diff options
Diffstat (limited to 'kubernetes')
72 files changed, 476 insertions, 187 deletions
diff --git a/kubernetes/a1policymanagement/values.yaml b/kubernetes/a1policymanagement/values.yaml index e4ded1b0b2..f70deefaff 100644 --- a/kubernetes/a1policymanagement/values.yaml +++ b/kubernetes/a1policymanagement/values.yaml @@ -63,7 +63,7 @@ certInitializer: echo "*** change ownership of certificates to targeted user" chown -R 1000 . -image: onap/ccsdk-oran-a1policymanagementservice:1.2.5 +image: onap/ccsdk-oran-a1policymanagementservice:1.3.0 userID: 1000 #Should match with image-defined user ID groupID: 999 #Should match with image-defined group ID pullPolicy: IfNotPresent diff --git a/kubernetes/aai/components/aai-graphadmin/values.yaml b/kubernetes/aai/components/aai-graphadmin/values.yaml index 0eb0c75297..83da0bf91e 100644 --- a/kubernetes/aai/components/aai-graphadmin/values.yaml +++ b/kubernetes/aai/components/aai-graphadmin/values.yaml @@ -76,7 +76,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v24 + default: v26 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml index 544ed28e62..4952535ea5 100644 --- a/kubernetes/aai/components/aai-resources/values.yaml +++ b/kubernetes/aai/components/aai-resources/values.yaml @@ -77,7 +77,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v24 + default: v26 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml index 8345a81f06..b15f6d936f 100644 --- a/kubernetes/aai/components/aai-schema-service/values.yaml +++ b/kubernetes/aai/components/aai-schema-service/values.yaml @@ -40,7 +40,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v24 + default: v26 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API @@ -94,7 +94,7 @@ certInitializer: chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }} # application image -image: onap/aai-schema-service:1.9.5 +image: onap/aai-schema-service:1.9.6 pullPolicy: Always restartPolicy: Always flavorOverride: small diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml index a77ce6a288..339e3b428c 100644 --- a/kubernetes/aai/components/aai-traversal/values.yaml +++ b/kubernetes/aai/components/aai-traversal/values.yaml @@ -84,7 +84,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v24 + default: v26 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index aa0e376b29..62d1d2eabd 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -231,7 +231,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v24 + default: v26 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/cds/components/cds-blueprints-processor/values.yaml b/kubernetes/cds/components/cds-blueprints-processor/values.yaml index f59e8cea4d..a5180c53c6 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/values.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/values.yaml @@ -87,7 +87,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-blueprintsprocessor:1.2.1 +image: onap/ccsdk-blueprintsprocessor:1.3.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/cds/components/cds-command-executor/values.yaml b/kubernetes/cds/components/cds-command-executor/values.yaml index 8077d819d1..b0c1e35cba 100755 --- a/kubernetes/cds/components/cds-command-executor/values.yaml +++ b/kubernetes/cds/components/cds-command-executor/values.yaml @@ -32,7 +32,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-commandexecutor:1.2.1 +image: onap/ccsdk-commandexecutor:1.3.0 pullPolicy: Always # application configuration diff --git a/kubernetes/cds/components/cds-py-executor/values.yaml b/kubernetes/cds/components/cds-py-executor/values.yaml index cf138c5e26..9dc4a3181e 100755 --- a/kubernetes/cds/components/cds-py-executor/values.yaml +++ b/kubernetes/cds/components/cds-py-executor/values.yaml @@ -30,7 +30,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-py-executor:1.2.1 +image: onap/ccsdk-py-executor:1.3.0 pullPolicy: Always # default number of instances diff --git a/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml b/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml index b3e95a2a21..7ef5959a1b 100644 --- a/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml @@ -14,10 +14,16 @@ listenerservice: keyStorePath: activateServerTLSAuth : false isUseHttpsWithDmaap: false + isUseHttpsWithSDC: true archivePath: /opt/app/onap/sdc-listener/ grpcAddress: cds-blueprints-processor-grpc grpcPort: 9111 authHeader: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== + httpsProxyHost: + httpProxyHost: + httpsProxyPort: 0 + httpProxyPort: 0 + cdslistener: diff --git a/kubernetes/cds/components/cds-sdc-listener/values.yaml b/kubernetes/cds/components/cds-sdc-listener/values.yaml index 7ca0a44aa4..ac1e3b4dde 100644 --- a/kubernetes/cds/components/cds-sdc-listener/values.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/values.yaml @@ -29,7 +29,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-sdclistener:1.2.1 +image: onap/ccsdk-sdclistener:1.3.0 name: sdc-listener pullPolicy: Always diff --git a/kubernetes/cds/components/cds-ui/values.yaml b/kubernetes/cds/components/cds-ui/values.yaml index 175c17ffa9..05f766e186 100644 --- a/kubernetes/cds/components/cds-ui/values.yaml +++ b/kubernetes/cds/components/cds-ui/values.yaml @@ -44,7 +44,7 @@ certInitializer: {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop # application image -image: onap/ccsdk-cds-ui-server:1.2.1 +image: onap/ccsdk-cds-ui-server:1.3.0 pullPolicy: Always # application configuration diff --git a/kubernetes/common/common/templates/_labels.tpl b/kubernetes/common/common/templates/_labels.tpl index da8f00f3e4..993fb7dfac 100644 --- a/kubernetes/common/common/templates/_labels.tpl +++ b/kubernetes/common/common/templates/_labels.tpl @@ -1,5 +1,6 @@ {{/* # Copyright © 2019 Orange +# Modifications Copyright (C) 2022 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -25,7 +26,9 @@ The function takes several arguments (inside a dictionary): {{- define "common.labels" -}} {{- $dot := default . .dot -}} app.kubernetes.io/name: {{ include "common.name" $dot }} +{{ if not .ignoreHelmChart }} helm.sh/chart: {{ include "common.chart" $dot }} +{{- end }} app.kubernetes.io/instance: {{ include "common.release" $dot }} app.kubernetes.io/managed-by: {{ $dot.Release.Service }} {{ if .labels }} @@ -67,7 +70,7 @@ app.kubernetes.io/instance: {{ include "common.release" $dot }} {{- $annotations := default (dict) .annotations -}} name: {{ include "common.fullname" (dict "suffix" $suffix "dot" $dot )}} namespace: {{ include "common.namespace" $dot }} -labels: {{- include "common.labels" (dict "labels" $labels "dot" $dot ) | nindent 2 }} +labels: {{- include "common.labels" (dict "labels" $labels "ignoreHelmChart" .ignoreHelmChart "dot" $dot ) | nindent 2 }} {{- if $annotations }} annotations: {{- include "common.tplValue" (dict "value" $annotations "context" $dot) | nindent 2}} {{- end }} @@ -97,6 +100,6 @@ matchLabels: {{- include "common.matchLabels" (dict "matchLabels" $matchLabels " {{- if $dot.Values.podAnnotations }} annotations: {{- include "common.tplValue" (dict "value" $dot.Values.podAnnotations "context" $dot) | nindent 2 }} {{- end }} -labels: {{- include "common.labels" (dict "labels" $labels "dot" $dot) | nindent 2 }} +labels: {{- include "common.labels" (dict "labels" $labels "ignoreHelmChart" .ignoreHelmChart "dot" $dot) | nindent 2 }} name: {{ include "common.name" $dot }} {{- end -}} diff --git a/kubernetes/common/common/templates/_storage.tpl b/kubernetes/common/common/templates/_storage.tpl index 2114d677e6..a7819bef5f 100644 --- a/kubernetes/common/common/templates/_storage.tpl +++ b/kubernetes/common/common/templates/_storage.tpl @@ -1,5 +1,6 @@ {{/* # Copyright © 2019 Amdocs, Bell Canada, Orange +# Modifications Copyright (C) 2022 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -281,7 +282,7 @@ apiVersion: v1 {{- $persistenceInfos := default $dot.Values.persistence .persistenceInfos -}} {{- $suffix := default "data" .suffix -}} {{- $metadata_suffix := ternary "" $suffix (eq $suffix "data") -}} -metadata: {{- include "common.resourceMetadata" (dict "dot" $dot "suffix" $metadata_suffix "annotations" $persistenceInfos.annotations) | nindent 2 }} +metadata: {{- include "common.resourceMetadata" (dict "dot" $dot "suffix" $metadata_suffix "annotations" $persistenceInfos.annotations "ignoreHelmChart" .ignoreHelmChart) | nindent 2 }} spec: accessModes: - {{ $persistenceInfos.accessMode }} diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml index fa1f6c3e62..9257dc89f9 100644 --- a/kubernetes/common/dgbuilder/values.yaml +++ b/kubernetes/common/dgbuilder/values.yaml @@ -69,7 +69,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-dgbuilder-image:1.2.2 +image: onap/ccsdk-dgbuilder-image:1.3.