creation data: -{{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/migration/*").AsConfig . | indent 2 }} +{{- end }} diff --git a/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml b/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml index 2888a64f5e..f768603a89 100644 --- a/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml @@ -16,7 +16,6 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= - apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -45,7 +44,12 @@ spec: {{ if .Values.global.initContainers.enabled }} initContainers: - command: - {{ if .Values.global.jobs.createSchema.enabled }} + {{ if .Values.global.jobs.migration.enabled }} + - /root/job_complete.py + args: + - --job-name + - {{ .Release.Name }}-aai-graphadmin-migration + {{ else if .Values.global.jobs.createSchema.enabled }} - /root/job_complete.py args: - --job-name @@ -86,27 +90,27 @@ spec: name: localtime readOnly: true - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties - name: {{ include "common.fullname" . }}-db-real-conf + name: {{ include "common.fullname" . }}-config subPath: janusgraph-realtime.properties - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties - name: {{ include "common.fullname" . }}-db-cached-conf + name: {{ include "common.fullname" . }}-config subPath: janusgraph-cached.properties - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties - name: {{ include "common.fullname" . }}-aaiconfig-conf + name: {{ include "common.fullname" . }}-config subPath: aaiconfig.properties - mountPath: /opt/aai/logroot/AAI-RES name: {{ include "common.fullname" . }}-logs - mountPath: /opt/app/aai-graphadmin/resources/logback.xml - name: {{ include "common.fullname" . }}-log-conf + name: {{ include "common.fullname" . }}-config subPath: logback.xml - mountPath: /opt/app/aai-graphadmin/resources/localhost-access-logback.xml - name: {{ include "common.fullname" . }}-localhost-access-log-conf + name: {{ include "common.fullname" . }}-config subPath: localhost-access-logback.xml - mountPath: /opt/app/aai-graphadmin/resources/etc/auth/realm.properties - name: {{ include "common.fullname" . }}-realm-conf + name: {{ include "common.fullname" . }}-config subPath: realm.properties - mountPath: /opt/app/aai-graphadmin/resources/application.properties - name: {{ include "common.fullname" . }}-springapp-conf + name: {{ include "common.fullname" . }}-config subPath: application.properties {{ $global := . }} {{ range $job := .Values.global.config.auth.files }} @@ -166,27 +170,9 @@ spec: emptyDir: {} - name: {{ include "common.fullname" . }}-filebeat emptyDir: {} - - name: {{ include "common.fullname" . }}-log-conf - configMap: - name: {{ include "common.fullname" . }}-log - - name: {{ include "common.fullname" . }}-localhost-access-log-conf - configMap: - name: {{ include "common.fullname" . }}-localhost-access-log-configmap - - name: {{ include "common.fullname" . }}-db-real-conf - configMap: - name: {{ include "common.fullname" . }}-db-real-configmap - - name: {{ include "common.fullname" . }}-db-cached-conf - configMap: - name: {{ include "common.fullname" . }}-db-cached-configmap - - name: {{ include "common.fullname" . }}-aaiconfig-conf - configMap: - name: {{ include "common.fullname" . }}-aaiconfig-configmap - - name: {{ include "common.fullname" . }}-springapp-conf - configMap: - name: {{ include "common.fullname" . }}-springapp-configmap - - name: {{ include "common.fullname" . }}-realm-conf + - name: {{ include "common.fullname" . }}-config configMap: - name: {{ include "common.fullname" . }}-realm-configmap + name: {{ include "common.fullname" . }}-configmap - name: {{ include "common.fullname" . }}-auth-truststore-sec secret: secretName: aai-common-truststore diff --git a/kubernetes/aai/charts/aai-graphadmin/templates/job.yaml b/kubernetes/aai/charts/aai-graphadmin/templates/job.yaml index 55fce011c7..e5b673bee2 100644 --- a/kubernetes/aai/charts/aai-graphadmin/templates/job.yaml +++ b/kubernetes/aai/charts/aai-graphadmin/templates/job.yaml @@ -29,8 +29,7 @@ # If you are using an existing cassandra cluster not coming from oom # then it is your job to ensure that there are no connections to the database -{{ if .Values.global.jobs.createSchema.enabled }} - +{{- if and ( not .Values.global.jobs.migration.enabled ) ( .Values.global.jobs.createSchema.enabled ) }} apiVersion: batch/v1 kind: Job metadata: @@ -89,24 +88,24 @@ spec: name: localtime readOnly: true - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties - name: {{ include "common.fullname" . }}-db-real-conf + name: {{ include "common.fullname" . }}-config subPath: janusgraph-realtime.properties - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties - name: {{ include "common.fullname" . }}-db-cached-conf + name: {{ include "common.fullname" . }}-config subPath: janusgraph-cached.properties - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties - name: {{ include "common.fullname" . }}-aaiconfig-conf + name: {{ include "common.fullname" . }}-config subPath: aaiconfig.properties - mountPath: /opt/aai/logroot/AAI-GA name: {{ include "common.fullname" . }}-logs - mountPath: /opt/app/aai-graphadmin/resources/logback.xml - name: {{ include "common.fullname" . }}-log-conf + name: {{ include "common.fullname" . }}-config subPath: logback.xml - mountPath: /opt/app/aai-graphadmin/resources/localhost-access-logback.xml - name: {{ include "common.fullname" . }}-localhost-access-log-conf + name: {{ include "common.fullname" . }}-config subPath: localhost-access-logback.xml - mountPath: /opt/app/aai-graphadmin/resources/application.properties - name: {{ include "common.fullname" . }}-springapp-conf + name: {{ include "common.fullname" . }}-config subPath: application.properties {{ $global := . }} {{ range $job := .Values.global.config.auth.files }} @@ -134,29 +133,179 @@ spec: - name: {{ include "common.fullname" . }}-logs hostPath: path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}-create-db-schema - - name: {{ include "common.fullname" . }}-filebeat - emptyDir: {} - - name: {{ include "common.fullname" . }}-log-conf - configMap: - name: {{ include "common.fullname" . }}-log - - name: {{ include "common.fullname" . }}-localhost-access-log-conf - configMap: - name: {{ include "common.fullname" . }}-localhost-access-log-configmap - - name: {{ include "common.fullname" . }}-db-real-conf + - name: {{ include "common.fullname" . }}-config configMap: - name: {{ include "common.fullname" . }}-db-real-configmap - - name: {{ include "common.fullname" . }}-db-cached-conf - configMap: - name: {{ include "common.fullname" . }}-db-cached-configmap - - name: {{ include "common.fullname" . }}-aaiconfig-conf - configMap: - name: {{ include "common.fullname" . }}-aaiconfig-configmap - - name: {{ include "common.fullname" . }}-springapp-conf + name: {{ include "common.fullname" . }}-configmap + - name: {{ include "common.fullname" . }}-auth-truststore-sec + secret: + secretName: aai-common-truststore + items: + {{ range $job := .Values.global.config.auth.files }} + - key: {{ . }} + path: {{ . }} + {{ end }} + restartPolicy: Never + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" +{{ end }} +{{- if .Values.global.jobs.migration.enabled }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-migration + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-job + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + "helm.sh/hook": post-upgrade,post-rollback,post-install + "helm.sh/hook-weight": "1" + "helm.sh/hook-delete-policy": before-hook-creation +spec: + backoffLimit: 20 + template: + metadata: + labels: + app: {{ include "common.name" . }}-job + release: {{ .Release.Name }} + name: {{ include "common.name" . }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + {{- if .Values.global.cassandra.localCluster }} + - aai-cassandra + {{- else }} + - cassandra + {{- end }} + - --container-name + - aai-schema-service + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + - command: + - /bin/bash + - -c + - bash docker-entrypoint.sh dataRestoreFromSnapshot.sh `ls -t /opt/app/aai-graphadmin/logs/data/dataSnapshots|head -1|awk -F".P" '{ print $1 }'` + env: + - name: LOCAL_USER_ID + value: {{ .Values.global.config.userId | quote }} + - name: LOCAL_GROUP_ID + value: {{ .Values.global.config.groupId | quote }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties + name: {{ include "common.fullname" . }}-config + subPath: janusgraph-realtime.properties + - mountPath: /opt/app/aai-graphadmin/logs/data/dataSnapshots + name: {{ include "common.fullname" . }}-snapshots + - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties + name: {{ include "common.fullname" . }}-config + subPath: janusgraph-cached.properties + - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties + name: {{ include "common.fullname" . }}-config + subPath: aaiconfig.properties + - mountPath: /opt/aai/logroot/AAI-GA + name: {{ include "common.fullname" . }}-logs + - mountPath: /opt/app/aai-graphadmin/resources/logback.xml + name: {{ include "common.fullname" . }}-config + subPath: logback.xml + - mountPath: /opt/app/aai-graphadmin/resources/localhost-access-logback.xml + name: {{ include "common.fullname" . }}-config + subPath: localhost-access-logback.xml + - mountPath: /opt/app/aai-graphadmin/resources/application.properties + name: {{ include "common.fullname" . }}-config + subPath: application.properties + {{ $global := . }} + {{ range $job := .Values.global.config.auth.files }} + - mountPath: /opt/app/aai-graphadmin/resources/etc/auth/{{ . }} + name: {{ include "common.fullname" $global }}-auth-truststore-sec + subPath: {{ . }} + {{ end }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-restore-backup + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-perform-migration + command: + - /bin/bash + - -c + - bash docker-entrypoint.sh run_Migrations.sh -e UpdateAaiUriIndexMigration --commit --skipPreMigrationSnapShot --runDisabled RebuildAllEdges + env: + - name: LOCAL_USER_ID + value: {{ .Values.global.config.userId | quote }} + - name: LOCAL_GROUP_ID + value: {{ .Values.global.config.groupId | quote }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties + name: {{ include "common.fullname" . }}-config + subPath: janusgraph-realtime.properties + - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties + name: {{ include "common.fullname" . }}-config + subPath: janusgraph-cached.properties + - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties + name: {{ include "common.fullname" . }}-config + subPath: aaiconfig.properties + - mountPath: /opt/aai/logroot/AAI-GA + name: {{ include "common.fullname" . }}-logs + - mountPath: /opt/app/aai-graphadmin/resources/logback.xml + name: {{ include "common.fullname" . }}-config + subPath: logback.xml + - mountPath: /opt/app/aai-graphadmin/resources/localhost-access-logback.xml + name: {{ include "common.fullname" . }}-config + subPath: localhost-access-logback.xml + - mountPath: /opt/app/aai-graphadmin/resources/application.properties + name: {{ include "common.fullname" . }}-config + subPath: application.properties + {{ $global := . }} + {{ range $job := .Values.global.config.auth.files }} + - mountPath: /opt/app/aai-graphadmin/resources/etc/auth/{{ . }} + name: {{ include "common.fullname" $global }}-auth-truststore-sec + subPath: {{ . }} + {{ end }} + resources: +{{ include "common.resources" . }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: filebeat-conf configMap: - name: {{ include "common.fullname" . }}-springapp-configmap - - name: {{ include "common.fullname" . }}-realm-conf + name: aai-filebeat + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-config configMap: - name: {{ include "common.fullname" . }}-realm-configmap + name: {{ include "common.fullname" . }}-configmap + - name: {{ include "common.fullname" . }}-snapshots + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-migration - name: {{ include "common.fullname" . }}-auth-truststore-sec secret: secretName: aai-common-truststore @@ -168,4 +317,112 @@ spec: restartPolicy: Never imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-db-backup-job + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-db-backup-job + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + annotations: + "helm.sh/hook": pre-upgrade,pre-install + "helm.sh/hook-weight": "2" + "helm.sh/hook-delete-policy": before-hook-creation +spec: + backoffLimit: 20 + template: + metadata: + labels: + app: {{ include "common.name" . }}-db-backup-job + release: {{ .Release.Name }} + name: {{ include "common.name" . }} + spec: + {{ if eq .Values.global.jobs.migration.remoteCassandra.enabled false }} + initContainers: + - command: + - /bin/bash + - -c + - /root/ready.py --container-name aai-cassandra --timeout 1 || /root/ready.py --container-name cassandra + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-db-backup-readiness + {{- end }} + containers: + - name: {{ include "common.name" . }}-db-backup-job + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /bin/bash + - docker-entrypoint.sh + - dataSnapshot.sh + env: + - name: LOCAL_USER_ID + value: {{ .Values.global.config.userId | quote }} + - name: LOCAL_GROUP_ID + value: {{ .Values.global.config.groupId | quote }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/aai-graphadmin/logs/data/dataSnapshots + name: {{ include "common.fullname" . }}-snapshots + - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties + name: {{ include "common.fullname" . }}-migration + subPath: janusgraph-migration-real.properties + - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties + name: {{ include "common.fullname" . }}-migration + subPath: janusgraph-migration-cached.properties + - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties + name: {{ include "common.fullname" . }}-config + subPath: aaiconfig.properties + - mountPath: /opt/aai/logroot/AAI-RES/ + name: {{ include "common.fullname" . }}-logs + - mountPath: /opt/app/aai-graphadmin/resources/logback.xml + name: {{ include "common.fullname" . }}-config + subPath: logback.xml + - mountPath: /opt/app/aai-graphadmin/resources/localhost-access-logback.xml + name: {{ include "common.fullname" . }}-config + subPath: localhost-access-logback.xml + - mountPath: /opt/app/aai-graphadmin/resources/application.properties + name: {{ include "common.fullname" . }}-config + subPath: application.properties + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + - name: {{ include "common.fullname" . }}-migration + configMap: + name: {{ include "common.fullname" . }}-migration-configmap + - name: {{ include "common.fullname" . }}-snapshots + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-migration + restartPolicy: Never + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" {{ end }} + diff --git a/kubernetes/aai/charts/aai-graphadmin/templates/pv.yaml b/kubernetes/aai/charts/aai-graphadmin/templates/pv.yaml new file mode 100644 index 0000000000..f6783315ad --- /dev/null +++ b/kubernetes/aai/charts/aai-graphadmin/templates/pv.yaml @@ -0,0 +1,42 @@ +{{/* +# Copyright ▒ 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if .Values.global.jobs.migration.enabled -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} + annotations: + "helm.sh/hook": pre-upgrade,pre-install + "helm.sh/hook-weight": "0" + "helm.sh/hook-delete-policy": before-hook-creation +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath1 }} +{{- end -}} + diff --git a/kubernetes/aai/charts/aai-graphadmin/templates/pvc.yaml b/kubernetes/aai/charts/aai-graphadmin/templates/pvc.yaml new file mode 100644 index 0000000000..582afe9acd --- /dev/null +++ b/kubernetes/aai/charts/aai-graphadmin/templates/pvc.yaml @@ -0,0 +1,51 @@ +{{/* +# Copyright ▒ 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if .Values.global.jobs.migration.enabled -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-migration + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + annotations: + "helm.sh/hook": pre-upgrade,pre-install + "helm.sh/hook-weight": "-1" + "helm.sh/hook-delete-policy": before-hook-creation +{{- if .Values.persistence.annotations }} +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/kubernetes/aai/charts/aai-graphadmin/values.yaml b/kubernetes/aai/charts/aai-graphadmin/values.yaml index bdd6033bc3..498c3c185d 100644 --- a/kubernetes/aai/charts/aai-graphadmin/values.yaml +++ b/kubernetes/aai/charts/aai-graphadmin/values.yaml @@ -108,8 +108,26 @@ ingress: enabled: false persistence: + enabled: true + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: <storageClass> + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + accessMode: ReadWriteMany + size: 2Gi + mountPath: /dockerdata-nfs mountSubPath: aai/aai-graphadmin + mountSubPath1: aai/migration resources: small: diff --git a/kubernetes/aai/charts/aai-modelloader/values.yaml b/kubernetes/aai/charts/aai-modelloader/values.yaml index 563ea6bba0..58a72db406 100644 --- a/kubernetes/aai/charts/aai-modelloader/values.yaml +++ b/kubernetes/aai/charts/aai-modelloader/values.yaml @@ -21,7 +21,7 @@ global: # global defaults # application image repository: nexus3.onap.org:10001 -image: onap/model-loader:1.3.1 +image: onap/model-loader:1.4-STAGING-latest pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/charts/aai-resources/templates/configmap.yaml b/kubernetes/aai/charts/aai-resources/templates/configmap.yaml index 0f40d04dae..a4c2e317ad 100644 --- a/kubernetes/aai/charts/aai-resources/templates/configmap.yaml +++ b/kubernetes/aai/charts/aai-resources/templates/configmap.yaml @@ -15,7 +15,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-log + name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -24,83 +24,11 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-localhost-access-log-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: {{ tpl (.Files.Glob "resources/config/localhost-access-logback.