diff options
Diffstat (limited to 'kubernetes')
596 files changed, 8819 insertions, 6247 deletions
diff --git a/kubernetes/Makefile b/kubernetes/Makefile index fa63bd8942..3f41c3cc4b 100644 --- a/kubernetes/Makefile +++ b/kubernetes/Makefile @@ -20,12 +20,13 @@ OUTPUT_DIR := $(ROOT_DIR)/dist PACKAGE_DIR := $(OUTPUT_DIR)/packages SECRET_DIR := $(OUTPUT_DIR)/secrets -EXCLUDES := config oneclick readiness test dist helm $(PARENT_CHART) dcae +SUBMODS := robot aai +EXCLUDES := config oneclick readiness test dist helm $(PARENT_CHART) dcae $(SUBMODS) HELM_CHARTS := $(filter-out $(EXCLUDES), $(patsubst %/.,%,$(wildcard */.))) $(PARENT_CHART) -.PHONY: $(EXCLUDES) $(HELM_CHARTS) +.PHONY: $(EXCLUDES) $(HELM_CHARTS) $(SUBMODS) -all: $(COMMON_CHARTS_DIR) $(HELM_CHARTS) plugins +all: $(COMMON_CHARTS_DIR) $(SUBMODS) $(HELM_CHARTS) plugins $(COMMON_CHARTS): @echo "\n[$@]" @@ -35,6 +36,18 @@ $(HELM_CHARTS): @echo "\n[$@]" @make package-$@ +$(SUBMODS): + @echo "\n[$@]" + @make submod-$@ + @make package-$@ + +submod-%: + @make $*/requirements.yaml + +%/requirements.yaml: + $(error Submodule $* needs to be retrieved from gerrit. See https://wiki.onap.org/display/DW/OOM+-+Development+workflow+after+code+transfer+to+tech+teams ); fi + + make-%: @if [ -f $*/Makefile ]; then make -C $*; fi diff --git a/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml index 5bbb1d731f..d541f1e5c5 100644 --- a/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml @@ -106,11 +106,11 @@ spec: path: /etc/localtime - name: aaf-status-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-status-pvc + claimName: {{ .Release.Name }}-aaf-status - name: aaf-cass-vol {{- if .Values.persistence.enabled }} persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-pvc + claimName: {{ include "common.fullname" . }}-data {{- else }} emptyDir: {} {{- end }} diff --git a/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml b/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml index 8249d84698..ac49d283ff 100644 --- a/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml +++ b/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml @@ -14,11 +14,12 @@ # limitations under the License. */}} -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) }} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }}-pv + name: {{ include "common.fullname" . }}-data namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -34,11 +35,6 @@ spec: persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} + storageClassName: "{{ include "common.fullname" . }}-data" +{{- end -}} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml index 4f9dac07b7..39fd993c04 100644 --- a/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml +++ b/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml @@ -18,7 +18,7 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ include "common.fullname" .}}-pvc + name: {{ include "common.fullname" .}}-data namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -30,19 +30,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} + storageClassName: {{ include "common.storageClass" . }} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-cass/values.yaml b/kubernetes/aaf/charts/aaf-cass/values.yaml index ee05a19575..ea8da6e543 100644 --- a/kubernetes/aaf/charts/aaf-cass/values.yaml +++ b/kubernetes/aaf/charts/aaf-cass/values.yaml @@ -61,23 +61,22 @@ ingress: enabled: false # Configure resource requests and limits -resources: {} - # Following AAI's advice, and not trying to guess on Cass usage. Guessing just makes it slow -# small: -# limits: -# cpu: "1000m" -# memory: 4096Mi -# requests: -# cpu: 20m -# memory: 2048Mi -# large: -# limits: -# cpu: 400m -# memory: 12000Mi -# requests: -# cpu: 40m -# memory: 9000Mi -# unlimited: {} +resources: + small: + limits: + cpu: 2100m + memory: 1792Mi + requests: + cpu: 30m + memory: 1280Mi + large: + limits: + cpu: 4 + memory: 12000Mi + requests: + cpu: 40m + memory: 9000Mi + unlimited: {} persistence: enabled: true @@ -87,4 +86,3 @@ persistence: volumeReclaimPolicy: Retain accessMode: ReadWriteOnce size: 20Gi - storageClass: "manual" diff --git a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml index 19d762557a..cb5ec35fc2 100644 --- a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml @@ -114,9 +114,9 @@ spec: path: /etc/localtime - name: aaf-status-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-status-pvc + claimName: {{ .Release.Name }}-aaf-status - name: aaf-config-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-config-pvc + claimName: {{ .Release.Name }}-aaf-config imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-cm/templates/ingress.yaml b/kubernetes/aaf/charts/aaf-cm/templates/ingress.yaml new file mode 100644 index 0000000000..40b4bba0ce --- /dev/null +++ b/kubernetes/aaf/charts/aaf-cm/templates/ingress.yaml @@ -0,0 +1,4 @@ + +{{ include "common.ingress" . }} + + diff --git a/kubernetes/aaf/charts/aaf-cm/values.yaml b/kubernetes/aaf/charts/aaf-cm/values.yaml index 6ace7d1143..2bd05d81ed 100644 --- a/kubernetes/aaf/charts/aaf-cm/values.yaml +++ b/kubernetes/aaf/charts/aaf-cm/values.yaml @@ -52,22 +52,27 @@ service: ingress: enabled: false + service: + - baseaddr: "aafcm" + name: "aaf-cm" + port: 8150 + config: + ssl: "none" # Configure resource requests and limits -resources: {} -# Allow END users to do this, if they want. Detrimental to Test services -# small: -# limits: -# cpu: 200m -# memory: 800Mi -# requests: -# cpu: 20m -# memory: 500Mi -# large: -# limits: -# cpu: 400m -# memory: 1Gi -# requests: -# cpu: 40m -# memory: 600Mi -# unlimited: {} +resources: + small: + limits: + cpu: 20m + memory: 300Mi + requests: + cpu: 1m + memory: 200Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 40m + memory: 600Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml index cd72fddb58..53d6ed0f41 100644 --- a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml @@ -114,9 +114,9 @@ spec: path: /etc/localtime - name: aaf-status-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-status-pvc + claimName: {{ .Release.Name }}-aaf-status - name: aaf-config-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-config-pvc + claimName: {{ .Release.Name }}-aaf-config imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-fs/templates/ingress.yaml b/kubernetes/aaf/charts/aaf-fs/templates/ingress.yaml new file mode 100644 index 0000000000..40b4bba0ce --- /dev/null +++ b/kubernetes/aaf/charts/aaf-fs/templates/ingress.yaml @@ -0,0 +1,4 @@ + +{{ include "common.ingress" . }} + + diff --git a/kubernetes/aaf/charts/aaf-fs/values.yaml b/kubernetes/aaf/charts/aaf-fs/values.yaml index 48ad7c10df..d1a35a744c 100644 --- a/kubernetes/aaf/charts/aaf-fs/values.yaml +++ b/kubernetes/aaf/charts/aaf-fs/values.yaml @@ -54,22 +54,27 @@ service: ingress: enabled: false + service: + - baseaddr: "aaffs" + name: "aaf-fs" + port: 8096 + config: + ssl: "none" # Configure resource requests and limits -resources: {} -# Allow END users to do this, if they want. Detrimental to Test services -# small: -# limits: -# cpu: 200m -# memory: 800Mi -# requests: -# cpu: 10m -# memory: 300Mi -# large: -# limits: -# cpu: 500m -# memory: 700Mi -# requests: -# cpu: 100m -# memory: 400Mi -# unlimited: {} +resources: + small: + limits: + cpu: 200m + memory: 110Mi + requests: + cpu: 1m + memory: 80Mi + large: + limits: + cpu: 500m + memory: 700Mi + requests: + cpu: 100m + memory: 400Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml index 4a433cccfd..6fa750be1e 100644 --- a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml @@ -114,9 +114,9 @@ spec: path: /etc/localtime - name: aaf-status-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-status-pvc + claimName: {{ .Release.Name }}-aaf-status - name: aaf-config-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-config-pvc + claimName: {{ .Release.Name }}-aaf-config imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-gui/templates/ingress.yaml b/kubernetes/aaf/charts/aaf-gui/templates/ingress.yaml new file mode 100644 index 0000000000..40b4bba0ce --- /dev/null +++ b/kubernetes/aaf/charts/aaf-gui/templates/ingress.yaml @@ -0,0 +1,4 @@ + +{{ include "common.ingress" . }} + + diff --git a/kubernetes/aaf/charts/aaf-gui/values.yaml b/kubernetes/aaf/charts/aaf-gui/values.yaml index 3068f14ec9..1f7abd4b9d 100644 --- a/kubernetes/aaf/charts/aaf-gui/values.yaml +++ b/kubernetes/aaf/charts/aaf-gui/values.yaml @@ -56,23 +56,27 @@ service: ingress: enabled: false + service: + - baseaddr: "aafgui" + name: "aaf-gui" + port: 8200 + config: + ssl: "none" # Configure resource requests and limits -resources: {} -# Allow END users to do this, if they want. Detrimental to Test services -#resources: -# small: -# limits: -# cpu: 100m -# memory: 500Mi -# requests: -# cpu: 10m -# memory: 200Mi -# large: -# limits: -# cpu: 200m -# memory: 1Gi -# requests: -# cpu: 100m -# memory: 500Mi -# unlimited: {} +resources: + small: + limits: + cpu: 20m + memory: 280Mi + requests: + cpu: 1m + memory: 170Mi + large: + limits: + cpu: 200m + memory: 1Gi + requests: + cpu: 100m + memory: 500Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml b/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml index 066bf38f2f..af82689ef2 100644 --- a/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml +++ b/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml @@ -1,4 +1,6 @@ +{{- if ne 0 (int .Values.global.aaf.hello.replicas) }} {{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} ######### ## ============LICENSE_START==================================================== ## org.onap.aaf @@ -37,12 +39,8 @@ spec: - {{ .Values.persistence.config.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }} hostPath: - path: {{ .Values.persistence.config.mountPath }} -{{- if .Values.persistence.config.storageClass }} -{{- if (eq "-" .Values.persistence.config.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.config.storageClass }}" -{{- end }} -{{- end }} + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} + storageClassName: "{{ include "common.fullname" . }}-data" +{{- end -}} +{{- end -}} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pvc.yaml b/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pvc.yaml index 7c45b8bd7f..68828767e3 100644 --- a/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pvc.yaml +++ b/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pvc.yaml @@ -1,3 +1,4 @@ +{{- if ne 0 (int .Values.global.aaf.hello.replicas) }} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} ######### ## ============LICENSE_START==================================================== @@ -33,20 +34,11 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }}-hello accessModes: - {{ .Values.persistence.config.accessMode }} resources: requests: storage: {{ .Values.persistence.config.size }} -{{- if .Values.persistence.config.storageClass }} -{{- if (eq "-" .Values.persistence.config.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.config.storageClass }}" -{{- end }} -{{- end }} + storageClassName: {{ include "common.storageClass" . }} +{{- end -}} {{- end -}} - diff --git a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml index c5fcf68a58..2135f1ef31 100644 --- a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml @@ -34,8 +34,12 @@ spec: hostPath: path: /etc/localtime - name: aaf-hello-vol + {{- if and .Values.persistence.enabled }} persistentVolumeClaim: claimName: {{ .Release.Name }}-aaf-hello-pvc + {{- else }} + emptyDir: {} + {{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" initContainers: diff --git a/kubernetes/aaf/charts/aaf-hello/templates/ingress.yaml b/kubernetes/aaf/charts/aaf-hello/templates/ingress.yaml new file mode 100644 index 0000000000..40b4bba0ce --- /dev/null +++ b/kubernetes/aaf/charts/aaf-hello/templates/ingress.yaml @@ -0,0 +1,4 @@ + +{{ include "common.ingress" . }} + + diff --git a/kubernetes/aaf/charts/aaf-hello/values.yaml b/kubernetes/aaf/charts/aaf-hello/values.yaml index ea6665c61a..36bed9d7f1 100644 --- a/kubernetes/aaf/charts/aaf-hello/values.yaml +++ b/kubernetes/aaf/charts/aaf-hello/values.yaml @@ -44,14 +44,13 @@ service: persistence: enabled: true - config: #existingClaim: # You will want "Reatan" in non-Hello Example. - volumeReclaimPolicy: Delete - accessMode: ReadWriteMany - size: 40M - storageClass: "manual" - mountPath: "/mnt/data/aaf/hello" + volumeReclaimPolicy: Delete + accessMode: ReadWriteMany + size: 40M + mountPath: /dockerdata-nfs + mountSubPath: aaf/hello nodeSelector: {} @@ -71,23 +70,27 @@ readiness: ingress: enabled: false + service: + - baseaddr: "aafhello" + name: "aaf-hello" + port: 8130 + config: + ssl: "none" # Configure resource requests and limits -resources: {} -# Allow END users to do this, if they want. Detrimental to Test services -#resources: -# small: -# limits: -# cpu: 200m -# memory: 500Mi -# requests: -# cpu: 10m -# memory: 200Mi -# large: -# limits: -# cpu: 400m -# memory: 1Gi -# requests: -# cpu: 20m -# memory: 500Mi -# unlimited: {} +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 200Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 20m + memory: 500Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml index 69d16121c9..e1a9c0494a 100644 --- a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml @@ -114,9 +114,9 @@ spec: path: /etc/localtime - name: aaf-status-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-status-pvc + claimName: {{ .Release.Name }}-aaf-status - name: aaf-config-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-config-pvc + claimName: {{ .Release.Name }}-aaf-config imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-locate/templates/ingress.yaml b/kubernetes/aaf/charts/aaf-locate/templates/ingress.yaml new file mode 100644 index 0000000000..40b4bba0ce --- /dev/null +++ b/kubernetes/aaf/charts/aaf-locate/templates/ingress.yaml @@ -0,0 +1,4 @@ + +{{ include "common.ingress" . }} + + diff --git a/kubernetes/aaf/charts/aaf-locate/values.yaml b/kubernetes/aaf/charts/aaf-locate/values.yaml index c13f83497f..ce59d2dec9 100644 --- a/kubernetes/aaf/charts/aaf-locate/values.yaml +++ b/kubernetes/aaf/charts/aaf-locate/values.yaml @@ -52,23 +52,27 @@ service: ingress: enabled: false + service: + - baseaddr: "aaflocate" + name: "aaf-locate" + port: 8095 + config: + ssl: "none" # Configure resource requests and limits -resources: {} -# Allow END users to do this, if they want. Detrimental to Test services -#resources: -# small: -# limits: -# cpu: 200m -# memory: 600Mi -# requests: -# cpu: 20m -# memory: 300Mi -# large: -# limits: -# cpu: 400m -# memory: 1Gi -# requests: -# cpu: 40m -# memory: 500Mi -# unlimited: {} +resources: + small: + limits: + cpu: 40m + memory: 320Mi + requests: + cpu: 1m + memory: 210Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 40m + memory: 500Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml index b371c86541..dfa7dc0608 100644 --- a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml @@ -114,9 +114,9 @@ spec: path: /etc/localtime - name: aaf-status-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-status-pvc + claimName: {{ .Release.Name }}-aaf-status - name: aaf-config-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-config-pvc + claimName: {{ .Release.Name }}-aaf-config imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-oauth/values.yaml b/kubernetes/aaf/charts/aaf-oauth/values.yaml index 3c29a62977..ef00a464f4 100644 --- a/kubernetes/aaf/charts/aaf-oauth/values.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/values.yaml @@ -51,23 +51,27 @@ service: ingress: enabled: false + service: + - baseaddr: "aafoauth" + name: "aaf-oauth" + port: 8140 + config: + ssl: "none" # Configure resource requests and limits -resources: {} -# Allow END users to do this, if they want. Detrimental to Test services -#resources: -# small: -# limits: -# cpu: 200m -# memory: 400Mi -# requests: -# cpu: 20m -# memory: 200Mi -# large: -# limits: -# cpu: 400m -# memory: 600Mi -# requests: -# cpu: 40m -# memory: 200Mi -# unlimited: {} +resources: + small: + limits: + cpu: 40m + memory: 320Mi + requests: + cpu: 1m + memory: 210Mi + large: + limits: + cpu: 400m + memory: 600Mi + requests: + cpu: 40m + memory: 200Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml index 1c09718262..ec35115420 100644 --- a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml @@ -121,9 +121,9 @@ spec: path: /etc/localtime - name: aaf-status-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-status-pvc + claimName: {{ .Release.Name }}-aaf-status - name: aaf-config-vol persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-config-pvc + claimName: {{ .Release.Name }}-aaf-config imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-service/templates/ingress.yaml b/kubernetes/aaf/charts/aaf-service/templates/ingress.yaml new file mode 100644 index 0000000000..40b4bba0ce --- /dev/null +++ b/kubernetes/aaf/charts/aaf-service/templates/ingress.yaml @@ -0,0 +1,4 @@ + +{{ include "common.ingress" . }} + + diff --git a/kubernetes/aaf/charts/aaf-service/values.yaml b/kubernetes/aaf/charts/aaf-service/values.yaml index 8794afe0ce..190b284681 100644 --- a/kubernetes/aaf/charts/aaf-service/values.yaml +++ b/kubernetes/aaf/charts/aaf-service/values.yaml @@ -52,23 +52,27 @@ service: ingress: enabled: false + service: + - baseaddr: "aafservice" + name: "aaf-service" + port: 8100 + config: + ssl: "none" # Configure resource requests and limits -resources: {} -# Allow END users to do this, if they want. Detrimental to Test services -#resources: -# small: -# limits: -# cpu: 200m -# memory: 800Mi -# requests: -# cpu: 20m -# memory: 300Mi -# large: -# limits: -# cpu: 400m -# memory: 1Gi -# requests: -# cpu: 40m -# memory: 300Mi -# unlimited: {} +resources: + small: + limits: + cpu: 250m + memory: 360Mi + requests: + cpu: 10m + memory: 250Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 40m + memory: 300Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml index da0949816e..8c48bbaf46 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml @@ -13,25 +13,33 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- $global := . }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) }} +{{- range $i := until (int $global.Values.replicaCount)}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} + name: {{ include "common.fullname" $global }}-data-{{ $i }} + namespace: {{ include "common.namespace" $global }} labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} + app: {{ include "common.name" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }} spec: capacity: - storage: {{ .Values.persistence.size}} + storage: {{ $global.Values.persistence.size}} accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + - {{ $global.Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml index 16f8092d00..a5573c8091 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml @@ -31,6 +31,8 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" containers: - image: "{{ include "common.repository" . }}/{{ .Values.image }}" name: {{ include "common.name" . }} @@ -44,8 +46,10 @@ spec: - mountPath: /quorumclient/config.json name: {{ include "common.name" .}} subPath: config.json +{{- if .Values.persistence.enabled }} - mountPath: /quorumclient/auth - name: {{ include "common.fullname" . }}-auth + name: {{ include "common.fullname" . }}-data +{{- end }} resources: {{ include "common.resources" . | indent 10 }} {{- if .Values.nodeSelector }} @@ -67,8 +71,20 @@ spec: - key: config.json path: config.json mode: 0755 - - name: {{ include "common.fullname" . }}-auth - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" +{{- if .Values.persistence.enabled }} + volumeClaimTemplates: + - metadata: + name: {{ include "common.fullname" . }}-data + labels: + name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + storageClassName: {{ include "common.storageClass" . }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} +{{- end }} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml index 4dc13a5660..142fbb51aa 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -60,10 +60,10 @@ flavor: small resources: small: limits: - cpu: 200m - memory: 500Mi + cpu: 40m + memory: 40Mi requests: - cpu: 10m + cpu: 1m memory: 10Mi large: limits: diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml index da0949816e..8c48bbaf46 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml @@ -13,25 +13,33 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- $global := . }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) }} +{{- range $i := until (int $global.Values.replicaCount)}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} + name: {{ include "common.fullname" $global }}-data-{{ $i }} + namespace: {{ include "common.namespace" $global }} labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} + app: {{ include "common.name" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }} spec: capacity: - storage: {{ .Values.persistence.size}} + storage: {{ $global.Values.persistence.size}} accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + - {{ $global.Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml index ab0ad17b85..f4151b50a2 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml @@ -55,8 +55,10 @@ spec: - name: http containerPort: 8500 volumeMounts: +{{- if .Values.persistence.enabled }} - mountPath: /consul/data - name: {{ include "common.fullname" . }}-consuldata + name: {{ include "common.fullname" . }}-data +{{- end }} - mountPath: /consul/config/config.json name: {{ include "common.fullname" . }}-consulconfiguration subPath: config.json @@ -66,9 +68,6 @@ spec: resources: {{ include "common.resources" . | indent 10 }} volumes: - - name: {{ include "common.fullname" . }}-consuldata - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - name: {{ include "common.fullname" . }}-consulconfiguration configMap: name: {{ include "common.fullname" . }}-consul @@ -79,4 +78,21 @@ spec: hostPath: path: /etc/localtime imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file + - name: "{{ include "common.namespace" . }}-docker-registry-key" +{{- if .Values.persistence.enabled }} + volumeClaimTemplates: + - metadata: + name: {{ include "common.fullname" . }}-data + labels: + name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + storageClassName: {{ include "common.storageClass" . }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} +{{- end }} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml index 360bf4204e..192d33d029 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml @@ -96,11 +96,11 @@ flavor: small resources: small: limits: - cpu: 200m - memory: 500Mi + cpu: 40m + memory: 40Mi requests: cpu: 10m - memory: 10Mi + memory: 25Mi large: limits: cpu: 400m diff --git a/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml index ca35fdc55a..a461b2e1b5 100644 --- a/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml @@ -98,7 +98,11 @@ spec: configMap: name: {{ include "common.fullname" . }} - name: {{ include "common.fullname" . }}-auth + {{- if .Values.persistence.enabled }} persistentVolumeClaim: claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-sms/templates/pv.yaml b/kubernetes/aaf/charts/aaf-sms/templates/pv.yaml index 37ed28ee9d..ec88aae707 100644 --- a/kubernetes/aaf/charts/aaf-sms/templates/pv.yaml +++ b/kubernetes/aaf/charts/aaf-sms/templates/pv.yaml @@ -15,6 +15,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) }} kind: PersistentVolume apiVersion: v1 metadata: @@ -32,6 +33,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}}
\ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml index e6aacd1b96..7d1c6fd162 100644 --- a/kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml +++ b/kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml @@ -30,19 +30,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} + storageClassName: {{ include "common.storageClass" . }} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sms/values.yaml b/kubernetes/aaf/charts/aaf-sms/values.yaml index de005ed366..2de7466209 100644 --- a/kubernetes/aaf/charts/aaf-sms/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/values.yaml @@ -88,8 +88,8 @@ ingress: resources: small: limits: - cpu: 200m - memory: 500Mi + cpu: 100m + memory: 15Mi requests: cpu: 10m memory: 10Mi diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml index 1fcc155827..2a733632bf 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml @@ -45,8 +45,8 @@ flavor: small resources: small: limits: - cpu: 200m - memory: 500Mi + cpu: 20m + memory: 50Mi requests: cpu: 10m memory: 10Mi diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml index fa5fd16c7f..a07ebd0a53 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml @@ -15,12 +15,12 @@ */}} {{- if .Values.global.distcenter.enabled -}} - {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) }} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-data namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -34,8 +34,9 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} - -{{- end -}}
\ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml index 6497639a77..201d456fec 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml @@ -15,7 +15,6 @@ */}} {{- if .Values.global.distcenter.enabled -}} - {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} kind: PersistentVolumeClaim apiVersion: v1 @@ -32,20 +31,11 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} + storageClassName: {{ include "common.storageClass" . }} +{{- end -}} {{- end -}} -{{- end -}}
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml index e8d2f7ecaa..94791be713 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml @@ -54,8 +54,8 @@ flavor: small resources: small: limits: - cpu: 200m - memory: 500Mi + cpu: 20m + memory: 50Mi requests: cpu: 10m memory: 10Mi diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml index 5c3618d2d4..3f7782c604 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml @@ -46,8 +46,8 @@ flavor: small resources: small: limits: - cpu: 200m - memory: 500Mi + cpu: 20m + memory: 50Mi requests: cpu: 10m memory: 10Mi diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pv.yaml b/kubernetes/aaf/charts/aaf-sshsm/templates/pv-data.yaml index b4d283f1c7..a12b4a0bb1 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/templates/pv.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/templates/pv-data.yaml @@ -15,6 +15,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) }} kind: PersistentVolume apiVersion: v1 metadata: @@ -32,26 +33,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.dataMountSubPath }} ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-dbus - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }}-dbus -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.dbusMountSubPath }} +{{- end -}} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pv-dbus.yaml b/kubernetes/aaf/charts/aaf-sshsm/templates/pv-dbus.yaml new file mode 100644 index 0000000000..bb5649cf3a --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sshsm/templates/pv-dbus.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) }} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-dbus + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-dbus +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-dbus" + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.dbusMountSubPath }} +{{- end -}} +{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-data.yaml b/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-data.yaml new file mode 100644 index 0000000000..e8b82ca9a2 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-data.yaml @@ -0,0 +1,39 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-data + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} + storageClassName: {{ include "common.storageClass" . }} +{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-dbus.yaml index e6aacd1b96..9c3fb46f7a 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pvc.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-dbus.yaml @@ -18,7 +18,7 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-dbus namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -30,19 +30,14 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" +{{- if eq "True" (include "common.needPV" .) }} + storageClassName: "{{ include "common.fullname" . }}-dbus" {{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} + storageClassName: {{ include "common.storageClass" . }} {{- end }} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-sshsm/templates/pvc.yaml deleted file mode 100644 index c50a0bc587..0000000000 --- a/kubernetes/aaf/charts/aaf-sshsm/templates/pvc.yaml +++ /dev/null @@ -1,79 +0,0 @@ -{{/* -# Copyright 2018 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-data - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }}-data - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} ---- -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-dbus - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }}-dbus - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sshsm/values.yaml b/kubernetes/aaf/charts/aaf-sshsm/values.yaml index 2d20d579de..6d4fbec5c4 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/values.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/values.yaml @@ -50,8 +50,8 @@ persistence: resources: small: limits: - cpu: 200m - memory: 500Mi + cpu: 20m + memory: 50Mi requests: cpu: 10m memory: 10Mi diff --git a/kubernetes/aaf/templates/aaf-config-pv.yaml b/kubernetes/aaf/templates/aaf-config-pv.yaml deleted file mode 100644 index 9a1e8020db..0000000000 --- a/kubernetes/aaf/templates/aaf-config-pv.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} -######### -## ============LICENSE_START==================================================== -## org.onap.aaf -## =========================================================================== -## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -## =========================================================================== -## Licensed under the Apache License, Version 2.0 (the "License"); -## you may not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, -## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. -## ============LICENSE_END==================================================== -## - -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ .Release.Name }}-aaf-config-pv - namespace: {{ include "common.namespace" . }} - labels: - app: {{ .Chart.Name }}-config - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.config.size}} - accessModes: - - {{ .Values.persistence.config.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.persistence.config.mountPath }} -{{- if .Values.persistence.config.storageClass }} -{{- if (eq "-" .Values.persistence.config.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.config.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/kubernetes/aaf/templates/aaf-config-pvc.yaml b/kubernetes/aaf/templates/aaf-config-pvc.yaml deleted file mode 100644 index b22df6d494..0000000000 --- a/kubernetes/aaf/templates/aaf-config-pvc.yaml +++ /dev/null @@ -1,52 +0,0 @@ -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} -######### -## ============LICENSE_START==================================================== -## org.onap.aaf -## =========================================================================== -## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -## =========================================================================== -## Licensed under the Apache License, Version 2.0 (the "License"); -## you may not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, -## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. -## ============LICENSE_END==================================================== -## -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ .Release.Name }}-aaf-config-pvc - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }}-config - accessModes: - - {{ .Values.persistence.config.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.config.size }} -{{- if .Values.persistence.config.storageClass }} -{{- if (eq "-" .Values.persistence.config.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.config.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} - diff --git a/kubernetes/aaf/templates/aaf-status-pv.yaml b/kubernetes/aaf/templates/aaf-status-pv.yaml deleted file mode 100644 index b8d12c5cba..0000000000 --- a/kubernetes/aaf/templates/aaf-status-pv.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} -######### -## ============LICENSE_START==================================================== -## org.onap.aaf -## =========================================================================== -## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -## =========================================================================== -## Licensed under the Apache License, Version 2.0 (the "License"); -## you may not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, -## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. -## ============LICENSE_END==================================================== -## - -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ .Release.Name }}-aaf-status-pv - namespace: {{ include "common.namespace" . }} - labels: - app: {{ .Chart.Name }}-status - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.status.size}} - accessModes: - - {{ .Values.persistence.status.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.status.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.persistence.status.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.status.mountSubPath }} -{{- if .Values.persistence.status.storageClass }} -{{- if (eq "-" .Values.persistence.status.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.status.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/kubernetes/aaf/templates/aaf-status-pvc.yaml b/kubernetes/aaf/templates/aaf-status-pvc.yaml deleted file mode 100644 index 870ac9c89d..0000000000 --- a/kubernetes/aaf/templates/aaf-status-pvc.yaml +++ /dev/null @@ -1,52 +0,0 @@ -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} -######### -## ============LICENSE_START==================================================== -## org.onap.aaf -## =========================================================================== -## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -## =========================================================================== -## Licensed under the Apache License, Version 2.0 (the "License"); -## you may not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, -## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. -## ============LICENSE_END==================================================== -## -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ .Release.Name }}-aaf-status-pvc - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }}-status - accessModes: - - {{ .Values.persistence.status.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.status.size }} -{{- if .Values.persistence.status.storageClass }} -{{- if (eq "-" .Values.persistence.status.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.status.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} - diff --git a/kubernetes/aaf/templates/pv-config.yaml b/kubernetes/aaf/templates/pv-config.yaml new file mode 100644 index 0000000000..b004fe43cd --- /dev/null +++ b/kubernetes/aaf/templates/pv-config.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) }} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-config + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }}-config + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.config.size}} + accessModes: + - {{ .Values.persistence.config.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.config.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.config.mountSubPath }} + storageClassName: "{{ include "common.fullname" . }}-config" +{{- end -}} +{{- end -}} diff --git a/kubernetes/aaf/templates/pv-status.yaml b/kubernetes/aaf/templates/pv-status.yaml new file mode 100644 index 0000000000..455e32216c --- /dev/null +++ b/kubernetes/aaf/templates/pv-status.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) }} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-status + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }}-status + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.status.size}} + accessModes: + - {{ .Values.persistence.status.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.status.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.status.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.status.mountSubPath }} + storageClassName: "{{ include "common.fullname" . }}-status" +{{- end -}} +{{- end -}} diff --git a/kubernetes/aaf/templates/pvc-config.yaml b/kubernetes/aaf/templates/pvc-config.yaml new file mode 100644 index 0000000000..3431fb0c85 --- /dev/null +++ b/kubernetes/aaf/templates/pvc-config.yaml @@ -0,0 +1,43 @@ +{{/* +# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-config + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.config.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.config.size }} +{{- if eq "True" (include "common.needPV" .) }} + storageClassName: "{{ include "common.fullname" . }}-config" +{{- else }} + storageClassName: {{ include "common.storageClass" . }} +{{- end }} +{{- end -}} diff --git a/kubernetes/aaf/templates/pvc-status.yaml b/kubernetes/aaf/templates/pvc-status.yaml new file mode 100644 index 0000000000..0413914831 --- /dev/null +++ b/kubernetes/aaf/templates/pvc-status.yaml @@ -0,0 +1,43 @@ +{{/* +# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-status + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.status.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.status.size }} +{{- if eq "True" (include "common.needPV" .) }} + storageClassName: "{{ include "common.fullname" . }}-status" +{{- else }} + storageClassName: {{ include "common.storageClass" . }} +{{- end }} +{{- end -}} diff --git a/kubernetes/aaf/values.yaml b/kubernetes/aaf/values.yaml index 0109a5e90d..a19f102385 100644 --- a/kubernetes/aaf/values.yaml +++ b/kubernetes/aaf/values.yaml @@ -129,20 +129,18 @@ persistence: volumeReclaimPolicy: Delete accessMode: ReadWriteMany size: 2Gi - storageClass: "manual" - mountPath: "/mnt/data/aaf/config" + mountPath: /dockerdata-nfs + mountSubPath: "config" logs: #existingClaim: volumeReclaimPolicy: Retain accessMode: ReadWriteMany size: 2Gi - storageClass: "manual" mountPath: "/mnt/data/aaf/logs" status: volumeReclaimPolicy: Delete accessMode: ReadWriteMany size: 2M - storageClass: "manual" mountPath: /dockerdata-nfs mountSubPath: "status" cass: @@ -150,7 +148,6 @@ persistence: volumeReclaimPolicy: Retain accessMode: ReadWriteOnce size: 10Gi - storageClass: "manual" mountPath: /dockerdata-nfs mountSubPath: "cass" diff --git a/kubernetes/aai b/kubernetes/aai -Subproject d68960684392a6da61805e4161ae032549db610 +Subproject f636b1cc2bf7d391dc76956e906a6f497ef1b09 diff --git a/kubernetes/appc/charts/appc-ansible-server/resources/config/RestServer_config b/kubernetes/appc/charts/appc-ansible-server/resources/config/RestServer_config index 74fcc49155..8a417fcb1f 100644 --- a/kubernetes/appc/charts/appc-ansible-server/resources/config/RestServer_config +++ b/kubernetes/appc/charts/appc-ansible-server/resources/config/RestServer_config @@ -24,15 +24,8 @@ auth: no priv: provide_privated_key.pem pub: provide_public_key.pem -# RestServer authentication -id: sdnc -psswd: sdnc - # Mysql host: {{.Values.config.mariadbGaleraSVCName}} -user: appc -passwd: appc -db: ansible # Playbooks from_files: yes diff --git a/kubernetes/appc/charts/appc-ansible-server/templates/pv.yaml b/kubernetes/appc/charts/appc-ansible-server/templates/pv.yaml index 6fef70ceb5..91ebe78daf 100644 --- a/kubernetes/appc/charts/appc-ansible-server/templates/pv.yaml +++ b/kubernetes/appc/charts/appc-ansible-server/templates/pv.yaml @@ -15,11 +15,12 @@ */}} {{- $global := . }} {{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} {{- range $i, $t := until (int $global.Values.replicaCount)}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" $global }}-playbook{{$i}} + name: {{ include "common.fullname" $global }}-playbook-{{$i}} namespace: {{ include "common.namespace" $global }} labels: app: {{ include "common.fullname" $global }} @@ -32,10 +33,13 @@ spec: storage: {{ $global.Values.persistence.size}} accessModes: - {{ $global.Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" $global }}-playbook" + storageClassName: "{{ include "common.fullname" $global }}-data" persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} --- {{- end -}} {{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/appc/charts/appc-ansible-server/templates/statefulset.yaml b/kubernetes/appc/charts/appc-ansible-server/templates/statefulset.yaml index f7fa15ca89..b9ef80dbb3 100644 --- a/kubernetes/appc/charts/appc-ansible-server/templates/statefulset.yaml +++ b/kubernetes/appc/charts/appc-ansible-server/templates/statefulset.yaml @@ -95,9 +95,13 @@ spec: name: {{ include "common.fullname" . }}-playbook labels: name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" spec: - accessModes: [ {{ .Values.persistence.accessMode }} ] - storageClassName: {{ include "common.fullname" . }}-playbook + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} diff --git a/kubernetes/appc/charts/appc-ansible-server/values.yaml b/kubernetes/appc/charts/appc-ansible-server/values.yaml index 7b0767c80f..b6bf77f3f7 100644 --- a/kubernetes/appc/charts/appc-ansible-server/values.yaml +++ b/kubernetes/appc/charts/appc-ansible-server/values.yaml @@ -87,7 +87,7 @@ persistence: ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 1Gi mountPath: /dockerdata-nfs mountSubPath: appc/ansible @@ -112,5 +112,3 @@ resources: cpu: 1 memory: 1Gi unlimited: {} - - diff --git a/kubernetes/appc/charts/appc-cdt/templates/ingress.yaml b/kubernetes/appc/charts/appc-cdt/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/appc/charts/appc-cdt/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/appc/charts/appc-cdt/values.yaml b/kubernetes/appc/charts/appc-cdt/values.yaml index 6c138fad87..2fd2fb5f52 100644 --- a/kubernetes/appc/charts/appc-cdt/values.yaml +++ b/kubernetes/appc/charts/appc-cdt/values.yaml @@ -60,6 +60,12 @@ service: ingress: enabled: false + service: + - baseaddr: appccdt + name: "appc-cdt" + port: 18080 + config: + ssl: "none" # Configure resource requests and limits # ref: http://kubernetes.io/docs/user-guide/compute-resources/ diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh index c52c6e3aa1..22d38363c0 100755 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh @@ -171,6 +171,9 @@ ln -s ${hostdir}/snapshots ${ODL_HOME}/snapshots echo "Starting cdt-proxy-service jar, logging to ${APPC_HOME}/cdt-proxy-service/jar.log" java -jar ${APPC_HOME}/cdt-proxy-service/cdt-proxy-service.jar > ${APPC_HOME}/cdt-proxy-service/jar.log & +echo "Starting dmaap-event-service jar, logging to ${APPC_HOME}/dmaap-event-service/jar.log" +java -jar -Dorg_onap_appc_bootstrap_path=/opt/onap/appc/data/properties -Dorg_onap_appc_bootstrap_file=appc.properties ${APPC_HOME}/dmaap-event-service/dmaap-event-service.jar > ${APPC_HOME}/dmaap-event-service/jar.log & + echo "Adding a property system.properties for AAF cadi.properties location" echo "" >> ${ODL_HOME}/etc/system.properties echo "cadi_prop_files=${APPC_HOME}/data/properties/cadi.properties" >> ${ODL_HOME}/etc/system.properties diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties index 58593d93e5..914d60850b 100644 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties @@ -114,9 +114,9 @@ appc.sdc.provider.url=http://localhost:8181/restconf/operations/AsdcMessage:conf # Properties used by EventSenderDmaapImpl.java DCAE.dmaap.event.topic.write=EventSenderTest -DCAE.dmaap.appc.username=test -DCAE.dmaap.appc.password=test -DCAE.dmaap.event.pool.members=message-router.{{.Release.Namespace}}:3904 +DCAE.dmaap.event.username=test +DCAE.dmaap.event.password=test +DCAE.dmaap.event.poolMembers=message-router.{{.Release.Namespace}}:3904 #OAM Listener appc.OAM.disabled=true @@ -130,3 +130,8 @@ appc.OAM.provider.user={{.Values.config.odlUser}} appc.OAM.provider.pass={{.Values.config.odlPassword}} appc.asdc.env={{.Values.config.dmaapTopicEnv}} + +#Properties for communication between appc dmaap microservice and appc +appc.srvcomm.messaging.username={{.Values.config.dmaapServiceUser}} +appc.srvcomm.messaging.password={{.Values.config.dmaapServicePassword}} +appc.srvcomm.messaging.url={{.Values.config.dmaapServiceUrl}} diff --git a/kubernetes/appc/templates/ingress.yaml b/kubernetes/appc/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/appc/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/appc/templates/pv.yaml b/kubernetes/appc/templates/pv.yaml index 25257eaeaf..955285b73d 100644 --- a/kubernetes/appc/templates/pv.yaml +++ b/kubernetes/appc/templates/pv.yaml @@ -15,11 +15,12 @@ */}} {{- $global := . }} {{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} {{- range $i, $t := until (int $global.Values.replicaCount)}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" $global }}-data{{$i}} + name: {{ include "common.fullname" $global }}-data-{{$i}} namespace: {{ include "common.namespace" $global }} labels: app: {{ include "common.fullname" $global }} @@ -36,6 +37,9 @@ spec: persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} --- {{- end -}} {{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/appc/templates/statefulset.yaml b/kubernetes/appc/templates/statefulset.yaml index 1401a8225d..0bee9f34e9 100644 --- a/kubernetes/appc/templates/statefulset.yaml +++ b/kubernetes/appc/templates/statefulset.yaml @@ -63,9 +63,8 @@ spec: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.externalPort2 }} readinessProbe: - exec: - command: - - /opt/appc/bin/health_check.sh + tcpSocket: + port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: @@ -225,9 +224,13 @@ spec: name: {{ include "common.fullname" . }}-data labels: name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" spec: - accessModes: [ {{ .Values.persistence.accessMode }} ] - storageClassName: {{ include "common.fullname" . }}-data + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml index 2312638adc..4dfb2263ad 100644 --- a/kubernetes/appc/values.yaml +++ b/kubernetes/appc/values.yaml @@ -65,6 +65,9 @@ config: openStackUserName: admin openStackEncryptedPassword: enc:LDEbHEAvTF1R odlUser: admin + dmaapServiceUrl: http://localhost:8080/publish + dmaapServiceUser: appc + dmaapServicePassword: onapappc appc-ansible-server: service: @@ -160,6 +163,12 @@ persistence: ingress: enabled: false + service: + - baseaddr: appc + name: "appc" + port: 8443 + config: + ssl: "redirect" # Configure resource requests and limits # ref: http://kubernetes.io/docs/user-guide/compute-resources/ diff --git a/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties index ec2ce6bda5..b102b7c365 100755 --- a/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties +++ b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties @@ -16,7 +16,7 @@ # Web server config ### START -Controller Blueprints Properties # Load Resource Source Mappings -resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,sdnc=source-rest,aai-data=source-rest,capability=source-capability,rest=source-rest,script=source-capability +resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,sdnc=source-rest,aai-data=source-rest,capability=source-capability,rest=source-rest,vault-data=source-rest,script=source-capability # Blueprint Processor File Execution and Handling Properties blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy @@ -94,6 +94,9 @@ blueprintsprocessor.restclient.aai-data.type=basic-auth blueprintsprocessor.restclient.aai-data.url=https://aai:8443 blueprintsprocessor.restclient.aai-data.username=aai@aai.onap.org blueprintsprocessor.restclient.aai-data.password=demo123456! +blueprintsprocessor.restclient.aai-data.additionalHeaders.X-TransactionId=cds-transaction-id +blueprintsprocessor.restclient.aai-data.additionalHeaders.X-FromAppId=cds-app-id +blueprintsprocessor.restclient.aai-data.additionalHeaders.Accept=application/json # Self Service Request Kafka Message Consumer blueprintsprocessor.messageconsumer.self-service-api.kafkaEnable=false @@ -106,7 +109,28 @@ blueprintsprocessor.messageconsumer.self-service-api.pollMillSec=1000 # Self Service Response Kafka Message Producer blueprintsprocessor.messageproducer.self-service-api.bootstrapServers=message-router-kafka:9092 + + +# Used in Health Check blueprintsprocessor.messageproducer.self-service-api.type=kafka-basic-auth blueprintsprocessor.messageproducer.self-service-api.clientId=cds-client blueprintsprocessor.messageproducer.self-service-api.topic=cds-producer + +blueprintprocessor.remoteScriptCommand.enabled=true + +#Encrypted username and password for health check service +endpoints.user.name=eHbVUbJAj4AG2522cSbrOQ== +endpoints.user.password=eHbVUbJAj4AG2522cSbrOQ== + +#BaseUrls for health check blueprint processor services +blueprintprocessor.healthcheck.baseUrl=http://localhost:8080/ +blueprintprocessor.healthcheck.mapping-service-name-with-service-link=[Execution service,/api/v1/execution-service/health-check],[Resources service,/api/v1/resources/health-check],[Template service,/api/v1/template/health-check] + +#BaseUrls for health check Cds Listener services +cdslistener.healthcheck.baseUrl=http://cds-sdc-listener:8080/ +cdslistener.healthcheck.mapping-service-name-with-service-link=[SDC Listener service,/api/v1/sdclistener/healthcheck] + +#Actuator properties +management.endpoints.web.exposure.include=* +management.endpoint.health.show-details=always diff --git a/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml index 6cfc933303..8e9b6db2af 100755 --- a/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml @@ -71,6 +71,7 @@ spec: value: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end }} readinessProbe: httpGet: @@ -79,8 +80,9 @@ spec: httpHeaders: - name: Authorization value: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/cds/charts/cds-blueprints-processor/templates/ingress.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/cds/charts/cds-blueprints-processor/templates/pv.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/pv.yaml index 812108760b..a4bf83ed96 100755 --- a/kubernetes/cds/charts/cds-blueprints-processor/templates/pv.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/pv.yaml @@ -15,6 +15,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} {{- if not .Values.persistence.storageClass -}} kind: PersistentVolume apiVersion: v1 @@ -33,7 +34,9 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} -{{- end -}}
\ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/cds/charts/cds-blueprints-processor/templates/pvc.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/pvc.yaml index 98b55716c5..601334ec44 100755 --- a/kubernetes/cds/charts/cds-blueprints-processor/templates/pvc.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/pvc.yaml @@ -30,21 +30,10 @@ metadata: {{ .Values.persistence.annotations | indent 4 }} {{- end }} spec: -{{- if not .Values.persistence.storageClass }} - selector: - matchLabels: - name: {{ include "common.fullname" . }}-blueprints -{{- end }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} + storageClassName: {{ include "common.storageClass" . }} {{- end -}} diff --git a/kubernetes/cds/charts/cds-blueprints-processor/values.yaml b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml index cb6d191eb8..781b5383fe 100755 --- a/kubernetes/cds/charts/cds-blueprints-processor/values.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml @@ -62,7 +62,8 @@ dmaapEnabled: true # probe configuration parameters liveness: initialDelaySeconds: 120 - periodSeconds: 10 + periodSeconds: 20 + timeoutSeconds: 20 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true @@ -70,6 +71,7 @@ liveness: readiness: initialDelaySeconds: 120 periodSeconds: 10 + timeoutSeconds: 20 service: http: @@ -94,6 +96,12 @@ persistence: ingress: enabled: false + service: + - baseaddr: "blueprintsprocessorhttp" + name: "blueprints-processor-http" + port: 8080 + config: + ssl: "none" resources: {} # We usually recommend not to specify default resources and to leave this as a conscious diff --git a/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml b/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml index 659eddbaef..bbeeea26bb 100755 --- a/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml +++ b/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml @@ -57,12 +57,14 @@ spec: port: {{ .Values.service.grpc.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end }} readinessProbe: tcpSocket: port: {{ .Values.service.grpc.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/cds/charts/cds-command-executor/values.yaml b/kubernetes/cds/charts/cds-command-executor/values.yaml index 469864629d..5bc0381da2 100755 --- a/kubernetes/cds/charts/cds-command-executor/values.yaml +++ b/kubernetes/cds/charts/cds-command-executor/values.yaml @@ -56,8 +56,9 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 - periodSeconds: 10 + initialDelaySeconds: 20 + periodSeconds: 20 + timeoutSeconds: 20 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true @@ -65,6 +66,7 @@ liveness: readiness: initialDelaySeconds: 10 periodSeconds: 10 + timeoutSeconds: 20 service: type: ClusterIP diff --git a/kubernetes/cds/charts/cds-sdc-listener/resources/config/application.yaml b/kubernetes/cds/charts/cds-sdc-listener/resources/config/application.yaml index 9d03025c7f..cc611a129b 100644 --- a/kubernetes/cds/charts/cds-sdc-listener/resources/config/application.yaml +++ b/kubernetes/cds/charts/cds-sdc-listener/resources/config/application.yaml @@ -17,4 +17,27 @@ listenerservice: archivePath: /opt/app/onap/sdc-listener/ grpcAddress: cds-blueprints-processor-grpc grpcPort: 9111 - authHeader: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
\ No newline at end of file + authHeader: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== + + +cdslistener: + healthcheck: + baseUrl: http://localhost:9000/ + mapping-service-name-with-service-link: "[SDC Listener service,/api/v1/sdclistener/healthcheck]" + + +management: + endpoint: + health: + show-details: always + + + endpoints: + web: + exposure: + include: "*" + +endpoints: + user: + name: eHbVUbJAj4AG2522cSbrOQ== + password: eHbVUbJAj4AG2522cSbrOQ== diff --git a/kubernetes/cds/charts/cds-ui/templates/deployment.yaml b/kubernetes/cds/charts/cds-ui/templates/deployment.yaml index 562cd54b31..bdb1871a9a 100644 --- a/kubernetes/cds/charts/cds-ui/templates/deployment.yaml +++ b/kubernetes/cds/charts/cds-ui/templates/deployment.yaml @@ -56,7 +56,7 @@ spec: value: {{ .Values.config.api.controller.http.baseUrl }} - name: API_BLUEPRINT_CONTROLLER_HTTP_AUTH_TOKEN value: {{ .Values.config.api.controller.http.authToken }} - - name: API_BLUEPRINT_PROCESSOR_HHTP_BASE_URL + - name: API_BLUEPRINT_PROCESSOR_HTTP_BASE_URL value: {{ .Values.config.api.processor.http.baseUrl }} - name: API_BLUEPRINT_PROCESSOR_HTTP_AUTH_TOKEN value: {{ .Values.config.api.processor.http.authToken }} diff --git a/kubernetes/cds/charts/cds-ui/templates/ingress.yaml b/kubernetes/cds/charts/cds-ui/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/cds/charts/cds-ui/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/cds/charts/cds-ui/values.yaml b/kubernetes/cds/charts/cds-ui/values.yaml index 3b7659a3a5..e4a3e8acd6 100644 --- a/kubernetes/cds/charts/cds-ui/values.yaml +++ b/kubernetes/cds/charts/cds-ui/values.yaml @@ -40,7 +40,7 @@ config: api: controller: http: - baseUrl: http://cds-controller-blueprints:8080/api/v1 + baseUrl: http://cds-blueprints-processor-http:8081/api/v1 authToken: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== processor: http: @@ -85,6 +85,13 @@ service: ingress: enabled: false + service: + - baseaddr: "cdsui" + name: "cds-ui" + port: 8080 + config: + ssl: "none" + # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) diff --git a/kubernetes/cds/values.yaml b/kubernetes/cds/values.yaml index a0dc0e8fbe..fec878960c 100644 --- a/kubernetes/cds/values.yaml +++ b/kubernetes/cds/values.yaml @@ -50,8 +50,9 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 - periodSeconds: 10 + initialDelaySeconds: 20 + periodSeconds: 20 + timeoutSeconds: 20 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true diff --git a/kubernetes/clamp/charts/clamp-backend/values.yaml b/kubernetes/clamp/charts/clamp-backend/values.yaml index a72d0c5857..498149412a 100644 --- a/kubernetes/clamp/charts/clamp-backend/values.yaml +++ b/kubernetes/clamp/charts/clamp-backend/values.yaml @@ -27,7 +27,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp-backend:4.1.2 +image: onap/clamp-backend:4.1.3 pullPolicy: Always # flag to enable debugging - application support required @@ -45,13 +45,14 @@ config: springApplicationJson: > { "spring.datasource.cldsdb.url": "jdbc:mariadb:sequential://clampdb.{{ include "common.namespace" . }}:3306/cldsdb4?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3", + "spring.profiles.active": "clamp-default,clamp-default-user,clamp-sdc-controller-new", "clamp.config.sdc.catalog.url": "http://sdc-be.{{ include "common.namespace" . }}:8080/sdc/v1/catalog/", "clamp.config.sdc.hostUrl": "http://sdc-be.{{ include "common.namespace" . }}:8080/", "clamp.config.sdc.serviceUrl": "http://sdc-be.{{ include "common.namespace" . }}:8080/sdc/v1/catalog/services", "clamp.config.sdc.serviceUsername": "clamp", "clamp.config.sdc.servicePassword": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981", "clamp.config.files.sdcController": "file:/opt/clamp/sdc-controllers-config.json", - "clamp.config.dcae.inventory.url": "https://inventory.{{ include "common.namespace" . }}:8080", + "clamp.config.dcae.inventory.url": "https4://inventory.{{ include "common.namespace" . }}:8080", "clamp.config.dcae.dispatcher.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443", "clamp.config.dcae.deployment.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443", "clamp.config.dcae.deployment.userName": "none", diff --git a/kubernetes/clamp/charts/clamp-dash-es/templates/pv.yaml b/kubernetes/clamp/charts/clamp-dash-es/templates/pv.yaml index fd21cdfc1f..a1408dfc07 100644 --- a/kubernetes/clamp/charts/clamp-dash-es/templates/pv.yaml +++ b/kubernetes/clamp/charts/clamp-dash-es/templates/pv.yaml @@ -14,10 +14,11 @@ # limitations under the License. */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-data namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -30,7 +31,9 @@ spec: storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-data" persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} diff --git a/kubernetes/clamp/charts/clamp-dash-es/templates/pvc.yaml b/kubernetes/clamp/charts/clamp-dash-es/templates/pvc.yaml index abab145a8f..d2eddc227d 100644 --- a/kubernetes/clamp/charts/clamp-dash-es/templates/pvc.yaml +++ b/kubernetes/clamp/charts/clamp-dash-es/templates/pvc.yaml @@ -29,11 +29,9 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml index 94e14b5b65..88587160e9 100644 --- a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml @@ -34,7 +34,7 @@ busyboxImage: library/busybox:latest # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-kibana:4.1.2 +image: onap/clamp-dashboard-kibana:4.1.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml index 689977db05..20bf974157 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml @@ -30,7 +30,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-logstash:4.1.2 +image: onap/clamp-dashboard-logstash:4.1.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/load-sql-files-tests-automation.sh b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bootstrap-database.sh index 0755826cde..224a813db9 100755 --- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/load-sql-files-tests-automation.sh +++ b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bootstrap-database.sh @@ -6,8 +6,6 @@ # ================================================================================ # Copyright (C) 2017 AT&T Intellectual Property. All rights # reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada -# Modifications Copyright © 2019 AT&T # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -22,12 +20,9 @@ # limitations under the License. # ============LICENSE_END============================================ # =================================================================== -# ECOMP is a trademark and service mark of AT&T Intellectual Property. +# ### -cd /docker-entrypoint-initdb.d/bulkload -### Keep previous DB for now (SOON DEPRECATED) -mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < clds-create-db-objects.sql -mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < clds-stored-procedures.sql -## New model creation -mysql -uroot -p$MYSQL_ROOT_PASSWORD -f cldsdb4 < create-tables.sql +mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < /docker-entrypoint-initdb.d/bulkload/create-db.sql +## New model creation +mysql -uroot -p$MYSQL_ROOT_PASSWORD -f cldsdb4 < /docker-entrypoint-initdb.d/bulkload/create-tables.sql diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-create-db-objects.sql b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-create-db-objects.sql deleted file mode 100644 index a6beca2b09..0000000000 --- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-create-db-objects.sql +++ /dev/null @@ -1,240 +0,0 @@ -/* Copyright © 2017-2019 AT&T, Amdocs, Bell Canada -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -# -# Create CLDS database objects (tables, etc.) -# -# -CREATE DATABASE `cldsdb4`; -USE `cldsdb4`; -DROP USER 'clds'; -CREATE USER 'clds'; -GRANT ALL on cldsdb4.