diff options
Diffstat (limited to 'kubernetes')
19 files changed, 272 insertions, 25 deletions
diff --git a/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg b/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg index 6e7acef17f..1266d4e1c0 100644 --- a/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg +++ b/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg @@ -17,6 +17,8 @@ global log /dev/log local0 stats socket /usr/local/etc/haproxy/haproxy.socket mode 660 level admin stats timeout 30s + # it is required else pod will not come up + maxconn 50000 user root group root daemon @@ -38,7 +40,8 @@ defaults mode http option httplog option ssl-hello-chk - option httpchk GET /aai/util/echo HTTP/1.1\r\nHost:\ aai\r\nX-TransactionId:\ haproxy-0111\r\nX-FromAppId:\ haproxy\r\nAccept:\ application/json\r\nAuthorization:\ Basic\ YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ== + option httpchk + http-check send meth GET uri /aai/util/echo ver HTTP/1.1 hdr Host aai hdr X-TransactionId haproxy-0111 hdr X-FromAppId haproxy hdr Accept application/json hdr Authorization 'Basic QUFJOkFBSQ==' default-server init-addr none # option dontlognull # errorfile 400 /etc/haproxy/errors/400.http @@ -59,6 +62,12 @@ defaults timeout server 480000 timeout http-keep-alive 30000 +frontend stats + bind *:8448 + http-request use-service prometheus-exporter if { path /metrics } + stats enable + stats uri /stats + stats refresh 10s frontend IST_8443 mode http @@ -73,6 +82,10 @@ frontend IST_8443 capture response header Host len 100 option log-separate-errors option forwardfor + + http-request set-header X-Forwarded-Proto https + http-request add-header X-Forwarded-Port 8443 + http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-AAI-Client-SSL TRUE if { ssl_c_used } http-request set-header X-AAI-SSL %[ssl_fc] @@ -97,9 +110,6 @@ frontend IST_8443 {{- end }} {{- end }} - reqadd X-Forwarded-Proto:\ https - reqadd X-Forwarded-Port:\ 8443 - ####################### #ACLS FOR PORT 8446#### ####################### @@ -107,9 +117,10 @@ frontend IST_8443 acl is_Port_8446_generic path_reg -i ^/aai/v[0-9]+/search/generic-query$ acl is_Port_8446_nodes path_reg -i ^/aai/v[0-9]+/search/nodes-query$ acl is_Port_8446_version path_reg -i ^/aai/v[0-9]+/query$ + acl is_dsl path_reg -i ^/aai/v[0-9]+/dsl$ acl is_named-query path_beg -i /aai/search/named-query acl is_search-model path_beg -i /aai/search/model - use_backend IST_AAI_8446 if is_Port_8446_generic or is_Port_8446_nodes or is_Port_8446_version or is_named-query or is_search-model + use_backend IST_AAI_8446 if is_Port_8446_generic or is_Port_8446_nodes or is_Port_8446_version or is_named-query or is_search-model or is_dsl default_backend IST_Default_8447 @@ -120,9 +131,11 @@ frontend IST_8443 backend IST_Default_8447 balance roundrobin + stick-table type string len 100 size 200k expire 2m + stick on path http-request set-header X-Forwarded-Port %[src_port] http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload; - server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check check-ssl port 8447 ssl verify none + server-template aai-resources.{{.Release.Namespace}} {{$.Values.haproxy.replicas.aaiResources}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check check-ssl port 8447 ssl verify none ####################### @@ -131,9 +144,11 @@ backend IST_Default_8447 backend IST_AAI_8446 balance roundrobin + stick-table type string len 100 size 200k expire 2m + stick on path http-request set-header X-Forwarded-Port %[src_port] http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload; - server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check check-ssl port 8446 ssl verify none + server-template aai-traversal.