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-db-real-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: {{ tpl (.Files.Glob "resources/config/janusgraph-realtime.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-db-cached-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: {{ tpl (.Files.Glob "resources/config/janusgraph-cached.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-aaiconfig-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: {{ tpl (.Files.Glob "resources/config/aaiconfig.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-springapp-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: {{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-realm-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: {{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }} --- apiVersion: v1 diff --git a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml index 84438c1f0c..d530c3dbbc 100644 --- a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml @@ -805,7 +805,12 @@ spec: {{ end }} initContainers: - command: - {{ if .Values.global.jobs.createSchema.enabled }} + {{ if .Values.global.jobs.migration.enabled }} + - /root/job_complete.py + args: + - --job-name + - {{ .Release.Name }}-aai-graphadmin-migration + {{ else if .Values.global.jobs.createSchema.enabled }} - /root/job_complete.py args: - --job-name @@ -853,24 +858,24 @@ spec: name: localtime readOnly: true - mountPath: /opt/app/aai-resources/resources/etc/appprops/janusgraph-realtime.properties - name: {{ include "common.fullname" . }}-db-real-conf + name: {{ include "common.fullname" . }}-config subPath: janusgraph-realtime.properties - mountPath: /opt/app/aai-resources/resources/etc/appprops/janusgraph-cached.properties - name: {{ include "common.fullname" . }}-db-cached-conf + name: {{ include "common.fullname" . }}-config subPath: janusgraph-cached.properties - mountPath: /opt/app/aai-resources/resources/etc/appprops/aaiconfig.properties - name: {{ include "common.fullname" . }}-aaiconfig-conf + name: {{ include "common.fullname" . }}-config subPath: aaiconfig.properties - mountPath: /opt/aai/logroot/AAI-RES name: {{ include "common.fullname" . }}-logs - mountPath: /opt/app/aai-resources/resources/logback.xml - name: {{ include "common.fullname" . }}-log-conf + name: {{ include "common.fullname" . }}-config subPath: logback.xml - mountPath: /opt/app/aai-resources/resources/localhost-access-logback.xml - name: {{ include "common.fullname" . }}-localhost-access-log-conf + name: {{ include "common.fullname" . }}-config subPath: localhost-access-logback.xml - mountPath: /opt/app/aai-resources/resources/etc/auth/realm.properties - name: {{ include "common.fullname" . }}-realm-conf + name: {{ include "common.fullname" . }}-config subPath: realm.properties {{ if .Values.global.installSidecarSecurity }} - mountPath: /opt/app/aai-resources/resources/etc/auth/aai_policy.json @@ -902,7 +907,7 @@ spec: name: aai-common-aai-auth-mount subPath: truststoreONAPall.jks - mountPath: /opt/app/aai-resources/resources/application.properties - name: {{ include "common.fullname" . }}-springapp-conf + name: {{ include "common.fullname" . }}-config subPath: application.properties {{ $global := . }} {{ range $job := .Values.global.config.auth.files }} @@ -1046,33 +1051,15 @@ spec: emptyDir: {} - name: {{ include "common.fullname" . }}-filebeat emptyDir: {} - - name: {{ include "common.fullname" . }}-log-conf - configMap: - name: {{ include "common.fullname" . }}-log - - name: {{ include "common.fullname" . }}-localhost-access-log-conf - configMap: - name: {{ include "common.fullname" . }}-localhost-access-log-configmap - - name: {{ include "common.fullname" . }}-db-real-conf + - name: {{ include "common.fullname" . }}-config configMap: - name: {{ include "common.fullname" . }}-db-real-configmap - - name: {{ include "common.fullname" . }}-db-cached-conf - configMap: - name: {{ include "common.fullname" . }}-db-cached-configmap - - name: {{ include "common.fullname" . }}-aaiconfig-conf - configMap: - name: {{ include "common.fullname" . }}-aaiconfig-configmap + name: {{ include "common.fullname" . }}-configmap - name: {{ include "common.fullname" . }}-aaf-properties configMap: name: {{ include "common.fullname" . }}-aaf-props - name: {{ include "common.fullname" . }}-aaf-certs secret: secretName: {{ include "common.fullname" . }}-aaf-keys - - name: {{ include "common.fullname" . }}-springapp-conf - configMap: - name: {{ include "common.fullname" . }}-springapp-configmap - - name: {{ include "common.fullname" . }}-realm-conf - configMap: - name: {{ include "common.fullname" . }}-realm-configmap - name: {{ include "common.fullname" . }}-auth-truststore-sec secret: secretName: aai-common-truststore diff --git a/kubernetes/aai/charts/aai-search-data/resources/fproxy/config/fproxy.properties b/kubernetes/aai/charts/aai-search-data/resources/fproxy/config/fproxy.properties new file mode 100644 index 0000000000..f512fb71a6 --- /dev/null +++ b/kubernetes/aai/charts/aai-search-data/resources/fproxy/config/fproxy.properties @@ -0,0 +1,2 @@ +credential.cache.timeout.ms=180000 +transactionid.header.name=X-TransactionId
\ No newline at end of file diff --git a/kubernetes/aai/charts/aai-search-data/resources/fproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-search-data/resources/fproxy/config/logback-spring.xml new file mode 100644 index 0000000000..edac199968 --- /dev/null +++ b/kubernetes/aai/charts/aai-search-data/resources/fproxy/config/logback-spring.xml @@ -0,0 +1,48 @@ +<?xml version="1.0" encoding="UTF-8"?> +<configuration> + + <property name="LOGS" value="./logs/AAF-FPS" /> + <property name="FILEPREFIX" value="application" /> + + <appender name="Console" + class="ch.qos.logback.core.ConsoleAppender"> + <layout class="ch.qos.logback.classic.PatternLayout"> + <Pattern> + %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable + </Pattern> + </layout> + </appender> + + <appender name="RollingFile" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${LOGS}/${FILEPREFIX}.log</file> + <encoder + class="ch.qos.logback.classic.encoder.PatternLayoutEncoder"> + <Pattern>%d %p %C{1.} [%t] %m%n</Pattern> + </encoder> + + <rollingPolicy + class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <!-- rollover daily and when the file reaches 10 MegaBytes --> + <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log + </fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy + class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>10MB</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + </rollingPolicy> + </appender> + + <!-- LOG everything at INFO level --> + <root level="debug"> + <appender-ref ref="RollingFile" /> + <appender-ref ref="Console" /> + </root> + + <!-- LOG "com.baeldung*" at TRACE level --> + <logger name="org.onap.aaf.fproxy" level="trace" additivity="false"> + <appender-ref ref="RollingFile" /> + <appender-ref ref="Console" /> + </logger> + +</configuration> diff --git a/kubernetes/aai/charts/aai-search-data/resources/fproxy/config/readme.txt b/kubernetes/aai/charts/aai-search-data/resources/fproxy/config/readme.txt new file mode 100644 index 0000000000..79cf29e73c --- /dev/null +++ b/kubernetes/aai/charts/aai-search-data/resources/fproxy/config/readme.txt @@ -0,0 +1 @@ +Relevant configuration files need to be copied here to successfully run this service locally.
\ No newline at end of file diff --git a/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/auth/uri-authorization.json new file mode 100644 index 0000000000..595d484c37 --- /dev/null +++ b/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/auth/uri-authorization.json @@ -0,0 +1,11 @@ +[ + { + "uri": "\/services\/search-data-service\/.*", + "method": "GET|PUT|POST|DELETE", + "permissions": [ + "org\\.onap\\.aai\\.resources\\|\\*\\|.*" + ] + } + + +] diff --git a/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/cadi.properties b/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/cadi.properties new file mode 100644 index 0000000000..c2b628dbb3 --- /dev/null +++ b/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/cadi.properties @@ -0,0 +1,39 @@ +# This is a normal Java Properties File +# Comments are with Pound Signs at beginning of lines, +# and multi-line expression of properties can be obtained by backslash at end of line + +#hostname is used for local testing where you may have to set your hostname to **.att.com or **.sbc.com. The example given below +#will allow for an ATT cross domain cookie to be used for GLO. If you are running on Windows corp machine, your machine name +#may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com +#to your hosts file on your machine. +#hostname=test.aic.cip.att.com + +cadi_loglevel=DEBUG + +# OAuth2 +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect + +cadi_latitude=37.78187 +cadi_longitude=-122.26147 + +# Locate URL (which AAF Env) +aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 + +# AAF URL +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 + +cadi_keyfile=/opt/app/rproxy/config/security/keyfile +cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12 +cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV +cadi_alias=aai@aai.onap.org +cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore +cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + +aaf_env=DEV + +aaf_id=demo@people.osaaf.org +aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz + +# This is a colon separated list of client cert issuers +cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA diff --git a/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/forward-proxy.properties b/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/forward-proxy.properties new file mode 100644 index 0000000000..55a9b4816f --- /dev/null +++ b/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/forward-proxy.properties @@ -0,0 +1,4 @@ +forward-proxy.protocol = https +forward-proxy.host = localhost +forward-proxy.port = 10680 +forward-proxy.cacheurl = /credential-cache diff --git a/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/logback-spring.xml new file mode 100644 index 0000000000..289fe7512c --- /dev/null +++ b/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/logback-spring.xml @@ -0,0 +1,48 @@ +<?xml version="1.0" encoding="UTF-8"?> +<configuration> + + <property name="LOGS" value="./logs/reverse-proxy" /> + <property name="FILEPREFIX" value="application" /> + + <appender name="Console" + class="ch.qos.logback.core.ConsoleAppender"> + <layout class="ch.qos.logback.classic.PatternLayout"> + <Pattern> + %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable + </Pattern> + </layout> + </appender> + + <appender name="RollingFile" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${LOGS}/${FILEPREFIX}.log</file> + <encoder + class="ch.qos.logback.classic.encoder.PatternLayoutEncoder"> + <Pattern>%d %p %C{1.} [%t] %m%n</Pattern> + </encoder> + + <rollingPolicy + class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <!-- rollover daily and when the file reaches 10 MegaBytes --> + <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log + </fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy + class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>10MB</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + </rollingPolicy> + </appender> + + <!-- LOG everything at INFO level --> + <root level="debug"> + <appender-ref ref="RollingFile" /> + <appender-ref ref="Console" /> + </root> + + <!-- LOG "com.baeldung*" at TRACE level --> + <logger name="org.onap.aaf.rproxy" level="trace" additivity="false"> + <appender-ref ref="RollingFile" /> + <appender-ref ref="Console" /> + </logger> + +</configuration> diff --git a/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/primary-service.properties b/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/primary-service.properties new file mode 100644 index 0000000000..5fddcb240a --- /dev/null +++ b/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/primary-service.properties @@ -0,0 +1,3 @@ +primary-service.protocol = https +primary-service.host = localhost +primary-service.port = 9509 diff --git a/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/readme.txt b/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/readme.txt new file mode 100644 index 0000000000..79cf29e73c --- /dev/null +++ b/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/readme.txt @@ -0,0 +1 @@ +Relevant configuration files need to be copied here to successfully run this service locally.
\ No newline at end of file diff --git a/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/reverse-proxy.properties b/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/reverse-proxy.properties new file mode 100644 index 0000000000..8d46e1f429 --- /dev/null +++ b/kubernetes/aai/charts/aai-search-data/resources/rproxy/config/reverse-proxy.properties @@ -0,0 +1 @@ +transactionid.header.name=X-TransactionId
\ No newline at end of file diff --git a/kubernetes/aai/charts/aai-search-data/templates/configmap.yaml b/kubernetes/aai/charts/aai-search-data/templates/configmap.yaml index b1547f42aa..4361aa405d 100644 --- a/kubernetes/aai/charts/aai-search-data/templates/configmap.yaml +++ b/kubernetes/aai/charts/aai-search-data/templates/configmap.yaml @@ -37,3 +37,47 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/log/logback.xml").AsConfig . | indent 2 }} + +{{ if .Values.global.installSidecarSecurity }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-fproxy-config + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-fproxy-log-config + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-rproxy-config + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-rproxy-log-config + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-rproxy-uri-auth-config + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }} +{{ end }} + diff --git a/kubernetes/aai/charts/aai-search-data/templates/deployment.yaml b/kubernetes/aai/charts/aai-search-data/templates/deployment.yaml index 1d39d4e1d9..b63c4c520f 100644 --- a/kubernetes/aai/charts/aai-search-data/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-search-data/templates/deployment.yaml @@ -35,6 +35,14 @@ spec: release: {{ .Release.Name }} name: {{ include "common.name" . }} spec: + {{ if .Values.global.installSidecarSecurity }} + initContainers: + - name: {{ .Values.global.tproxyConfig.name }} + image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + securityContext: + privileged: true + {{ end }} containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -116,6 +124,84 @@ spec: - mountPath: /usr/share/filebeat/data name: {{ include "common.fullname" . }}-service-filebeat + {{ if .Values.global.installSidecarSecurity }} + - name: {{ .Values.global.rproxy.name }} + image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: CONFIG_HOME + value: "/opt/app/rproxy/config" + - name: KEY_STORE_PASSWORD + value: {{ .Values.config.keyStorePassword }} + - name: spring_profiles_active + value: {{ .Values.global.rproxy.activeSpringProfiles }} + volumeMounts: + - name: {{ include "common.fullname" . }}-rproxy-config + mountPath: /opt/app/rproxy/config/forward-proxy.properties + subPath: forward-proxy.properties + - name: {{ include "common.fullname" . }}-rproxy-config + mountPath: /opt/app/rproxy/config/primary-service.properties + subPath: primary-service.properties + - name: {{ include "common.fullname" . }}-rproxy-config + mountPath: /opt/app/rproxy/config/reverse-proxy.properties + subPath: reverse-proxy.properties + - name: {{ include "common.fullname" . }}-rproxy-config + mountPath: /opt/app/rproxy/config/cadi.properties + subPath: cadi.properties + - name: {{ include "common.fullname" . }}-rproxy-log-config + mountPath: /opt/app/rproxy/config/logback-spring.xml + subPath: logback-spring.xml + - name: {{ include "common.fullname" . }}-rproxy-auth-certs + mountPath: /opt/app/rproxy/config/auth/tomcat_keystore + subPath: tomcat_keystore + - name: {{ include "common.fullname" . }}-rproxy-auth-certs + mountPath: /opt/app/rproxy/config/auth/client-cert.p12 + subPath: client-cert.p12 + - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config + mountPath: /opt/app/rproxy/config/auth/uri-authorization.json + subPath: uri-authorization.json + - name: {{ include "common.fullname" . }}-rproxy-auth-certs + mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12 + subPath: org.onap.aai.p12 + - name: {{ include "common.fullname" . }}-rproxy-security-config + mountPath: /opt/app/rproxy/config/security/keyfile + subPath: keyfile + + ports: + - containerPort: {{ .Values.global.rproxy.port }} + + - name: {{ .Values.global.fproxy.name }} + image: "{{ include "common.repository" . }}/{{ .Values.global.fproxy.