* to 'clds' identified by 'sidnnd83K' with GRANT OPTION; -GRANT SELECT on mysql.proc TO 'clds'; -FLUSH PRIVILEGES; - - -CREATE TABLE template ( - template_id VARCHAR(36) NOT NULL, - template_name VARCHAR(80) NOT NULL, - template_bpmn_id VARCHAR(36) NULL, - template_image_id VARCHAR(36) NULL, - template_doc_id VARCHAR(36) NULL, - PRIMARY KEY (template_id), - UNIQUE (template_name) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE template_bpmn ( - template_bpmn_id VARCHAR(36) NOT NULL, - template_id VARCHAR(36) NOT NULL, - template_bpmn_text MEDIUMTEXT NOT NULL, - user_id VARCHAR(80), - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (template_bpmn_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE template_image ( - template_image_id VARCHAR(36) NOT NULL, - template_id VARCHAR(36) NOT NULL, - template_image_text MEDIUMTEXT NULL, - user_id VARCHAR(80), - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (template_image_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE template_doc ( - template_doc_id VARCHAR(36) NOT NULL, - template_id VARCHAR(36) NOT NULL, - template_doc_text MEDIUMTEXT NULL, - user_id VARCHAR(80), - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (template_doc_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE model ( - model_id VARCHAR(36) NOT NULL, - model_name VARCHAR(80) NOT NULL, - template_id VARCHAR(36) NULL, - model_prop_id VARCHAR(36) NULL, - model_blueprint_id VARCHAR(36) NULL, - event_id VARCHAR(36) NULL, - control_name_prefix VARCHAR(80) NULL, - control_name_uuid VARCHAR(36) NOT NULL, - service_type_id VARCHAR(80) NULL, - deployment_id VARCHAR(80) NULL, - deployment_status_url VARCHAR(300) NULL, - PRIMARY KEY (model_id), - UNIQUE (model_name), - UNIQUE (control_name_uuid), - UNIQUE (service_type_id), - UNIQUE (deployment_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE model_properties ( - model_prop_id VARCHAR(36) NOT NULL, - model_id VARCHAR(36) NOT NULL, - model_prop_text MEDIUMTEXT NULL, - user_id VARCHAR(80), - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (model_prop_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE model_blueprint ( - model_blueprint_id VARCHAR(36) NOT NULL, - model_id VARCHAR(36) NOT NULL, - model_blueprint_text MEDIUMTEXT NULL, - user_id VARCHAR(80), - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (model_blueprint_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE model_instance ( - model_instance_id VARCHAR(36) NOT NULL, - model_id VARCHAR(36) NOT NULL, - vm_name VARCHAR(250) NOT NULL, - location VARCHAR(250) NULL, - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (model_instance_id), - UNIQUE (model_id, vm_name) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE event ( - event_id VARCHAR(36) NOT NULL, - model_id VARCHAR(36) NULL, - action_cd VARCHAR(80) NOT NULL, - action_state_cd VARCHAR(80) NULL, - prev_event_id VARCHAR(36) NULL, - process_instance_id VARCHAR(80) NULL, - user_id VARCHAR(80) NULL, - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (event_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE IF NOT EXISTS tosca_model ( - tosca_model_id VARCHAR(36) NOT NULL, - tosca_model_name VARCHAR(80) NOT NULL, - policy_type VARCHAR(80) NULL, - user_id VARCHAR(80), - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (tosca_model_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE IF NOT EXISTS tosca_model_revision ( - tosca_model_revision_id VARCHAR(36) NOT NULL, - tosca_model_id VARCHAR(36) NOT NULL, - version DOUBLE NOT NULL DEFAULT 1, - tosca_model_yaml MEDIUMTEXT NULL, - tosca_model_json MEDIUMTEXT NULL, - user_id VARCHAR(80), - createdTimestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - lastUpdatedTimestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (tosca_model_revision_id), - CONSTRAINT tosca_model_revision_ukey UNIQUE KEY (tosca_model_id, version), - CONSTRAINT tosca_model_revision_fkey01 FOREIGN KEY (tosca_model_id) REFERENCES tosca_model (tosca_model_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE IF NOT EXISTS dictionary ( - dictionary_id VARCHAR(36) NOT NULL, - dictionary_name VARCHAR(80) NOT NULL, - created_by VARCHAR(80), - modified_by VARCHAR(80), - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (dictionary_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -CREATE TABLE IF NOT EXISTS dictionary_elements ( - dict_element_id VARCHAR(36) NOT NULL, - dictionary_id VARCHAR(36) NOT NULL, - dict_element_name VARCHAR(250) NOT NULL, - dict_element_short_name VARCHAR(80) NOT NULL, - dict_element_description VARCHAR(250), - dict_element_type VARCHAR(80) NOT NULL, - created_by VARCHAR(80), - modified_by VARCHAR(80), - timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (dict_element_id), - CONSTRAINT dictionary_elements_ukey UNIQUE KEY (dict_element_name, dict_element_short_name), - CONSTRAINT dictionary_elements_ukey_fkey01 FOREIGN KEY (dictionary_id) REFERENCES dictionary (dictionary_id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; - -ALTER TABLE template - ADD CONSTRAINT template_bpmn_id_fkey01 - FOREIGN KEY (template_bpmn_id) - REFERENCES template_bpmn (template_bpmn_id); - -ALTER TABLE template - ADD CONSTRAINT template_image_id_fkey01 - FOREIGN KEY (template_image_id) - REFERENCES template_image (template_image_id); - -ALTER TABLE template - ADD CONSTRAINT template_doc_id_fkey01 - FOREIGN KEY (template_doc_id) - REFERENCES template_doc (template_doc_id); - -ALTER TABLE template_bpmn - ADD CONSTRAINT template_id_fkey02 - FOREIGN KEY (template_id) - REFERENCES template (template_id); - -ALTER TABLE template_image - ADD CONSTRAINT template_id_fkey03 - FOREIGN KEY (template_id) - REFERENCES template (template_id); - -ALTER TABLE template_doc - ADD CONSTRAINT template_id_fkey04 - FOREIGN KEY (template_id) - REFERENCES template (template_id); - -ALTER TABLE model - ADD CONSTRAINT template_id_fkey01 - FOREIGN KEY (template_id) - REFERENCES template (template_id); - -ALTER TABLE model - ADD CONSTRAINT model_prop_id_fkey01 - FOREIGN KEY (model_prop_id) - REFERENCES model_properties (model_prop_id); - -ALTER TABLE model - ADD CONSTRAINT model_blueprint_id_fkey01 - FOREIGN KEY (model_blueprint_id) - REFERENCES model_blueprint (model_blueprint_id); - -ALTER TABLE model - ADD CONSTRAINT event_id_fkey01 - FOREIGN KEY (event_id) - REFERENCES event (event_id); - -ALTER TABLE model_properties - ADD CONSTRAINT model_id_fkey01 - FOREIGN KEY (model_id) - REFERENCES model (model_id); - -ALTER TABLE model_blueprint - ADD CONSTRAINT model_id_fkey02 - FOREIGN KEY (model_id) - REFERENCES model (model_id); - -ALTER TABLE model_instance - ADD CONSTRAINT model_id_fkey04 - FOREIGN KEY (model_id) - REFERENCES model (model_id); - -ALTER TABLE event - ADD CONSTRAINT model_id_fkey03 - FOREIGN KEY (model_id) - REFERENCES model (model_id); diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-stored-procedures.sql b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-stored-procedures.sql deleted file mode 100644 index a590fed04e..0000000000 --- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/clds-stored-procedures.sql +++ /dev/null @@ -1,549 +0,0 @@ -/* Copyright © 2017 AT&T, Amdocs, Bell Canada -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -# -# CLDS stored procedures -# - -USE cldsdb4; - -DROP PROCEDURE IF EXISTS upd_event; -DROP PROCEDURE IF EXISTS ins_event; -DROP PROCEDURE IF EXISTS del_all_model_instances; -DROP PROCEDURE IF EXISTS del_model_instance; -DROP PROCEDURE IF EXISTS ins_model_instance; -DROP PROCEDURE IF EXISTS set_model; -DROP PROCEDURE IF EXISTS get_model; -DROP PROCEDURE IF EXISTS get_model_template; -DROP PROCEDURE IF EXISTS set_template; -DROP PROCEDURE IF EXISTS get_template; -DROP PROCEDURE IF EXISTS del_model; -DROP PROCEDURE IF EXISTS set_new_tosca_model_version; -DROP PROCEDURE IF EXISTS set_tosca_model; -DROP PROCEDURE IF EXISTS set_dictionary; -DROP PROCEDURE IF EXISTS set_dictionary_elements; -DELIMITER // -CREATE PROCEDURE get_template - (IN v_template_name VARCHAR(80), - OUT v_template_id VARCHAR(36), - OUT v_template_bpmn_id VARCHAR(36), - OUT v_template_bpmn_user_id VARCHAR(80), - OUT v_template_bpmn_text MEDIUMTEXT, - OUT v_template_image_id VARCHAR(36), - OUT v_template_image_user_id VARCHAR(80), - OUT v_template_image_text MEDIUMTEXT, - OUT v_template_doc_id VARCHAR(36), - OUT v_template_doc_user_id VARCHAR(80), - OUT v_template_doc_text MEDIUMTEXT) -BEGIN - SELECT t.template_id, - tb.template_bpmn_id, - tb.user_id, - tb.template_bpmn_text, - ti.template_image_id, - ti.user_id, - ti.template_image_text, - td.template_doc_id, - td.user_id, - td.template_doc_text - INTO v_template_id, - v_template_bpmn_id, - v_template_bpmn_user_id, - v_template_bpmn_text, - v_template_image_id, - v_template_image_user_id, - v_template_image_text, - v_template_doc_id, - v_template_doc_user_id, - v_template_doc_text - FROM template t, - template_bpmn tb, - template_image ti, - template_doc td - WHERE t.template_bpmn_id = tb.template_bpmn_id - AND t.template_image_id = ti.template_image_id - AND t.template_doc_id = td.template_doc_id - AND t.template_name = v_template_name; -END; -CREATE PROCEDURE set_template - (IN v_template_name VARCHAR(80), - IN v_user_id VARCHAR(80), - IN v_template_bpmn_text MEDIUMTEXT, - IN v_template_image_text MEDIUMTEXT, - IN v_template_doc_text MEDIUMTEXT, - OUT v_template_id VARCHAR(36), - OUT v_template_bpmn_id VARCHAR(36), - OUT v_template_bpmn_user_id VARCHAR(80), - OUT v_template_image_id VARCHAR(36), - OUT v_template_image_user_id VARCHAR(80), - OUT v_template_doc_id VARCHAR(36), - OUT v_template_doc_user_id VARCHAR(80)) -BEGIN - DECLARE v_old_template_bpmn_text MEDIUMTEXT; - DECLARE v_old_template_image_text MEDIUMTEXT; - DECLARE v_old_template_doc_text MEDIUMTEXT; - SET v_template_id = NULL; - CALL get_template( - v_template_name, - v_template_id, - v_template_bpmn_id, - v_template_bpmn_user_id, - v_old_template_bpmn_text, - v_template_image_id, - v_template_image_user_id, - v_old_template_image_text, - v_template_doc_id, - v_template_doc_user_id, - v_old_template_doc_text); - IF v_template_id IS NULL THEN - BEGIN - SET v_template_id = UUID(); - INSERT INTO template - (template_id, template_name) - VALUES (v_template_id, v_template_name); - END; - END IF; - IF v_template_bpmn_id IS NULL OR v_template_bpmn_text <> v_old_template_bpmn_text THEN - SET v_template_bpmn_id = UUID(); - INSERT INTO template_bpmn - (template_bpmn_id, template_id, template_bpmn_text, user_id) - VALUES (v_template_bpmn_id, v_template_id, v_template_bpmn_text, v_user_id); - SET v_template_bpmn_user_id = v_user_id; - END IF; - IF v_template_image_id IS NULL OR v_template_image_text <> v_old_template_image_text THEN - SET v_template_image_id = UUID(); - INSERT INTO template_image - (template_image_id, template_id, template_image_text, user_id) - VALUES (v_template_image_id, v_template_id, v_template_image_text, v_user_id); - SET v_template_image_user_id = v_user_id; - END IF; - IF v_template_doc_id IS NULL OR v_template_doc_text <> v_old_template_doc_text THEN - SET v_template_doc_id = UUID(); - INSERT INTO template_doc - (template_doc_id, template_id, template_doc_text, user_id) - VALUES (v_template_doc_id, v_template_id, v_template_doc_text, v_user_id); - SET v_template_doc_user_id = v_user_id; - END IF; - UPDATE template - SET template_bpmn_id = v_template_bpmn_id, - template_image_id = v_template_image_id, - template_doc_id = v_template_doc_id - WHERE template_id = v_template_id; -END; -CREATE PROCEDURE get_model - (IN v_model_name VARCHAR(80), - OUT v_control_name_prefix VARCHAR(80), - INOUT v_control_name_uuid VARCHAR(36), - OUT v_model_id VARCHAR(36), - OUT v_service_type_id VARCHAR(80), - OUT v_deployment_id VARCHAR(80), - OUT v_deployment_status_url VARCHAR(300), - OUT v_template_name VARCHAR(80), - OUT v_template_id VARCHAR(36), - OUT v_model_prop_id VARCHAR(36), - OUT v_model_prop_user_id VARCHAR(80), - OUT v_model_prop_text MEDIUMTEXT, - OUT v_model_blueprint_id VARCHAR(36), - OUT v_model_blueprint_user_id VARCHAR(80), - OUT v_model_blueprint_text MEDIUMTEXT, - OUT v_event_id VARCHAR(36), - OUT v_action_cd VARCHAR(80), - OUT v_action_state_cd VARCHAR(80), - OUT v_event_process_instance_id VARCHAR(80), - OUT v_event_user_id VARCHAR(80)) -BEGIN - SELECT m.control_name_prefix, - m.control_name_uuid, - m.model_id, - m.service_type_id, - m.deployment_id, - m.deployment_status_url, - t.template_name, - m.template_id, - mp.model_prop_id, - mp.user_id, - mp.model_prop_text, - mb.model_blueprint_id, - mb.user_id, - mb.model_blueprint_text, - e.event_id, - e.action_cd, - e.action_state_cd, - e.process_instance_id, - e.user_id - INTO v_control_name_prefix, - v_control_name_uuid, - v_model_id, - v_service_type_id, - v_deployment_id, - v_deployment_status_url, - v_template_name, - v_template_id, - v_model_prop_id, - v_model_prop_user_id, - v_model_prop_text, - v_model_blueprint_id, - v_model_blueprint_user_id, - v_model_blueprint_text, - v_event_id, - v_action_cd, - v_action_state_cd, - v_event_process_instance_id, - v_event_user_id - FROM model m, - template t, - model_properties mp, - model_blueprint mb, - event e - WHERE m.template_id = t.template_id - AND m.model_prop_id = mp.model_prop_id - AND m.model_blueprint_id = mb.model_blueprint_id - AND m.event_id = e.event_id - AND (m.model_name = v_model_name - OR m.control_name_uuid = v_control_name_uuid); - SELECT model_instance_id, - vm_name, - location, - timestamp - FROM model_instance - WHERE model_id = v_model_id - ORDER BY 2; -END; -CREATE PROCEDURE get_model_template - (IN v_model_name VARCHAR(80), - OUT v_control_name_prefix VARCHAR(80), - INOUT v_control_name_uuid VARCHAR(36), - OUT v_model_id VARCHAR(36), - OUT v_service_type_id VARCHAR(80), - OUT v_deployment_id VARCHAR(80), - OUT v_deployment_status_url VARCHAR(300), - OUT v_template_name VARCHAR(80), - OUT v_template_id VARCHAR(36), - OUT v_model_prop_id VARCHAR(36), - OUT v_model_prop_user_id VARCHAR(80), - OUT v_model_prop_text MEDIUMTEXT, - OUT v_model_blueprint_id VARCHAR(36), - OUT v_model_blueprint_user_id VARCHAR(80), - OUT v_model_blueprint_text MEDIUMTEXT, - OUT v_template_bpmn_id VARCHAR(36), - OUT v_template_bpmn_user_id VARCHAR(80), - OUT v_template_bpmn_text MEDIUMTEXT, - OUT v_template_image_id VARCHAR(36), - OUT v_template_image_user_id VARCHAR(80), - OUT v_template_image_text MEDIUMTEXT, - OUT v_template_doc_id VARCHAR(36), - OUT v_template_doc_user_id VARCHAR(80), - OUT v_template_doc_text MEDIUMTEXT, - OUT v_event_id VARCHAR(36), - OUT v_action_cd VARCHAR(80), - OUT v_action_state_cd VARCHAR(80), - OUT v_event_process_instance_id VARCHAR(80), - OUT v_event_user_id VARCHAR(80)) -BEGIN - CALL get_model( - v_model_name, - v_control_name_prefix, - v_control_name_uuid, - v_model_id, - v_service_type_id, - v_deployment_id, - v_deployment_status_url, - v_template_name, - v_template_id, - v_model_prop_id, - v_model_prop_user_id, - v_model_prop_text, - v_model_blueprint_id, - v_model_blueprint_user_id, - v_model_blueprint_text, - v_event_id, - v_action_cd, - v_action_state_cd, - v_event_process_instance_id, - v_event_user_id); - CALL get_template( - v_template_name, - v_template_id, - v_template_bpmn_id, - v_template_bpmn_user_id, - v_template_bpmn_text, - v_template_image_id, - v_template_image_user_id, - v_template_image_text, - v_template_doc_id, - v_template_doc_user_id, - v_template_doc_text); - END; -CREATE PROCEDURE set_model - (IN v_model_name VARCHAR(80), - IN v_template_id VARCHAR(36), - IN v_user_id VARCHAR(80), - IN v_model_prop_text MEDIUMTEXT, - IN v_model_blueprint_text MEDIUMTEXT, - IN v_service_type_id VARCHAR(80), - IN v_deployment_id VARCHAR(80), - IN v_deployment_status_url VARCHAR(300), - INOUT v_control_name_prefix VARCHAR(80), - INOUT v_control_name_uuid VARCHAR(36), - OUT v_model_id VARCHAR(36), - OUT v_model_prop_id VARCHAR(36), - OUT v_model_prop_user_id VARCHAR(80), - OUT v_model_blueprint_id VARCHAR(36), - OUT v_model_blueprint_user_id VARCHAR(80), - OUT v_event_id VARCHAR(36), - OUT v_action_cd VARCHAR(80), - OUT v_action_state_cd VARCHAR(80), - OUT v_event_process_instance_id VARCHAR(80), - OUT v_event_user_id VARCHAR(80)) -BEGIN - DECLARE v_old_template_name VARCHAR(80); - DECLARE v_old_template_id VARCHAR(36); - DECLARE v_old_control_name_prefix VARCHAR(80); - DECLARE v_old_control_name_uuid VARCHAR(36); - DECLARE v_old_model_prop_text MEDIUMTEXT; - DECLARE v_old_model_blueprint_text MEDIUMTEXT; - DECLARE v_old_service_type_id VARCHAR(80); - DECLARE v_old_deployment_id VARCHAR(80); - DECLARE v_old_deployment_status_url VARCHAR(300); - SET v_model_id = NULL; - CALL get_model( - v_model_name, - v_old_control_name_prefix, - v_old_control_name_uuid, - v_model_id, - v_old_service_type_id, - v_old_deployment_id, - v_old_deployment_status_url, - v_old_template_name, - v_old_template_id, - v_model_prop_id, - v_model_prop_user_id, - v_old_model_prop_text, - v_model_blueprint_id, - v_model_blueprint_user_id, - v_old_model_blueprint_text, - v_event_id, - v_action_cd, - v_action_state_cd, - v_event_process_instance_id, - v_event_user_id); - IF v_model_id IS NULL THEN - BEGIN - # UUID can be provided initially but cannot be updated - # if not provided (this is expected) then it will be set here - IF v_control_name_uuid IS NULL THEN - SET v_control_name_uuid = UUID(); - END IF; - SET v_model_id = v_control_name_uuid; - INSERT INTO model - (model_id, model_name, template_id, control_name_prefix, control_name_uuid, service_type_id, deployment_id, deployment_status_url) - VALUES (v_model_id, v_model_name, v_template_id, v_control_name_prefix, v_control_name_uuid, v_service_type_id, v_deployment_id,v_deployment_status_url); - # since just created model, insert CREATED event as initial default event - SET v_action_cd = 'CREATE'; - SET v_action_state_cd = 'COMPLETED'; - SET v_event_user_id = v_user_id; - SET v_event_id = UUID(); - INSERT INTO event - (event_id, model_id, action_cd, action_state_cd, user_id) - VALUES (v_event_id, v_model_id, v_action_cd, v_action_state_cd, v_event_user_id); - UPDATE model - SET event_id = v_event_id - WHERE model_id = v_model_id; - END; - ELSE - BEGIN - # use old control_name_prefix if null value is provided - IF v_control_name_prefix IS NULL THEN - SET v_control_name_prefix = v_old_control_name_prefix; - END IF; - # UUID can not be updated after initial insert - SET v_control_name_uuid = v_old_control_name_uuid; - END; - END IF; - IF v_model_prop_id IS NULL OR v_model_prop_text <> v_old_model_prop_text THEN - SET v_model_prop_id = UUID(); - INSERT INTO model_properties - (model_prop_id, model_id, model_prop_text, user_id) - VALUES (v_model_prop_id, v_model_id, v_model_prop_text, v_user_id); - SET v_model_prop_user_id = v_user_id; - END IF; - IF v_model_blueprint_id IS NULL OR v_model_blueprint_text <> v_old_model_blueprint_text THEN - SET v_model_blueprint_id = UUID(); - INSERT INTO model_blueprint - (model_blueprint_id, model_id, model_blueprint_text, user_id) - VALUES (v_model_blueprint_id, v_model_id, v_model_blueprint_text, v_user_id); - SET v_model_blueprint_user_id = v_user_id; - END IF; - UPDATE model - SET control_name_prefix = v_control_name_prefix, - model_prop_id = v_model_prop_id, - model_blueprint_id = v_model_blueprint_id, - service_type_id = v_service_type_id, - deployment_id = v_deployment_id, - deployment_status_url = v_deployment_status_url - WHERE model_id = v_model_id; -END; -CREATE PROCEDURE ins_model_instance - (IN v_control_name_uuid VARCHAR(36), - IN v_vm_name VARCHAR(250), - IN v_location VARCHAR(250), - OUT v_model_id VARCHAR(36), - OUT v_model_instance_id VARCHAR(36)) -BEGIN - SELECT m.model_id - INTO v_model_id - FROM model m - WHERE m.control_name_uuid = v_control_name_uuid; - SET v_model_instance_id = UUID(); - INSERT INTO model_instance - (model_instance_id, model_id, vm_name, location) - VALUES (v_model_instance_id, v_model_id, v_vm_name, v_location); -END; -CREATE PROCEDURE del_model_instance - (IN v_control_name_uuid VARCHAR(36), - IN v_vm_name VARCHAR(250), - OUT v_model_id VARCHAR(36), - OUT v_model_instance_id VARCHAR(36)) -BEGIN - SELECT m.model_id, i.model_instance_id - INTO v_model_id, - v_model_instance_id - FROM model m, - model_instance i - WHERE m.model_id = i.model_id - AND m.control_name_uuid = v_control_name_uuid - AND i.vm_name = v_vm_name; - DELETE FROM model_instance - WHERE model_instance_id = v_model_instance_id; -END; -CREATE PROCEDURE del_all_model_instances - (IN v_control_name_uuid VARCHAR(36), - OUT v_model_id VARCHAR(36)) -BEGIN - SELECT m.model_id - INTO v_model_id - FROM model m - WHERE m.control_name_uuid = v_control_name_uuid; - DELETE FROM model_instance - WHERE model_id = v_model_id; -END; -CREATE PROCEDURE ins_event - (IN v_model_name VARCHAR(80), - IN v_control_name_prefix VARCHAR(80), - IN v_control_name_uuid VARCHAR(36), - IN v_user_id VARCHAR(80), - IN v_action_cd VARCHAR(80), - IN v_action_state_cd VARCHAR(80), - IN v_process_instance_id VARCHAR(80), - OUT v_model_id VARCHAR(36), - OUT v_event_id VARCHAR(36)) -BEGIN - DECLARE v_prev_event_id VARCHAR(36); - SELECT m.model_id, - m.event_id - INTO v_model_id, - v_prev_event_id - FROM model m - WHERE m.model_name = v_model_name - OR m.control_name_uuid = v_control_name_uuid; - SET v_event_id = UUID(); - INSERT INTO event - (event_id, model_id, action_cd, action_state_cd, prev_event_id, process_instance_id, user_id) - VALUES (v_event_id, v_model_id, v_action_cd, v_action_state_cd, v_prev_event_id, v_process_instance_id, v_user_id); - UPDATE model - SET event_id = v_event_id - WHERE model_id = v_model_id; -END; -CREATE PROCEDURE upd_event - (IN v_event_id VARCHAR(36), - IN v_process_instance_id VARCHAR(80)) -BEGIN - UPDATE event - SET process_instance_id = v_process_instance_id - WHERE event_id = v_event_id; -END; -CREATE PROCEDURE del_model -(IN v_model_name VARCHAR(80)) -BEGIN - DECLARE v_model_id VARCHAR(36); - SELECT model_id INTO v_model_id from model where model_name = v_model_name; - UPDATE model set event_id = null, model_blueprint_id = null, model_prop_id = null where model_id = v_model_id; - DELETE from event where model_id = v_model_id; - DELETE from model_blueprint where model_id = v_model_id; - DELETE from model_properties where model_id = v_model_id; - DELETE from model where model_id = v_model_id; -END; - -CREATE PROCEDURE set_new_tosca_model_version - (IN v_tosca_model_id VARCHAR(36), - IN v_version DOUBLE, - IN v_tosca_model_yaml MEDIUMTEXT, - IN v_tosca_model_json MEDIUMTEXT, - IN v_user_id VARCHAR(80), - OUT v_revision_id VARCHAR(36)) -BEGIN - SET v_revision_id = UUID(); - INSERT INTO tosca_model_revision - (tosca_model_revision_id, tosca_model_id, version, tosca_model_yaml, tosca_model_json, user_id) - VALUES (v_revision_id, v_tosca_model_id, v_version, v_tosca_model_yaml, v_tosca_model_json, v_user_id); -END; - -CREATE PROCEDURE set_tosca_model - (IN v_tosca_model_name VARCHAR(80), - IN v_policy_type VARCHAR(80), - IN v_user_id VARCHAR(80), - IN v_tosca_model_yaml MEDIUMTEXT, - IN v_tosca_model_json MEDIUMTEXT, - IN v_version DOUBLE, - OUT v_tosca_model_id VARCHAR(36), - OUT v_revision_id VARCHAR(36)) -BEGIN - SET v_tosca_model_id = UUID(); - INSERT INTO tosca_model - (tosca_model_id, tosca_model_name, policy_type, user_id) - VALUES (v_tosca_model_id, v_tosca_model_name, v_policy_type, v_user_id); - SET v_revision_id = UUID(); - INSERT INTO tosca_model_revision - (tosca_model_revision_id, tosca_model_id, version, tosca_model_yaml, tosca_model_json, user_id) - VALUES (v_revision_id, v_tosca_model_id, v_version, v_tosca_model_yaml, v_tosca_model_json, v_user_id); -END; - -CREATE PROCEDURE set_dictionary - (IN v_dictionary_name VARCHAR(80), - IN v_user_id VARCHAR(80), - OUT v_dictionary_id VARCHAR(36)) -BEGIN - SET v_dictionary_id = UUID(); - INSERT INTO dictionary - (dictionary_id, dictionary_name, created_by, modified_by) - VALUES (v_dictionary_id, v_dictionary_name, v_user_id, v_user_id); -END; - -CREATE PROCEDURE set_dictionary_elements - (IN v_dictionary_id VARCHAR(36), - IN v_dict_element_name VARCHAR(250), - IN v_dict_element_short_name VARCHAR(80), - IN v_dict_element_description VARCHAR(250), - IN v_dict_element_type VARCHAR(80), - IN v_user_id VARCHAR(80), - OUT v_dict_element_id VARCHAR(36)) -BEGIN - SET v_dict_element_id = UUID(); - INSERT INTO dictionary_elements - (dict_element_id, dictionary_id, dict_element_name, dict_element_short_name, dict_element_description, dict_element_type, created_by, modified_by) - VALUES (v_dict_element_id, v_dictionary_id, v_dict_element_name, v_dict_element_short_name, v_dict_element_description, v_dict_element_type, v_user_id, v_user_id); -END; -// -DELIMITER ; diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-db.sql b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-db.sql new file mode 100644 index 0000000000..ea4d97c1b5 --- /dev/null +++ b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-db.sql @@ -0,0 +1,11 @@ +# +# Create CLDS database objects (tables, etc.) +# +# +CREATE DATABASE `cldsdb4`; +USE `cldsdb4`; +DROP USER 'clds'; +CREATE USER 'clds'; +GRANT ALL on cldsdb4.* to 'clds' identified by 'sidnnd83K' with GRANT OPTION; +FLUSH PRIVILEGES; + diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql index 9b12b1804c..0e15d4d3a2 100644 --- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql +++ b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql @@ -1,17 +1,4 @@ -/* Copyright © 2019 AT&T -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ + create table hibernate_sequence ( next_val bigint ) engine=InnoDB; diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/drop/clds-drop-db-objects.sql b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/drop/clds-drop-db-objects.sql deleted file mode 100644 index 0412373d01..0000000000 --- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/drop/clds-drop-db-objects.sql +++ /dev/null @@ -1,54 +0,0 @@ -/* Copyright © 2017 AT&T, Amdocs, Bell Canada -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -# -# Drop CLDS database objects (tables, etc.) -# - - -ALTER TABLE template - DROP FOREIGN KEY template_image_id_fkey01; -ALTER TABLE template - DROP FOREIGN KEY template_bpmn_id_fkey01; -ALTER TABLE template - DROP FOREIGN KEY template_doc_id_fkey01; - -ALTER TABLE model - DROP FOREIGN KEY template_id_fkey01; -ALTER TABLE model - DROP FOREIGN KEY model_prop_id_fkey01; -ALTER TABLE model - DROP FOREIGN KEY model_blueprint_id_fkey01; -ALTER TABLE model - DROP FOREIGN KEY event_id_fkey01; - -DROP TABLE clds_service_cache; - -DROP TABLE model_instance; -DROP TABLE model_blueprint; -DROP TABLE model_properties; -DROP TABLE event; -DROP TABLE model; - -DROP TABLE template_doc; -DROP TABLE template_image; -DROP TABLE template_bpmn; -DROP TABLE template; - -DROP TABLE dictionary_elements; -DROP TABLE dictionary; -DROP TABLE tosca_model_revision; -DROP TABLE tosca_model; - diff --git a/kubernetes/clamp/charts/mariadb/templates/pv.yaml b/kubernetes/clamp/charts/mariadb/templates/pv.yaml index 252ca76599..d166900c6f 100644 --- a/kubernetes/clamp/charts/mariadb/templates/pv.yaml +++ b/kubernetes/clamp/charts/mariadb/templates/pv.yaml @@ -16,10 +16,11 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-data namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -32,7 +33,9 @@ spec: storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-data" persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} diff --git a/kubernetes/clamp/charts/mariadb/templates/pvc.yaml b/kubernetes/clamp/charts/mariadb/templates/pvc.yaml index 1deed4e92a..c3c2a2259e 100644 --- a/kubernetes/clamp/charts/mariadb/templates/pvc.yaml +++ b/kubernetes/clamp/charts/mariadb/templates/pvc.yaml @@ -31,19 +31,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} + storageClassName: {{ include "common.storageClass" . }} {{- end -}} diff --git a/kubernetes/clamp/charts/mariadb/values.yaml b/kubernetes/clamp/charts/mariadb/values.yaml index 5f31c79bdf..8bf6100563 100644 --- a/kubernetes/clamp/charts/mariadb/values.yaml +++ b/kubernetes/clamp/charts/mariadb/values.yaml @@ -70,7 +70,7 @@ persistence: ## GKE, AWS & OpenStack) ## # storageClass: "-" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 2Gi mountPath: /dockerdata-nfs mountSubPath: clamp/mariadb/data diff --git a/kubernetes/clamp/resources/config/nginx.conf b/kubernetes/clamp/resources/config/nginx.conf index ce94eff70f..da7978ad01 100644 --- a/kubernetes/clamp/resources/config/nginx.conf +++ b/kubernetes/clamp/resources/config/nginx.conf @@ -4,8 +4,10 @@ server { ssl_protocols TLSv1.2; ssl_certificate /etc/ssl/clamp.pem; ssl_certificate_key /etc/ssl/clamp.key; + ssl_verify_client optional_no_ca; location /restservices/clds/ { proxy_pass https://clamp-backend:443; + proxy_set_header X-SSL-Cert $ssl_client_escaped_cert; } location / { diff --git a/kubernetes/clamp/templates/ingress.yaml b/kubernetes/clamp/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/clamp/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml index a0385ada9c..d66273dce1 100644 --- a/kubernetes/clamp/values.yaml +++ b/kubernetes/clamp/values.yaml @@ -30,7 +30,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp-frontend:4.1.2 +image: onap/clamp-frontend:4.1.3 pullPolicy: Always # flag to enable debugging - application support required @@ -83,6 +83,12 @@ service: ingress: enabled: false + service: + - baseaddr: "clamp" + name: "clamp" + port: 443 + config: + ssl: "redirect" #resources: {} # We usually recommend not to specify default resources and to leave this as a conscious diff --git a/kubernetes/cli/templates/ingress.yaml b/kubernetes/cli/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/cli/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/cli/values.yaml b/kubernetes/cli/values.yaml index 0fbe21dd4c..7278c99a5f 100644 --- a/kubernetes/cli/values.yaml +++ b/kubernetes/cli/values.yaml @@ -63,6 +63,15 @@ service: ingress: enabled: false + service: + - baseaddr: "cli" + name: "cli" + port: 8080 + - baseaddr: "cli2" + name: cli + port: 9090 + config: + ssl: "none" # Configure resource requests and limits # ref: http://kubernetes.io/docs/user-guide/compute-resources/ diff --git a/kubernetes/common/cassandra/templates/backup/cronjob.yaml b/kubernetes/common/cassandra/templates/backup/cronjob.yaml index 630ac43ba3..0d06318422 100644 --- a/kubernetes/common/cassandra/templates/backup/cronjob.yaml +++ b/kubernetes/common/cassandra/templates/backup/cronjob.yaml @@ -75,7 +75,7 @@ spec: echo "Executing cleanup!!" command="nodetool cleanup" - /root/exec.py -p "cassandra" -c "$command" + /root/exec.py -p "cassandra" -c "$command" echo "Cleaned Node!! Backing up database now!!!" command="nodetool snapshot -t $curr_time" @@ -97,7 +97,7 @@ spec: if [ 1 ] {{- range $t, $keyspace := $root.Values.backup.keyspacesToSkip }} && [ "{{ $keyspace.name }}" != "$keyspace_name" ] {{- end }}; then /root/restore.sh -b $backup_dir/cassandra-{{ $i }}/data -s /onap-data/cassandra-{{ $i }}/data/$keyspace_name -k $keyspace_name -t $curr_time & pids="$pids $!" - fi + fi done {{- end }} @@ -121,7 +121,7 @@ spec: echo "Failed" > /backup/backup.log exit 0 fi - + mv /backup/temp /backup/backup-${curr_time} echo "Success" > /backup/backup.log echo "Cassandra Backup Succeeded" @@ -135,8 +135,10 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - - mountPath: /onap-data - name: data-dir + {{- range $i := until (int .Values.replicaCount)}} + - mountPath: /onap-data/cassandra-{{ $i }} + name: data-dir-{{ $i }} + {{- end }} - mountPath: /backup name: backup-dir - name: scripts @@ -144,7 +146,7 @@ spec: subPath: restore.sh - name: scripts mountPath: /root/exec.py - subPath: exec.py + subPath: exec.py containers: - name: cassandra-backup-validate image: "{{ .Values.image }}" @@ -200,7 +202,7 @@ spec: done kill -9 $CASS_PID {{- end }} - echo "Validation Successful!!!" + echo "Validation Successful!!!" cd /backup totalFiles=`ls -t | grep "backup-" | wc -l` if [ $totalFiles -gt {{ .Values.backup.retentionPeriod }} ]; then @@ -230,13 +232,14 @@ spec: path: /etc/localtime - name: scripts configMap: - name: {{ include "common.fullname" $ }}-configmap + name: {{ include "common.fullname" . }}-configmap defaultMode: 0755 - - name: data-dir + {{- range $i := until (int .Values.replicaCount)}} + - name: data-dir-{{ $i }} persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-db-data + claimName: {{ include "common.fullname" . }}-data-{{ $i }} + {{- end }} - name: backup-dir persistentVolumeClaim: claimName: {{ include "common.fullname" . }}-backup-data {{- end -}} - diff --git a/kubernetes/common/cassandra/templates/backup/pv.yaml b/kubernetes/common/cassandra/templates/backup/pv.yaml index 332dc95e05..10c310077b 100644 --- a/kubernetes/common/cassandra/templates/backup/pv.yaml +++ b/kubernetes/common/cassandra/templates/backup/pv.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2019 Amdocs, Bell Canada, AT&T +# Copyright © 2019 Amdocs, Bell Canada, AT&T, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,25 +14,8 @@ # limitations under the License. */}} {{- if .Values.backup.enabled }} -{{ if .Values.persistence.enabled }} -apiVersion: v1 -kind: PersistentVolume -metadata: - name: {{ include "common.fullname" . }}-db-data - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - heritage: {{ .Release.Service }} - name: {{ include "common.fullname" . }}-db-data -spec: - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} --- apiVersion: v1 kind: PersistentVolume @@ -49,9 +32,10 @@ spec: storage: {{ .Values.persistence.size }} accessModes: - {{ .Values.persistence.accessMode }} - hostPath: - path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" $ }}/{{ include "common.fullname" $ }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} -{{ end }} + storageClassName: "{{ include "common.fullname" . }}-data" + hostPath: + path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" . }}/{{ include "common.fullname" . }} +{{- end -}} +{{- end -}} {{- end -}} - diff --git a/kubernetes/common/cassandra/templates/backup/pvc.yaml b/kubernetes/common/cassandra/templates/backup/pvc.yaml index 1f848c3315..dd7f3810a0 100644 --- a/kubernetes/common/cassandra/templates/backup/pvc.yaml +++ b/kubernetes/common/cassandra/templates/backup/pvc.yaml @@ -15,36 +15,6 @@ */}} {{- if .Values.backup.enabled }} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-db-data - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-backup - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }}-db-data - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} --- kind: PersistentVolumeClaim apiVersion: v1 @@ -61,20 +31,11 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }}-backup-data accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} + storageClassName: {{ include "common.storageClass" . }} {{- end -}} {{- end -}} diff --git a/kubernetes/common/cassandra/templates/pv.yaml b/kubernetes/common/cassandra/templates/pv.yaml index 06f41e7683..fbbb5ba105 100644 --- a/kubernetes/common/cassandra/templates/pv.yaml +++ b/kubernetes/common/cassandra/templates/pv.yaml @@ -12,28 +12,35 @@ # See the License for the specific language governing permissions and # limitations under the License. -{{ if .Values.persistence.enabled }} -{{- $root := . -}} -{{ range $i, $e := until (int $root.Values.replicaCount) }} +{{- $global := . }} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} --- apiVersion: v1 kind: PersistentVolume metadata: - name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }} - namespace: {{ $root.Release.Namespace }} + name: {{ $global.Release.Name }}-{{ $global.Values.service.name }}-{{ $i }} + namespace: {{ $global.Release.Namespace }} labels: - type: {{ $root.Values.persistence.storageType }} - app: {{ $root.Values.service.name }} - chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} - release: {{ $root.Release.Name }} - heritage: {{ $root.Release.Service }} + type: {{ $global.Values.persistence.storageType }} + app: {{ $global.Values.service.name }} + chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }} + release: {{ $global.Release.Name }} + heritage: {{ $global.Release.Service }} spec: capacity: - storage: {{ $root.Values.persistence.size }} + storage: {{ $global.Values.persistence.size }} accessModes: - - {{ $root.Values.persistence.accessMode }} + {{- if $global.Values.backup.enabled }} + - ReadWriteMany + {{- else }} + - ReadWriteOnce + {{- end }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }} - persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }} -{{ end }} -{{ end }} + path: {{ $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/common/cassandra/templates/statefulset.yaml b/kubernetes/common/cassandra/templates/statefulset.yaml index 4be3570851..72e886d4d1 100644 --- a/kubernetes/common/cassandra/templates/statefulset.yaml +++ b/kubernetes/common/cassandra/templates/statefulset.yaml @@ -49,7 +49,7 @@ spec: - containerPort: {{ $ports.port }} {{- end }} volumeMounts: - - name: cassandra-data + - name: {{ include "common.fullname" . }}-data mountPath: /var/lib/cassandra - name: localtime mountPath: /etc/localtime @@ -151,25 +151,26 @@ spec: name: {{ include "common.fullname" . }}-entrypoint defaultMode: 0755 {{- if not .Values.persistence.enabled }} - - name: cassandra-data + - name: {{ include "common.fullname" . }}-data emptyDir: {} {{- else }} volumeClaimTemplates: - metadata: - name: cassandra-data + name: {{ include "common.fullname" . }}-data labels: - app: {{ template "common.fullname" . }} + name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" - annotations: - volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass }} spec: accessModes: - - {{ .Values.persistence.accessMode | quote }} + {{- if .Values.backup.enabled }} + - ReadWriteMany + {{- else }} + - ReadWriteOnce + {{- end }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size | quote }} - selector: - matchLabels: - release: "{{ .Release.Name }}" {{- end }} diff --git a/kubernetes/common/cassandra/values.yaml b/kubernetes/common/cassandra/values.yaml index f078bd17ce..c3af7e59b2 100644 --- a/kubernetes/common/cassandra/values.yaml +++ b/kubernetes/common/cassandra/values.yaml @@ -37,7 +37,7 @@ debugEnabled: false config: cluster_domain: cluster.local heap: - max: 512M + max: 2048M min: 100M jvmOpts: -Dcassandra.consistent.rangemovement=false clusterName: cassandra @@ -115,12 +115,12 @@ persistence: ## GKE, AWS & OpenStack) ## ## storageClass: "-" - accessMode: ReadWriteOnce + ## Not set as it depends of the backup enabledment or not. + #accessMode: ReadWriteOnce size: 2Gi mountPath: /dockerdata-nfs mountSubPath: cassandra storageType: local - storageClass: "" backup: mountPath: /dockerdata-nfs/backup diff --git a/kubernetes/common/common/templates/_createPassword.tpl b/kubernetes/common/common/templates/_createPassword.tpl new file mode 100644 index 0000000000..938b0ee514 --- /dev/null +++ b/kubernetes/common/common/templates/_createPassword.tpl @@ -0,0 +1,62 @@ +{{/* +# Copyright © 2019 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{/* + Resolve the master password to be used to derive other passwords. The value of + .Values.masterPassword is used by default, unless either override mechanism is + used: + + - .Values.global.masterPassword : override default master password for all charts + - .Values.masterPasswordOverride : override global and default masterPassword on a per chart basis +*/}} +{{- define "common.masterPassword" -}} + {{ if .Values.masterPasswordOverride }} + {{- printf "%d" .Values.masterPasswordOverride -}} + {{ else if .Values.global.masterPassword }} + {{- printf "%d" .Values.global.masterPassword -}} + {{ else if .Values.masterPassword }} + {{- printf "%d" .Values.masterPassword -}} + {{ else }} + {{ fail "masterPassword not provided" }} + {{ end }} +{{- end -}} + +{{/* + Generate a new password based on masterPassword. The new password is not + random, it is derived from masterPassword, fully qualified chart name and + additional uid provided by the user. This ensures that every time when we + run this function from the same place, with the same password and uid we + get the same results. This allows to avoid password changes while you are + doing upgrade. + + The function can take from one to three arguments (inside a dictionary): + - .dot : environment (.) + - .uid : unique identifier of password to be generated within this particular chart. Use only when you create more than a single password within one chart + - .strength : complexity of derived password. See derivePassword documentation for more details + + Example calls: + + {{ include "common.createPassword" . }} + {{ include "common.createPassword" (dict "dot" . "uid" "mysqlRootPasswd") }} + +*/}} +{{- define "common.createPassword" -}} + {{- $dot := default . .dot -}} + {{- $uid := default "onap" .uid -}} + {{- $strength := default "long" .strength -}} + {{- $mp := include "common.masterPassword" $dot -}} + {{- derivePassword 1 $strength $mp (include "common.fullname" $dot) $uid -}} +{{- end -}} diff --git a/kubernetes/common/common/templates/_ingress.tpl b/kubernetes/common/common/templates/_ingress.tpl index 49d7eeb415..b4afe6309d 100644 --- a/kubernetes/common/common/templates/_ingress.tpl +++ b/kubernetes/common/common/templates/_ingress.tpl @@ -1,12 +1,24 @@ {{- define "ingress.config.port" -}} {{- if .Values.ingress -}} -{{- if .Values.ingress.service -}} +{{- if or (not .Values.global.ingress.virtualhost) (not .Values.global.ingress.virtualhost.enabled) -}} + - http: + paths: {{- range .Values.ingress.service }} - - path: {{ .path }} + - path: {{ printf "/%s" (required "baseaddr" .baseaddr) }} backend: serviceName: {{ .name }} servicePort: {{ .port }} {{- end -}} +{{- else if .Values.ingress.service -}} +{{- $burl := (required "baseurl" .Values.global.ingress.virtualhost.baseurl) -}} +{{ range .Values.ingress.service }} + - host: {{ printf "%s.%s" (required "baseaddr" .baseaddr) $burl }} + http: + paths: + - backend: + serviceName: {{ .name }} + servicePort: {{ .port }} +{{- end -}} {{- else -}} - path: {{ printf "/%s" .Chart.Name }} backend: @@ -17,18 +29,37 @@ {{- end -}} +{{- define "ingress.config.annotations.ssl" -}} +{{- if .Values.ingress.config -}} +{{- if .Values.ingress.config.ssl -}} +{{- if eq .Values.ingress.config.ssl "redirect" -}} +kubernetes.io/ingress.class: nginx +nginx.ingress.kubernetes.io/ssl-passthrough: "true" +nginx.ingress.kubernetes.io/ssl-redirect: "true" +{{- else if eq .Values.ingress.config.ssl "native" -}} +nginx.ingress.kubernetes.io/ssl-redirect: "true" +{{- else if eq .Values.ingress.config.ssl "none" -}} +nginx.ingress.kubernetes.io/ssl-redirect: "false" +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} + + {{- define "ingress.config.annotations" -}} {{- if .Values.ingress -}} {{- if .Values.ingress.annotations -}} {{ toYaml .Values.ingress.annotations | indent 4 | trim }} {{- end -}} {{- end -}} +{{ include "ingress.config.annotations.ssl" . | indent 4 | trim }} {{- end -}} {{- define "common.ingress" -}} {{- if .Values.ingress -}} -{{- if .Values.ingress.enabled -}} +{{- if .Values.global.ingress -}} +{{- if and .Values.ingress.enabled .Values.global.ingress.enabled -}} apiVersion: extensions/v1beta1 kind: Ingress metadata: @@ -42,9 +73,7 @@ metadata: heritage: {{ .Release.Service }} spec: rules: - - http: - paths: - {{- include "ingress.config.port" . }} + {{ include "ingress.config.port" . | trim }} {{- if .Values.ingress.tls }} tls: {{ toYaml .Values.ingress.tls | indent 4 }} @@ -52,4 +81,4 @@ spec: {{- end -}} {{- end -}} {{- end -}} - +{{- end -}}