{{.Release.Namespace}} {{$.Values.haproxy.replicas.aaiTraversal}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check check-ssl port 8446 ssl verify none listen IST_AAI_STATS mode http diff --git a/kubernetes/aai/resources/config/haproxy/haproxy.cfg b/kubernetes/aai/resources/config/haproxy/haproxy.cfg index 1accff9935..fe1715b734 100644 --- a/kubernetes/aai/resources/config/haproxy/haproxy.cfg +++ b/kubernetes/aai/resources/config/haproxy/haproxy.cfg @@ -17,6 +17,10 @@ global log /dev/log local0 stats socket /usr/local/etc/haproxy/haproxy.socket mode 660 level admin stats timeout 30s + # it is required else pod will not come up + maxconn 50000 + user root + group root daemon ################################# # Default SSL material locations# @@ -38,7 +42,8 @@ defaults {{- if ( include "common.needTLS" .) }} option ssl-hello-chk {{- end }} - option httpchk GET /aai/util/echo HTTP/1.1\r\nHost:\ aai\r\nX-TransactionId:\ haproxy-0111\r\nX-FromAppId:\ haproxy\r\nAccept:\ application/json\r\nAuthorization:\ Basic\ QUFJOkFBSQ== + option httpchk + http-check send meth GET uri /aai/util/echo ver HTTP/1.1 hdr Host aai hdr X-TransactionId haproxy-0111 hdr X-FromAppId haproxy hdr Accept application/json hdr Authorization 'Basic QUFJOkFBSQ==' default-server init-addr none # option dontlognull # errorfile 400 /etc/haproxy/errors/400.http @@ -59,6 +64,12 @@ defaults timeout server 480000 timeout http-keep-alive 30000 +frontend stats + bind *:8448 + http-request use-service prometheus-exporter if { path /metrics } + stats enable + stats uri /stats + stats refresh 10s frontend IST_8080 mode http @@ -73,8 +84,8 @@ frontend IST_8080 option log-separate-errors option forwardfor http-request set-header X-Forwarded-Proto http - reqadd X-Forwarded-Proto:\ http - reqadd X-Forwarded-Port:\ 8080 + http-request set-header X-Forwarded-Proto http + http-request add-header X-Forwarded-Port 8080 ####################### #ACLS FOR PORT 8446#### @@ -104,6 +115,10 @@ frontend IST_8443 capture response header Host len 100 option log-separate-errors option forwardfor + + http-request set-header X-Forwarded-Proto https + http-request add-header X-Forwarded-Port 8443 + http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-AAI-Client-SSL TRUE if { ssl_c_used } http-request set-header X-AAI-SSL %[ssl_fc] @@ -128,8 +143,6 @@ frontend IST_8443 {{- end }} {{- end }} - reqadd X-Forwarded-Proto:\ https - reqadd X-Forwarded-Port:\ 8443 {{- end }} ####################### @@ -152,12 +165,14 @@ frontend IST_8443 backend IST_Default_8447 balance roundrobin + stick-table type string len 100 size 200k expire 2m + stick on path http-request set-header X-Forwarded-Port %[src_port] http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload; {{- if ( include "common.needTLS" .) }} - server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check check-ssl port 8447 ssl verify none + server-template aai-resources.{{.Release.Namespace}} {{$.Values.haproxy.replicas.aaiResources}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check check-ssl port 8447 ssl verify none {{- else }} - server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check port 8447 + server-template aai-resources.{{.Release.Namespace}} {{$.Values.haproxy.replicas.aaiResources}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check port 8447 {{- end }} ####################### @@ -166,10 +181,12 @@ backend IST_Default_8447 backend IST_AAI_8446 balance roundrobin + stick-table type string len 100 size 200k expire 2m + stick on path http-request set-header X-Forwarded-Port %[src_port] http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload; {{- if ( include "common.needTLS" .) }} - server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check check-ssl port 8446 ssl verify none + server-template aai-traversal.{{.Release.Namespace}} {{$.Values.haproxy.replicas.aaiTraversal}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check check-ssl port 8446 ssl verify none {{- else }} - server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check port 8446 + server-template aai-traversal.