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: CONFIG_HOME + value: "/opt/app/fproxy/config" + - name: KEY_STORE_PASSWORD + value: {{ .Values.config.keyStorePassword }} + - name: TRUST_STORE_PASSWORD + value: {{ .Values.config.trustStorePassword }} + - name: spring_profiles_active + value: {{ .Values.global.fproxy.activeSpringProfiles }} + volumeMounts: + - name: {{ include "common.fullname" . }}-fproxy-config + mountPath: /opt/app/fproxy/config/fproxy.properties + subPath: fproxy.properties + - name: {{ include "common.fullname" . }}-fproxy-log-config + mountPath: /opt/app/fproxy/config/logback-spring.xml + subPath: logback-spring.xml + - name: {{ include "common.fullname" . }}-fproxy-auth-certs + mountPath: /opt/app/fproxy/config/auth/fproxy_truststore + subPath: fproxy_truststore + - name: {{ include "common.fullname" . }}-fproxy-auth-certs + mountPath: /opt/app/fproxy/config/auth/tomcat_keystore + subPath: tomcat_keystore + - name: {{ include "common.fullname" . }}-fproxy-auth-certs + mountPath: /opt/app/fproxy/config/auth/client-cert.p12 + subPath: client-cert.p12 + ports: + - containerPort: {{ .Values.global.fproxy.port }} + {{ end }} + volumes: - name: localtime hostPath: @@ -139,6 +225,35 @@ spec: - name: {{ include "common.fullname" . }}-service-log-conf configMap: name: {{ include "common.fullname" . }}-service-log + {{ if .Values.global.installSidecarSecurity }} + - name: {{ include "common.fullname" . }}-rproxy-config + configMap: + name: {{ include "common.fullname" . }}-rproxy-config + - name: {{ include "common.fullname" . }}-rproxy-log-config + configMap: + name: {{ include "common.fullname" . }}-rproxy-log-config + - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config + configMap: + name: {{ include "common.fullname" . }}-rproxy-uri-auth-config + - name: {{ include "common.fullname" . }}-rproxy-auth-config + secret: + secretName: {{ include "common.fullname" . }}-rproxy-auth-config + - name: {{ include "common.fullname" . }}-rproxy-auth-certs + secret: + secretName: aai-rproxy-auth-certs + - name: {{ include "common.fullname" . }}-rproxy-security-config + secret: + secretName: aai-rproxy-security-config + - name: {{ include "common.fullname" . }}-fproxy-config + configMap: + name: {{ include "common.fullname" . }}-fproxy-config + - name: {{ include "common.fullname" . }}-fproxy-log-config + configMap: + name: {{ include "common.fullname" . }}-fproxy-log-config + - name: {{ include "common.fullname" . }}-fproxy-auth-certs + secret: + secretName: aai-fproxy-auth-certs + {{ end }} restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/charts/aai-search-data/templates/secret.yaml b/kubernetes/aai/charts/aai-search-data/templates/secret.yaml index ee32e19218..9af326c3d3 100644 --- a/kubernetes/aai/charts/aai-search-data/templates/secret.yaml +++ b/kubernetes/aai/charts/aai-search-data/templates/secret.yaml @@ -38,3 +38,16 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/auth/search_policy.json").AsSecrets . | indent 2 }} + +{{ if .Values.global.installSidecarSecurity }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-rproxy-auth-config + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }} +{{ end }} + diff --git a/kubernetes/aai/charts/aai-search-data/templates/service.yaml b/kubernetes/aai/charts/aai-search-data/templates/service.yaml index a49553e65b..73a4d62d02 100644 --- a/kubernetes/aai/charts/aai-search-data/templates/service.yaml +++ b/kubernetes/aai/charts/aai-search-data/templates/service.yaml @@ -25,6 +25,19 @@ metadata: spec: type: {{ .Values.service.type }} ports: + {{ if .Values.global.installSidecarSecurity }} + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + targetPort: {{ .Values.global.rproxy.port }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.global.rproxy.port }} + name: {{ .Values.service.portName }} + {{- end}} + {{ else }} + {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} @@ -33,6 +46,7 @@ spec: - port: {{ .Values.service.internalPort }} name: {{ .Values.service.portName }} {{- end}} +{{ end }} selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} diff --git a/kubernetes/aai/charts/aai-search-data/values.yaml b/kubernetes/aai/charts/aai-search-data/values.yaml index 2a999b8a0c..b7a8bbc652 100644 --- a/kubernetes/aai/charts/aai-search-data/values.yaml +++ b/kubernetes/aai/charts/aai-search-data/values.yaml @@ -23,7 +23,7 @@ global: # global defaults # application image repository: nexus3.onap.org:10001 -image: onap/search-data-service:1.3.1 +image: onap/search-data-service:1.4-STAGING-latest pullPolicy: Always restartPolicy: Always flavor: small @@ -32,7 +32,7 @@ config: elasticsearchHttpPort: 9200 keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - + trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 # default number of instances replicaCount: 1 diff --git a/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml b/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml index 106031edbc..1a92199d49 100644 --- a/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml +++ b/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml @@ -15,7 +15,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-log + name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -24,83 +24,11 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-localhost-access-log-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: {{ tpl (.Files.Glob "resources/config/localhost-access-logback.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-db-real-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: {{ tpl (.Files.Glob "resources/config/janusgraph-realtime.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-db-cached-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: {{ tpl (.Files.Glob "resources/config/janusgraph-cached.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-aaiconfig-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: {{ tpl (.Files.Glob "resources/config/aaiconfig.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-springapp-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: {{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-realm-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: {{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }} --- apiVersion: v1 diff --git a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml index c783f7d977..b94389f068 100644 --- a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml @@ -440,7 +440,12 @@ spec: {{ if .Values.global.initContainers.enabled }} initContainers: - command: - {{ if .Values.global.jobs.createSchema.enabled }} + {{ if .Values.global.jobs.migration.enabled }} + - /root/job_complete.py + args: + - --job-name + - {{ .Release.Name }}-aai-graphadmin-migration + {{ else if .Values.global.jobs.createSchema.enabled }} - /root/job_complete.py args: - --job-name @@ -483,24 +488,24 @@ spec: name: localtime readOnly: true - mountPath: /opt/app/aai-traversal/resources/etc/appprops/janusgraph-realtime.properties - name: {{ include "common.fullname" . }}-db-real-conf + name: {{ include "common.fullname" . }}-config subPath: janusgraph-realtime.properties - mountPath: /opt/app/aai-traversal/resources/etc/appprops/janusgraph-cached.properties - name: {{ include "common.fullname" . }}-db-cached-conf + name: {{ include "common.fullname" . }}-config subPath: janusgraph-cached.properties - mountPath: /opt/app/aai-traversal/resources/etc/appprops/aaiconfig.properties - name: {{ include "common.fullname" . }}-aaiconfig-conf + name: {{ include "common.fullname" . }}-config subPath: aaiconfig.properties - mountPath: /opt/aai/logroot/AAI-GQ name: {{ include "common.fullname" . }}-logs - mountPath: /opt/app/aai-traversal/resources/logback.xml - name: {{ include "common.fullname" . }}-log-conf + name: {{ include "common.fullname" . }}-config subPath: logback.xml - mountPath: /opt/app/aai-traversal/resources/localhost-access-logback.xml - name: {{ include "common.fullname" . }}-localhost-access-log-conf + name: {{ include "common.fullname" . }}-config subPath: localhost-access-logback.xml - mountPath: /opt/app/aai-traversal/resources/etc/auth/realm.properties - name: {{ include "common.fullname" . }}-realm-conf + name: {{ include "common.fullname" . }}-config subPath: realm.properties - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile name: {{ include "common.fullname" . }}-aaf-certs @@ -527,7 +532,7 @@ spec: name: aai-common-aai-auth-mount subPath: truststoreONAPall.jks - mountPath: /opt/app/aai-traversal/resources/application.properties - name: {{ include "common.fullname" . }}-springapp-conf + name: {{ include "common.fullname" . }}-config subPath: application.properties {{ $global := . }} {{ range $job := .Values.global.config.auth.files }} @@ -588,21 +593,9 @@ spec: emptyDir: {} - name: {{ include "common.fullname" . }}-filebeat emptyDir: {} - - name: {{ include "common.fullname" . }}-log-conf - configMap: - name: {{ include "common.fullname" . }}-log - - name: {{ include "common.fullname" . }}-localhost-access-log-conf - configMap: - name: {{ include "common.fullname" . }}-localhost-access-log-configmap - - name: {{ include "common.fullname" . }}-db-real-conf + - name: {{ include "common.fullname" . }}-config configMap: - name: {{ include "common.fullname" . }}-db-real-configmap - - name: {{ include "common.fullname" . }}-db-cached-conf - configMap: - name: {{ include "common.fullname" . }}-db-cached-configmap - - name: {{ include "common.fullname" . }}-aaiconfig-conf - configMap: - name: {{ include "common.fullname" . }}-aaiconfig-configmap + name: {{ include "common.fullname" . }}-configmap - name: {{ include "common.fullname" . }}-aaf-properties configMap: name: {{ include "common.fullname" . }}-aaf-props @@ -612,12 +605,6 @@ spec: - name: aai-common-aai-auth-mount secret: secretName: aai-common-aai-auth - - name: {{ include "common.fullname" . }}-springapp-conf - configMap: - name: {{ include "common.fullname" . }}-springapp-configmap - - name: {{ include "common.fullname" . }}-realm-conf - configMap: - name: {{ include "common.fullname" . }}-realm-configmap - name: {{ include "common.fullname" . }}-auth-truststore-sec secret: secretName: aai-common-truststore diff --git a/kubernetes/aai/charts/aai-traversal/templates/job.yaml b/kubernetes/aai/charts/aai-traversal/templates/job.yaml index a746f54470..31db068ae8 100644 --- a/kubernetes/aai/charts/aai-traversal/templates/job.yaml +++ b/kubernetes/aai/charts/aai-traversal/templates/job.yaml @@ -25,6 +25,12 @@ metadata: chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} +{{ if .Values.global.jobs.migration.enabled }} + annotations: + "helm.sh/hook": post-upgrade,post-rollback,post-install + "helm.sh/hook-weight": "2" + "helm.sh/hook-delete-policy": before-hook-creation +{{ end }} spec: template: metadata: @@ -74,24 +80,24 @@ spec: name: localtime readOnly: true - mountPath: /opt/app/aai-traversal/resources/etc/appprops/janusgraph-realtime.properties - name: {{ include "common.fullname" . }}-db-real-conf + name: {{ include "common.fullname" . }}-config subPath: janusgraph-realtime.properties - mountPath: /opt/app/aai-traversal/resources/etc/appprops/janusgraph-cached.properties - name: {{ include "common.fullname" . }}-db-cached-conf + name: {{ include "common.fullname" . }}-config subPath: janusgraph-cached.properties - mountPath: /opt/app/aai-traversal/resources/etc/appprops/aaiconfig.properties - name: {{ include "common.fullname" . }}-aaiconfig-conf + name: {{ include "common.fullname" . }}-config subPath: aaiconfig.properties - mountPath: /opt/aai/logroot/AAI-GQ/ name: {{ include "common.fullname" . }}-logs - mountPath: /opt/app/aai-traversal/resources/logback.xml - name: {{ include "common.fullname" . }}-log-conf + name: {{ include "common.fullname" . }}-config subPath: logback.xml - mountPath: /opt/app/aai-traversal/resources/localhost-access-logback.xml - name: {{ include "common.fullname" . }}-localhost-access-log-conf + name: {{ include "common.fullname" . }}-config subPath: localhost-access-logback.xml - mountPath: /opt/app/aai-traversal/resources/application.properties - name: {{ include "common.fullname" . }}-springapp-conf + name: {{ include "common.fullname" . }}-config subPath: application.properties {{ $global := . }} {{ range $job := .Values.global.config.auth.files }} @@ -113,27 +119,9 @@ spec: path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}-update-query - name: {{ include "common.fullname" . }}-filebeat emptyDir: {} - - name: {{ include "common.fullname" . }}-log-conf - configMap: - name: {{ include "common.fullname" . }}-log - - name: {{ include "common.fullname" . }}-localhost-access-log-conf - configMap: - name: {{ include "common.fullname" . }}-localhost-access-log-configmap - - name: {{ include "common.fullname" . }}-db-real-conf - configMap: - name: {{ include "common.fullname" . }}-db-real-configmap - - name: {{ include "common.fullname" . }}-db-cached-conf - configMap: - name: {{ include "common.fullname" . }}-db-cached-configmap - - name: {{ include "common.fullname" . }}-aaiconfig-conf - configMap: - name: {{ include "common.fullname" . }}-aaiconfig-configmap - - name: {{ include "common.fullname" . }}-springapp-conf - configMap: - name: {{ include "common.fullname" . }}-springapp-configmap - - name: {{ include "common.fullname" . }}-realm-conf + - name: {{ include "common.fullname" . }}-config configMap: - name: {{ include "common.fullname" . }}-realm-configmap + name: {{ include "common.fullname" . }}-configmap - name: {{ include "common.fullname" . }}-auth-truststore-sec secret: secretName: aai-common-truststore diff --git a/kubernetes/aai/resources/config/fproxy/auth/fproxy_truststore b/kubernetes/aai/resources/config/fproxy/auth/fproxy_truststore Binary files differindex f6ebc75ed8..f5e41700dc 100644 --- a/kubernetes/aai/resources/config/fproxy/auth/fproxy_truststore +++ b/kubernetes/aai/resources/config/fproxy/auth/fproxy_truststore diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index 1b359fc976..b2e17af428 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -104,6 +104,69 @@ global: # global defaults # When enabled, it will create the widget models via REST API to haproxy updateQueryData: enabled: true + #migration using helm hooks + migration: + enabled: false + remoteCassandra: + enabled: false + storage: + backend: cassandra + hostname: 10.10.10.10 + connectionTimeout: 100000 + cacheSize: 1000000 + keyConsistent: true + + #If backend is cql or cassandra it should be keyspace name + #else backend is hbase it should be hbase table name + name: aaigraph + + ## CQL driver specific properties for janusgraph + # cql: + # #Name of the Cassandra Cluster + # cluster: someclustername + # readConsistency: QUORUM + # writeConsistency: QUORUM + # replicationFactor: 3 + # localConsistencyForSysOps: true + + ## Cassandra driver specific properties for janusgraph + cassandra: + #Name of the Cassandra Cluster + clusterName: aai-cluster + localDataCenter: Pod lab + readConsistency: LOCAL_QUORUM + writeConsistency: LOCAL_QUORUM + replicationFactor: 3 + + #storage: + # backend: cassandra + # hostname: somehost1,somehost2,somehost3 + # connectionTimeout: 100000 + # cacheSize: 1000000 + # clusterName: someClusterName + # localDataCenter: someDataCenter + # keyConsistent: true + # #If backend is cql or cassandra it should be keyspace name + # #else backend is hbase it should be hbase table name + # name: your_hbase_table_or_keyspace_name + + ## CQL driver specific properties for janusgraph + # cql: + # #Name of the Cassandra Cluster + # cluster: someclustername + # readConsistency: QUORUM + # writeConsistency: QUORUM + # replicationFactor: 3 + # localConsistencyForSysOps: true + + ## Cassandra driver specific properties for janusgraph + # cassandra: + # #Name of the Cassandra Cluster + # cluster: someclustername + # readConsistency: LOCAL_QUORUM + # writeConsistency: LOCAL_QUORUM + # replicationFactor: 3 + # Common configuration for resources traversal and graphadmin config: @@ -232,7 +295,7 @@ global: # global defaults # application image dockerhubRepository: registry.hub.docker.com -image: aaionap/haproxy:1.2.4 +image: aaionap/haproxy:1.4.0 pullPolicy: Always flavor: small diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/health_check.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/health_check.sh index 481163a1d5..825f7ab56a 100755 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/health_check.sh +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/health_check.sh @@ -13,11 +13,10 @@ # See the License for the specific language governing permissions and # limitations under the License. -startODL_status=$(ps -e | grep startODL | wc -l) waiting_bundles=$(/opt/opendaylight/current/bin/client bundle:list | grep Waiting | wc -l) run_level=$(/opt/opendaylight/current/bin/client system:start-level) - if [ "$run_level" == "Level 100" ] && [ "$startODL_status" -lt "1" ] && [ "$waiting_bundles" -lt "1" ] + if [ "$run_level" == "Level 100" ] && [ "$waiting_bundles" -lt "1" ] then echo APPC is healthy. else diff --git a/kubernetes/cds/Chart.yaml b/kubernetes/cds/Chart.yaml index fa430d2f78..acf35d4c8b 100644 --- a/kubernetes/cds/Chart.yaml +++ b/kubernetes/cds/Chart.yaml @@ -14,6 +14,6 @@ # limitations under the License. apiVersion: v1 -description: ONAP Common Design Studio +description: ONAP Controller Design Studio (CDS) name: cds version: 4.0.0 diff --git a/kubernetes/cds/charts/blueprints-processor/Chart.yaml b/kubernetes/cds/charts/cds-blueprints-processor/Chart.yaml index 389097437c..0563675792 100755 --- a/kubernetes/cds/charts/blueprints-processor/Chart.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/Chart.yaml @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: Blueprints Processor Micro Service -name: blueprints-processor +description: ONAP CDS Blueprints Processor +name: cds-blueprints-processor version: 4.0.0