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index 112b8c0618..38f3e6e423 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -50,7 +50,7 @@ global: clusterDomain: cluster.local metrics: {} -image: bitnami/mariadb-galera:10.6.5-debian-10-r28 +image: bitnami/mariadb-galera:10.5.8 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml index 6937facf6f..5f864a6555 100644 --- a/kubernetes/common/network-name-gen/values.yaml +++ b/kubernetes/common/network-name-gen/values.yaml @@ -74,7 +74,7 @@ mariadb-init: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-apps-ms-neng:1.2.1 +image: onap/ccsdk-apps-ms-neng:1.3.0 pullPolicy: IfNotPresent # application configuration diff --git a/kubernetes/common/repositoryGenerator/values.yaml b/kubernetes/common/repositoryGenerator/values.yaml index 34ce466f48..10703eff6e 100644 --- a/kubernetes/common/repositoryGenerator/values.yaml +++ b/kubernetes/common/repositoryGenerator/values.yaml @@ -35,7 +35,7 @@ global: jreImage: onap/integration-java11:10.0.0 kubectlImage: bitnami/kubectl:1.22.4 loggingImage: beats/filebeat:5.5.0 - mariadbImage: bitnami/mariadb:10.6.5-debian-10-r28 + mariadbImage: bitnami/mariadb:10.5.8 nginxImage: bitnami/nginx:1.21.4 postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1 readinessImage: onap/oom/readiness:3.0.1 diff --git a/kubernetes/common/timescaledb/templates/statefulset.yaml b/kubernetes/common/timescaledb/templates/statefulset.yaml index a3d942fcfa..2e83c5b1b0 100644 --- a/kubernetes/common/timescaledb/templates/statefulset.yaml +++ b/kubernetes/common/timescaledb/templates/statefulset.yaml @@ -1,6 +1,6 @@ {{/* # ============LICENSE_START======================================================= -# Copyright (c) 2021 Bell Canada. +# Copyright (c) 2021-2022 Bell Canada. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -26,7 +26,7 @@ spec: selector: {{- include "common.selectors" . | nindent 4 }} serviceName: {{ include "common.servicename" . }} template: - metadata: {{- include "common.templateMetadata" . | nindent 6 }} + metadata: {{- include "common.templateMetadata" (dict "ignoreHelmChart" true "dot" . ) | nindent 6 }} spec: serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . ) }} {{ include "common.podSecurityContext" . | indent 10 | trim}} @@ -99,5 +99,5 @@ spec: {{- end }} {{if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} volumeClaimTemplates: - - {{ include "common.PVCTemplate" (dict "dot" . "suffix" "data" "persistenceInfos" .Values.persistence) | indent 6 | trim }} + - {{ include "common.PVCTemplate" (dict "dot" . "suffix" "data" "persistenceInfos" .Values.persistence "ignoreHelmChart" true) | indent 6 | trim }} {{- end }} diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml index 6099d0cf85..e023d819b8 100644 --- a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml @@ -135,10 +135,10 @@ applicationConfig: aaf_identity: "" aaf_password: "" pm-mapper-filter: "{ \"filters\":[] }" - key_store_path: "" - key_store_pass_path: "" - trust_store_path: "" - trust_store_pass_path: "" + key_store_path: /opt/app/pm-mapper/etc/cert/cert.jks + key_store_pass_path: /opt/app/pm-mapper/etc/cert/jks.pass + trust_store_path: /opt/app/pm-mapper/etc/cert/trust.jks + trust_store_pass_path: /opt/app/pm-mapper/etc/cert/trust.pass dmaap_dr_delete_endpoint: https://dmaap-dr-node:8443/delete streams_publishes: dmaap_publisher: @@ -158,7 +158,7 @@ applicationConfig: username: ${DR_USERNAME} password: ${DR_PASSWORD} location: san-francisco - delivery_url: https://dcae-pm-mapper:8443/delivery + delivery_url: http://dcae-pm-mapper:8081/delivery # DataRouter Feed Configuration drFeedConfig: @@ -176,7 +176,7 @@ drSubConfig: userpwd: ${DR_PASSWORD} dcaeLocationName: loc00 privilegedSubscriber: true - deliveryURL: https://dcae-pm-mapper:8443/delivery + deliveryURL: http://dcae-pm-mapper:8081/delivery # MessageRouter Topic, Publisher Configuration mrTopicsConfig: diff --git a/kubernetes/helm/plugins/deploy/deploy.sh b/kubernetes/helm/plugins/deploy/deploy.sh index 51438ad7ea..36853baa1f 100755 --- a/kubernetes/helm/plugins/deploy/deploy.sh +++ b/kubernetes/helm/plugins/deploy/deploy.sh @@ -67,6 +67,8 @@ generate_overrides() { fi done } + + resolve_deploy_flags() { flags=($1) n=${#flags[*]} @@ -90,11 +92,11 @@ resolve_deploy_flags() { check_for_dep() { try=0 - retries=30 - until (kubectl get deployment -n $RELEASE | grep -P "\b$1\b") &>/dev/null; do + retries=60 + until (kubectl get deployment -n $HELM_NAMESPACE | grep -P "\b$1\b") &>/dev/null; do (( ++try > retries )) && exit 1 echo "$1 not found. Retry $try/$retries" - sleep 5 + sleep 10 done echo "$1 found. Waiting for pod intialisation" sleep 15 @@ -125,7 +127,7 @@ deploy_subchart() { # Add annotation last-applied-configuration if set-last-applied flag is set if [ "$SET_LAST_APPLIED" = "true" ]; then helm get manifest "${RELEASE}-${subchart}" \ - | kubectl apply set-last-applied --create-annotation -n onap -f - \ + | kubectl apply set-last-applied --create-annotation -n $HELM_NAMESPACE -f - \ > $LOG_FILE.log 2>&1 fi fi @@ -257,7 +259,7 @@ deploy() { # Add annotation last-applied-configuration if set-last-applied flag is set if [ "$SET_LAST_APPLIED" = "true" ]; then helm get manifest ${RELEASE} \ - | kubectl apply set-last-applied --create-annotation -n onap -f - \ + | kubectl apply set-last-applied --create-annotation -n $HELM_NAMESPACE -f - \ > $LOG_FILE.log 2>&1 fi fi diff --git a/kubernetes/multicloud/components/multicloud-k8s/values.yaml b/kubernetes/multicloud/components/multicloud-k8s/values.yaml index 844ac5e58d..b152af282e 100644 --- a/kubernetes/multicloud/components/multicloud-k8s/values.yaml +++ b/kubernetes/multicloud/components/multicloud-k8s/values.yaml @@ -24,7 +24,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/multicloud/k8s:0.10.0 +image: onap/multicloud/k8s:0.10.