{{.Release.Namespace}} {{$.Values.haproxy.replicas.aaiTraversal}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check port 8446 {{- end }} diff --git a/kubernetes/aai/templates/deployment.yaml b/kubernetes/aai/templates/deployment.yaml index 80fcebbef7..1b71c07bcb 100644 --- a/kubernetes/aai/templates/deployment.yaml +++ b/kubernetes/aai/templates/deployment.yaml @@ -58,6 +58,13 @@ spec: image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness + resources: + requests: + memory: {{ .Values.haproxy.initContainers.resources.memory }} + cpu: {{ .Values.haproxy.initContainers.resources.cpu }} + limits: + memory: {{ .Values.haproxy.initContainers.resources.memory }} + cpu: {{ .Values.haproxy.initContainers.resources.cpu }} containers: - name: {{ include "common.name" . }} image: "{{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}" @@ -79,6 +86,7 @@ spec: ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPlainPort }} + - containerPort: {{ .Values.metricsService.internalPort }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} diff --git a/kubernetes/aai/templates/service.yaml b/kubernetes/aai/templates/service.yaml index 4a6dc8e497..d140296990 100644 --- a/kubernetes/aai/templates/service.yaml +++ b/kubernetes/aai/templates/service.yaml @@ -54,4 +54,23 @@ spec: type: ClusterIP selector: app: {{ include "common.name" . }} - +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }}-metrics + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-metrics + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + ports: + - port: {{ .Values.metricsService.externalPort }} + targetPort: {{ .Values.metricsService.internalPort }} + name: {{ .Values.metricsService.portName }} + type: {{ .Values.metricsService.type }} + selector: + app: {{ include "common.name" . }} + clusterIP: None
\ No newline at end of file diff --git a/kubernetes/aai/templates/servicemonitor.yaml b/kubernetes/aai/templates/servicemonitor.yaml new file mode 100644 index 0000000000..c0d9f212b4 --- /dev/null +++ b/kubernetes/aai/templates/servicemonitor.yaml @@ -0,0 +1,3 @@ +{{- if .Values.metrics.serviceMonitor.enabled }} +{{ include "common.serviceMonitor" . }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index 247c58be2b..4095d4402e 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -328,7 +328,7 @@ certInitializer: # application image dockerhubRepository: registry.hub.docker.com -image: aaionap/haproxy:1.4.2 +image: onap/aai-haproxy:1.9.5 pullPolicy: Always flavor: small @@ -351,9 +351,16 @@ affinity: {} # HAProxy configuration to block HTTP requests to AAI based on configurable URL patterns haproxy: + initContainers: + resources: + memory: 100Mi + cpu: 50m requestBlocking: enabled: false customConfigs: [] + replicas: + aaiResources: 1 + aaiTraversal: 1 # probe configuration parameters liveness: @@ -393,6 +400,30 @@ service: internalPlainPort: 8080 nodeport: 33 +metricsService: + type: ClusterIP + portName: prometheus + externalPort: 8448 + internalPort: 8448 + +metrics: + serviceMonitor: + enabled: false + targetPort: 8448 + path: /metrics + basicAuth: + enabled: false + + selector: + app: '{{ include "common.name" . }}-metrics' + chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' + release: '{{ include "common.release" . }}' + heritage: '{{ .Release.Service }}' + + relabelings: [] + + metricRelabelings: [] + ingress: enabled: false service: diff --git a/kubernetes/sdc/components/sdc-be/templates/configmap.yaml b/kubernetes/sdc/components/sdc-be/templates/configmap.yaml index aa632f33f4..332cd74661 100644 --- a/kubernetes/sdc/components/sdc-be/templates/configmap.yaml +++ b/kubernetes/sdc/components/sdc-be/templates/configmap.yaml @@ -27,3 +27,5 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }} + + diff --git a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml index 24f169a5b9..16fc57aa92 100644 --- a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml @@ -31,8 +31,10 @@ spec: args: - --container-name - "sdc-onboarding-be" + {{- if not .Values.global.kafka.useKafka }} - --container-name - "message-router" + {{- end }} env: - name: NAMESPACE valueFrom: @@ -159,6 +161,12 @@ spec: valueFrom: fieldRef: fieldPath: status.podIP + {{- if .Values.global.kafka.useKafka }} + - name: SASL_JAAS_CONFIG + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdc-be-kafka-secret" "key" "sasl.jaas.config") | indent 