\ No newline at end of file diff --git a/kubernetes/cds/charts/blueprints-processor/requirements.yaml b/kubernetes/cds/charts/cds-blueprints-processor/requirements.yaml index 9f92507a99..9f92507a99 100755 --- a/kubernetes/cds/charts/blueprints-processor/requirements.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/requirements.yaml diff --git a/kubernetes/cds/charts/blueprints-processor/resources/config/application.properties b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties index c25176f971..d2d043deea 100755 --- a/kubernetes/cds/charts/blueprints-processor/resources/config/application.properties +++ b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties @@ -1,47 +1,60 @@ -# Copyright (c) 2019 IBM, Bell Canada.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Functionality config
-blueprintsprocessor.grpcEnable=true
-blueprintsprocessor.restconfEnabled=true
-blueprintsprocessor.httpPort=8080
-blueprintsprocessor.grpcPort=9111
-
-# Basic Authentication
-security.user.password: {bcrypt}$2a$10$duaUzVUVW0YPQCSIbGEkQOXwafZGwQ/b32/Ys4R1iwSSawFgz7QNu
-security.user.name: ccsdkapps
-
-# Blueprint Processor File Execution and Handling Properties
-blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy
-blueprintsprocessor.blueprintArchivePath=/opt/app/onap/blueprints/archive
-
-# Primary Database Configuration
-blueprintsprocessor.db.primary.url=jdbc:mysql://cds-db:3306/sdnctl
-blueprintsprocessor.db.primary.username=sdnctl
-blueprintsprocessor.db.primary.password=sdnctl
-blueprintsprocessor.db.primary.driverClassName=org.mariadb.jdbc.Driver
-blueprintsprocessor.db.primary.hibernateHbm2ddlAuto=update
-blueprintsprocessor.db.primary.hibernateDDLAuto=update
-blueprintsprocessor.db.primary.hibernateNamingStrategy=org.hibernate.cfg.ImprovedNamingStrategy
-blueprintsprocessor.db.primary.hibernateDialect=org.hibernate.dialect.MySQL5InnoDBDialect
-
-# Python executor
-blueprints.processor.functions.python.executor.executionPath=/opt/app/onap/scripts/jython/ccsdk_blueprints
-blueprints.processor.functions.python.executor.modulePaths=/opt/app/onap/scripts/jython/ccsdk_blueprints,/opt/app/onap/scripts/jython/ccsdk_netconf
-
-# SDN-C's ODL Restconf Connection Details
-blueprintsprocessor.restclient.sdncodl.type=basic-auth
-blueprintsprocessor.restclient.sdncodl.url=http://sdnc:8282/
-blueprintsprocessor.restclient.sdncodl.username=admin
-blueprintsprocessor.restclient.sdncodl.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
\ No newline at end of file +# +# Copyright (c) 2017-2019 AT&T, IBM, Bell Canada, Nordix Foundation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Web server config +blueprintsprocessor.grpcEnable=true +blueprintsprocessor.httpPort=8080 +blueprintsprocessor.grpcPort=9111 + +# Blueprint Processor File Execution and Handling Properties +blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy +blueprintsprocessor.blueprintArchivePath=/opt/app/onap/blueprints/archive +blueprintsprocessor.blueprintWorkingPath=/opt/app/onap/blueprints/work + +# Primary Database Configuration +blueprintsprocessor.db.primary.url=jdbc:mysql://cds-db:3306/sdnctl +blueprintsprocessor.db.primary.username=sdnctl +blueprintsprocessor.db.primary.password=sdnctl +blueprintsprocessor.db.primary.driverClassName=org.mariadb.jdbc.Driver +blueprintsprocessor.db.primary.hibernateHbm2ddlAuto=update +blueprintsprocessor.db.primary.hibernateDDLAuto=update +blueprintsprocessor.db.primary.hibernateNamingStrategy=org.hibernate.cfg.ImprovedNamingStrategy +blueprintsprocessor.db.primary.hibernateDialect=org.hibernate.dialect.MySQL5InnoDBDialect + +# Python executor +blueprints.processor.functions.python.executor.executionPath=/opt/app/onap/scripts/jython/ccsdk_blueprints +blueprints.processor.functions.python.executor.modulePaths=/opt/app/onap/scripts/jython/ccsdk_blueprints,/opt/app/onap/scripts/jython/ccsdk_netconf,/opt/app/onap/scripts/jython/ccsdk_restconf + +security.user.password: {bcrypt}$2a$10$duaUzVUVW0YPQCSIbGEkQOXwafZGwQ/b32/Ys4R1iwSSawFgz7QNu +security.user.name: ccsdkapps + +# SDN-C's ODL Restconf Connection Details +blueprintsprocessor.restconfEnabled=true +blueprintsprocessor.restclient.sdncodl.type=basic-auth +blueprintsprocessor.restclient.sdncodl.url=http://sdnc:8282/ +blueprintsprocessor.restclient.sdncodl.username=admin +blueprintsprocessor.restclient.sdncodl.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + +# Executor Options +blueprintprocessor.resourceResolution.enabled=true +blueprintprocessor.netconfExecutor.enabled=true +blueprintprocessor.restConfExecutor.enabled=true +blueprintprocessor.remoteScriptCommand.enabled=true + +# Command executor +blueprintsprocessor.grpcclient.remote-python.type=token-auth +blueprintsprocessor.grpcclient.remote-python.host=cds-command-executor +blueprintsprocessor.grpcclient.remote-python.port=50051 +blueprintsprocessor.grpcclient.remote-python.token=Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
\ No newline at end of file diff --git a/kubernetes/cds/charts/blueprints-processor/resources/config/logback.xml b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/logback.xml index b73db7145f..2a5c5ce3fb 100755 --- a/kubernetes/cds/charts/blueprints-processor/resources/config/logback.xml +++ b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/logback.xml @@ -35,9 +35,9 @@ <logger name="org.springframework.web" level="info"/> <logger name="org.springframework.security.web.authentication" level="warn"/> <logger name="org.hibernate" level="error"/> - <logger name="org.onap.ccsdk.apps" level="info"/> + <logger name="org.onap.ccsdk.cds" level="info"/> - <root level="warn"> + <root level="info"> <appender-ref ref="STDOUT"/> </root> diff --git a/kubernetes/cds/charts/blueprints-processor/templates/configmap.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/configmap.yaml index 873acee237..873acee237 100755 --- a/kubernetes/cds/charts/blueprints-processor/templates/configmap.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/configmap.yaml diff --git a/kubernetes/cds/charts/blueprints-processor/templates/deployment.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml index 876f24937d..736b5cea24 100755 --- a/kubernetes/cds/charts/blueprints-processor/templates/deployment.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml @@ -54,9 +54,7 @@ spec: value: {{ .Values.config.appConfigDir }} ports: - containerPort: {{ .Values.service.http.internalPort }} - {{ if .Values.config.grpcEnabled }} - containerPort: {{ .Values.service.grpc.internalPort }} - {{ end }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{ if .Values.liveness.enabled }} @@ -89,6 +87,8 @@ spec: - mountPath: {{ .Values.config.appConfigDir }}/logback.xml name: {{ include "common.fullname" . }}-config subPath: logback.xml + - mountPath: {{ .Values.persistence.deployedBlueprint }} + name: {{ include "common.fullname" . }}-blueprints resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -111,5 +111,8 @@ spec: path: application.properties - key: logback.xml path: logback.xml + - name: {{ include "common.fullname" . }}-blueprints + persistentVolumeClaim: + claimName: {{ .Release.Name }}-cds-blueprints imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/cds/charts/cds-blueprints-processor/templates/pv.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/pv.yaml new file mode 100755 index 0000000000..812108760b --- /dev/null +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/pv.yaml @@ -0,0 +1,39 @@ +{{/* +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if not .Values.persistence.storageClass -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-blueprints + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-blueprints +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} +{{- end -}}
\ No newline at end of file diff --git a/kubernetes/cds/charts/cds-blueprints-processor/templates/pvc.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/pvc.yaml new file mode 100755 index 0000000000..98b55716c5 --- /dev/null +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/pvc.yaml @@ -0,0 +1,50 @@ +{{/* +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-cds-blueprints + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: +{{- if not .Values.persistence.storageClass }} + selector: + matchLabels: + name: {{ include "common.fullname" . }}-blueprints +{{- end }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/kubernetes/cds/charts/blueprints-processor/templates/service.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/service.yaml index 5c8bc8cc0d..5c8bc8cc0d 100755 --- a/kubernetes/cds/charts/blueprints-processor/templates/service.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/service.yaml diff --git a/kubernetes/cds/charts/blueprints-processor/values.yaml b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml index 10169d5dc7..05ef5fe1f0 100755 --- a/kubernetes/cds/charts/blueprints-processor/values.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml @@ -80,8 +80,15 @@ service: internalPort: 9111 externalPort: 9111 + persistence: enabled: true + volumeReclaimPolicy: Retain + accessMode: ReadWriteMany + size: 2Gi + enabled: true + mountSubPath: cds/blueprints/deploy + deployedBlueprint: /opt/app/onap/blueprints/deploy ingress: enabled: false diff --git a/kubernetes/so/charts/so-mariadb/templates/configmap.yaml b/kubernetes/cds/charts/cds-command-executor/Chart.yaml index a470bb268c..6f17c88c46 100755 --- a/kubernetes/so/charts/so-mariadb/templates/configmap.yaml +++ b/kubernetes/cds/charts/cds-command-executor/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright (c) 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,15 +11,8 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. + apiVersion: v1 -kind: ConfigMap -metadata: - name: confd-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }}
\ No newline at end of file +description: ONAP CDS Command Executor +name: cds-command-executor +version: 4.0.0
\ No newline at end of file diff --git a/kubernetes/cds/charts/cds-command-executor/requirements.yaml b/kubernetes/cds/charts/cds-command-executor/requirements.yaml new file mode 100755 index 0000000000..a57d2b6103 --- /dev/null +++ b/kubernetes/cds/charts/cds-command-executor/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright (c) 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~4.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml b/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml new file mode 100755 index 0000000000..659eddbaef --- /dev/null +++ b/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml @@ -0,0 +1,90 @@ +# Copyright (c) 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - cds-blueprints-processor + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.grpc.internalPort }} + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.grpc.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.grpc.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: {{ .Values.persistence.deployedBlueprint }} + name: {{ include "common.fullname" . }}-blueprints + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-blueprints + persistentVolumeClaim: + claimName: {{ .Release.Name }}-cds-blueprints + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/so/charts/so-mariadb/templates/service.yaml b/kubernetes/cds/charts/cds-command-executor/templates/service.yaml index 010dc71474..a6888b2fca 100755 --- a/kubernetes/so/charts/so-mariadb/templates/service.yaml +++ b/kubernetes/cds/charts/cds-command-executor/templates/service.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright (c) 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,6 +11,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. + apiVersion: v1 kind: Service metadata: @@ -21,17 +22,16 @@ metadata: chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} + annotations: spec: type: {{ .Values.service.type }} ports: - - name: {{ .Values.service.portName }} - {{ if eq .Values.service.type "NodePort" }} - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} - {{ else }} - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - {{ end }} + - port: {{ .Values.service.grpc.externalPort }} + targetPort: {{ .Values.service.grpc.internalPort }} + {{- if eq .Values.service.type "NodePort"}} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + {{- end}} + name: {{ .Values.service.grpc.portName | default "grpc" }} selector: app: {{ include "common.name" . }} release: {{ .Release.Name }}
\ No newline at end of file diff --git a/kubernetes/cds/charts/cds-command-executor/values.yaml b/kubernetes/cds/charts/cds-command-executor/values.yaml new file mode 100755 index 0000000000..fa49735cef --- /dev/null +++ b/kubernetes/cds/charts/cds-command-executor/values.yaml @@ -0,0 +1,99 @@ +# Copyright (c) 2019 Bell Canada +# +# Modifications Copyright (c) 2019 Bell Canada. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + # Change to an unused port prefix range to prevent port conflicts + # with other instances running within the same k8s cluster + nodePortPrefix: 302 + + # image repositories + repository: nexus3.onap.org:10001 + + # readiness check + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + + # image pull policy + pullPolicy: Always + + persistence: + mountPath: /dockerdata-nfs + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/ccsdk-commandexecutor:0.4.2-STAGING-latest +pullPolicy: Always + +# application configuration +config: + basicAuth: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: ClusterIP + grpc: + portName: command-executor-grpc + internalPort: 50051 + externalPort: 50051 + +persistence: + enabled: true + mountSubPath: cds/blueprints/deploy + deployedBlueprint: /opt/app/onap/blueprints/deploy + +ingress: + enabled: false + +resources: + small: + limits: + cpu: 2 + memory: 4Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 4 + memory: 8Gi + requests: + cpu: 2 + memory: 4Gi + unlimited: {} diff --git a/kubernetes/cds/charts/controller-blueprints/.helmignore b/kubernetes/cds/charts/cds-controller-blueprints/.helmignore index f0c1319444..f0c1319444 100644 --- a/kubernetes/cds/charts/controller-blueprints/.helmignore +++ b/kubernetes/cds/charts/cds-controller-blueprints/.helmignore diff --git a/kubernetes/cds/charts/controller-blueprints/Chart.yaml b/kubernetes/cds/charts/cds-controller-blueprints/Chart.yaml index 5e8b3f35df..fa04a16b00 100644 --- a/kubernetes/cds/charts/controller-blueprints/Chart.yaml +++ b/kubernetes/cds/charts/cds-controller-blueprints/Chart.yaml @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: Controller Blueprints Micro Service -name: controller-blueprints +description: ONAP CDS Controller Blueprints +name: cds-controller-blueprints version: 4.0.0