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 0e8dd21994..6939a87f21 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -97,7 +97,7 @@ global: loggingImage: beats/filebeat:5.5.0 # mariadb client image - mariadbImage: bitnami/mariadb:10.6.5-debian-10-r28 + mariadbImage: bitnami/mariadb:10.5.8 # nginx server image nginxImage: bitnami/nginx:1.21.4 diff --git a/kubernetes/policy/Chart.yaml b/kubernetes/policy/Chart.yaml index fb16e824fb..677271c241 100755 --- a/kubernetes/policy/Chart.yaml +++ b/kubernetes/policy/Chart.yaml @@ -1,7 +1,7 @@ # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018, 2020 AT&T # Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation +# Modifications Copyright © 2021, 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -59,22 +59,22 @@ dependencies: version: ~10.x-0 repository: 'file://components/policy-clamp-be' condition: policy-clamp-be.enabled - - name: policy-clamp-cl-k8s-ppnt + - name: policy-clamp-ac-k8s-ppnt version: ~10.x-0 - repository: 'file://components/policy-clamp-cl-k8s-ppnt' - condition: policy-clamp-cl-k8s-ppnt.enabled - - name: policy-clamp-cl-http-ppnt + repository: 'file://components/policy-clamp-ac-k8s-ppnt' + condition: policy-clamp-ac-k8s-ppnt.enabled + - name: policy-clamp-ac-http-ppnt version: ~10.x-0 - repository: 'file://components/policy-clamp-cl-http-ppnt' - condition: policy-clamp-cl-http-ppnt.enabled - - name: policy-clamp-cl-pf-ppnt + repository: 'file://components/policy-clamp-ac-http-ppnt' + condition: policy-clamp-ac-http-ppnt.enabled + - name: policy-clamp-ac-pf-ppnt version: ~10.x-0 - repository: 'file://components/policy-clamp-cl-pf-ppnt' - condition: policy-clamp-cl-pf-ppnt.enabled - - name: policy-clamp-cl-runtime + repository: 'file://components/policy-clamp-ac-pf-ppnt' + condition: policy-clamp-ac-pf-ppnt.enabled + - name: policy-clamp-runtime-acm version: ~10.x-0 - repository: 'file://components/policy-clamp-cl-runtime' - condition: policy-clamp-cl-runtime.enabled + repository: 'file://components/policy-clamp-runtime-acm' + condition: policy-clamp-runtime-acm.enabled - name: policy-gui version: ~10.x-0 repository: 'file://components/policy-gui' diff --git a/kubernetes/policy/components/policy-clamp-cl-http-ppnt/Chart.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/Chart.yaml index 4cf7c40590..00cbd28181 100644 --- a/kubernetes/policy/components/policy-clamp-cl-http-ppnt/Chart.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/Chart.yaml @@ -1,6 +1,5 @@ # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. -# Modifications Copyright © 2021 Nordix Foundation +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,7 +18,7 @@ apiVersion: v2 description: ONAP Policy Clamp Controlloop Http Participant -name: policy-clamp-cl-http-ppnt +name: policy-clamp-ac-http-ppnt version: 10.0.0 dependencies: diff --git a/kubernetes/policy/components/policy-clamp-cl-http-ppnt/resources/config/HttpParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml index fd3c1d4438..249aaaebda 100644 --- a/kubernetes/policy/components/policy-clamp-cl-http-ppnt/resources/config/HttpParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml @@ -1,5 +1,5 @@ # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. All rights reserved. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,6 +16,14 @@ # SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= +spring: + security: + user: + name: ${RESTSERVER_USER} + password: ${RESTSERVER_PASSWORD} +security: + enable-csrf: false + participant: intermediaryParameters: reportingTimeIntervalMs: 120000 @@ -24,19 +32,29 @@ participant: name: HttpParticipant0 version: 1.0.0 participantType: - name: org.onap.k8s.controlloop.HttpControlLoopParticipant + name: org.onap.policy.clamp.acm.HttpParticipant version: 2.3.4 - clampControlLoopTopics: + clampAutomationCompositionTopics: topicSources: - - topic: POLICY-CLRUNTIME-PARTICIPANT + - topic: POLICY-ACRUNTIME-PARTICIPANT servers: - ${topicServer:message-router} topicCommInfrastructure: dmaap fetchTimeout: 15000 useHttps: true topicSinks: - - topic: POLICY-CLRUNTIME-PARTICIPANT + - topic: POLICY-ACRUNTIME-PARTICIPANT servers: - ${topicServer:message-router} topicCommInfrastructure: dmaap useHttps: true + +management: + endpoints: + web: + exposure: + include: health, metrics, prometheus +server: + port: 8084 + servlet: + context-path: /onap/httpparticipant diff --git a/kubernetes/policy/components/policy-clamp-cl-http-ppnt/resources/config/logback.xml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/logback.xml index b6a853d0a0..b6a853d0a0 100644 --- a/kubernetes/policy/components/policy-clamp-cl-http-ppnt/resources/config/logback.xml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/logback.xml diff --git a/kubernetes/policy/components/policy-clamp-cl-http-ppnt/templates/configmap.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/configmap.yaml index 09cc8cd48f..09cc8cd48f 100644 --- a/kubernetes/policy/components/policy-clamp-cl-http-ppnt/templates/configmap.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/configmap.yaml diff --git a/kubernetes/policy/components/policy-clamp-cl-http-ppnt/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/deployment.yaml index 80eaf761e8..3a5b8b199f 100644 --- a/kubernetes/policy/components/policy-clamp-cl-http-ppnt/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/deployment.yaml @@ -1,6 +1,6 @@ {{/* # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. All rights reserved. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -33,11 +33,16 @@ spec: args: - -c - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done" + env: + - name: RESTSERVER_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }} + - name: RESTSERVER_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }} volumeMounts: - mountPath: /config-input - name: cl-http-ppnt-config + name: ac-http-ppnt-config - mountPath: /config - name: cl-http-ppnt-config-processed + name: ac-http-ppnt-config-processed image: {{ include "repositoryGenerator.image.envsubst" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-update-config @@ -59,13 +64,28 @@ spec: - name: TRUSTSTORE_PASSWD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }} {{- end }} + ports: {{ include "common.containerPorts" . | nindent 12 }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.liveness.port }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.readiness.port }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | indent 10 }} - mountPath: /etc/localtime name: localtime readOnly: true - mountPath: /opt/app/policy/clamp/etc/mounted - name: cl-http-ppnt-config-processed + name: ac-http-ppnt-config-processed resources: {{ include "common.resources" . }} {{- if .Values.nodeSelector }} @@ -82,11 +102,11 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: cl-http-ppnt-config + - name: ac-http-ppnt-config configMap: name: {{ include "common.fullname" . }}-configmap defaultMode: 0755 - - name: cl-http-ppnt-config-processed + - name: ac-http-ppnt-config-processed emptyDir: medium: Memory imagePullSecrets: diff --git a/kubernetes/policy/components/policy-clamp-cl-http-ppnt/templates/secrets.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/secrets.yaml index 0bddc8dfbc..0bddc8dfbc 100644 --- a/kubernetes/policy/components/policy-clamp-cl-http-ppnt/templates/secrets.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/secrets.yaml diff --git a/kubernetes/policy/components/policy-clamp-cl-runtime/templates/service.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/service.yaml index be2449f890..e676ff13d7 100644 --- a/kubernetes/policy/components/policy-clamp-cl-runtime/templates/service.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/service.yaml @@ -1,21 +1,21 @@ -{{/* -# ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 -# ============LICENSE_END========================================================= -*/}} - -{{ include "common.service" . }} +{{/*
+# ============LICENSE_START=======================================================
+# Copyright (C) 2021 Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "common.service" . }}