12 }} + - name: USE_KAFKA + value: {{ .Values.global.kafka.useKafka | quote }} + {{- end }} volumeMounts: - name: sdc-environments mountPath: /app/jetty/chef-solo/environments/ diff --git a/kubernetes/sdc/components/sdc-be/templates/sdc-be-kafka-user.yaml b/kubernetes/sdc/components/sdc-be/templates/sdc-be-kafka-user.yaml new file mode 100644 index 0000000000..6cd7f93c5a --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/templates/sdc-be-kafka-user.yaml @@ -0,0 +1,39 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if .Values.global.kafka.useKafka }} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaUser +metadata: + name: {{ include "common.release" . }}-{{ .Values.global.kafka.sdcBeKafkaUser }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + authentication: + type: {{ .Values.config.kafka.saslMech }} + authorization: + type: {{ .Values.config.kafka.authType }} + acls: + - resource: + type: group + name: {{ .Values.config.kafka.topicConsumer.groupId }}-{{ .Values.env.name }} + operation: Read + - resource: + type: topic + patternType: prefix + name: {{ .Values.config.kafka.topicConsumer.pattern }} + operation: All +{{- end }} diff --git a/kubernetes/sdc/components/sdc-be/templates/sdc-distro-topics.yaml b/kubernetes/sdc/components/sdc-be/templates/sdc-distro-topics.yaml new file mode 100644 index 0000000000..9a6f7579e8 --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/templates/sdc-distro-topics.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{- if .Values.global.kafka.useKafka }} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: sdc-distro-notif-topic + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + topicName: {{ .Values.global.kafka.topics.sdcDistNotifTopic }}-{{ .Values.env.name }} + config: + retention.ms: {{ .Values.config.kafka.topicRetentionMs }} + segment.bytes: {{ .Values.config.kafka.topicSegmentBytes }} +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: sdc-distro-status-topic + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + topicName: {{ .Values.global.kafka.topics.sdcDistStatusTopic }}-{{ .Values.env.name }} + config: + retention.ms: {{ .Values.config.kafka.topicRetentionMs }} + segment.bytes: {{ .Values.config.kafka.topicSegmentBytes }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/sdc/components/sdc-be/templates/secret.yaml b/kubernetes/sdc/components/sdc-be/templates/secret.yaml new file mode 100644 index 0000000000..bb5091f01a --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/templates/secret.yaml @@ -0,0 +1,17 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml index 9f216352c0..faf46e5549 100644 --- a/kubernetes/sdc/components/sdc-be/values.yaml +++ b/kubernetes/sdc/components/sdc-be/values.yaml @@ -1,5 +1,6 @@ # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T, ZTE +# Modifications Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -30,13 +31,20 @@ global: replicaCount: 3 clusterName: cassandra dataCenter: Pod + # Strimzi kafka config + kafka: + useKafka: overridden-from-parent-values-yaml + sdcBeKafkaUser: overridden-from-parent-values-yaml + topics: + sdcDistNotifTopic: overridden-from-parent-values-yaml + sdcDistStatusTopic: overridden-from-parent-values-yaml ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/sdc-backend-all-plugins:1.11.9 -backendInitImage: onap/sdc-backend-init:1.11.9 +image: onap/sdc-backend-all-plugins:1.12.0 +backendInitImage: onap/sdc-backend-init:1.12.0 pullPolicy: Always @@ -70,9 +78,29 @@ certInitializer: ################################################################# # SDC Config part ################################################################# + +secrets: + - uid: sdc-be-kafka-secret + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate + config: javaOptions: "-Xmx1536m -Xms1536m" cassandraSslEnabled: "false" + # Strimzi kafka config + kafka: + saslMech: scram-sha-512 + securityProtocol: SASL_PLAINTEXT + authType: simple + topicRetentionMs: 7200000 + topicSegmentBytes: 1073741824 + topicConsumer: + pattern: SDC-DIST + groupId: sdc # default number of instances replicaCount: 1 diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml index 46208a21c6..b3dfbfa0ba 100644 --- a/kubernetes/sdc/components/sdc-cs/values.yaml +++ b/kubernetes/sdc/components/sdc-cs/values.yaml @@ -51,8 +51,8 @@ cassandra: # application image repository: nexus3.onap.org:10001 -image: onap/sdc-cassandra:1.11.9 -cassandraInitImage: onap/sdc-cassandra-init:1.11.9 +image: onap/sdc-cassandra:1.12.0 +cassandraInitImage: onap/sdc-cassandra-init:1.12.0 pullPolicy: Always config: diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml index 76c9e13767..abac356d40 100644 --- a/kubernetes/sdc/components/sdc-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-fe/values.yaml @@ -47,7 +47,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-frontend:1.11.9 +image: onap/sdc-frontend:1.12.0 pullPolicy: Always config: diff --git a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml index 45cbcd617a..1db5af98d0 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml @@ -59,8 +59,8 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-onboard-backend:1.11.9 -onboardingInitImage: onap/sdc-onboard-cassandra-init:1.11.9 +image: onap/sdc-onboard-backend:1.12.0 +onboardingInitImage: onap/sdc-onboard-cassandra-init:1.12.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdc/resources/config/environments/AUTO.json b/kubernetes/sdc/resources/config/environments/AUTO.json index c9535592d8..aee666f4af 100755 --- a/kubernetes/sdc/resources/config/environments/AUTO.json +++ b/kubernetes/sdc/resources/config/environments/AUTO.json @@ -35,6 +35,13 @@ "message-router.{{include "common.namespace" .}}" ] }, + "Kafka": { + "bootstrap": "{{ include "common.release" . }}-{{ .Values.global.kafka.kafkaBootstrap }}" + }, + "DistributionTopics": { + "notificationTopicName": "{{ .Values.global.kafka.topics.sdcDistNotifTopic }}", + "statusTopicName": "{{ .Values.global.kafka.topics.sdcDistStatusTopic }}" + }, "Nodes": { "CS": [ "{{.Values.global.sdc_cassandra.serviceName}}.{{include "common.namespace" .}}" diff --git a/kubernetes/sdc/values.yaml b/kubernetes/sdc/values.yaml index e7643069bf..60a361eae6 100644 --- a/kubernetes/sdc/values.yaml +++ b/kubernetes/sdc/values.yaml @@ -1,5 +1,6 @@ # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T, ZTE +# Modifications Copyright © 2021 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -41,9 +42,19 @@ global: clusterName: cassandra dataCenter: Pod centralizedLoggingEnabled: true + # Kafka config + kafka: + useKafka: true + sdcBeKafkaUser: sdc-be-kafka-user + kafkaBootstrap: strimzi-kafka-bootstrap:9092 + topics: + sdcDistNotifTopic: SDC-DISTR-NOTIF-TOPIC + sdcDistStatusTopic: SDC-DISTR-STATUS-TOPIC sdc-be: logConfigMapNamePrefix: '{{ include "common.release" . }}-sdc' + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.kafka.sdcBeKafkaUser }}' sdc-fe: logConfigMapNamePrefix: '{{ include "common.release" . }}-sdc' sdc-onboarding-be: diff --git a/kubernetes/strimzi/templates/strimzi-kafka.yaml b/kubernetes/strimzi/templates/strimzi-kafka.yaml index c7dc2aff08..03ee56a7a4 100644 --- a/kubernetes/strimzi/templates/strimzi-kafka.yaml +++ b/kubernetes/strimzi/templates/strimzi-kafka.yaml @@ -70,6 +70,7 @@ spec: min.insync.replicas: {{ .Values.replicaCount }} offsets.topic.replication.factor: {{ .Values.replicaCount }} transaction.state.log.replication.factor: {{ .Values.replicaCount }} + num.partitions: {{ .Values.numPartitions }} transaction.state.log.min.isr: {{ .Values.replicaCount }} log.message.format.version: {{ .Values.version }} inter.broker.protocol.version: {{ .Values.version }} diff --git a/kubernetes/strimzi/values.yaml b/kubernetes/strimzi/values.yaml index dcfa913604..99ccde5040 100644 --- a/kubernetes/strimzi/values.yaml +++ b/kubernetes/strimzi/values.yaml @@ -24,6 +24,7 @@ global: # Application configuration defaults. ################################################################# replicaCount: 3 +numPartitions: 10 kafkaInternalPort: 9092 saslMechanism: scram-sha-512 version: 3.2.3 |