\ No newline at end of file diff --git a/kubernetes/common/common/templates/_mariadb.tpl b/kubernetes/common/common/templates/_mariadb.tpl new file mode 100644 index 0000000000..15fb5a4225 --- /dev/null +++ b/kubernetes/common/common/templates/_mariadb.tpl @@ -0,0 +1,59 @@ +{{/* +# Copyright © 2019 Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{/* + Choose the name of the mariadb service to use. +*/}} +{{- define "common.mariadbService" -}} + {{- if .Values.global.mariadbGalera.localCluster -}} + {{- index .Values "mariadb-galera" "service" "name" -}} + {{- else -}} + {{- .Values.global.mariadbGalera.service -}} + {{- end -}} +{{- end -}} + +{{/* + Choose the value of mariadb port to use. +*/}} +{{- define "common.mariadbPort" -}} + {{- if .Values.global.mariadbGalera.localCluster -}} + {{- index .Values "mariadb-galera" "service" "internalPort" -}} + {{- else -}} + {{- .Values.global.mariadbGalera.internalPort -}} + {{- end -}} +{{- end -}} + +{{/* + Choose the value of secret to retrieve user value. +*/}} +{{- define "common.mariadbSecret" -}} + {{- if .Values.global.mariadbGalera.localCluster -}} + {{ printf "%s-%s-db-user-credentials" (include "common.fullname" .) (index .Values "mariadb-galera" "nameOverride") -}} + {{- else -}} + {{ printf "%s-%s" (.Release.Name) (index .Values "mariadb-init" "nameOverride") -}} + {{- end -}} +{{- end -}} + +{{/* + Choose the value of secret param to retrieve user value. +*/}} +{{- define "common.mariadbSecretParam" -}} + {{- if .Values.global.mariadbGalera.localCluster -}} + {{ printf "password" -}} + {{- else -}} + {{ printf "db-user-password" -}} + {{- end -}} +{{- end -}} diff --git a/kubernetes/common/common/templates/_name.tpl b/kubernetes/common/common/templates/_name.tpl index 4299984673..f84ca21f3a 100644 --- a/kubernetes/common/common/templates/_name.tpl +++ b/kubernetes/common/common/templates/_name.tpl @@ -28,4 +28,14 @@ {{- define "common.fullname" -}} {{- $name := default .Chart.Name .Values.nameOverride -}} {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}}
\ No newline at end of file +{{- end -}} + +{{/* + Retrieve the "original" release from the component release: + if ONAP is deploy with "helm deploy --name toto", then cassandra components + will have "toto-cassandra" as release name. + this function would answer back "toto". +*/}} +{{- define "common.release" -}} + {{- regexReplaceAll "-[a-zA-Z0-9]*$" .Release.Name "" }} +{{- end -}} diff --git a/kubernetes/common/common/templates/_secret.yaml b/kubernetes/common/common/templates/_secret.yaml new file mode 100644 index 0000000000..523d7880f0 --- /dev/null +++ b/kubernetes/common/common/templates/_secret.yaml @@ -0,0 +1,276 @@ +{{/* +# Copyright © 2019 AT&T, Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{/* + For internal use only! + + Generates a secret header with given name and desired labels. + + The template takes two arguments: + - .global: environment (.) + - .name: name of the secret + + Example call: + {{ include "common.secret._header" (dict "global" . "name" "myFancyName") }} +*/}} +{{- define "common.secret._header" -}} +{{- $global := .global }} +{{- $name := .name }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ $name }} + namespace: {{ include "common.namespace" $global }} + labels: + app: {{ include "common.name" $global }} + chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }} + release: {{ $global.Release.Name }} + heritage: {{ $global.Release.Service }} +type: Opaque +{{- end -}} + +{{/* + For internal use only! + + Pick a value based on "user input" and generation policy. + + The template takes below arguments: + - .global: environment (.) + - .secretName: name of the secret where the value will be placed + - .secretEnv: map of values which configures this secret. This can contain below keys: + - value: Value of secret key provided by user (can be a template inside a string) + - policy: What to do if value is missing or empty. Possible options are: + - generate: Generate a new password deriving it from master password + - required: Fail the deployment if value has not been provided + Defaults to generate. + - name: Name of the key to which this value should be assigned +*/}} +{{- define "common.secret._value" -}} + {{- $global := .global }} + {{- $name := .secretName }} + {{- $secretEnv := .secretEnv }} + {{- $value := tpl $secretEnv.value $global }} + {{- $policy := default "generate" $secretEnv.policy }} + + {{- if $value }} + {{- $value | quote }} + {{- else if eq $policy "generate" }} + {{- include "common.createPassword" (dict "dot" $global "uid" $name) | quote }} + {{- else }} + {{- fail (printf "Value for %s secret %s key not provided" $name $secretEnv.name) }} + {{- end }} +{{- end -}} + + +{{/* + For internal use only! + + Generate a secret name based on provided name or UID. + If UID is provided then the name is generated by appending this UID right after + the chart name. If name is provided, it overrides the name generation algorith + and is used right away. Both name and uid strings may contain a template to be + resolved. + + The template takes below arguments: + - .global: environment (.) + - .uid: string that uniquely identifies this secret within a helm chart + - .name: string that can be used to override default name generation algorithm + and provide a custom name for the secret +*/}} +{{- define "common.secret._genName" -}} + {{- $global := .global }} + {{- $uid := tpl (default "" .uid) $global }} + {{- $name := tpl (default "" .name) $global }} + {{- default (printf "%s-%s" (include "common.fullname" $global) $uid) $name }} +{{- end -}} + +{{/* + Get the real secret name by UID or name, based on the configuration provided by user. + User may decide to not create a new secret but reuse existing one for this deployment + (aka externalSecret). In this case the real name of secret to be used is different + than the one declared in secret definition. This easily retrieve current secret real + name based on declared name or UID even if it has been overrided by the user using + externalSecret option. You should use this template always when you need to reference + a secret created using common.secret template by name. + + The template takes below arguments: + - .global: environment (.) + - .uid: string that uniquely identifies this secret within a helm chart + (can be omitted if name has been provided) + - .name: name which was used to declare a secret + (can be omitted if uid has been provided) +*/}} +{{- define "common.secret.getSecretName" -}} + {{- $global := .global }} + {{- $targetName := include "common.secret._genName" (dict "global" $global "uid" .uid "name" .name) }} + {{- range $secret := $global.Values.secrets }} + {{- $currName := include "common.secret._genName" (dict "global" $global "uid" $secret.uid "name" $secret.name) }} + {{- if eq $currName $targetName }} + {{- $externalSecret := tpl (default "" $secret.externalSecret) $global }} + {{- default $currName $externalSecret }} + {{- end }} + {{- end }} +{{- end -}} + +{{/* + Convenience template which can be used to easily set the value of environment variable + to the value of a key in a secret. + + It takes care of all name mangling, usage of external secrets etc. + + The template takes below arguments: + - .global: environment (.) + - .uid: string that uniquely identifies this secret within a helm chart + (can be omitted if name has been provided) + - .name: name which was used to declare a secret + (can be omitted if uid has been provided) + - .key: Key within this secret which value should be assigned to this variable + + Example usage: + env: + - name: SECRET_PASSWORD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "secret" "key" "password") | indent 8}} +*/}} +{{- define "common.secret.envFromSecret" -}} + {{- $key := .key }} +valueFrom: + secretKeyRef: + name: {{ include "common.secret.getSecretName" . }} + key: {{ $key }} +{{- end -}} + +{{/* + Define secrets to be used by chart. + Every secret has a type which is one of: + - generic: + Generic secret template that allows to input some raw data (from files). + File Input can be passed as list of files (filePaths) or as a single string + (filePath) + - genericKV: + Type of secret which allows you to define a list of key value pairs. + The list is assiged to envs value. Every item may define below items: + - name: + Identifier of this value within secret + - value: + String that defines a value associated with given key. + This can be a simple string or a template. + - policy: + Defines what to do if value is not provided by the user. + Available options are: + - generate: + Generate a value by derriving it from master password + - required: + Fail the deployment + - password: + Type of secret that holds only the password. + Only two items can be defined for this type: + - password: + Equivalent of value field from genericKV + - policy: + The same meaning as for genericKV policy field + - basicAuth: + Type of secret that holds both username and password. + Below fields are available: + - login: + The value for login key. + This can be a simple string or a template. + Providing a value for login is always required. + - password: + The value for password key. + This can be a simple string or a template. + - passwordPolicy: + The same meaning as the policy field in genericKV. + Only the policy for password can be set. + + Every secret can be identified using: + - uid: + A string to be appended to the chart fullname to generate a secret name. + - name: + Overrides default secret name generation and allows to set immutable + and globaly unique name + + To allow sharing a secret between the components and allow to pre-deploy secrets + before ONAP deployment it is possible to use already existing secret instead of + creating a new one. For this purpose externalSecret field can be used. If value of + this field is evaluated to true no new secret is created, only the name of the + secret is aliased to the external one. + + Example usage: + secrets.yaml: + {{ include "common.secret" . }} + + values.yaml: + mysqlLogin: "root" + + mysqlExternalSecret: "some-other-secret-name" + + secrets: + - uid: "mysql" + externalSecret: '{{ tpl .Values.passExternalSecret . }}' + type: basicAuth + login: '{{ .Values.mysqlLogin }}' + mysqlPassword: '{{ .Values.mysqlPassword }}' + passwordPolicy: generate + + In the above example new secret is not going to be created. + Already existing one (some-other-secret-name) is going to be used. + To force creating a new one, just make sure that mysqlExternalSecret + is not set. + +*/}} +{{- define "common.secret" -}} + {{- $global := . }} + {{- range $secret := .Values.secrets }} + {{- $name := include "common.secret._genName" (dict "global" $global "uid" $secret.uid "name" $secret.name) }} + {{- $type := default "generic" $secret.type }} + {{- $externalSecret := tpl (default "" $secret.externalSecret) $global }} + {{- if not $externalSecret }} +--- + {{ include "common.secret._header" (dict "global" $global "name" $name) }} + + {{- if eq $type "generic" }} +data: + {{- range $curFilePath := $secret.filePaths }} + {{ tpl ($global.Files.Glob $curFilePath).AsSecrets $global | indent 2 }} + {{- end }} + {{- if $secret.filePath }} + {{ tpl ($global.Files.Glob $secret.filePath).AsSecrets $global | indent 2 }} + {{- end }} + {{- else if eq $type "genericKV" }} +stringData: + {{- if $secret.envs }} + {{- range $secretEnv := $secret.envs }} + {{- $valueDesc := (dict "global" $global "secretName" $name "secretEnv" $secretEnv) }} + {{ $secretEnv.name }}: {{ include "common.secret._value" $valueDesc }} + {{- end }} + {{- end }} + {{- else if eq $type "password" }} + {{- $secretEnv := (dict "policy" (default "generate" $secret.policy) "name" "password" "value" $secret.password) }} + {{- $valueDesc := (dict "global" $global "secretName" $name "secretEnv" $secretEnv) }} +stringData: + password: {{ include "common.secret._value" $valueDesc }} + {{- else if eq $type "basicAuth" }} +stringData: + {{- $secretEnv := (dict "policy" "required" "name" "login" "value" $secret.login) }} + {{- $valueDesc := (dict "global" $global "secretName" $name "secretEnv" $secretEnv) }} + login: {{ include "common.secret._value" $valueDesc }} + {{- $secretEnv := (dict "policy" (default "generate" $secret.passwordPolicy) "name" "password" "value" $secret.password) }} + {{- $valueDesc := (dict "global" $global "secretName" $name "secretEnv" $secretEnv) }} + password: {{ include "common.secret._value" $valueDesc }} + {{- end }} + {{- end }} + {{- end }} +{{- end -}} diff --git a/kubernetes/common/common/templates/_storageClass.tpl b/kubernetes/common/common/templates/_storageClass.tpl new file mode 100644 index 0000000000..8fd1f9772b --- /dev/null +++ b/kubernetes/common/common/templates/_storageClass.tpl @@ -0,0 +1,57 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{/* + Expand the name of the storage class. + The value "common.fullname"-data is used by default, + unless either override mechanism is used. + + - .Values.global.persistence.storageClass : override default storageClass for all charts + - .Values.persistence.storageClassOverride : override global and default storage class on a per chart basis + - .Values.persistence.storageClass : override default storage class on a per chart basis +*/}} +{{- define "common.storageClass" -}} + {{- if .Values.persistence.storageClassOverride -}} + {{- if ne "-" .Values.persistence.storageClassOverride -}} + {{- printf "%s" .Values.persistence.storageClassOverride -}} + {{- else -}} + {{- $storage_class := "" -}} + {{- printf "%q" $storage_class -}} + {{- end -}} + {{- else -}} + {{- if or .Values.persistence.storageClass .Values.global.persistence.storageClass }} + {{- if ne "-" (default .Values.persistence.storageClass .Values.global.persistence.storageClass) -}} + {{- printf "%s" (default .Values.persistence.storageClass .Values.global.persistence.storageClass) -}} + {{- else -}} + {{- $storage_class := "" -}} + {{- printf "%q" $storage_class -}} + {{- end -}} + {{- else -}} + {{- printf "%s-data" (include "common.fullname" .) -}} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* + Calculate if we need a PV. If a storageClass is provided, then we don't need. +*/}} +{{- define "common.needPV" -}} +{{- if or (or .Values.persistence.storageClassOverride .Values.persistence.storageClass) .Values.global.persistence.storageClass -}} + False +{{- else -}} + True +{{- end -}} +{{- end -}} diff --git a/kubernetes/common/etcd/Chart.yaml b/kubernetes/common/etcd/Chart.yaml index a01524c42f..012a4e13ce 100644 --- a/kubernetes/common/etcd/Chart.yaml +++ b/kubernetes/common/etcd/Chart.yaml @@ -11,7 +11,8 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - + +apiVersion: v1 name: etcd home: https://github.com/coreos/etcd version: 5.0.0 diff --git a/kubernetes/common/etcd/templates/pv.yaml b/kubernetes/common/etcd/templates/pv.yaml index 65993e5f2a..da8dfb8a22 100644 --- a/kubernetes/common/etcd/templates/pv.yaml +++ b/kubernetes/common/etcd/templates/pv.yaml @@ -12,30 +12,34 @@ # See the License for the specific language governing permissions and # limitations under the License. -{{ if .Values.persistence.enabled }} -{{- $root := . -}} -{{ range $i, $e := until (int $root.Values.replicaCount) }} +{{- $global := . }} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} --- apiVersion: v1 kind: PersistentVolume metadata: - name: {{ include "common.fullname" $root }}-data-{{ $i }} - namespace: {{ $root.Release.Namespace }} + name: {{ include "common.fullname" $global }}-data-{{ $i }} + namespace: {{ include "common.namespace" $global }} labels: - type: {{ $root.Values.persistence.storageType }} - app: {{ include "common.fullname" $root }} - chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} - release: {{ $root.Release.Name }} - heritage: {{ $root.Release.Service }} + app: {{ include "common.fullname" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }} spec: capacity: - storage: {{ $root.Values.persistence.storage }} + storage: {{ $global.Values.persistence.storage }} accessModes: - - {{ $root.Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" $root }}-data" + - {{ $global.Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }} - persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }} -{{ end }} -{{ end }} - + path: {{ $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/common/etcd/templates/statefulset.yaml b/kubernetes/common/etcd/templates/statefulset.yaml index 7190c5bca0..cef1a48c2a 100644 --- a/kubernetes/common/etcd/templates/statefulset.yaml +++ b/kubernetes/common/etcd/templates/statefulset.yaml @@ -213,14 +213,19 @@ spec: volumeClaimTemplates: - metadata: name: {{ include "common.fullname" . }}-data + labels: + name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" spec: accessModes: - - "{{ .Values.persistence.accessMode }}" + - "{{ .Values.persistence.accessMode }}" + storageClassName: {{ include "common.storageClass" . }} resources: requests: # upstream recommended max is 700M storage: "{{ .Values.persistence.storage }}" - storageClassName: {{ include "common.fullname" . }}-data {{- else }} volumes: - name: {{ include "common.fullname" . }}-data @@ -231,4 +236,3 @@ spec: emptyDir: {} {{- end }} {{- end }} - diff --git a/kubernetes/common/etcd/values.yaml b/kubernetes/common/etcd/values.yaml index 7f53d22248..d994f87ea4 100644 --- a/kubernetes/common/etcd/values.yaml +++ b/kubernetes/common/etcd/values.yaml @@ -45,7 +45,7 @@ liveness: enabled: true persistence: - enabled: false + enabled: true ## etcd data Persistent Volume Storage Class ## If defined, storageClassName: <storageClass> ## If set to "-", storageClassName: "", which disables dynamic provisioning @@ -79,4 +79,3 @@ tolerations: [] affinity: {} extraEnv: [] resources: {} - diff --git a/kubernetes/common/mariadb-galera/.helmignore b/kubernetes/common/mariadb-galera/.helmignore index f0c1319444..f3d010c5f7 100644 --- a/kubernetes/common/mariadb-galera/.helmignore +++ b/kubernetes/common/mariadb-galera/.helmignore @@ -19,3 +19,6 @@ .project .idea/ *.tmproj + +# Unit tests folder +tests diff --git a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml index 7d3ec75c00..408bd1814c 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2019 Amdocs, Bell Canada +# Copyright © 2019 Amdocs, Bell Canada, Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -86,25 +86,17 @@ spec: echo "Backup Successful!!!" env: - name: DB_PASS - valueFrom: - secretKeyRef: - name: {{ include "common.fullname" . }} - key: db-root-password + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}} volumeMounts: - - name: backup-data + - name: backup-dir mountPath: /backup - - name: db-data - mountPath: /var/lib/mysql containers: - name: mariadb-backup-validate image: "{{ include "common.repository" . }}/{{ .Values.backupImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "common.fullname" . }} - key: db-root-password + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}} command: - /bin/bash - -c @@ -130,7 +122,7 @@ spec: remove_dir $target_dir exit 0 fi - + /docker-entrypoint.sh mysqld & count=0 @@ -163,16 +155,13 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - - name: backup-data + - name: backup-dir mountPath: /backup volumes: - name: localtime hostPath: path: /etc/localtime - - name: db-data - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-db-data - - name: backup-data + - name: backup-dir persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-backup + claimName: {{ include "common.fullname" . }}-backup-data {{- end }} diff --git a/kubernetes/common/mariadb-galera/templates/backup/pv.yaml b/kubernetes/common/mariadb-galera/templates/backup/pv.yaml index 2972191563..ec6f44d955 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/pv.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/pv.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2019 Amdocs, Bell Canada +# Copyright © 2019 Amdocs, Bell Canada, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,45 +15,27 @@ */}} {{- if .Values.backup.enabled }} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-backup - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }}-backup -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" . }}/{{include "common.name" . }} +{{- if eq "True" (include "common.needPV" .) -}} --- -kind: PersistentVolume apiVersion: v1 +kind: PersistentVolume metadata: - name: {{ include "common.fullname" . }}-db-data + name: {{ include "common.fullname" . }}-backup-data namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }}-db-data + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }}-backup-data spec: capacity: - storage: {{ .Values.persistence.size}} + storage: {{ .Values.persistence.size }} accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data-backup" hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}{{ sub .Values.replicaCount 1 }} + path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" $ }}/{{ include "common.fullname" $ }} +{{- end -}} {{- end -}} {{- end -}} - diff --git a/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml b/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml index a983c8af98..06b590c7fd 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2019 Amdocs, Bell Canada +# Copyright © 2019 Amdocs, Bell Canada, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,44 +15,14 @@ */}} {{- if .Values.backup.enabled }} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-backup - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-backup - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }}-backup - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} --- kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ include "common.fullname" . }}-db-data + name: {{ include "common.fullname" . }}-backup-data namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }}-db-data + app: {{ include "common.name" . }}-backup chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" @@ -61,21 +31,15 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }}-db-data accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" +{{- if eq "True" (include "common.needPV" .) -}} + storageClassName: "{{ include "common.fullname" . }}-data-backup" {{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} + storageClassName: {{ include "common.storageClass" . }} +{{- end -}} {{- end -}} {{- end -}} - diff --git a/kubernetes/common/mariadb-galera/templates/configmap.yaml b/kubernetes/common/mariadb-galera/templates/configmap.yaml index 9c9a248f35..ff6e119b0c 100644 --- a/kubernetes/common/mariadb-galera/templates/configmap.yaml +++ b/kubernetes/common/mariadb-galera/templates/configmap.yaml @@ -12,19 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-confd - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }} ---- {{- if .Values.externalConfig }} apiVersion: v1 kind: ConfigMap @@ -39,4 +26,4 @@ metadata: data: my_extra.cnf: | {{ .Values.externalConfig | indent 4 }} -{{- end -}}
\ No newline at end of file +{{- end -}} diff --git a/kubernetes/common/mariadb-galera/templates/pv.yaml b/kubernetes/common/mariadb-galera/templates/pv.yaml index a2096fdef3..795ad3188b 100644 --- a/kubernetes/common/mariadb-galera/templates/pv.yaml +++ b/kubernetes/common/mariadb-galera/templates/pv.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2019 Amdocs, Bell Canada, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,12 +14,13 @@ # limitations under the License. */}} {{- $global := . }} -{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) -}} -{{- range $i, $t := until (int $global.Values.replicaCount)}} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" $global }}-data{{$i}} + name: {{ include "common.fullname" $global }}-data-{{ $i }} namespace: {{ include "common.namespace" $global }} labels: app: {{ include "common.fullname" $global }} @@ -35,7 +36,10 @@ spec: persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}{{$i}} + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} --- {{- end -}} {{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/common/mariadb-galera/templates/secrets.yaml b/kubernetes/common/mariadb-galera/templates/secrets.yaml index 233158f791..3f8eb0b6de 100644 --- a/kubernetes/common/mariadb-galera/templates/secrets.yaml +++ b/kubernetes/common/mariadb-galera/templates/secrets.yaml @@ -1,4 +1,5 @@ # Copyright © 2018 Amdocs, Bell Canada +# Copyright © 2019 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,18 +12,4 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -type: Opaque -data: - db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }} - user-password: {{ default "" .Values.config.userPassword | b64enc | quote }}
\ No newline at end of file +{{ include "common.secret" . }} diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml index b0b7174811..a9f1fb37b7 100644 --- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml +++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, Bell Canada +# Copyright © 2019 Amdocs, Bell Canada, Orange, Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -61,19 +61,13 @@ spec: apiVersion: v1 fieldPath: metadata.namespace - name: MYSQL_USER - value: {{ default "" .Values.config.userName | quote }} + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-credentials" "key" "login") | indent 14}} - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: user-password + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-credentials" "key" "password") | indent 14}} - name: MYSQL_DATABASE value: {{ default "" .Values.config.mysqlDatabase | quote }} - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: db-root-password + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}} ports: - containerPort: {{ .Values.service.internalPort }} name: {{ .Values.service.portName }} @@ -112,7 +106,7 @@ spec: - mountPath: /var/lib/mysql name: {{ include "common.fullname" . }}-data initContainers: - - name: mariadb-galera-prepare + - name: {{ include "common.name" . }}-prepare image: "{{ include "common.repository" . }}/{{ .Values.imageInit }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy | quote}} command: ["sh", "-c", "chown -R 27:27 /var/lib/mysql"] @@ -130,11 +124,8 @@ spec: spec: accessModes: - {{ .Values.persistence.accessMode | quote }} - storageClassName: {{ include "common.fullname" . }}-data + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size | quote }} - selector: - matchLabels: - name: {{ include "common.fullname" . }} {{- end }} diff --git a/kubernetes/common/mariadb-galera/tests/pv_test.yaml b/kubernetes/common/mariadb-galera/tests/pv_test.yaml new file mode 100644 index 0000000000..cd4007960b --- /dev/null +++ b/kubernetes/common/mariadb-galera/tests/pv_test.yaml @@ -0,0 +1,35 @@ +--- +suite: test pv behavior +templates: + - pv.yaml +tests: + - it: 'should render "" (global case))' + values: + - ./values/persistence.yaml + set: + global.persistence.storageClass: "-" + asserts: + - isEmpty: + + - it: 'should "" (override case)' + values: + - ./values/persistence.yaml + set: + global.persistence.storageClass: "global" + persistence.storageClassOverride: "-" + asserts: + - isEmpty: + + - it: 'should "" (local case)' + values: + - ./values/persistence.yaml + set: + persistence.storageClass: "-" + asserts: + - isEmpty: + + - it: 'should render "RELEASE-NAME-mariadb-galera-data" as storageClassname' + asserts: + - equal: + path: spec.storageClassName + value: "RELEASE-NAME-mariadb-galera-data" diff --git a/kubernetes/common/mariadb-galera/tests/storage_class_test.yaml b/kubernetes/common/mariadb-galera/tests/storage_class_test.yaml new file mode 100644 index 0000000000..9b7bdcb550 --- /dev/null +++ b/kubernetes/common/mariadb-galera/tests/storage_class_test.yaml @@ -0,0 +1,67 @@ +--- +suite: test storage class behavior +templates: + - statefulset.yaml +tests: + - it: 'should render "" as storageClassname (global case)' + values: + - ./values/persistence.yaml + set: + global.persistence.storageClass: "-" + asserts: + - isEmpty: + path: spec.volumeClaimTemplates[0].spec.storageClassName + + - it: 'should "" as storageClassname (override case)' + values: + - ./values/persistence.yaml + set: + global.persistence.storageClass: "global" + persistence.storageClassOverride: "-" + asserts: + - isEmpty: + path: spec.volumeClaimTemplates[0].spec.storageClassName + + - it: 'should "" as storageClassname (local case)' + values: + - ./values/persistence.yaml + set: + persistence.storageClass: "-" + asserts: + - isEmpty: + path: spec.volumeClaimTemplates[0].spec.storageClassName + + - it: 'should render "global" as storageClassname' + values: + - ./values/persistence.yaml + set: + global.persistence.storageClass: "global" + asserts: + - equal: + path: spec.volumeClaimTemplates[0].spec.storageClassName + value: "global" + + - it: 'should render "local" as storageClassname' + values: + - ./values/persistence.yaml + asserts: + - equal: + path: spec.volumeClaimTemplates[0].spec.storageClassName + value: "local" + + - it: 'should render "override" as storageClassname' + values: + - ./values/persistence.yaml + set: + global.persistence.storageClass: "global" + persistence.storageClassOverride: "override" + asserts: + - equal: + path: spec.volumeClaimTemplates[0].spec.storageClassName + value: "override" + + - it: 'should render "RELEASE-NAME-mariadb-galera-data" as storageClassname' + asserts: + - equal: + path: spec.volumeClaimTemplates[0].spec.storageClassName + value: "RELEASE-NAME-mariadb-galera-data" diff --git a/kubernetes/common/mariadb-galera/tests/values/persistence.yaml b/kubernetes/common/mariadb-galera/tests/values/persistence.yaml new file mode 100644 index 0000000000..a282f74318 --- /dev/null +++ b/kubernetes/common/mariadb-galera/tests/values/persistence.yaml @@ -0,0 +1,6 @@ +--- +persistence: + enabled: true + existingClaim: false + size: 10Gb + storageClass: "local" diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index a662b1e04a..a6dd1ca359 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -1,4 +1,5 @@ # Copyright © 2018 Amdocs, Bell Canada +# Copyright © 2019 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +14,21 @@ # limitations under the License. ################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: "db-root-password" + type: password + externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}' + password: '{{ .Values.config.mariadbRootPassword }}' + - uid: "db-user-credentials" + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.userName }}' + password: '{{ .Values.config.userPassword }}' + + +################################################################# # Global configuration defaults. ################################################################# global: @@ -35,13 +51,15 @@ global: #repository: mysql repository: nexus3.onap.org:10001 image: adfinissygroup/k8s-mariadb-galera-centos:v002 -backupImage: library/mariadb:10.1.38 +backupImage: library/mariadb:10.1.38 imageInit: busybox pullPolicy: IfNotPresent # application configuration config: + # .mariadbRootPasswordExternalSecret: 'some-external-secret' mariadbRootPassword: secretpassword + # .userCredentialsExternalSecret: 'some-external-secret' userName: my-user userPassword: my-password mysqlDatabase: my-database @@ -91,7 +109,7 @@ persistence: mountSubPath: "mariadb-galera/data" mysqlPath: /var/lib/mysql backup: - mountPath: /dockerdata-nfs/backup + mountPath: /dockerdata-nfs/backup{{- if or (or .Values.storageClassOverride .Values.persistence.storageClass) .Values.global.persistence.storageClass -}} service: internalPort: 3306 diff --git a/kubernetes/multicloud/charts/multicloud-lenovo/.helmignore b/kubernetes/common/mariadb-init/.helmignore index f0c1319444..dadf202953 100644 --- a/kubernetes/multicloud/charts/multicloud-lenovo/.helmignore +++ b/kubernetes/common/mariadb-init/.helmignore @@ -19,3 +19,5 @@ .project .idea/ *.tmproj + +tests diff --git a/kubernetes/common/mysql/Chart.yaml b/kubernetes/common/mariadb-init/Chart.yaml index 7f272295ff..47b8b8f11c 100644 --- a/kubernetes/common/mysql/Chart.yaml +++ b/kubernetes/common/mariadb-init/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: MySQL Server -name: mysql +description: Chart for MariaDB Galera init job +name: mariadb-init version: 5.0.0 diff --git a/kubernetes/common/mariadb-init/requirements.yaml b/kubernetes/common/mariadb-init/requirements.yaml new file mode 100644 index 0000000000..d323ddaa2b --- /dev/null +++ b/kubernetes/common/mariadb-init/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~5.x-0 + repository: 'file://../common'
\ No newline at end of file diff --git a/kubernetes/common/mariadb-init/resources/config/db_init.sh b/kubernetes/common/mariadb-init/resources/config/db_init.sh new file mode 100755 index 0000000000..b2fdb14b12 --- /dev/null +++ b/kubernetes/common/mariadb-init/resources/config/db_init.sh @@ -0,0 +1,36 @@ +#!/bin/bash +# Copyright © 2019 Orange +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +while read DB ; do + USER_VAR="MYSQL_USER_${DB^^}" + PASS_VAR="MYSQL_PASSWORD_${DB^^}" + USER=${!USER_VAR} + PASS=${!PASS_VAR} + MYSQL_OPTS=( -h ${DB_HOST} -P ${DB_PORT} -uroot -p${MYSQL_ROOT_PASSWORD} ) + + echo "Creating database ${DB} and user ${USER}..." + + mysql "${MYSQL_OPTS[@]}" -e "CREATE OR REPLACE USER '${USER}'@'%' IDENTIFIED BY '${PASS}'" + mysql "${MYSQL_OPTS[@]}" -e "CREATE DATABASE IF NOT EXISTS ${DB}" + mysql "${MYSQL_OPTS[@]}" -e "GRANT ALL PRIVILEGES ON ${DB}.* TO '${USER}'@'%'" + + echo "Created database ${DB} and user ${USER}." +done <<EOF +{{ .Values.config.mysqlDatabase }} +{{- range $db, $_value := .Values.config.mysqlAdditionalDatabases }} +{{ $db }} +{{- end }} +EOF diff --git a/kubernetes/common/mongo/templates/storageclass.yaml b/kubernetes/common/mariadb-init/templates/_configmap.tpl index 3cd502ea30..ea612a078d 100644 --- a/kubernetes/common/mongo/templates/storageclass.yaml +++ b/kubernetes/common/mariadb-init/templates/_configmap.tpl @@ -1,5 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2019 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,11 +14,13 @@ # limitations under the License. */}} -{{ if not .Values.disableNfsProvisioner }} -kind: StorageClass -apiVersion: storage.k8s.io/v1 -metadata: - name: "{{ include "common.fullname" . }}-data" - namespace: {{ include "common.namespace" . }} -provisioner: {{ include "common.fullname" . }}/nfs -{{ end }} +{{/* + Choose the name of the configmap to use. +*/}} +{{- define "mariadbInit.configMap" -}} + {{- if (eq "default" .Values.config.config_map) -}} + {{- include "common.fullname" . -}} + {{- else -}} + {{- printf "%s-%s" (include "common.release" .) .Values.config.config_map -}} + {{- end -}} +{{- end -}} diff --git a/kubernetes/common/mariadb-init/templates/_mariadb.tpl b/kubernetes/common/mariadb-init/templates/_mariadb.tpl new file mode 100644 index 0000000000..fb3f7974b9 --- /dev/null +++ b/kubernetes/common/mariadb-init/templates/_mariadb.tpl @@ -0,0 +1,26 @@ +{{/* +# Copyright © 2019 Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{/* + Choose the name of the mariadb secret to use. +*/}} +{{- define "mariadbInit.mariadbClusterSecret" -}} + {{- if (eq "default" .Values.global.mariadbGalera.userRootSecret) -}} + {{- printf "%s-mariadb-galera-%s-db-root-password" (include "common.release" .) .Values.global.mariadbGalera.nameOverride -}} + {{- else -}} + {{- .Values.global.mariadbGalera.userRootSecret -}} + {{- end -}} +{{- end -}} diff --git a/kubernetes/common/mysql/templates/secrets.yaml b/kubernetes/common/mariadb-init/templates/configmap.yaml index 7f9b1230eb..9da03668f5 100644 --- a/kubernetes/common/mysql/templates/secrets.yaml +++ b/kubernetes/common/mariadb-init/templates/configmap.yaml @@ -1,5 +1,5 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2019 Orange +# Modifications Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,18 +12,16 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -*/}} apiVersion: v1 -kind: Secret +kind: ConfigMap metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.fullname" . }} + app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} -type: Opaque data: - db-root-password: {{ .Values.config.dbRootPassword | b64enc | quote }} +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/common/mariadb-init/templates/job.yaml b/kubernetes/common/mariadb-init/templates/job.yaml new file mode 100644 index 0000000000..f3ff9934ab --- /dev/null +++ b/kubernetes/common/mariadb-init/templates/job.yaml @@ -0,0 +1,110 @@ +# Copyright © 2019 Orange +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-config-job + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + backoffLimit: 20 + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + name: {{ include "common.name" . }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py + args: + - --container-name + - {{ .Values.global.mariadbGalera.nameOverride }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - bash + - /db_init/db_init.sh + env: + - name: DB_HOST + value: "{{ .Values.global.mariadbGalera.nameOverride }}" + - name: DB_PORT + value: "{{ .Values.global.mariadbGalera.servicePort }}" + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "mariadbInit.mariadbClusterSecret" . }} + key: {{ .Values.global.mariadbGalera.userRootSecretKey }} + - name: {{ printf "MYSQL_USER_%s" .Values.config.mysqlDatabase | upper }} + value: "{{ .Values.config.userName }}" + - name: {{ printf "MYSQL_PASSWORD_%s" .Values.config.mysqlDatabase | upper }} + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: db-user-password +{{- $root := . }} +{{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases }} + - name: {{ printf "MYSQL_USER_%s" $db | upper }} + value: {{ $dbInfos.user }} + - name: {{ printf "MYSQL_PASSWORD_%s" $db | upper }} + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" $root }}-secret + key: {{ printf "db-%s-user-password" $db }} +{{ end }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: mariadb-conf + mountPath: /db_init/ + readOnly: true + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: mariadb-conf + configMap: + name: {{ include "mariadbInit.configMap" . }} + - name: localtime + hostPath: + path: /etc/localtime + restartPolicy: Never + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/nbi/templates/secrets.yaml b/kubernetes/common/mariadb-init/templates/secret.yaml index c29cb1cf0e..f30d582110 100644 --- a/kubernetes/nbi/templates/secrets.yaml +++ b/kubernetes/common/mariadb-init/templates/secret.yaml @@ -15,7 +15,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ include "common.fullname" . }}-secret + name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -24,5 +24,7 @@ metadata: heritage: {{ .Release.Service }} type: Opaque data: - db-user-password: {{ .Values.mariadb.config.db.password | b64enc | quote }} - db-root-password: {{ .Values.mariadb.config.db.root_password | b64enc | quote }} + db-user-password: {{ index .Values.config.userPassword | b64enc | quote }} +{{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases }} + {{ printf "db-%s-user-password" $db}}: {{ $dbInfos.password | b64enc | quote }} +{{ end }} diff --git a/kubernetes/common/mariadb-init/tests/configmap_test.yaml b/kubernetes/common/mariadb-init/tests/configmap_test.yaml new file mode 100644 index 0000000000..34914cdb3e --- /dev/null +++ b/kubernetes/common/mariadb-init/tests/configmap_test.yaml @@ -0,0 +1,114 @@ +--- +suite: test configmap behavior +templates: + - configmap.yaml +tests: + - it: "should render with default value" + asserts: + - isKind: + of: ConfigMap + - equal: + path: metadata.name + value: RELEASE-NAME-mariadb-init + - equal: + path: metadata.namespace + value: NAMESPACE + - matchRegex: + path: metadata.labels.app + pattern: mariadb-init + - equal: + path: data + value: + db_init.sh: | + #!