diff --git a/kubernetes/policy/components/policy-clamp-cl-http-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml index 44535c99e2..8eafa463c5 100644 --- a/kubernetes/policy/components/policy-clamp-cl-http-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml @@ -1,5 +1,5 @@ # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -27,6 +27,12 @@ global: # Secrets metaconfig ################################################################# secrets: + - uid: restserver-secret + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.restServer.credsExternalSecret) . }}' + login: '{{ .Values.restServer.user }}' + password: '{{ .Values.restServer.password }}' + passwordPolicy: required - uid: keystore-password type: password externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}' @@ -43,7 +49,7 @@ certStores: trustStorePassword: Pol1cy_0nap certInitializer: - nameOverride: policy-clamp-cl-http-ppnt-cert-initializer + nameOverride: policy-clamp-ac-http-ppnt-cert-initializer aafDeployFqi: deployer@people.osaaf.org aafDeployPass: demo123456! fqdn: policy @@ -65,9 +71,14 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-cl-http-ppnt:6.2.0 +image: onap/policy-clamp-ac-http-ppnt:6.2.1 pullPolicy: Always +# application configuration +restServer: + user: participantUser + password: zb!XztG34 + # flag to enable debugging - application support required debugEnabled: false @@ -80,6 +91,30 @@ affinity: {} ingress: enabled: false +# probe configuration parameters +liveness: + initialDelaySeconds: 20 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + port: http-api + +readiness: + initialDelaySeconds: 20 + periodSeconds: 10 + port: http-api + +service: + type: ClusterIP + name: policy-clamp-ac-http-ppnt + useNodePortExt: true + ports: + - name: http-api + port: 8084 + nodePort: 42 + + flavor: small resources: small: @@ -99,6 +134,6 @@ resources: unlimited: {} #Pods Service Account serviceAccount: - nameOverride: policy-clamp-cl-http-ppnt + nameOverride: policy-clamp-ac-http-ppnt roles: - read diff --git a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/Chart.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/Chart.yaml index 0427a423bc..b55cb35649 100644 --- a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/Chart.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/Chart.yaml @@ -1,7 +1,7 @@ # ============LICENSE_START======================================================= # Copyright (C) 2021 Nordix Foundation. All rights reserved. # Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation +# Modifications Copyright © 2021-2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ apiVersion: v2 description: ONAP Policy Clamp Controlloop K8s Participant -name: policy-clamp-cl-k8s-ppnt +name: policy-clamp-ac-k8s-ppnt version: 10.0.0 dependencies: diff --git a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml index 7227ee8ded..0b7e2ab22d 100644 --- a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml @@ -34,12 +34,12 @@ participant: name: K8sParticipant0 version: 1.0.0 participantType: - name: org.onap.k8s.controlloop.K8SControlLoopParticipant + name: org.onap.policy.clamp.acm.KubernetesParticipant version: 2.3.4 - clampControlLoopTopics: + clampAutomationCompositionTopics: topicSources: - - topic: POLICY-CLRUNTIME-PARTICIPANT + topic: POLICY-ACRUNTIME-PARTICIPANT servers: - ${topicServer:message-router} topicCommInfrastructure: dmaap @@ -47,12 +47,18 @@ participant: useHttps: true topicSinks: - - topic: POLICY-CLRUNTIME-PARTICIPANT + topic: POLICY-ACRUNTIME-PARTICIPANT servers: - ${topicServer:message-router} topicCommInfrastructure: dmaap useHttps: true +management: + endpoints: + web: + exposure: + include: health, metrics, prometheus + server: # Configuration of the HTTP/REST server. The parameters are defined and handled by the springboot framework. # See springboot documentation. @@ -82,4 +88,4 @@ helm: repos: - repoName: bitnami - address: https://charts.bitnami.com/bitnami
\ No newline at end of file + address: https://charts.bitnami.com/bitnami diff --git a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/logback.xml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/logback.xml index a09b4783c3..a09b4783c3 100644 --- a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/logback.xml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/logback.xml diff --git a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/templates/configmap.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/configmap.yaml index 09cc8cd48f..09cc8cd48f 100644 --- a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/templates/configmap.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/configmap.yaml diff --git a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml index 72a3d0ea27..14cb6d3f4e 100644 --- a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml @@ -1,6 +1,6 @@ {{/* # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. All rights reserved. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -40,9 +40,9 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }} volumeMounts: - mountPath: /config-input - name: cl-k8s-ppnt-config + name: ac-k8s-ppnt-config - mountPath: /config - name: cl-k8s-ppnt-config-processed + name: ac-k8s-ppnt-config-processed image: {{ include "repositoryGenerator.image.envsubst" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-update-config @@ -85,7 +85,7 @@ spec: name: localtime readOnly: true - mountPath: /opt/app/policy/clamp/etc/mounted - name: cl-k8s-ppnt-config-processed + name: ac-k8s-ppnt-config-processed resources: {{ include "common.resources" . }} {{- if .Values.nodeSelector }} @@ -102,11 +102,11 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: cl-k8s-ppnt-config + - name: ac-k8s-ppnt-config configMap: name: {{ include "common.fullname" . }}-configmap defaultMode: 0755 - - name: cl-k8s-ppnt-config-processed + - name: ac-k8s-ppnt-config-processed emptyDir: medium: Memory imagePullSecrets: diff --git a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/templates/secrets.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/secrets.yaml index f0f3c5e993..f0f3c5e993 100644 --- a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/templates/secrets.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/secrets.yaml diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/service.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/service.yaml new file mode 100644 index 0000000000..73381c9e3b --- /dev/null +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/service.yaml @@ -0,0 +1,45 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2021-2022 Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: policy-clamp-cl-k8s-ppnt + namespace: {{ include "common.namespace" . }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "common.namespace" . }}-policy-clamp-cl-k8s-ppnt-binding + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: + - kind: ServiceAccount + name: policy-clamp-cl-k8s-ppnt + namespace: {{ include "common.namespace" . }} + diff --git a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml index 701536a168..a3fb19f1bc 100644 --- a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml @@ -1,5 +1,5 @@ # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. All rights reserved. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -50,7 +50,7 @@ certStores: trustStorePassword: Pol1cy_0nap certInitializer: - nameOverride: policy-clamp-cl-k8s-ppnt-cert-initializer + nameOverride: policy-clamp-ac-k8s-ppnt-cert-initializer aafDeployFqi: deployer@people.osaaf.org aafDeployPass: demo123456! fqdn: policy @@ -72,7 +72,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-cl-k8s-ppnt:6.2.0 +image: onap/policy-clamp-ac-k8s-ppnt:6.2.1 pullPolicy: Always # flag to enable debugging - application support required @@ -105,7 +105,7 @@ readiness: service: type: ClusterIP - name: policy-clamp-cl-k8s-ppnt + name: policy-clamp-ac-k8s-ppnt useNodePortExt: true ports: - name: http-api @@ -135,6 +135,6 @@ resources: #Pods Service Account serviceAccount: - nameOverride: policy-clamp-cl-k8s-ppnt + nameOverride: policy-clamp-ac-k8s-ppnt roles: - create diff --git a/kubernetes/policy/components/policy-clamp-cl-pf-ppnt/Chart.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/Chart.yaml index d80fa4d2da..ae8d03bc13 100644 --- a/kubernetes/policy/components/policy-clamp-cl-pf-ppnt/Chart.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/Chart.yaml @@ -1,6 +1,5 @@ # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. All rights reserved. -# Modifications Copyright © 2021 Nordix Foundation +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,7 +18,7 @@ apiVersion: v2 description: ONAP Policy Clamp Controlloop Policy Participant -name: policy-clamp-cl-pf-ppnt +name: policy-clamp-ac-pf-ppnt version: 10.0.0 dependencies: diff --git a/kubernetes/policy/components/policy-clamp-cl-pf-ppnt/resources/config/PolicyParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml index 16d41131a1..0160ff45df 100644 --- a/kubernetes/policy/components/policy-clamp-cl-pf-ppnt/resources/config/PolicyParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml @@ -1,5 +1,5 @@ # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. All rights reserved. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,6 +16,14 @@ # SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= +spring: + security: + user: + name: ${RESTSERVER_USER} + password: ${RESTSERVER_PASSWORD} +security: + enable-csrf: false + participant: pdpGroup: defaultGroup pdpType: apex @@ -42,12 +50,12 @@ participant: name: org.onap.PM_Policy version: 1.0.0 participantType: - name: org.onap.policy.controlloop.PolicyControlLoopParticipant + name: org.onap.policy.clamp.acm.PolicyParticipant version: 2.3.1 - clampControlLoopTopics: + clampAutomationCompositionTopics: topicSources: - - topic: POLICY-CLRUNTIME-PARTICIPANT + topic: POLICY-ACRUNTIME-PARTICIPANT servers: - ${topicServer:message-router} topicCommInfrastructure: dmaap @@ -55,8 +63,19 @@ participant: useHttps: true topicSinks: - - topic: POLICY-CLRUNTIME-PARTICIPANT + topic: POLICY-ACRUNTIME-PARTICIPANT servers: - ${topicServer:message-router} topicCommInfrastructure: dmaap useHttps: true + +management: + endpoints: + web: + exposure: + include: health, metrics, prometheus + +server: + port: 8085 + servlet: + context-path: /onap/policyparticipant diff --git a/kubernetes/policy/components/policy-clamp-cl-pf-ppnt/resources/config/logback.xml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/logback.xml index 1447eb49fc..1447eb49fc 100644 --- a/kubernetes/policy/components/policy-clamp-cl-pf-ppnt/resources/config/logback.xml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/logback.xml diff --git a/kubernetes/policy/components/policy-clamp-cl-pf-ppnt/templates/configmap.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/configmap.yaml index 09cc8cd48f..09cc8cd48f 100644 --- a/kubernetes/policy/components/policy-clamp-cl-pf-ppnt/templates/configmap.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/configmap.yaml diff --git a/kubernetes/policy/components/policy-clamp-cl-pf-ppnt/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml index 2317194e96..b13e013f47 100644 --- a/kubernetes/policy/components/policy-clamp-cl-pf-ppnt/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml @@ -1,6 +1,6 @@ {{/* # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. All rights reserved. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -42,11 +42,15 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pap-secret" "key" "login") | indent 10 }} - name: PAP_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pap-secret" "key" "password") | indent 10 }} + - name: RESTSERVER_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }} + - name: RESTSERVER_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }} volumeMounts: - mountPath: /config-input - name: cl-pf-ppnt-config + name: ac-pf-ppnt-config - mountPath: /config - name: cl-pf-ppnt-config-processed + name: ac-pf-ppnt-config-processed image: {{ include "repositoryGenerator.image.envsubst" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-update-config @@ -68,13 +72,28 @@ spec: - name: TRUSTSTORE_PASSWD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }} {{- end }} + ports: {{ include "common.containerPorts" . | nindent 12 }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.liveness.port }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.readiness.port }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | indent 10 }} - mountPath: /etc/localtime name: localtime readOnly: true - mountPath: /opt/app/policy/clamp/etc/mounted - name: cl-pf-ppnt-config-processed + name: ac-pf-ppnt-config-processed resources: {{ include "common.resources" . }} {{- if .Values.nodeSelector }} @@ -91,11 +110,11 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: cl-pf-ppnt-config + - name: ac-pf-ppnt-config configMap: name: {{ include "common.fullname" . }}-configmap defaultMode: 0755 - - name: cl-pf-ppnt-config-processed + - name: ac-pf-ppnt-config-processed emptyDir: medium: Memory imagePullSecrets: diff --git a/kubernetes/policy/components/policy-clamp-cl-pf-ppnt/templates/secrets.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/secrets.yaml index f0f3c5e993..f0f3c5e993 100644 --- a/kubernetes/policy/components/policy-clamp-cl-pf-ppnt/templates/secrets.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/secrets.yaml diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/service.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/service.yaml new file mode 100644 index 0000000000..e676ff13d7 --- /dev/null +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/service.yaml @@ -0,0 +1,21 @@ +{{/*
+# ============LICENSE_START=======================================================
+# Copyright (C) 2021 Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "common.service" . }}
diff --git a/kubernetes/policy/components/policy-clamp-cl-pf-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml index ef8a7c0745..c825ab1a0c 100644 --- a/kubernetes/policy/components/policy-clamp-cl-pf-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml @@ -1,5 +1,5 @@ # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. All rights reserved. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -27,6 +27,12 @@ global: # Secrets metaconfig ################################################################# secrets: + - uid: restserver-secret + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.restServer.credsExternalSecret) . }}' + login: '{{ .Values.restServer.participantppnt.user }}' + password: '{{ .Values.restServer.participantppnt.password }}' + passwordPolicy: required - uid: api-secret type: basicAuth externalSecret: '{{ tpl (default "" .Values.restServer.apiUserExternalSecret) . }}' @@ -55,7 +61,7 @@ certStores: trustStorePassword: Pol1cy_0nap certInitializer: - nameOverride: policy-clamp-cl-pf-ppnt-cert-initializer + nameOverride: policy-clamp-ac-pf-ppnt-cert-initializer aafDeployFqi: deployer@people.osaaf.org aafDeployPass: demo123456! fqdn: policy @@ -77,7 +83,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-cl-pf-ppnt:6.2.0 +image: onap/policy-clamp-ac-pf-ppnt:6.2.1 pullPolicy: Always # flag to enable debugging - application support required @@ -94,6 +100,9 @@ restServer: pap: user: policyadmin password: none + participantppnt: + user: participantUser + password: none nodeSelector: {} @@ -101,6 +110,29 @@ affinity: {} ingress: enabled: false +# probe configuration parameters +liveness: + initialDelaySeconds: 20 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + port: http-api + +readiness: + initialDelaySeconds: 20 + periodSeconds: 10 + port: http-api + +service: + type: ClusterIP + name: policy-clamp-ac-pf-ppnt + useNodePortExt: true + ports: + - name: http-api + port: 8085 + nodePort: 42 + flavor: small resources: small: @@ -120,6 +152,6 @@ resources: unlimited: {} #Pods Service Account serviceAccount: - nameOverride: policy-clamp-cl-pf-ppnt + nameOverride: policy-clamp-ac-pf-ppnt roles: - read diff --git a/kubernetes/policy/components/policy-clamp-be/resources/config/application.properties b/kubernetes/policy/components/policy-clamp-be/resources/config/application.properties index b9a4ed33a8..03e55e15f5 100644 --- a/kubernetes/policy/components/policy-clamp-be/resources/config/application.properties +++ b/kubernetes/policy/components/policy-clamp-be/resources/config/application.properties @@ -7,6 +7,7 @@ # reserved. # ================================================================================ # Modifications copyright (c) 2019 Nokia +# Modifications Copyright (c) 2022 Nordix Foundation # ================================================================================\ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -71,7 +72,6 @@ clamp.config.dcae.deployment.password=none clamp.config.cadi.aafLocateUrl=https://aaf-locate.{{ include "common.namespace" . }}:8095 # Configuration settings for ControlLoop Runtime Rest API -clamp.config.controlloop.runtime.url=https://policy-clamp-cl-runtime.{{ include "common.namespace" . }}:6969 -clamp.config.controlloop.runtime.userName=${RUNTIME_USER} -clamp.config.controlloop.runtime.password=${RUNTIME_PASSWORD} - +clamp.config.acm.runtime.url=https://policy-clamp-runtime-acm.{{ include "common.namespace" . }}:6969 +clamp.config.acm.runtime.userName=${RUNTIME_USER} +clamp.config.acm.runtime.password=${RUNTIME_PASSWORD} diff --git a/kubernetes/policy/components/policy-clamp-be/values.yaml b/kubernetes/policy/components/policy-clamp-be/values.yaml index 85e97b9af3..2016b14043 100644 --- a/kubernetes/policy/components/policy-clamp-be/values.yaml +++ b/kubernetes/policy/components/policy-clamp-be/values.yaml @@ -1,5 +1,6 @@ # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018-2021 AT&T +# Modifications Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -70,7 +71,7 @@ secrets: flavor: small # application image -image: onap/policy-clamp-backend:6.2.0 +image: onap/policy-clamp-backend:6.2.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-cl-runtime/Chart.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/Chart.yaml index 0adfd34a7c..90e9293f56 100644 --- a/kubernetes/policy/components/policy-clamp-cl-runtime/Chart.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/Chart.yaml @@ -1,7 +1,7 @@ # ============LICENSE_START======================================================= # Copyright (C) 2021 Nordix Foundation. All rights reserved. # Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation +# Modifications Copyright © 2021-2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ apiVersion: v2 description: ONAP Policy Clamp Controlloop Runtime -name: policy-clamp-cl-runtime +name: policy-clamp-runtime-acm version: 10.0.0 dependencies: diff --git a/kubernetes/policy/components/policy-clamp-cl-runtime/resources/config/clRuntimeParameters.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml index 157db833b2..2b52a2b892 100644 --- a/kubernetes/policy/components/policy-clamp-cl-runtime/resources/config/clRuntimeParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml @@ -1,5 +1,5 @@ # ============LICENSE_START======================================================= -# Copyright (C) 2021-2022 Nordix Foundation. All rights reserved. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -25,7 +25,7 @@ spring: converters: preferred-json-mapper: gson datasource: - url: jdbc:mariadb://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort }}/controlloop + url: jdbc:mariadb://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort }}/clampacm driverClassName: org.mariadb.jdbc.Driver username: ${SQL_USER} password: ${SQL_PASSWORD} @@ -34,6 +34,16 @@ spring: idleTimeout: 600000 maxLifetime: 1800000 maximumPoolSize: 10 + jpa: + hibernate: + ddl-auto: update + naming: + physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl + implicit-strategy: org.onap.policy.common.spring.utils.CustomImplicitNamingStrategy + properties: + hibernate: + dialect: org.hibernate.dialect.MariaDB103Dialect + format_sql: true security: enable-csrf: false @@ -41,15 +51,12 @@ security: server: port: 6969 servlet: - context-path: /onap/controlloop + context-path: /onap/policy/clamp/acm error: path: /error runtime: - supervisionScannerIntervalSec: 1000 - participantClUpdateIntervalSec: 1000 - participantClStateChangeIntervalSec: 1000 participantParameters: heartBeatMs: 120000 maxMessageAgeMs: 600000 @@ -57,19 +64,10 @@ runtime: updateParameters: maxRetryCount: 3 maxWaitMs: 100000 - databasePlatform: org.eclipse.persistence.platform.database.MySQLPlatform - databaseProviderParameters: - name: PolicyProviderParameterGroup - implementation: org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl - databaseDriver: org.mariadb.jdbc.Driver - databaseUrl: jdbc:mariadb://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort }}/controlloop - databaseUser: ${SQL_USER} - databasePassword: ${SQL_PASSWORD} - persistenceUnit: CommissioningMariaDb topicParameterGroup: topicSources: - - topic: POLICY-CLRUNTIME-PARTICIPANT + topic: POLICY-ACRUNTIME-PARTICIPANT servers: - ${topicServer:message-router} topicCommInfrastructure: dmaap @@ -77,7 +75,7 @@ runtime: fetchTimeout: 15000 topicSinks: - - topic: POLICY-CLRUNTIME-PARTICIPANT + topic: POLICY-ACRUNTIME-PARTICIPANT servers: - ${topicServer:message-router} topicCommInfrastructure: dmaap diff --git a/kubernetes/policy/components/policy-clamp-cl-runtime/resources/config/logback.xml b/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/logback.xml index 43cea65306..206b19b049 100644 --- a/kubernetes/policy/components/policy-clamp-cl-runtime/resources/config/logback.xml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/logback.xml @@ -1,6 +1,6 @@ <!-- ============LICENSE_START======================================================= - Copyright (C) 2021 Nordix Foundation. All rights reserved. + Copyright (C) 2021-2022 Nordix Foundation. ================================================================================ Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ <appender name="ErrorOut" class="ch.qos.logback.core.rolling.RollingFileAppender"> <file>/var/log/onap/policy/pap/error.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> - <fileNamePattern>/var/log/onap/policy/policy-clamp-cl-runtime/error.%d{yyyy-MM-dd}.%i.log.zip + <fileNamePattern>/var/log/onap/policy/policy-clamp-runtime-acm/error.%d{yyyy-MM-dd}.%i.log.zip </fileNamePattern> <maxFileSize>50MB</maxFileSize> <maxHistory>30</maxHistory> @@ -41,7 +41,7 @@ <appender name="DebugOut" class="ch.qos.logback.core.rolling.RollingFileAppender"> <file>/var/log/onap/policy/pap/debug.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> - <fileNamePattern>/var/log/onap/policy/policy-clamp-cl-runtime/debug.%d{yyyy-MM-dd}.%i.log.zip + <fileNamePattern>/var/log/onap/policy/policy-clamp-runtime-acm/debug.