\ No newline at end of file diff --git a/kubernetes/cds/charts/controller-blueprints/requirements.yaml b/kubernetes/cds/charts/cds-controller-blueprints/requirements.yaml index 857a963ada..857a963ada 100644 --- a/kubernetes/cds/charts/controller-blueprints/requirements.yaml +++ b/kubernetes/cds/charts/cds-controller-blueprints/requirements.yaml diff --git a/kubernetes/cds/charts/controller-blueprints/resources/config/application.properties b/kubernetes/cds/charts/cds-controller-blueprints/resources/config/application.properties index 80fdaf542e..7fde0fd385 100755 --- a/kubernetes/cds/charts/controller-blueprints/resources/config/application.properties +++ b/kubernetes/cds/charts/cds-controller-blueprints/resources/config/application.properties @@ -49,7 +49,7 @@ resourceSourceMappings=primary-db=source-primary-db,input=source-input,default=s # Controller Blueprints Core Configuration controllerblueprints.blueprintDeployPath=/etc/blueprints/deploy controllerblueprints.blueprintArchivePath=/etc/blueprints/archive -controllerblueprints.blueprintEnrichmentPath=/etc/blueprints/enrichment +controllerblueprints.blueprintWorkingPath=/etc/blueprints/work # Controller Blueprint Load Configurations # blueprints.load.initial-data may be overridden by ENV variables controllerblueprints.loadInitialData={{ .Values.config.initDataLoad }} diff --git a/kubernetes/cds/charts/controller-blueprints/resources/config/logback.xml b/kubernetes/cds/charts/cds-controller-blueprints/resources/config/logback.xml index b73db7145f..e965e2f06c 100644 --- a/kubernetes/cds/charts/controller-blueprints/resources/config/logback.xml +++ b/kubernetes/cds/charts/cds-controller-blueprints/resources/config/logback.xml @@ -35,7 +35,7 @@ <logger name="org.springframework.web" level="info"/> <logger name="org.springframework.security.web.authentication" level="warn"/> <logger name="org.hibernate" level="error"/> - <logger name="org.onap.ccsdk.apps" level="info"/> + <logger name="org.onap.ccsdk.cds" level="info"/> <root level="warn"> <appender-ref ref="STDOUT"/> diff --git a/kubernetes/cds/charts/controller-blueprints/templates/configmap.yaml b/kubernetes/cds/charts/cds-controller-blueprints/templates/configmap.yaml index a8489681df..a8489681df 100644 --- a/kubernetes/cds/charts/controller-blueprints/templates/configmap.yaml +++ b/kubernetes/cds/charts/cds-controller-blueprints/templates/configmap.yaml diff --git a/kubernetes/cds/charts/controller-blueprints/templates/deployment.yaml b/kubernetes/cds/charts/cds-controller-blueprints/templates/deployment.yaml index 4cd2e18090..4cd2e18090 100755 --- a/kubernetes/cds/charts/controller-blueprints/templates/deployment.yaml +++ b/kubernetes/cds/charts/cds-controller-blueprints/templates/deployment.yaml diff --git a/kubernetes/cds/charts/controller-blueprints/templates/service.yaml b/kubernetes/cds/charts/cds-controller-blueprints/templates/service.yaml index e0a66d2483..e0a66d2483 100755 --- a/kubernetes/cds/charts/controller-blueprints/templates/service.yaml +++ b/kubernetes/cds/charts/cds-controller-blueprints/templates/service.yaml diff --git a/kubernetes/cds/charts/controller-blueprints/values.yaml b/kubernetes/cds/charts/cds-controller-blueprints/values.yaml index 246aae482b..246aae482b 100755 --- a/kubernetes/cds/charts/controller-blueprints/values.yaml +++ b/kubernetes/cds/charts/cds-controller-blueprints/values.yaml diff --git a/kubernetes/cds/charts/cds-ui/Chart.yaml b/kubernetes/cds/charts/cds-ui/Chart.yaml new file mode 100644 index 0000000000..d168e7cb9f --- /dev/null +++ b/kubernetes/cds/charts/cds-ui/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright (c) 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP CDS UI +name: cds-ui +version: 4.0.0
\ No newline at end of file diff --git a/kubernetes/cds/charts/cds-ui/requirements.yaml b/kubernetes/cds/charts/cds-ui/requirements.yaml new file mode 100644 index 0000000000..a57d2b6103 --- /dev/null +++ b/kubernetes/cds/charts/cds-ui/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright (c) 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~4.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/cds/templates/deployment.yaml b/kubernetes/cds/charts/cds-ui/templates/deployment.yaml index 134e6b7443..134e6b7443 100644 --- a/kubernetes/cds/templates/deployment.yaml +++ b/kubernetes/cds/charts/cds-ui/templates/deployment.yaml diff --git a/kubernetes/cds/templates/service.yaml b/kubernetes/cds/charts/cds-ui/templates/service.yaml index f8e91120eb..989321cc9b 100644 --- a/kubernetes/cds/templates/service.yaml +++ b/kubernetes/cds/charts/cds-ui/templates/service.yaml @@ -27,7 +27,7 @@ spec: ports: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} name: {{ .Values.service.portName }}-{{ .Values.service.internalPort }} {{- else -}} - port: {{ .Values.service.externalPort }} diff --git a/kubernetes/cds/charts/cds-ui/values.yaml b/kubernetes/cds/charts/cds-ui/values.yaml new file mode 100644 index 0000000000..efcd7e29b7 --- /dev/null +++ b/kubernetes/cds/charts/cds-ui/values.yaml @@ -0,0 +1,89 @@ +# Copyright © 2018 Orange +# Modifications Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefixExt: 304 + readinessRepository: oomk8s + readinessImage: readiness-check:1.1.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +subChartsOnly: + enabled: true + +# application image +repository: nexus3.onap.org:10001 +image: onap/ccsdk-cds-ui-server:0.4.2-STAGING-latest +pullPolicy: Always + +# application configuration +config: + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + httpGet: + path: / + port: 3000 + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + httpGet: + path: /ping + port: 3000 + initialDelaySeconds: 30 + periodSeconds: 10 + +service: + type: NodePort + portName: ui + name: cds-ui + nodePort: 97 + internalPort: 3000 + +ingress: + enabled: false +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 10m + memory: 100Mi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 200m + memory: 200Mi + unlimited: {} diff --git a/kubernetes/cds/values.yaml b/kubernetes/cds/values.yaml index 06b7cd1211..cdede47d09 100644 --- a/kubernetes/cds/values.yaml +++ b/kubernetes/cds/values.yaml @@ -1,5 +1,4 @@ -# Copyright © 2018 Orange -# Modifications Copyright © 2018 Amdocs, Bell Canada +# Copyright © 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,27 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 303 - readinessRepository: oomk8s - readinessImage: readiness-check:1.1.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -subChartsOnly: - enabled: true - -# application image -repository: nexus3.onap.org:10001 -image: onap/ccsdk-cds-ui:1.0.0-STAGING-latest -pullPolicy: Always - -# application configuration -config: - mariadb-galera: config: userName: sdnctl @@ -47,58 +25,4 @@ mariadb-galera: replicaCount: 1 persistence: enabled: true - mountSubPath: cds/data - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - httpGet: - path: / - port: 3000 - initialDelaySeconds: 30 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - httpGet: - path: /ping - port: 3000 - initialDelaySeconds: 30 - periodSeconds: 10 - -service: - type: NodePort - portName: ui - name: cds - nodePort: 97 - internalPort: 3000 - -ingress: - enabled: false -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 1 - memory: 1Gi - requests: - cpu: 10m - memory: 100Mi - large: - limits: - cpu: 2 - memory: 2Gi - requests: - cpu: 200m - memory: 200Mi - unlimited: {} + mountSubPath: cds/data
\ No newline at end of file diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml index b60dbcff38..13b868ab6f 100644 --- a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml @@ -34,7 +34,7 @@ busyboxImage: library/busybox:latest # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-kibana:3.0.3 +image: onap/clamp-dashboard-kibana:4.0-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml index ba8f46bdac..c81117ffd7 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml @@ -30,7 +30,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-logstash:3.0.3 +image: onap/clamp-dashboard-logstash:4.0-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml index 7edf75849c..77dabccf70 100644 --- a/kubernetes/clamp/values.yaml +++ b/kubernetes/clamp/values.yaml @@ -30,7 +30,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp:3.0.3 +image: onap/clamp:4.0-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml index 5ba48a21d3..b9b6430d11 100644 --- a/kubernetes/common/network-name-gen/values.yaml +++ b/kubernetes/common/network-name-gen/values.yaml @@ -54,7 +54,7 @@ mariadb-galera: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/ccsdk-apps-ms-neng:0.3.2 +image: onap/ccsdk-apps-ms-neng:0.4.1-STAGING-latest pullPolicy: IfNotPresent # application configuration diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml index 92888ea20f..399e03868d 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml @@ -34,26 +34,24 @@ spec: spec: containers: - name: {{ include "common.name" . }} - image: {{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }} + image: {{ .Values.repository }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container - {{ if .Values.liveness.enabled }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - httpGet: - path: /api/dcim/regions/ - port: {{ .Values.service.internalPort }} - scheme: HTTP - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: DB_PASSWORD valueFrom: diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml index ff2c39261b..e40a03068c 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml @@ -27,6 +27,6 @@ database_name: "dashboard_pg" cloudify_ip: {{ .Values.config.address.cm }} cloudify_user: "admin" cloudify_password: "admin" -consul_url: {{ .Values.config.address.consul.host }} +consul_url: {{ .Values.config.address.consul_ui }} postgres_port: "5432" replicas: 1 diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml index d985f4fb9c..bc9b7a0db3 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml @@ -27,7 +27,7 @@ global: loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 tlsRepository: nexus3.onap.org:10001 - tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.2-STAGING-latest + tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.3-STAGING-latest config: logstashServiceName: log-ls @@ -37,6 +37,7 @@ config: consul: host: consul-server port: 8500 + consul_ui: consul-server-ui cm: dcae-cloudify-manager dashboard: port: 30418 @@ -89,7 +90,7 @@ postgres: # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.14-STAGING-latest +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.15-STAGING-latest default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml index 8ecf448af0..a432226b57 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml @@ -44,7 +44,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.cm-container:1.6.1-STAGING-latest +image: onap/org.onap.dcaegen2.deployments.cm-container:1.6.2-STAGING-latest pullPolicy: Always # name of shared ConfigMap with kubeconfig for multiple clusters diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties index f9c4d9e446..dc9298de65 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties +++ b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties @@ -153,7 +153,7 @@ ApiNamespace: org.onap.dmaap-bc.api # If API authorization is required, then implement a class to enforce it. # This overrides the Class used for API permission check. -#ApiPermission.Class: com.company.policy.DecisionPolicy +ApiPermission.Class: org.onap.dmaap.dbcapi.authentication.AllowAll ##################################################### # diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml index ee24cfb548..d01987448c 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml @@ -31,9 +31,9 @@ spec: - name: DELAY value: "0" - name: PROTO - value: "http" + value: "https" - name: PORT - value: "8080" + value: "8443" - name: REQUESTID value: "{{.Chart.Name}}-post-install" volumeMounts: diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index 7dca42e746..39977f80e3 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -118,4 +118,4 @@ mariadb: persistence: size: 1Gi mountSubPath: data-router/dr-db-data - disableNfsProvisioner: true
\ No newline at end of file + disableNfsProvisioner: true diff --git a/kubernetes/esr/charts/esr-gui/values.yaml b/kubernetes/esr/charts/esr-gui/values.yaml index 004d473b99..3db8bcba22 100644 --- a/kubernetes/esr/charts/esr-gui/values.yaml +++ b/kubernetes/esr/charts/esr-gui/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aai/esr-gui:1.2.1 +image: onap/aai/esr-gui:1.4.0-STAGING-latest pullPolicy: Always msbaddr: msb-iag.{{ include "common.namespace" . }}:80 diff --git a/kubernetes/esr/charts/esr-server/values.yaml b/kubernetes/esr/charts/esr-server/values.yaml index ce5688f267..d6ac88f131 100644 --- a/kubernetes/esr/charts/esr-server/values.yaml +++ b/kubernetes/esr/charts/esr-server/values.yaml @@ -27,7 +27,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/aai/esr-server:1.2.1 +image: onap/aai/esr-server:1.4.0-STAGING-latest pullPolicy: Always msbaddr: msb-iag.{{ include "common.namespace" . }}:80 diff --git a/kubernetes/multicloud/charts/multicloud-ocata/values.yaml b/kubernetes/multicloud/charts/multicloud-ocata/values.yaml index 2642b5a172..053fe1f4d1 100644 --- a/kubernetes/multicloud/charts/multicloud-ocata/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-ocata/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-ocata:1.3.0-SNAPSHOT +image: onap/multicloud/openstack-ocata:1.3.0-STAGING pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/charts/multicloud-pike/values.yaml b/kubernetes/multicloud/charts/multicloud-pike/values.yaml index c39d41f879..7e61be6caa 100644 --- a/kubernetes/multicloud/charts/multicloud-pike/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-pike/values.yaml @@ -23,7 +23,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-pike:1.3.0-SNAPSHOT +image: onap/multicloud/openstack-pike:1.3.0-STAGING pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/charts/multicloud-vio/values.yaml b/kubernetes/multicloud/charts/multicloud-vio/values.yaml index a916a049f4..ec8f276af6 100644 --- a/kubernetes/multicloud/charts/multicloud-vio/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-vio/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/vio:1.2.1 +image: onap/multicloud/vio:1.3.0-STAGING pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/charts/multicloud-windriver/values.yaml b/kubernetes/multicloud/charts/multicloud-windriver/values.yaml index 234ad3f0f6..977347c56b 100644 --- a/kubernetes/multicloud/charts/multicloud-windriver/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-windriver/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-windriver:1.3.0-SNAPSHOT +image: onap/multicloud/openstack-windriver:1.3.0-STAGING pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/values.yaml b/kubernetes/multicloud/values.yaml index 8ebcb826ae..aa34496f7f 100644 --- a/kubernetes/multicloud/values.yaml +++ b/kubernetes/multicloud/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/framework:1.2.2 +image: onap/multicloud/framework:1.3.0-STAGING pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/policy/charts/policy-api/values.yaml b/kubernetes/policy/charts/policy-api/values.yaml index 92960a2d56..acb9f6bb58 100644 --- a/kubernetes/policy/charts/policy-api/values.yaml +++ b/kubernetes/policy/charts/policy-api/values.yaml @@ -56,7 +56,7 @@ readiness: periodSeconds: 10 service: - type: ClusterIP + type: NodePort name: policy-api portName: policy-api internalPort: 6969 diff --git a/kubernetes/pomba/charts/pomba-data-router/values.yaml b/kubernetes/pomba/charts/pomba-data-router/values.yaml index 5815b9667a..5d54f78dbb 100644 --- a/kubernetes/pomba/charts/pomba-data-router/values.yaml +++ b/kubernetes/pomba/charts/pomba-data-router/values.yaml @@ -27,7 +27,7 @@ global: # application image repository: nexus3.onap.org:10001 -image: onap/data-router:1.3.3 +image: onap/data-router:1.4-STAGING-latest pullPolicy: Always restartPolicy: Always diff --git a/kubernetes/pomba/charts/pomba-search-data/values.yaml b/kubernetes/pomba/charts/pomba-search-data/values.yaml index 7404f71232..0bb5c22c84 100644 --- a/kubernetes/pomba/charts/pomba-search-data/values.yaml +++ b/kubernetes/pomba/charts/pomba-search-data/values.yaml @@ -9,7 +9,7 @@ global: # global defaults # application image repository: nexus3.onap.org:10001 -image: onap/search-data-service:1.3.1 +image: onap/search-data-service:1.4-STAGING-latest pullPolicy: Always restartPolicy: Always diff --git a/kubernetes/portal/charts/portal-app/values.yaml b/kubernetes/portal/charts/portal-app/values.yaml index 2123dd7a6d..4623738003 100644 --- a/kubernetes/portal/charts/portal-app/values.yaml +++ b/kubernetes/portal/charts/portal-app/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/portal-app:2.3.1 +image: onap/portal-app:2.5.0-STAGING-latest pullPolicy: Always # default number of instances diff --git a/kubernetes/portal/charts/portal-mariadb/values.yaml b/kubernetes/portal/charts/portal-mariadb/values.yaml index 24b92f3bc3..e6d7d11360 100644 --- a/kubernetes/portal/charts/portal-mariadb/values.yaml +++ b/kubernetes/portal/charts/portal-mariadb/values.yaml @@ -24,7 +24,7 @@ global: # global defaults # application image repository: nexus3.onap.org:10001 -image: onap/portal-db:2.3.1 +image: onap/portal-db:2.5.0-STAGING-latest pullPolicy: Always readinessImage: readiness-check:2.0.0 diff --git a/kubernetes/portal/charts/portal-sdk/values.yaml b/kubernetes/portal/charts/portal-sdk/values.yaml index 63f7a49363..b61c84a494 100644 --- a/kubernetes/portal/charts/portal-sdk/values.yaml +++ b/kubernetes/portal/charts/portal-sdk/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/portal-sdk:2.3.1 +image: onap/portal-sdk:2.5.0-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/portal/charts/portal-widget/values.yaml b/kubernetes/portal/charts/portal-widget/values.yaml index f3567962db..7cf7b306ad 100644 --- a/kubernetes/portal/charts/portal-widget/values.yaml +++ b/kubernetes/portal/charts/portal-widget/values.yaml @@ -29,7 +29,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/portal-wms:2.3.1 +image: onap/portal-wms:2.5.0-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/robot/resources/config/eteshare/config/integration_preload_parameters.py b/kubernetes/robot/resources/config/eteshare/config/integration_preload_parameters.py index 0ae1047529..aa97252f09 100644 --- a/kubernetes/robot/resources/config/eteshare/config/integration_preload_parameters.py +++ b/kubernetes/robot/resources/config/eteshare/config/integration_preload_parameters.py @@ -12,6 +12,12 @@ # See the License for the specific language governing permissions and # limitations under the License. +import json +import os.path +from itertools import chain +from collections import defaultdict + + GLOBAL_PRELOAD_PARAMETERS = { # heat template parameter values common to all heat template continaing these parameters "defaults" : { @@ -503,3 +509,33 @@ GLOBAL_PRELOAD_PARAMETERS = { } } } + + +# Create dictionaries for new MAPPING data to join to original MAPPING data +GLOBAL_PRELOAD_PARAMETERS2 = {} + + +folder=os.path.join('/var/opt/ONAP/demo/preload_data') +subfolders = [d for d in os.listdir(folder) if os.path.isdir(os.path.join(folder, d))] + +for service in subfolders: + filepath=os.path.join('/var/opt/ONAP/demo/preload_data', service, 'preload_data.json') + with open(filepath, 'r') as f: + preload_data = json.load(f) + GLOBAL_PRELOAD_PARAMETERS2['Demo']=preload_data + + +# Merge dictionaries +# preload_data.json is for Demo key in GLOBAL_PRELOAD_PARAMETERS + + +GLOBAL_PRELOAD_PARAMETERS3 = {'Demo':{}} + +for k, v in chain(GLOBAL_PRELOAD_PARAMETERS['Demo'].items(), GLOBAL_PRELOAD_PARAMETERS2['Demo'].items()): + GLOBAL_PRELOAD_PARAMETERS3['Demo'][k] = v +# print(k, v) + +GLOBAL_PRELOAD_PARAMETERS = dict(GLOBAL_PRELOAD_PARAMETERS.items() + GLOBAL_PRELOAD_PARAMETERS3.items()) + +#print GLOBAL_PRELOAD_PARAMETERS + diff --git a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py index 85a932e02d..b765db23d6 100644 --- a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py @@ -85,7 +85,6 @@ GLOBAL_MSB_SERVER_PORT = "80" GLOBAL_MR_SERVER_PROTOCOL = "http" GLOBAL_MR_SERVER_PORT = "3904" # bus controller info -GLOBAL_BC_SERVER_PORT = "8080" GLOBAL_BC_HTTPS_SERVER_PORT = "8443" GLOBAL_BC_USERNAME = "{{ .Values.bcUsername }}" GLOBAL_BC_PASSWORD = "{{ .Values.bcPassword }}" diff --git a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py index 71d9ec0fe3..7d42fd54d8 100644 --- a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py @@ -64,6 +64,16 @@ GLOBAL_INJECTED_OPENSTACK_USERNAME = "{{ .Values.openStackUserName }}" GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME = "{{ .Values.openStackProjectName }}" GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID = "{{ .Values.openStackDomainId }}" GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION = "{{ .Values.openStackKeystoneAPIVersion }}" +GLOBAL_INJECTED_REGION_THREE = "{{ .Values.openStackRegionRegionThree }}" +GLOBAL_INJECTED_KEYSTONE_REGION_THREE = "{{ .Values.openStackKeyStoneUrlRegionThree }}" +GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION_REGION_THREE = "{{ .Values.openStackKeystoneAPIVersionRegionThree }}" +GLOBAL_INJECTED_OPENSTACK_USERNAME_REGION_THREE = "{{ .Values.openStackUserNameRegionThree }}" +GLOBAL_INJECTED_OPENSTACK_PASSWORD_REGION_THREE = "{{ .Values.openStackPasswordRegionThree }}" +GLOBAL_INJECTED_OPENSTACK_MSO_ENCRYPTED_PASSWORD_REGION_THREE = "{{ .Values.openSackMsoEncryptdPasswordRegionThree }}" +GLOBAL_INJECTED_OPENSTACK_TENANT_ID_REGION_THREE = "{{ .Values.openStackTenantIdRegionThree }}" +GLOBAL_INJECTED_OPENSTACK_PROJECT_DOMAIN_REGION_THREE = "{{ .Values.openStackProjectNameRegionThree }}" +GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN_REGION_THREE = "{{ .Values.openStackDomainIdRegionThree }}" +GLOBAL_INJECTED_OPENSTACK_OAM_NETWORK_CIDR_PREFIX = "{{ .Values.openStackOamNetworkCidrPrefix }}" GLOBAL_INJECTED_POLICY_IP_ADDR = "pdp.{{include "common.namespace" .}}" GLOBAL_INJECTED_POLICY_HEALTHCHECK_IP_ADDR = "drools.{{include "common.namespace" .}}" GLOBAL_INJECTED_PORTAL_IP_ADDR = "portal-app.{{include "common.namespace" .}}" @@ -140,6 +150,16 @@ GLOBAL_INJECTED_PROPERTIES = { "GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME" : "{{ .Values.openStackProjectName }}", "GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID" : "{{ .Values.openStackDomainId }}", "GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION" : "{{ .Values.openStackKeystoneAPIVersion }}", + "GLOBAL_INJECTED_REGION_THREE" : "{{ .Values.openStackRegionRegionThree }}", + "GLOBAL_INJECTED_KEYSTONE_REGION_THREE" : "{{ .Values.openStackKeyStoneUrlRegionThree }}", + "GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION_REGION_THREE" : "{{ .Values.openStackKeystoneAPIVersionRegionThree }}", + "GLOBAL_INJECTED_OPENSTACK_USERNAME_REGION_THREE" : "{{ .Values.openStackUserNameRegionThree }}", + "GLOBAL_INJECTED_OPENSTACK_PASSWORD_REGION_THREE" : "{{ .Values.openStackPasswordRegionThree }}", + "GLOBAL_INJECTED_OPENSTACK_MSO_ENCRYPTED_PASSWORD_REGION_THREE" : "{{ .Values.openSackMsoEncryptdPasswordRegionThree }}", + "GLOBAL_INJECTED_OPENSTACK_TENANT_ID_REGION_THREE" : "{{ .Values.openStackTenantIdRegionThree }}", + "GLOBAL_INJECTED_OPENSTACK_PROJECT_DOMAIN_REGION_THREE" : "{{ .Values.openStackProjectNameRegionThree }}", + "GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN_REGION_THREE" : "{{ .Values.openStackDomainIdRegionThree }}", + "GLOBAL_INJECTED_OPENSTACK_OAM_NETWORK_CIDR_PREFIX" : "{{ .Values.openStackOamNetworkCidrPrefix }}", "GLOBAL_INJECTED_POLICY_IP_ADDR" : "pdp.{{include "common.namespace" .}}", "GLOBAL_INJECTED_POLICY_HEALTHCHECK_IP_ADDR" : "drools.{{include "common.namespace" .}}", "GLOBAL_INJECTED_PORTAL_IP_ADDR" : "portal-app.{{include "common.namespace" .}}", diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml index 53e6cfe4cc..14f6064973 100755 --- a/kubernetes/robot/values.yaml +++ b/kubernetes/robot/values.yaml @@ -40,7 +40,7 @@ config: # Demo configuration # Nexus demo artifact version. Maps to GLOBAL_INJECTED_ARTIFACTS_VERSION -demoArtifactsVersion: "1.3.0" +demoArtifactsVersion: "1.4.0-SNAPSHOT" # Nexus demo artifact URL. demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases" # Openstack medium sized flavour name. Maps GLOBAL_INJECTED_VM_FLAVOR @@ -60,15 +60,27 @@ openStackUserName: "tenantUsername" # Project name of Openstack where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME openStackProjectName: "onap" # Domain id of openstack where VNFs will be deployed. Maps to GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID -openStackDomainId: "default" +openStackDomainId: "Default" # Openstack Keystone API version. Valid values are [ v2.0, v3 ]. Maps to GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION openStackKeystoneAPIVersion: "v2.0" +# Values for second cloud instante for VNF instantiatioen testing and keystone v3 +openStackRegionRegionThree: "RegionThree" +openStackKeyStoneUrlRegionThree: "http://1.2.3.4:5000" +openStackKeystoneAPIVersionRegionThree: "v3" +openStackUserNameRegionThree: "demo" +openStackPasswordRegionThree: "tenantPassword" +# this is the java encrypted password that is needed for SO +openSackMsoEncryptdPasswordRegionThree: "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" +openStackTenantIdRegionThree: "3583253e932845a09cd4c8ca2f31d095" +openStackProjectNameRegionThree: "Integration-HEAT-Staging-Daily" +openStackDomainIdRegionThree: "Default" +# # Openstack glance image name for Ubuntu 14. Maps to GLOBAL_INJECTED_UBUNTU_1404_IMAGE ubuntu14Image: "Ubuntu_14_trusty" # Openstack glance image name for Ubuntu 16. Maps to GLOBAL_INJECTED_UBUNTU_1604_IMAGE ubuntu16Image: "Ubuntu_16_xenial" # GLOBAL_INJECTED_SCRIPT_VERSION. Maps to GLOBAL_INJECTED_SCRIPT_VERSION -scriptVersion: "1.3.0" +scriptVersion: "1.4.0-SNAPSHOT" # Openstack network to which VNFs will bind their primary (first) interface. Maps to GLOBAL_INJECTED_NETWORK openStackPrivateNetId: "e8f51956-00dd-4425-af36-045716781ffc" # Openstack security group for instantiating VNFs diff --git a/kubernetes/sdc/charts/sdc-dcae-be/values.yaml b/kubernetes/sdc/charts/sdc-dcae-be/values.yaml index 666c22254d..9ae8f31499 100644 --- a/kubernetes/sdc/charts/sdc-dcae-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-be/values.yaml @@ -27,9 +27,9 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dcae-be:1.3.0 +image: onap/dcae-be:1.3-STAGING-latest pullPolicy: Always -backendInitImage: onap/dcae-tools:1.3.0 +backendInitImage: onap/dcae-tools:1.3-STAGING-latest # flag to enable debugging - application support required debugEnabled: false diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml b/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml index cf0640565c..f04b8fa5f2 100644 --- a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dcae-dt:1.2.0 +image: onap/dcae-dt:1.2-STAGING-latest pullPolicy: IfNotPresent config: javaOptions: -XX:MaxPermSize=256m -Xmx1024m -Dconfig.home=config -Dlog.home=/var/lib/jetty/logs/ -Dlogging.config=config/dcae-dt/logback-spring.xml diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml b/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml index ab6eaf3fbf..9f544cb9e0 100644 --- a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dcae-fe:1.3.0 +image: onap/dcae-fe:1.3-STAGING-latest pullPolicy: Always config: javaOptions: -XX:MaxPermSize=256m -Xmx1024m -Dconfig.home=config -Dlog.home=/var/lib/jetty/logs/ -Dlogging.config=config/dcae-fe/logback-spring.xml diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml index f968c59dae..a22479e8e8 100644 --- a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dcae-tosca-app:1.3.0 +image: onap/dcae-tosca-app:1.3-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/so/charts/so-bpmn-infra/templates/deployment.yaml b/kubernetes/so/charts/so-bpmn-infra/templates/deployment.yaml index ad3a19f37e..9211571c8a 100755 --- a/kubernetes/so/charts/so-bpmn-infra/templates/deployment.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/templates/deployment.yaml @@ -36,10 +36,10 @@ spec: spec: initContainers: - command: - - /root/ready.py + - /root/job_complete.py args: - - --container-name - - {{ .Values.mariadb.nameOverride }} + - --job-name + - {{ .Release.Name }}-so-mariadb-config-job env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/so/charts/so-bpmn-infra/values.yaml b/kubernetes/so/charts/so-bpmn-infra/values.yaml index 2deb907ba5..68df1244f7 100755 --- a/kubernetes/so/charts/so-bpmn-infra/values.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 persistence: mountPath: /dockerdata-nfs @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/bpmn-infra:1.3.3 +image: onap/so/bpmn-infra:1.4.0-STAGING-latest pullPolicy: Always replicaCount: 1 @@ -71,8 +71,6 @@ livenessProbe: timeoutSeconds: 10 successThreshold: 1 failureThreshold: 3 -mariadb: - nameOverride: so-mariadb ingress: enabled: false nodeSelector: {} diff --git a/kubernetes/so/charts/so-catalog-db-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-catalog-db-adapter/templates/deployment.yaml index ad3a19f37e..9211571c8a 100755 --- a/kubernetes/so/charts/so-catalog-db-adapter/templates/deployment.yaml +++ b/kubernetes/so/charts/so-catalog-db-adapter/templates/deployment.yaml @@ -36,10 +36,10 @@ spec: spec: initContainers: - command: - - /root/ready.py + - /root/job_complete.py args: - - --container-name - - {{ .Values.mariadb.nameOverride }} + - --job-name + - {{ .Release.Name }}-so-mariadb-config-job env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml index beeaf72d57..e807317ba3 100755 --- a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml +++ b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 persistence: mountPath: /dockerdata-nfs @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/catalog-db-adapter:1.3.3 +image: onap/so/catalog-db-adapter:1.4.0-STAGING-latest pullPolicy: Always replicaCount: 1 @@ -72,8 +72,6 @@ livenessProbe: timeoutSeconds: 10 successThreshold: 1 failureThreshold: 3 -mariadb: - nameOverride: so-mariadb ingress: enabled: false config: diff --git a/kubernetes/so/charts/so-db-secrets/templates/secrets.yaml b/kubernetes/so/charts/so-db-secrets/templates/secrets.yaml index f53c67f067..d19803c32e 100755 --- a/kubernetes/so/charts/so-db-secrets/templates/secrets.yaml +++ b/kubernetes/so/charts/so-db-secrets/templates/secrets.yaml @@ -22,8 +22,8 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: - mariadb.readwrite.host : {{ .Values.db_host | b64enc | quote }} - mariadb.readwrite.port : {{ .Values.db_port | b64enc | quote }} + mariadb.readwrite.host : {{ .Values.global.mariadbGalera.serviceName | b64enc | quote }} + mariadb.readwrite.port : {{ .Values.global.mariadbGalera.servicePort | b64enc | quote }} mariadb.readwrite.rolename: {{ .Values.db_username | b64enc | quote }} mariadb.readwrite.password: {{ .Values.db_password | b64enc | quote }} mariadb.admin.rolename: {{ .Values.db_admin_username| b64enc | quote }} diff --git a/kubernetes/so/charts/so-db-secrets/values.yaml b/kubernetes/so/charts/so-db-secrets/values.yaml index 8836802069..63b6852d50 100644 --- a/kubernetes/so/charts/so-db-secrets/values.yaml +++ b/kubernetes/so/charts/so-db-secrets/values.yaml @@ -11,8 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -db_host: so-mariadb -db_port: "3306" db_admin_username: so_admin db_admin_password: so_Admin123 db_username: so_user diff --git a/kubernetes/so/charts/so-mariadb/resources/config/mariadb/conf.d/mariadb1.cnf b/kubernetes/so/charts/so-mariadb/resources/config/mariadb/conf.d/mariadb1.cnf deleted file mode 100755 index 39ed022489..0000000000 --- a/kubernetes/so/charts/so-mariadb/resources/config/mariadb/conf.d/mariadb1.cnf +++ /dev/null @@ -1,193 +0,0 @@ -# Example MySQL config file for medium systems. -# -# This is for a system with memory 8G where MySQL plays -# an important part, or systems up to 128M where MySQL is used together with -# other programs (such as a web server) -# -# In this file, you can use all long options that a program supports. -# If you want to know which options a program supports, run the program -# with the "--help" option. - -# The following options will be passed to all MySQL clients -##[client] -##user = root -##port = 3306 -##socket = //opt/app/mysql/mysql.sock - -# Here follows entries for some specific programs - -# The MySQL server -[mysqld] -##performance_schema - -slow_query_log =ON -long_query_time =2 -slow_query_log_file =//var/lib/mysql/slow_query.log - -skip-external-locking -explicit_defaults_for_timestamp = true -skip-symbolic-links -local-infile = 0 -key_buffer_size = 16M -max_allowed_packet = 4M -table_open_cache = 100 -sort_buffer_size = 512K -net_buffer_length = 8K -read_buffer_size = 256K -read_rnd_buffer_size = 512K -myisam_sort_buffer_size = 8M -max_connections = 500 -lower_case_table_names = 1 -thread_stack = 256K -thread_cache_size = 25 -query_cache_size = 8M -query_cache_type = 0 -query_prealloc_size = 512K -query_cache_limit = 1M - -# Password validation -##plugin-load-add=simple_password_check.so -##simple_password_check_other_characters=0 - -# Audit Log settings -plugin-load-add=server_audit.so -server_audit=FORCE_PLUS_PERMANENT -server_audit_file_path=//var/lib/mysql/audit.log -server_audit_file_rotate_size=50M -server_audit_events=CONNECT,QUERY,TABLE -server_audit_logging=on - -# Don't listen on a TCP/IP port at all. This can be a security enhancement, -# if all processes that need to connect to mysqld run on the same host. -# All interaction with mysqld must be made via Unix sockets or named pipes. -# Note that using this option without enabling named pipes on Windows -# (via the "enable-named-pipe" option) will render mysqld useless! -# -#skip-networking - -# Replication Master Server (default) -# binary logging is required for replication -##log-bin=//var/lib/mysql/mysql-bin - -# binary logging format - mixed recommended -binlog_format=row - -# required unique id between 1 and 2^32 - 1 -# defaults to 1 if master-host is not set -# but will not function as a master if omitted - -# Replication Slave (comment out master section to use this) -# -# To configure this host as a replication slave, you can choose between -# two methods : -# -# 1) Use the CHANGE MASTER TO command (fully described in our manual) - -# the syntax is: -# -# CHANGE MASTER TO MASTER_HOST=<host>, MASTER_PORT=<port>, -# MASTER_USER=<user>, MASTER_PASSWORD=<password> ; -# -# where you replace <host>, <user>, <password> by quoted strings and -# <port> by the master's port number (3306 by default). -# -# Example: -# -# CHANGE MASTER TO MASTER_HOST='125.564.12.1', MASTER_PORT=3306, -# MASTER_USER='joe', MASTER_PASSWORD='secret'; -# -# OR -# -# 2) Set the variables below. However, in case you choose this method, then -# start replication for the first time (even unsuccessfully, for example -# if you mistyped the password in master-password and the slave fails to -# connect), the slave will create a master.info file, and any later -# change in this file to the variables' values below will be ignored and -# overridden by the content of the master.info file, unless you shutdown -# the slave server, delete master.info and restart the slaver server. -# For that reason, you may want to leave the lines below untouched -# (commented) and instead use CHANGE MASTER TO (see above) -# -# required unique id between 2 and 2^32 - 1 -# (and different from the master) -# defaults to 2 if master-host is set -# but will not function as a slave if omitted -#server-id = 2 -# -# The replication master for this slave - required -#master-host = <hostname> -# -# The username the slave will use for authentication when connecting -# to the master - required -#master-user = <username> -# -# The password the slave will authenticate with when connecting to -# the master - required -#master-password = <password> -# -# The port the master is listening on. -# optional - defaults to 3306 -#master-port = <port> -# -# binary logging - not required for slaves, but recommended -#log-bin=mysql-bin - -# Uncomment the following if you are using InnoDB tables -##innodb_data_home_dir = //opt/app/mysql/data -##innodb_data_file_path = ibdata1:20M:autoextend:max:32G -##innodb_log_group_home_dir = //opt/app/mysql/iblogs -# You can set .._buffer_pool_size up to 50 - 80 % -# of RAM but beware of setting memory usage too high -#innodb_buffer_pool_size = 6380M -#innodb_additional_mem_pool_size = 2M -# Set .._log_file_size to 25 % of buffer pool size -innodb_log_file_size = 150M -innodb_log_files_in_group = 3 -innodb_log_buffer_size = 8M -#innodb_flush_log_at_trx_commit = 1 -innodb_lock_wait_timeout = 50 -innodb_autoextend_increment = 100 -expire_logs_days = 8 -open_files_limit = 2000 -transaction-isolation=READ-COMMITTED -####### Galera parameters ####### -## Galera Provider configuration -wsrep_provider=/usr/lib/galera/libgalera_smm.so -wsrep_provider_options="gcache.size=2G; gcache.page_size=1G" -## Galera Cluster configuration -wsrep_cluster_name="MSO-automated-tests-cluster" -wsrep_cluster_address="gcomm://" -#wsrep_cluster_address="gcomm://mariadb1,mariadb2,mariadb3" -##wsrep_cluster_address="gcomm://192.169.3.184,192.169.3.185,192.169.3.186" -## Galera Synchronization configuration -wsrep_sst_method=rsync -#wsrep_sst_method=xtrabackup-v2 -#wsrep_sst_auth="sstuser:Mon#2o!6" -## Galera Node configuration -wsrep_node_name="mariadb1" -##wsrep_node_address="192.169.3.184" -wsrep_on=ON -## Status notification -#wsrep_notify_cmd=/opt/app/mysql/bin/wsrep_notify -####### - - -[mysqldump] -quick -max_allowed_packet = 16M - -[mysql] -no-auto-rehash -# Remove the next comment character if you are not familiar with SQL -#safe-updates - -[myisamchk] -key_buffer_size = 20971520 - -##[mysqlhotcopy] -##interactive-timeout -##[mysqld_safe] -##malloc-lib=//opt/app/mysql/local/lib/libjemalloc.so.1 -##log-error=//opt/app/mysql/log/mysqld.log - -general_log_file = /var/log/mysql/mysql.log -general_log = 1 diff --git a/kubernetes/so/charts/so-mariadb/templates/NOTES.txt b/kubernetes/so/charts/so-mariadb/templates/NOTES.txt deleted file mode 100755 index c60c745ca3..0000000000 --- a/kubernetes/so/charts/so-mariadb/templates/NOTES.txt +++ /dev/null @@ -1,19 +0,0 @@ -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/so/charts/so-mariadb/templates/deployment.yaml b/kubernetes/so/charts/so-mariadb/templates/deployment.yaml deleted file mode 100755 index 6c7b85fbc8..0000000000 --- a/kubernetes/so/charts/so-mariadb/templates/deployment.yaml +++ /dev/null @@ -1,110 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - hostname: mariadb - initContainers: - - name: {{ include "common.name" . }}-inject-testlab-project - command: - - /bin/bash - - -c - - > - git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit; - echo "Clone complete. Copying from /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d to /docker-entrypoint-initdb.d"; - cp -rf /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d/* /docker-entrypoint-initdb.d; - chmod -R 755 /docker-entrypoint-initdb.d; - echo "Done."; - image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: docker-entrypoint-initdb-d - mountPath: "/docker-entrypoint-initdb.d" - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - {{ if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: db-root-password - volumeMounts: - - mountPath: /var/lib/mysql - name: mariadb-data - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /etc/mysql/conf.d - name: mariadb-conf - - name: docker-entrypoint-initdb-d - mountPath: "/docker-entrypoint-initdb.d" - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: mariadb-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} - - name: mariadb-conf - configMap: - name: confd-configmap - - name: localtime - hostPath: - path: /etc/localtime - - name: docker-entrypoint-initdb-d - emptyDir: {} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/so/charts/so-mariadb/templates/job.yaml b/kubernetes/so/charts/so-mariadb/templates/job.yaml new file mode 100755 index 0000000000..a20564e513 --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/templates/job.yaml @@ -0,0 +1,193 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +{{- if .Values.global.migration.enabled }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-backup + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + "helm.sh/hook": pre-upgrade,pre-install + "helm.sh/hook-weight": "1" + "helm.sh/hook-delete-policy": before-hook-creation +spec: + backoffLimit: 20 + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + name: {{ include "common.name" . }} + spec: + containers: + - name: {{ include "common.fullname" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: DB_HOST + value: {{ .Values.global.migration.dbHost }} + - name: DB_USER + value: {{ .Values.global.migration.dbUser }} + - name: DB_PORT + value: "{{ .Values.global.migration.dbPort }}" + - name: DB_PASS + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-migration + key: db-root-password-backup + command: + - /bin/bash + - -c + - mysqldump -vv --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} --port=${DB_PORT} --databases --single-transaction --quick --lock-tables=false catalogdb requestdb > /var/data/mariadb/backup-`date +%s`.sql + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: backup-storage + mountPath: /var/data/mariadb + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: backup-storage + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-migration + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + restartPolicy: Never +--- +{{- end }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-config-job + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + "helm.sh/hook": post-upgrade,post-rollback,post-install + "helm.sh/hook-weight": "0" + "helm.sh/hook-delete-policy": before-hook-creation +spec: + backoffLimit: 20 + template: + metadata: + labels: + app: {{ include "common.name" . }}-job + release: {{ .Release.Name }} + name: {{ include "common.name" . }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py + args: + - --container-name + - {{ .Values.global.mariadbGalera.nameOverride }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: {{ include "common.name" . }}-inject-testlab-project + command: + - /bin/bash + - -c + - > + git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit; + echo "Clone complete. Copying from /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d to /docker-entrypoint-initdb.d"; + cp -rf /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d/* /docker-entrypoint-initdb.d; + chmod -R 755 /docker-entrypoint-initdb.d; + echo "Done."; + image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: docker-entrypoint-initdb-d + mountPath: "/docker-entrypoint-initdb.d" + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /bin/bash + - -c + - > + mysql() { /usr/bin/mysql -h ${DB_HOST} -P ${DB_PORT} "$@"; }; + export -f mysql; + mysql --user=root --password=${MYSQL_ROOT_PASSWORD} requestdb -e exit > /dev/null 2>&1 {{ if not .Values.global.migration.enabled }} && echo "Database already initialized!!!" && exit 0 {{ end }}; + for f in /docker-entrypoint-initdb.d/*; do case "$f" in *.sh) echo "$0: running $f"; . "$f" ;; *.sql) echo "$0: running $f"; "${mysql[@]}" < "$f"; echo ;; *.sql.gz) echo "$0: running $f"; gunzip -c "$f" | "${mysql[@]}"; echo ;; *) echo "$0: ignoring $f" ;; esac; echo; done; + {{- if .Values.global.migration.enabled }} + mysql -vv --user=root --password=${MYSQL_ROOT_PASSWORD} < `ls -tr /var/data/mariadb/* | tail -1`; + {{- end }} + env: + - name: DB_HOST + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.host + - name: DB_PORT + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.port + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: db-root-password + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: docker-entrypoint-initdb-d + mountPath: "/docker-entrypoint-initdb.d" + {{- if .Values.global.migration.enabled }} + - name: backup-storage + mountPath: /var/data/mariadb + {{- end }} + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: docker-entrypoint-initdb-d + emptyDir: {} + {{- if .Values.global.migration.enabled }} + - name: backup-storage + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-migration + {{- end }} + restartPolicy: Never + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/so/charts/so-mariadb/templates/pv.yaml b/kubernetes/so/charts/so-mariadb/templates/pv.yaml index d1e1b04121..5f5d09e2eb 100755 --- a/kubernetes/so/charts/so-mariadb/templates/pv.yaml +++ b/kubernetes/so/charts/so-mariadb/templates/pv.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada +# Copyright ▒ 2017 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,18 +13,23 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} + +{{- if .Values.global.migration.enabled }} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-migration namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-migration + annotations: + "helm.sh/hook": pre-upgrade,pre-install + "helm.sh/hook-weight": "0" + "helm.sh/hook-delete-policy": before-hook-creation spec: capacity: storage: {{ .Values.persistence.size}} @@ -33,4 +38,4 @@ spec: persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}}
\ No newline at end of file +{{- end }} diff --git a/kubernetes/so/charts/so-mariadb/templates/pvc.yaml b/kubernetes/so/charts/so-mariadb/templates/pvc.yaml index 74ba690fa6..92d5eed0c4 100755 --- a/kubernetes/so/charts/so-mariadb/templates/pvc.yaml +++ b/kubernetes/so/charts/so-mariadb/templates/pvc.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada +# Copyright ▒ 2017 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,25 +13,29 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} + +{{- if .Values.global.migration.enabled }} kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-migration namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} annotations: + "helm.sh/hook": pre-upgrade,pre-install + "helm.sh/hook-weight": "-1" + "helm.sh/hook-delete-policy": before-hook-creation +{{- if .Values.persistence.annotations }} {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: selector: matchLabels: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-migration accessModes: - {{ .Values.persistence.accessMode }} resources: @@ -44,4 +48,5 @@ spec: storageClassName: "{{ .Values.persistence.storageClass }}" {{- end }} {{- end }} -{{- end -}}
\ No newline at end of file +{{- end }} + diff --git a/kubernetes/so/charts/so-mariadb/templates/secrets.yaml b/kubernetes/so/charts/so-mariadb/templates/secrets.yaml index 24f7139ee0..99ccb55445 100755 --- a/kubernetes/so/charts/so-mariadb/templates/secrets.yaml +++ b/kubernetes/so/charts/so-mariadb/templates/secrets.yaml @@ -23,4 +23,24 @@ metadata: heritage: {{ .Release.Service }} type: Opaque data: - db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }}
\ No newline at end of file + db-root-password: {{ .Values.global.mariadbGalera.mariadbRootPassword | b64enc | quote }} +{{- if .Values.global.migration.enabled }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-migration + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + "helm.sh/hook": pre-upgrade,pre-install + "helm.sh/hook-weight": "0" + "helm.sh/hook-delete-policy": before-hook-creation +type: Opaque +data: + db-root-password-backup: {{ .Values.global.migration.dbPassword | b64enc | quote }} +{{- end }} diff --git a/kubernetes/so/charts/so-mariadb/values.yaml b/kubernetes/so/charts/so-mariadb/values.yaml index 950b43a360..acf9cb4f33 100755 --- a/kubernetes/so/charts/so-mariadb/values.yaml +++ b/kubernetes/so/charts/so-mariadb/values.yaml @@ -22,10 +22,8 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 ubuntuInitRepository: registry.hub.docker.com - persistence: - mountPath: /dockerdata-nfs ################################################################# # Application configuration defaults. @@ -38,55 +36,20 @@ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 # application configuration config: - mariadbRootPassword: password # gerrit branch where the latest heat code is checked in gerritBranch: master # gerrit project where the latest heat code is checked in gerritProject: http://gerrit.onap.org/r/so/docker-config.git # default number of instances -replicaCount: 1 nodeSelector: {} affinity: {} -# probe configuration parameters -liveness: - initialDelaySeconds: 450 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true -readiness: - initialDelaySeconds: 450 - periodSeconds: 10 -## Persist data to a persitent volume -persistence: - enabled: true - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: <storageClass> - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessMode: ReadWriteMany - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: mso/mariadb/data -service: - type: NodePort - portName: mariadb - internalPort: 3306 - externalPort: 3306 - nodePort: 52 + ingress: enabled: false + # Resource Limit flavor flavor: small + resources: small: limits: @@ -103,3 +66,24 @@ resources: cpu: 2 memory: 4Gi unlimited: {} + +persistence: + enabled: true + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: <storageClass> + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + accessMode: ReadWriteMany + size: 2Gi + + mountPath: /dockerdata-nfs + mountSubPath: so/migration diff --git a/kubernetes/so/charts/so-monitoring/values.yaml b/kubernetes/so/charts/so-monitoring/values.yaml index 29cfab1ea4..95509266ca 100644 --- a/kubernetes/so/charts/so-monitoring/values.yaml +++ b/kubernetes/so/charts/so-monitoring/values.yaml @@ -24,7 +24,7 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 persistence: mountPath: /dockerdata-nfs @@ -32,7 +32,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/so-monitoring:1.3.3 +image: onap/so/so-monitoring:1.4.0-STAGING-latest pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-openstack-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-openstack-adapter/templates/deployment.yaml index ad3a19f37e..9211571c8a 100755 --- a/kubernetes/so/charts/so-openstack-adapter/templates/deployment.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/templates/deployment.yaml @@ -36,10 +36,10 @@ spec: spec: initContainers: - command: - - /root/ready.py + - /root/job_complete.py args: - - --container-name - - {{ .Values.mariadb.nameOverride }} + - --job-name + - {{ .Release.Name }}-so-mariadb-config-job env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/so/charts/so-openstack-adapter/values.yaml b/kubernetes/so/charts/so-openstack-adapter/values.yaml index f97ad13b3f..b139ac7811 100755 --- a/kubernetes/so/charts/so-openstack-adapter/values.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/values.yaml @@ -19,14 +19,14 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 persistence: mountPath: /dockerdata-nfs ################################################################# # Application configuration defaults. ################################################################# -image: onap/so/openstack-adapter:1.3.3 +image: onap/so/openstack-adapter:1.4.0-STAGING-latest pullPolicy: Always repository: nexus3.onap.org:10001 @@ -72,8 +72,6 @@ livenessProbe: timeoutSeconds: 10 successThreshold: 1 failureThreshold: 3 -mariadb: - nameOverride: so-mariadb ingress: enabled: false config: diff --git a/kubernetes/so/charts/so-request-db-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-request-db-adapter/templates/deployment.yaml index ad3a19f37e..9211571c8a 100755 --- a/kubernetes/so/charts/so-request-db-adapter/templates/deployment.yaml +++ b/kubernetes/so/charts/so-request-db-adapter/templates/deployment.yaml @@ -36,10 +36,10 @@ spec: spec: initContainers: - command: - - /root/ready.py + - /root/job_complete.py args: - - --container-name - - {{ .Values.mariadb.nameOverride }} + - --job-name + - {{ .Release.Name }}-so-mariadb-config-job env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/so/charts/so-request-db-adapter/values.yaml b/kubernetes/so/charts/so-request-db-adapter/values.yaml index 16d4a153ac..7a40fac254 100755 --- a/kubernetes/so/charts/so-request-db-adapter/values.yaml +++ b/kubernetes/so/charts/so-request-db-adapter/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 persistence: mountPath: /dockerdata-nfs @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/request-db-adapter:1.3.3 +image: onap/so/request-db-adapter:1.4.0-STAGING-latest pullPolicy: Always replicaCount: 1 @@ -72,8 +72,6 @@ livenessProbe: timeoutSeconds: 10 successThreshold: 1 failureThreshold: 3 -mariadb: - nameOverride: so-mariadb ingress: enabled: false nodeSelector: {} diff --git a/kubernetes/so/charts/so-sdc-controller/templates/deployment.yaml b/kubernetes/so/charts/so-sdc-controller/templates/deployment.yaml index ad3a19f37e..9211571c8a 100755 --- a/kubernetes/so/charts/so-sdc-controller/templates/deployment.yaml +++ b/kubernetes/so/charts/so-sdc-controller/templates/deployment.yaml @@ -36,10 +36,10 @@ spec: spec: initContainers: - command: - - /root/ready.py + - /root/job_complete.py args: - - --container-name - - {{ .Values.mariadb.nameOverride }} + - --job-name + - {{ .Release.Name }}-so-mariadb-config-job env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/so/charts/so-sdc-controller/values.yaml b/kubernetes/so/charts/so-sdc-controller/values.yaml index 06d8c8147f..c330f9dab3 100755 --- a/kubernetes/so/charts/so-sdc-controller/values.yaml +++ b/kubernetes/so/charts/so-sdc-controller/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 