%d{yyyy-MM-dd}.%i.log.zip </fileNamePattern> <maxFileSize>50MB</maxFileSize> <maxHistory>30</maxHistory> @@ -57,9 +57,9 @@ </appender> <appender name="NetworkOut" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>/var/log/onap/policy/policy-clamp-cl-runtime/network.log</file> + <file>/var/log/onap/policy/policy-clamp-runtime-acm/network.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> - <fileNamePattern>/var/log/onap/policy/policy-clamp-cl-runtime/network.%d{yyyy-MM-dd}.%i.log.zip + <fileNamePattern>/var/log/onap/policy/policy-clamp-runtime-acm/network.%d{yyyy-MM-dd}.%i.log.zip </fileNamePattern> <maxFileSize>50MB</maxFileSize> <maxHistory>30</maxHistory> diff --git a/kubernetes/policy/components/policy-clamp-cl-runtime/templates/configmap.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/templates/configmap.yaml index 66c096d439..66c096d439 100644 --- a/kubernetes/policy/components/policy-clamp-cl-runtime/templates/configmap.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/templates/configmap.yaml diff --git a/kubernetes/policy/components/policy-clamp-cl-runtime/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml index 92e5c9e6c8..e302704201 100644 --- a/kubernetes/policy/components/policy-clamp-cl-runtime/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml @@ -1,6 +1,6 @@ {{/* # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. All rights reserved. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -58,9 +58,9 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "runtime-secret" "key" "password") | indent 10 }} volumeMounts: - mountPath: /config-input - name: cl-runtime-config + name: ac-runtime-config - mountPath: /config - name: cl-runtime-config-processed + name: ac-runtime-config-processed image: {{ include "repositoryGenerator.image.envsubst" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-update-config @@ -72,10 +72,10 @@ spec: {{- if .Values.global.aafEnabled }} command: ["sh","-c"] args: ["source {{ .Values.certInitializer.credsPath }}/.ci;\ - /opt/app/policy/clamp/bin/controlloop-runtime.sh /opt/app/policy/clamp/etc/mounted/clRuntimeParameters.yaml"] + /opt/app/policy/clamp/bin/acm-runtime.sh /opt/app/policy/clamp/etc/mounted/acRuntimeParameters.yaml"] {{- else }} - command: ["/opt/app/policy/clamp/bin/controlloop-runtime.sh"] - args: ["/opt/app/policy/clamp/etc/mounted/clRuntimeParameters.yaml"] + command: ["/opt/app/policy/clamp/bin/acm-runtime.sh"] + args: ["/opt/app/policy/clamp/etc/mounted/acRuntimeParameters.yaml"] env: - name: KEYSTORE_PASSWD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }} @@ -103,7 +103,7 @@ spec: name: localtime readOnly: true - mountPath: /opt/app/policy/clamp/etc/mounted - name: cl-runtime-config-processed + name: ac-runtime-config-processed resources: {{ include "common.resources" . }} {{- if .Values.nodeSelector }} @@ -120,11 +120,11 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: cl-runtime-config + - name: ac-runtime-config configMap: name: {{ include "common.fullname" . }}-configmap defaultMode: 0755 - - name: cl-runtime-config-processed + - name: ac-runtime-config-processed emptyDir: medium: Memory imagePullSecrets: diff --git a/kubernetes/policy/components/policy-clamp-cl-runtime/templates/secrets.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/templates/secrets.yaml index abbfa3fdba..abbfa3fdba 100644 --- a/kubernetes/policy/components/policy-clamp-cl-runtime/templates/secrets.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/templates/secrets.yaml diff --git a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/templates/service.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/templates/service.yaml index be2449f890..be2449f890 100644 --- a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/templates/service.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/templates/service.yaml diff --git a/kubernetes/policy/components/policy-clamp-cl-runtime/values.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml index 59d7d313a8..1b571fc502 100644 --- a/kubernetes/policy/components/policy-clamp-cl-runtime/values.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml @@ -1,5 +1,5 @@ # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. All rights reserved. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -56,7 +56,7 @@ certStores: trustStorePassword: Pol1cy_0nap certInitializer: - nameOverride: policy-clamp-cl-runtime-cert-initializer + nameOverride: policy-clamp-runtime-acm-cert-initializer aafDeployFqi: deployer@people.osaaf.org aafDeployPass: demo123456! fqdn: policy @@ -78,7 +78,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-cl-runtime:6.2.0 +image: onap/policy-clamp-runtime-acm:6.2.1 pullPolicy: Always # flag to enable debugging - application support required @@ -119,7 +119,7 @@ readiness: service: type: ClusterIP - name: policy-clamp-cl-runtime + name: policy-clamp-runtime-acm useNodePortExt: true ports: - name: http-api @@ -149,6 +149,6 @@ resources: #Pods Service Account serviceAccount: - nameOverride: policy-clamp-cl-runtime + nameOverride: policy-clamp-runtime-acm roles: - read diff --git a/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/base.conf b/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/base.conf index ff532ab5c1..57fa29bc3d 100755 --- a/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/base.conf +++ b/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/base.conf @@ -1,6 +1,6 @@ {{/* # Copyright © 2017-2018 Amdocs, Bell Canada. -# Modifications Copyright (C) 2018-2020 AT&T Intellectual Property. +# Modifications Copyright (C) 2018-2020, 2022 AT&T Intellectual Property. # Modifications Copyright (C) 2021 Bell Canada. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -43,6 +43,9 @@ REPOSITORY_OFFLINE={{.Values.nexus.offline}} SQL_HOST={{ .Values.db.name }} SQL_PORT=3306 +# Liveness +LIVENESS_CONTROLLERS=* + # AAF AAF={{.Values.aaf.enabled}} diff --git a/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/logback.xml b/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/logback.xml index 2fc08e4e5d..a25a7e16d3 100755 --- a/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/logback.xml +++ b/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/logback.xml @@ -1,7 +1,7 @@ <!-- ============LICENSE_START======================================================= Copyright (C) 2020 Bell Canada. All rights reserved. - Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved. + Modifications Copyright (C) 2021-2022 AT&T Intellectual Property. All rights reserved. ================================================================================ Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -150,6 +150,8 @@ <appender-ref ref="AsyncStdOut" /> </logger> + <appender name="PromLogback" class="io.prometheus.client.logback.InstrumentedAppender"/> + <root level="INFO"> <appender-ref ref="AsyncDebugOut" /> <appender-ref ref="AsyncErrorOut" /> @@ -158,6 +160,7 @@ <appender-ref ref="AsyncStdOut" /> <appender-ref ref="AsyncMetricStdOut" /> <appender-ref ref="AsyncTransactionStdOut" /> + <appender-ref ref="PromLogback" /> </root> </configuration> diff --git a/kubernetes/policy/components/policy-drools-pdp/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-drools-pdp/templates/serviceMonitor.yaml new file mode 100644 index 0000000000..1c04296e4f --- /dev/null +++ b/kubernetes/policy/components/policy-drools-pdp/templates/serviceMonitor.yaml @@ -0,0 +1,23 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2022 AT&T Intellectual Property +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{- if .Values.prometheus.enabled }} +{{ include "common.serviceMonitor" . }} +{{- end }} diff --git a/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml b/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml index d389246b5c..7dee453771 100755 --- a/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml @@ -1,6 +1,6 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018-2020 AT&T Intellectual Property +# Modifications Copyright © 2018-2020, 2022 AT&T Intellectual Property # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -83,10 +83,12 @@ spec: - containerPort: {{ .Values.service.externalPort2 }} {{- if eq .Values.liveness.enabled true }} livenessProbe: - tcpSocket: - port: {{ .Values.service.externalPort }} + httpGet: + path: /healthcheck/controllers + port: 6968 initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{- end }} readinessProbe: tcpSocket: diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml index 2ce7503015..344a600afe 100755 --- a/kubernetes/policy/components/policy-drools-pdp/values.