persistence: mountPath: /dockerdata-nfs @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/sdc-controller:1.3.3 +image: onap/so/sdc-controller:1.4.0-STAGING-latest pullPolicy: Always replicaCount: 1 @@ -72,8 +72,6 @@ livenessProbe: timeoutSeconds: 10 successThreshold: 1 failureThreshold: 3 -mariadb: - nameOverride: so-mariadb ingress: enabled: false nodeSelector: {} diff --git a/kubernetes/so/charts/so-sdnc-adapter/values.yaml b/kubernetes/so/charts/so-sdnc-adapter/values.yaml index a24eddc3fa..8296c69068 100755 --- a/kubernetes/so/charts/so-sdnc-adapter/values.yaml +++ b/kubernetes/so/charts/so-sdnc-adapter/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 persistence: mountPath: /dockerdata-nfs @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/sdnc-adapter:1.3.3 +image: onap/so/sdnc-adapter:1.4.0-STAGING-latest pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-vfc-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-vfc-adapter/templates/deployment.yaml index ad3a19f37e..9211571c8a 100755 --- a/kubernetes/so/charts/so-vfc-adapter/templates/deployment.yaml +++ b/kubernetes/so/charts/so-vfc-adapter/templates/deployment.yaml @@ -36,10 +36,10 @@ spec: spec: initContainers: - command: - - /root/ready.py + - /root/job_complete.py args: - - --container-name - - {{ .Values.mariadb.nameOverride }} + - --job-name + - {{ .Release.Name }}-so-mariadb-config-job env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/so/charts/so-vfc-adapter/values.yaml b/kubernetes/so/charts/so-vfc-adapter/values.yaml index 08a78397d4..22c3f12292 100755 --- a/kubernetes/so/charts/so-vfc-adapter/values.yaml +++ b/kubernetes/so/charts/so-vfc-adapter/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 persistence: mountPath: /dockerdata-nfs @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/vfc-adapter:1.3.3 +image: onap/so/vfc-adapter:1.4.0-STAGING-latest pullPolicy: Always replicaCount: 1 @@ -72,8 +72,6 @@ livenessProbe: timeoutSeconds: 10 successThreshold: 1 failureThreshold: 3 -mariadb: - nameOverride: so-mariadb ingress: enabled: false nodeSelector: {} diff --git a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml index 236f5d5dde..8650f05897 100755 --- a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml @@ -38,4 +38,4 @@ sdc: key: 566B754875657232314F5548556D3665 endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443 vnfmadapter: - endpoint: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092 + endpoint: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092 diff --git a/kubernetes/so/charts/so-vnfm-adapter/values.yaml b/kubernetes/so/charts/so-vnfm-adapter/values.yaml index cc0450186c..d544247fa2 100755 --- a/kubernetes/so/charts/so-vnfm-adapter/values.yaml +++ b/kubernetes/so/charts/so-vnfm-adapter/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 persistence: mountPath: /dockerdata-nfs diff --git a/kubernetes/so/requirements.yaml b/kubernetes/so/requirements.yaml index 12e77c38a0..237486d90b 100755 --- a/kubernetes/so/requirements.yaml +++ b/kubernetes/so/requirements.yaml @@ -17,4 +17,8 @@ dependencies: # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) - repository: '@local'
\ No newline at end of file + repository: '@local' + - name: mariadb-galera + version: ~4.x-0 + repository: '@local' + condition: global.mariadbGalera.localCluster diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml index ad3a19f37e..9211571c8a 100755 --- a/kubernetes/so/templates/deployment.yaml +++ b/kubernetes/so/templates/deployment.yaml @@ -36,10 +36,10 @@ spec: spec: initContainers: - command: - - /root/ready.py + - /root/job_complete.py args: - - --container-name - - {{ .Values.mariadb.nameOverride }} + - --job-name + - {{ .Release.Name }}-so-mariadb-config-job env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index 1a59cea4c6..b096b55f54 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -19,15 +19,31 @@ global: nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 + mariadbGalera: + nameOverride: mariadb-galera + serviceName: mariadb-galera + servicePort: "3306" + mariadbRootPassword: secretpassword + #This flag allows SO to instantiate its own mariadb-galera cluster, + #serviceName and nameOverride should be so-mariadb-galera if this flag is enabled + localCluster: false persistence: mountPath: /dockerdata-nfs - + #This configuration will run the migration. The configurations are for backing up the data + #from DB and then restoring it to the present versions preferred DB. + migration: + enabled: false + dbHost: mariadb-galera + dbPort: 3306 + dbUser: root + dbPassword: secretpassword + ################################################################# # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/api-handler-infra:1.3.3 +image: onap/so/api-handler-infra:1.4.0-STAGING-latest pullPolicy: Always replicaCount: 1 @@ -72,25 +88,20 @@ livenessProbe: timeoutSeconds: 10 successThreshold: 1 failureThreshold: 3 -mariadb: - nameOverride: so-mariadb -so-bpmn-infra: - mariadb: - nameOverride: so-mariadb -so-catalog-db-adapter: - mariadb: - nameOverride: so-mariadb -so-openstack-adapter: - mariadb: - nameOverride: so-mariadb -so-request-db-adapter: - mariadb: - nameOverride: so-mariadb -so-sdc-controller: - mariadb: - nameOverride: so-mariadb -so-vfc-adapter: - mariadb: - nameOverride: so-mariadb + nodeSelector: {} affinity: {} + +#Used only if localCluster is enabled. Instantiates SO's own cassandra cluster +#helm deploy demo local/onap --namespace onap --verbose --set so.enabled=true \ +# --set so.global.mariadbGalera.localCluster=true \ +# --set so.global.mariadbGalera.nameOverride=so-mariadb-galera \ +# --set so.global.mariadbGalera.serviceName=so-mariadb-galera +mariadb-galera: + nameOverride: so-mariadb-galera + replicaCount: 1 + service: + name: so-mariadb-galera + persistence: + mountSubPath: so/mariadb-galera/data + enabled: true diff --git a/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml index fe2b1aa1df..1849c46ea1 100644 --- a/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml +++ b/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml @@ -72,6 +72,10 @@ spec: value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - name: MYSQL_ADDR value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}" + - name: MYSQL_AUTH + value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}" + - name: REDIS_ADDR + value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" volumeMounts: - name: {{ include "common.fullname" . }}-catalog mountPath: /service/vfc/nfvo/catalog/static diff --git a/kubernetes/vfc/charts/vfc-catalog/values.yaml b/kubernetes/vfc/charts/vfc-catalog/values.yaml index fc6cf4e853..a96276b135 100644 --- a/kubernetes/vfc/charts/vfc-catalog/values.yaml +++ b/kubernetes/vfc/charts/vfc-catalog/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/catalog:1.2.1 +image: onap/vfc/catalog:1.3.0-STAGING-latest pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-db/values.yaml b/kubernetes/vfc/charts/vfc-db/values.yaml index 957af13576..a134190412 100644 --- a/kubernetes/vfc/charts/vfc-db/values.yaml +++ b/kubernetes/vfc/charts/vfc-db/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/db:1.2.1 +image: onap/vfc/db:1.3.0-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required @@ -59,8 +59,8 @@ readiness: service: type: ClusterIP - name: vfc-db - portName: vfc-db + name: vfc-redis + portName: vfc-redis externalPort: 3306 internalPort: 3306 externalPort2: 6379 diff --git a/kubernetes/vfc/charts/vfc-ems-driver/values.yaml b/kubernetes/vfc/charts/vfc-ems-driver/values.yaml index ebdc2f3e45..704d900cbb 100644 --- a/kubernetes/vfc/charts/vfc-ems-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-ems-driver/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/emsdriver:1.2.1 +image: onap/vfc/emsdriver:1.3.0-STAGING-latest pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml index d743acdd79..22e4873d12 100644 --- a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/gvnfmdriver:1.2.1 +image: onap/vfc/gvnfmdriver:1.3.0-STAGING-latest pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-huawei-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-huawei-vnfm-driver/values.yaml index d3f393bc2d..5cd1d75773 100644 --- a/kubernetes/vfc/charts/vfc-huawei-vnfm-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-huawei-vnfm-driver/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/nfvo/svnfm/huawei:1.2.1 +image: onap/vfc/nfvo/svnfm/huawei:1.3.0-STAGING-latest pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-juju-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-juju-vnfm-driver/values.yaml index fab65fa0cc..43eafe45d0 100644 --- a/kubernetes/vfc/charts/vfc-juju-vnfm-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-juju-vnfm-driver/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/jujudriver:1.2.1 +image: onap/vfc/jujudriver:1.3.0-STAGING-latest pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-multivim-proxy/values.yaml b/kubernetes/vfc/charts/vfc-multivim-proxy/values.yaml index 0a4601fea0..c481cda8ba 100644 --- a/kubernetes/vfc/charts/vfc-multivim-proxy/values.yaml +++ b/kubernetes/vfc/charts/vfc-multivim-proxy/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/multivimproxy:1.2.1 +image: onap/vfc/multivimproxy:1.3.0-STAGING-latest pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-nokia-v2vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-nokia-v2vnfm-driver/values.yaml index 74f5b67204..dfebe764d6 100644 --- a/kubernetes/vfc/charts/vfc-nokia-v2vnfm-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-nokia-v2vnfm-driver/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/nfvo/svnfm/nokiav2:1.3.0 +image: onap/vfc/nfvo/svnfm/nokiav2:1.3.1-STAGING-latest pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-nslcm/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-nslcm/templates/deployment.yaml index 184ceb5dfa..24a42fe5f1 100644 --- a/kubernetes/vfc/charts/vfc-nslcm/templates/deployment.yaml +++ b/kubernetes/vfc/charts/vfc-nslcm/templates/deployment.yaml @@ -72,6 +72,10 @@ spec: value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - name: MYSQL_ADDR value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}" + - name: MYSQL_AUTH + value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}" + - name: REDIS_ADDR + value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" volumeMounts: - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime diff --git a/kubernetes/vfc/charts/vfc-nslcm/values.yaml b/kubernetes/vfc/charts/vfc-nslcm/values.yaml index d96aa6992a..554d20b5b3 100644 --- a/kubernetes/vfc/charts/vfc-nslcm/values.yaml +++ b/kubernetes/vfc/charts/vfc-nslcm/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/nslcm:1.2.1 +image: onap/vfc/nslcm:1.3.0-STAGING-latest pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-resmgr/values.yaml b/kubernetes/vfc/charts/vfc-resmgr/values.yaml index bdd6c14836..03feb71746 100644 --- a/kubernetes/vfc/charts/vfc-resmgr/values.yaml +++ b/kubernetes/vfc/charts/vfc-resmgr/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/resmanagement:1.2.1 +image: onap/vfc/resmanagement:1.3.0-STAGING-latest pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-vnflcm/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-vnflcm/templates/deployment.yaml index 95e90a1e4e..f941ae866e 100644 --- a/kubernetes/vfc/charts/vfc-vnflcm/templates/deployment.yaml +++ b/kubernetes/vfc/charts/vfc-vnflcm/templates/deployment.yaml @@ -72,6 +72,10 @@ spec: value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - name: MYSQL_ADDR value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}" + - name: MYSQL_AUTH + value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}" + - name: REDIS_ADDR + value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" volumeMounts: - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime diff --git a/kubernetes/vfc/charts/vfc-vnflcm/values.yaml b/kubernetes/vfc/charts/vfc-vnflcm/values.yaml index e733812dac..d1d76819a2 100644 --- a/kubernetes/vfc/charts/vfc-vnflcm/values.yaml +++ b/kubernetes/vfc/charts/vfc-vnflcm/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/vnflcm:1.2.1 +image: onap/vfc/vnflcm:1.3.0-STAGING-latest pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-vnfmgr/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-vnfmgr/templates/deployment.yaml index 219f2f2961..d197da6a75 100644 --- a/kubernetes/vfc/charts/vfc-vnfmgr/templates/deployment.yaml +++ b/kubernetes/vfc/charts/vfc-vnfmgr/templates/deployment.yaml @@ -72,6 +72,10 @@ spec: value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - name: MYSQL_ADDR value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}" + - name: REDIS_ADDR + value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" + - name: MYSQL_AUTH + value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}" volumeMounts: - name: {{ include "common.fullname" . }}-localtime diff --git a/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml b/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml index 3febc9b9be..d709d9d198 100644 --- a/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml +++ b/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/vnfmgr:1.2.1 +image: onap/vfc/vnfmgr:1.3.0-STAGING-latest pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-vnfres/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-vnfres/templates/deployment.yaml index 9f9f1b3377..f2a8b055c0 100644 --- a/kubernetes/vfc/charts/vfc-vnfres/templates/deployment.yaml +++ b/kubernetes/vfc/charts/vfc-vnfres/templates/deployment.yaml @@ -72,6 +72,10 @@ spec: value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - name: MYSQL_ADDR value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}" + - name: REDIS_ADDR + value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" + - name: MYSQL_AUTH + value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}" volumeMounts: - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime diff --git a/kubernetes/vfc/charts/vfc-vnfres/values.yaml b/kubernetes/vfc/charts/vfc-vnfres/values.yaml index bb51c63b6e..62b2463876 100644 --- a/kubernetes/vfc/charts/vfc-vnfres/values.yaml +++ b/kubernetes/vfc/charts/vfc-vnfres/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/vnfres:1.2.1 +image: onap/vfc/vnfres:1.3.0-STAGING-latest pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-workflow-engine/values.yaml b/kubernetes/vfc/charts/vfc-workflow-engine/values.yaml index dd098d65d1..598cb4d9d1 100644 --- a/kubernetes/vfc/charts/vfc-workflow-engine/values.yaml +++ b/kubernetes/vfc/charts/vfc-workflow-engine/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/wfengine-activiti:1.2.0 +image: onap/vfc/wfengine-activiti:1.3.0-STAGING-latest pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-workflow/values.yaml b/kubernetes/vfc/charts/vfc-workflow/values.yaml index 6d06d9b765..26d9888b05 100644 --- a/kubernetes/vfc/charts/vfc-workflow/values.yaml +++ b/kubernetes/vfc/charts/vfc-workflow/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/wfengine-mgrservice:1.2.0 +image: onap/vfc/wfengine-mgrservice:1.3.0-STAGING-latest pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-zte-sdnc-driver/values.yaml b/kubernetes/vfc/charts/vfc-zte-sdnc-driver/values.yaml index 8bb0574ec6..b9d7288953 100644 --- a/kubernetes/vfc/charts/vfc-zte-sdnc-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-zte-sdnc-driver/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/ztesdncdriver:1.2.0 +image: onap/vfc/ztesdncdriver:1.2.0-STAGING-latest pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-zte-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-zte-vnfm-driver/values.yaml index cf0a162a5f..d37c241f6b 100644 --- a/kubernetes/vfc/charts/vfc-zte-vnfm-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-zte-vnfm-driver/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/ztevnfmdriver:1.2.1 +image: onap/vfc/ztevnfmdriver:1.3.0-STAGING-latest pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/requirements.yaml b/kubernetes/vfc/requirements.yaml index 1d30dfd918..71bfc00487 100644 --- a/kubernetes/vfc/requirements.yaml +++ b/kubernetes/vfc/requirements.yaml @@ -15,4 +15,7 @@ dependencies: - name: common version: ~4.x-0 - repository: '@local'
\ No newline at end of file + repository: '@local' + - name: mariadb-galera + version: ~4.x-0 + repository: '@local' diff --git a/kubernetes/vfc/values.yaml b/kubernetes/vfc/values.yaml index 00eae1edd2..7afa643e9f 100644 --- a/kubernetes/vfc/values.yaml +++ b/kubernetes/vfc/values.yaml @@ -18,6 +18,10 @@ global: msbPort: 80 dbServiceName: vfc-db dbPort: 3306 + dbUser: root + mariadbRootPassword: secretpassword + redisServiceName: vfc-redis + redisPort: 6379 persistence: mountPath: /dockerdata-nfs @@ -26,6 +30,25 @@ config: logstashServiceName: log-ls logstashPort: 5044 +mariadb-galera: + nameOverride: vfc-mariadb + service: + name: vfc-db + portName: vfc-db + nfsprovisionerPrefix: vfc + persistence: + mountSubPath: vfc/data + enabled: true + disableNfsProvisioner: true + +catalog: + config: + dbPodName: vfc-db + dbServiceName: vfc-db +nslcm: + config: + dbPodName: vfc-db + dbServiceName: vfc-db # sub-chart configuration vfc-workflow: service: |