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml @@ -1,6 +1,6 @@ # Copyright © 2017 Amdocs # Copyright © 2017, 2021 Bell Canada -# Modifications Copyright © 2018-2021 AT&T Intellectual Property +# Modifications Copyright © 2018-2022 AT&T Intellectual Property # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -30,12 +30,18 @@ secrets: login: '{{ .Values.db.user }}' password: '{{ .Values.db.password }}' passwordPolicy: required + - uid: telemetry-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.telemetry.credsExternalSecret) . }}' + login: '{{ .Values.telemetry.user }}' + password: '{{ .Values.telemetry.password }}' + passwordPolicy: required ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/policy-pdpd-cl:1.10.1 +image: onap/policy-pdpd-cl:1.10.2 pullPolicy: Always # flag to enable debugging - application support required @@ -51,7 +57,8 @@ affinity: {} # probe configuration parameters liveness: initialDelaySeconds: 180 - periodSeconds: 10 + periodSeconds: 60 + timeoutSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true @@ -195,3 +202,27 @@ serviceAccount: nameOverride: policy-drools-pdp roles: - read + +prometheus: + enabled: true + +metrics: + serviceMonitor: + # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. + # The default operator for prometheus enforces the below label. + labels: + release: prometheus + enabled: true + port: policy-drools-pdp-9696 + interval: 60s + isHttps: true + basicAuth: + enabled: true + externalSecretNameSuffix: policy-drools-pdp-telemetry-creds + externalSecretUserKey: login + externalSecretPasswordKey: password + selector: + app: '{{ include "common.name" . }}' + chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' + release: '{{ include "common.release" . }}' + heritage: '{{ .Release.Service }}' diff --git a/kubernetes/policy/components/policy-xacml-pdp/resources/config/logback.xml b/kubernetes/policy/components/policy-xacml-pdp/resources/config/logback.xml index cc7f8e56c1..fad7e72509 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/resources/config/logback.xml +++ b/kubernetes/policy/components/policy-xacml-pdp/resources/config/logback.xml @@ -1,7 +1,7 @@ <!-- ============LICENSE_START======================================================= Copyright (C) 2020 Bell Canada. All rights reserved. - Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved. + Modifications Copyright (C) 2021-2022 AT&T Intellectual Property. All rights reserved. ================================================================================ Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -95,10 +95,13 @@ <appender-ref ref="AsyncStdOut" /> </logger> + <appender name="PromLogback" class="io.prometheus.client.logback.InstrumentedAppender"/> + <root level="INFO"> <appender-ref ref="AsyncDebugOut" /> <appender-ref ref="AsyncErrorOut" /> <appender-ref ref="AsyncStdOut" /> + <appender-ref ref="PromLogback" /> </root> </configuration> diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml index 504313832d..308b5a78af 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml @@ -83,7 +83,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-xacml-pdp:2.6.1 +image: onap/policy-xacml-pdp:2.6.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/resources/config/db.sh b/kubernetes/policy/resources/config/db.sh index 787ec0adbe..866d422c14 100755 --- a/kubernetes/policy/resources/config/db.sh +++ b/kubernetes/policy/resources/config/db.sh @@ -19,7 +19,7 @@ mysql() { /usr/bin/mysql -h ${MYSQL_HOST} -P ${MYSQL_USER} "$@"; }; -for db in migration pooling policyadmin policyclamp operationshistory controlloop +for db in migration pooling policyadmin policyclamp operationshistory clampacm do mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};" mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "GRANT ALL PRIVILEGES ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;" diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 77d3c3f83e..759ba56b02 100755 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -1,6 +1,6 @@ # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018-2020 AT&T Intellectual Property -# Modifications Copyright (C) 2021 Nordix Foundation. +# Modifications Copyright (C) 2021-2022 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -98,18 +98,18 @@ policy-clamp-be: db: *dbSecretsHook config: appUserExternalSecret: *policyAppCredsSecret -policy-clamp-cl-k8s-ppnt: +policy-clamp-ac-k8s-ppnt: enabled: true -policy-clamp-cl-pf-ppnt: +policy-clamp-ac-pf-ppnt: enabled: true restServer: apiUserExternalSecret: *policyApiCredsSecret papUserExternalSecret: *policyPapCredsSecret -policy-clamp-cl-http-ppnt: +policy-clamp-ac-http-ppnt: enabled: true policy-nexus: enabled: false -policy-clamp-cl-runtime: +policy-clamp-runtime-acm: enabled: true db: *dbSecretsHook config: diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml index 7bba71fe0b..d8beeedb2a 100644 --- a/kubernetes/robot/values.yaml +++ b/kubernetes/robot/values.yaml @@ -424,7 +424,7 @@ readiness: service: name: robot - type: NodePort + type: ClusterIP portName: httpd externalPort: 443 internalPort: 443 diff --git a/kubernetes/sdnc/components/dmaap-listener/values.yaml b/kubernetes/sdnc/components/dmaap-listener/values.yaml index a1a583b3f9..7ef646f3e1 100644 --- a/kubernetes/sdnc/components/dmaap-listener/values.yaml +++ b/kubernetes/sdnc/components/dmaap-listener/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-dmaap-listener-image:2.2.5 +image: onap/sdnc-dmaap-listener-image:2.3.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml index b247e71452..768a617b63 100644 --- a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml +++ b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-ansible-server-image:2.2.5 +image: onap/sdnc-ansible-server-image:2.3.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/components/ueb-listener/values.yaml b/kubernetes/sdnc/components/ueb-listener/values.yaml index 795ffeaa79..50fee59a32 100644 --- a/kubernetes/sdnc/components/ueb-listener/values.yaml +++ b/kubernetes/sdnc/components/ueb-listener/values.yaml @@ -55,7 +55,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-ueb-listener-image:2.2.5 +image: onap/sdnc-ueb-listener-image:2.3.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index 5d2f5be9b2..d45e13eb01 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -210,7 +210,7 @@ certificates: # application images pullPolicy: Always -image: onap/sdnc-image:2.2.5 +image: onap/sdnc-image:2.3.0 # flag to enable debugging - application support required debugEnabled: false |