/bin/sh + # Copyright © 2019 Orange + # + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + + echo "Creating database ynsaUCru6mUNwGal and user u5WZ1GMSIS1wHZF..." + + mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1 + CREATE OR REPLACE USER 'u5WZ1GMSIS1wHZF'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD}'; + CREATE OR REPLACE USER 'u5WZ1GMSIS1wHZF'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}'; + CREATE DATABASE IF NOT EXISTS ynsaUCru6mUNwGal; + GRANT ALL PRIVILEGES ON ynsaUCru6mUNwGal.* TO 'u5WZ1GMSIS1wHZF'@'%'; + GRANT ALL PRIVILEGES ON ynsaUCru6mUNwGal.* TO 'u5WZ1GMSIS1wHZF'@'localhost'; + EOF + + echo "Created database ynsaUCru6mUNwGal and user u5WZ1GMSIS1wHZF." + - it: "shoud render with other databases" + set: + config: + userName: testUser + mysqlDatabase: testDB + mysqlAdditionalDatabases: + dbOne: + user: one + password: pwd1 + dbTwo: + user: two + password: pwd2 + asserts: + - equal: + path: data + value: + db_init.sh: | + #!/bin/sh + # Copyright © 2019 Orange + # + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + + echo "Creating database testDB and user testUser..." + + mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1 + CREATE OR REPLACE USER 'testUser'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD}'; + CREATE OR REPLACE USER 'testUser'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}'; + CREATE DATABASE IF NOT EXISTS testDB; + GRANT ALL PRIVILEGES ON testDB.* TO 'testUser'@'%'; + GRANT ALL PRIVILEGES ON testDB.* TO 'testUser'@'localhost'; + EOF + + echo "Created database testDB and user testUser." + + echo "Creating database dbOne and user one..." + + mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1 + CREATE OR REPLACE USER 'one'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD_DBONE}'; + CREATE OR REPLACE USER 'one'@'%' IDENTIFIED BY '${MYSQL_PASSWORD_DBONE}'; + CREATE DATABASE IF NOT EXISTS dbOne; + GRANT ALL PRIVILEGES ON dbOne.* TO 'one'@'%'; + GRANT ALL PRIVILEGES ON dbOne.* TO 'one'@'localhost'; + EOF + + echo "Created database dbOne and user one." + echo "Creating database dbTwo and user two..." + + mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1 + CREATE OR REPLACE USER 'two'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD_DBTWO}'; + CREATE OR REPLACE USER 'two'@'%' IDENTIFIED BY '${MYSQL_PASSWORD_DBTWO}'; + CREATE DATABASE IF NOT EXISTS dbTwo; + GRANT ALL PRIVILEGES ON dbTwo.* TO 'two'@'%'; + GRANT ALL PRIVILEGES ON dbTwo.* TO 'two'@'localhost'; + EOF + + echo "Created database dbTwo and user two." diff --git a/kubernetes/common/mariadb-init/tests/job_test.yaml b/kubernetes/common/mariadb-init/tests/job_test.yaml new file mode 100644 index 0000000000..7523ee1c6e --- /dev/null +++ b/kubernetes/common/mariadb-init/tests/job_test.yaml @@ -0,0 +1,307 @@ +--- +suite: test job behavior +templates: + - job.yaml +tests: + - it: "should render with default value (global)" + asserts: + - isKind: + of: Job + - matchRegex: + path: metadata.name + pattern: -mariadb-init-config-job$ + - equal: + path: metadata.namespace + value: NAMESPACE + - matchRegex: + path: metadata.labels.app + pattern: mariadb-init + - matchRegex: + path: spec.template.metadata.labels.app + pattern: mariadb-init + - matchRegex: + path: spec.template.metadata.name + pattern: mariadb-init + - isNull: + path: spec.template.spec.nodeSelector + - isNull: + path: spec.template.spec.affinity + - it: "should render with default value (init container)" + asserts: + - matchRegex: + path: spec.template.spec.initContainers[0].name + pattern: mariadb-init-readiness + - contains: + path: spec.template.spec.initContainers[0].args + content: mariadb-galera + - equal: + path: spec.template.spec.initContainers[0].image + value: oomk8s/readiness-check:2.0.2 + - equal: + path: spec.template.spec.initContainers[0].imagePullPolicy + value: IfNotPresent + - it: "should render with default value (container)" + asserts: + - matchRegex: + path: spec.template.spec.containers[0].name + pattern: mariadb-init + - equal: + path: spec.template.spec.containers[0].image + value: nexus3.onap.org:10001/mariadb:10.1.38 + - equal: + path: spec.template.spec.containers[0].imagePullPolicy + value: IfNotPresent + - contains: + path: spec.template.spec.containers[0].env + content: + name: DB_HOST + value: mariadb-galera + - contains: + path: spec.template.spec.containers[0].env + content: + name: DB_PORT + value: "3306" + - contains: + path: spec.template.spec.containers[0].env + content: + name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: RELEASE-NAME-mariadb-galera-mariadb-galera + key: db-root-password + - contains: + path: spec.template.spec.containers[0].env + content: + name: MYSQL_PASSWORD + valueFrom: + secretKeyRef: + name: RELEASE-NAME-mariadb-init-secret + key: db-user-password + - contains: + path: spec.template.spec.containers[0].volumeMounts + content: + name: mariadb-conf + mountPath: /db_init/ + readOnly: true + - equal: + path: spec.template.spec.containers[0].resources.limits.cpu + value: 100m + - equal: + path: spec.template.spec.containers[0].resources.limits.memory + value: 500Mbi + - equal: + path: spec.template.spec.containers[0].resources.requests.cpu + value: 10m + - equal: + path: spec.template.spec.containers[0].resources.requests.memory + value: 10Mbi + - it: "should render with default value (volumes)" + asserts: + - contains: + path: spec.template.spec.volumes + content: + name: mariadb-conf + configMap: + name: RELEASE-NAME-mariadb-init + + - it: "should render with nameOverride set" + set: + nameOverride: myJob + asserts: + - matchRegex: + path: metadata.name + pattern: -myJob-config-job$ + - matchRegex: + path: metadata.labels.app + pattern: myJob + - matchRegex: + path: spec.template.metadata.labels.app + pattern: myJob + - matchRegex: + path: spec.template.metadata.name + pattern: myJob + - matchRegex: + path: spec.template.spec.initContainers[0].name + pattern: myJob-readiness + - matchRegex: + path: spec.template.spec.containers[0].name + pattern: myJob + - contains: + path: spec.template.spec.containers[0].env + content: + name: MYSQL_PASSWORD + valueFrom: + secretKeyRef: + # replicating name from mariadb galera cluster, kind of hardcoded... + name: RELEASE-NAME-myJob-secret + key: db-user-password + - contains: + path: spec.template.spec.volumes + content: + name: mariadb-conf + configMap: + name: RELEASE-NAME-myJob + + - it: "should render with configmap set" + set: + config: + config_map: myCM + asserts: + - contains: + path: spec.template.spec.volumes + content: + name: mariadb-conf + configMap: + name: RELEASE-NAME-myCM + + - it: "should render with mariadbGalera changes" + set: + global: + mariadbGalera: + nameOverride: myMaria + servicePort: 545 + asserts: + - contains: + path: spec.template.spec.initContainers[0].args + content: myMaria + - contains: + path: spec.template.spec.containers[0].env + content: + name: DB_HOST + value: myMaria + - contains: + path: spec.template.spec.containers[0].env + content: + name: DB_PORT + value: "545" + - contains: + path: spec.template.spec.containers[0].env + content: + name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: RELEASE-NAME-mariadb-galera-myMaria + key: db-root-password + + - it: "should render with full mariadbGalera changes" + set: + global: + mariadbGalera: + nameOverride: myMaria + servicePort: 545 + userRootSecret: galera-secret + userRootSecretKey: root-password + asserts: + - contains: + path: spec.template.spec.initContainers[0].args + content: myMaria + - contains: + path: spec.template.spec.containers[0].env + content: + name: DB_HOST + value: myMaria + - contains: + path: spec.template.spec.containers[0].env + content: + name: DB_PORT + value: "545" + - contains: + path: spec.template.spec.containers[0].env + content: + name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: galera-secret + key: root-password + + - it: "should set the right nodeSelector" + set: + nodeSelector: + disktype: ssd + asserts: + - equal: + path: spec.template.spec.nodeSelector.disktype + value: ssd + + - it: "should set the right affinity" + set: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/e2e-az-name + operator: In + values: + - e2e-az1 + - e2e-az2 + asserts: + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/e2e-az-name + operator: In + values: + - e2e-az1 + - e2e-az2 + - it: "should use large flavor" + set: + flavor: large + asserts: + - equal: + path: spec.template.spec.containers[0].resources.limits.cpu + value: 200m + - equal: + path: spec.template.spec.containers[0].resources.limits.memory + value: 500Mbi + - equal: + path: spec.template.spec.containers[0].resources.requests.cpu + value: 20m + - equal: + path: spec.template.spec.containers[0].resources.requests.memory + value: 20Mbi + - it: "should use unlimited flavor" + set: + flavor: unlimited + asserts: + - isEmpty: + path: spec.template.spec.containers[0].resources + - it: "shoud render with other databases" + set: + config: + mysqlAdditionalDatabases: + dbOne: + user: one + password: pwd1 + dbTwo: + user: two + password: pwd2 + asserts: + - contains: + path: spec.template.spec.containers[0].env + content: + name: MYSQL_PASSWORD + valueFrom: + secretKeyRef: + name: RELEASE-NAME-mariadb-init-secret + key: db-user-password + - contains: + path: spec.template.spec.containers[0].env + content: + name: MYSQL_PASSWORD_DBONE + valueFrom: + secretKeyRef: + name: RELEASE-NAME-mariadb-init-secret + key: db-dbOne-user-password + - contains: + path: spec.template.spec.containers[0].env + content: + name: MYSQL_PASSWORD_DBTWO + valueFrom: + secretKeyRef: + name: RELEASE-NAME-mariadb-init-secret + key: db-dbTwo-user-password diff --git a/kubernetes/common/mariadb-init/tests/secret_test.yaml b/kubernetes/common/mariadb-init/tests/secret_test.yaml new file mode 100644 index 0000000000..ef0565d6c0 --- /dev/null +++ b/kubernetes/common/mariadb-init/tests/secret_test.yaml @@ -0,0 +1,49 @@ +--- +suite: test secret behavior +templates: + - secret.yaml +tests: + - it: "should render with default values" + asserts: + - isKind: + of: Secret + - equal: + path: metadata.name + value: RELEASE-NAME-mariadb-init + - equal: + path: metadata.namespace + value: NAMESPACE + - matchRegex: + path: metadata.labels.app + pattern: mariadb-init-config-job + - equal: + path: data.db-user-password + value: Q2lAc2hzT2QzcGt5MVZqaQ== + - it: "should render specific password value base64 encoded" + set: + config: + userPassword: yolo + asserts: + - equal: + path: data.db-user-password + value: eW9sbw== + - it: "shoud render with other databases" + set: + config: + mysqlAdditionalDatabases: + dbOne: + user: one + password: pwd1 + dbTwo: + user: two + password: pwd2 + asserts: + - equal: + path: data.db-user-password + value: Q2lAc2hzT2QzcGt5MVZqaQ== + - equal: + path: data.db-dbOne-user-password + value: cHdkMQ== + - equal: + path: data.db-dbTwo-user-password + value: cHdkMg== diff --git a/kubernetes/common/mariadb-init/values.yaml b/kubernetes/common/mariadb-init/values.yaml new file mode 100644 index 0000000000..d148ba6888 --- /dev/null +++ b/kubernetes/common/mariadb-init/values.yaml @@ -0,0 +1,87 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.2 + mariadbGalera: + nameOverride: mariadb-galera + servicePort: 3306 + # set these two values if you want to access an 'out of ONAP' mariadb + userRootSecret: default + userRootSecretKey: password + +################################################################# +# Application configuration defaults. +################################################################# + +image: mariadb:10.1.38 +pullPolicy: IfNotPresent + +# Set it if you want to change the name of the different components +# nameOverride: + +config: + userPassword: Ci@shsOd3pky1Vji + userName: u5WZ1GMSIS1wHZF + mysqlDatabase: ynsaUCru6mUNwGal + mysqlAdditionalDatabases: {} + # add addtional dabases + # this is an dict + # Example: + # mysqlAdditionalDatabases: + # dbOne: + # user: one + # password: pwd1 + # dbTwo: + # user: two + # password: pwd2 + config_map: default + +nodeSelector: {} + +affinity: {} + +#resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +flavor: small +resources: + small: + limits: + cpu: 100m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 20m + memory: 20Mi + unlimited: {} diff --git a/kubernetes/common/mongo/templates/nfs-provisoner.yaml b/kubernetes/common/mongo/templates/nfs-provisoner.yaml deleted file mode 100644 index 355ad38235..0000000000 --- a/kubernetes/common/mongo/templates/nfs-provisoner.yaml +++ /dev/null @@ -1,78 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ if not .Values.disableNfsProvisioner }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - #replicas: {{ .Values.replicaCount }} - strategy: - type: Recreate - template: - metadata: - labels: - app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner - release: {{ .Release.Name }} - spec: - containers: - - name: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner - image: "{{ .Values.global.nfsprovisionerRepository | default .Values.nfsprovisionerRepository }}/{{ .Values.nfsprovisionerImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - name: nfs - containerPort: {{ .Values.service.nfsPort }} - - name: mountd - containerPort: {{ .Values.service.mountdPort }} - - name: rpcbind - containerPort: {{ .Values.service.rpcbindPort }} - - name: rpcbind-udp - containerPort: {{ .Values.service.rpcbindUdpPort }} - protocol: UDP - securityContext: - capabilities: - add: - - DAC_READ_SEARCH - - SYS_RESOURCE - args: - - "-provisioner={{ include "common.fullname" . }}/nfs" - env: - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: SERVICE_NAME - value: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: export-volume - mountPath: /export - volumes: - - name: export-volume - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{ end }} diff --git a/kubernetes/common/mongo/templates/pv.yaml b/kubernetes/common/mongo/templates/pv.yaml index 824dcbb87b..edc50aedea 100644 --- a/kubernetes/common/mongo/templates/pv.yaml +++ b/kubernetes/common/mongo/templates/pv.yaml @@ -14,25 +14,33 @@ # limitations under the License. */}} -{{- if (and (and (.Values.persistence.enabled) (not .Values.persistence.existingClaim)) ( .Values.disableNfsProvisioner)) -}} +{{- $global := . }} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }}-data - namespace: {{ include "common.namespace" . }} + name: {{ include "common.fullname" $global }}-data-{{ $i }} + namespace: {{ include "common.namespace" $global }} labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} + app: {{ include "common.fullname" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }} spec: capacity: - storage: {{ .Values.persistence.size}} + storage: {{ $global.Values.persistence.size}} accessModes: - - {{ .Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" . }}-data" - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + - {{ $global.Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} {{- end -}} diff --git a/kubernetes/common/mongo/templates/service.yaml b/kubernetes/common/mongo/templates/service.yaml index df55854ee5..d59243f90d 100644 --- a/kubernetes/common/mongo/templates/service.yaml +++ b/kubernetes/common/mongo/templates/service.yaml @@ -32,29 +32,6 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} clusterIP: None -#{{ if not .Values.disableNfsProvisioner }} ---- -kind: Service -apiVersion: v1 -metadata: - name: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner - namespace: {{ include "common.namespace" . }} - labels: - app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner -spec: - ports: - - name: nfs - port: {{ .Values.service.nfsPort }} - - name: mountd - port: {{ .Values.service.mountdPort }} - - name: rpcbind - port: {{ .Values.service.rpcbindPort }} - - name: rpcbind-udp - port: {{ .Values.service.rpcbindUdpPort }} - protocol: UDP - selector: - app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner -#{{ end }} --- # Client service for connecting to any Mongo instance for reads. apiVersion: v1 diff --git a/kubernetes/common/mongo/templates/statefulset.yaml b/kubernetes/common/mongo/templates/statefulset.yaml index c79739f5f1..0c6c9f4fd5 100644 --- a/kubernetes/common/mongo/templates/statefulset.yaml +++ b/kubernetes/common/mongo/templates/statefulset.yaml @@ -33,24 +33,6 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: - initContainers: -#{{ if not .Values.disableNfsProvisioner }} - - name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} -#{{ end }} - containers: - name: {{ include "common.name" . }} image: "{{ .Values.dockerHubRepository }}/{{ .Values.image }}" @@ -79,8 +61,8 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: - - mountPath: /var/lib/mongo - name: {{ include "common.fullname" . }}-data + - name: {{ include "common.fullname" . }}-data + mountPath: /var/lib/mongo resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -95,10 +77,24 @@ spec: - name: localtime hostPath: path: /etc/localtime + {{- if .Values.persistence.enabled }} + volumeClaimTemplates: + - metadata: + name: {{ include "common.fullname" . }}-data + labels: + name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + storageClassName: {{ include "common.storageClass" . }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + {{- else }} + volumes: - name: {{ include "common.fullname" . }}-data -#{{ if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-data -#{{ else }} emptyDir: {} -#{{ end }} + {{- end }} diff --git a/kubernetes/common/mongo/values.yaml b/kubernetes/common/mongo/values.yaml index 8a681296ce..3c04b429cd 100644 --- a/kubernetes/common/mongo/values.yaml +++ b/kubernetes/common/mongo/values.yaml @@ -40,8 +40,6 @@ nodeSelector: {} affinity: {} -disableNfsProvisioner: true - # probe configuration parameters liveness: initialDelaySeconds: 30 @@ -108,11 +106,6 @@ resources: {} # cpu: 2 # memory: 4Gi - -nfsprovisionerRepository: quay.io -nfsprovisionerImage: kubernetes_incubator/nfs-provisioner:v1.0.8 -nfsprovisionerPrefix: mongo - sdnctlPrefix: mongo geoEnabled: false diff --git a/kubernetes/common/music/charts/music-cassandra/templates/pv.yaml b/kubernetes/common/music/charts/music-cassandra/templates/pv.yaml new file mode 100644 index 0000000000..fb815400da --- /dev/null +++ b/kubernetes/common/music/charts/music-cassandra/templates/pv.yaml @@ -0,0 +1,46 @@ +{{/* +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- $global := . }} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" $global }}-data-{{ $i }} + namespace: {{ include "common.namespace" $global }} + labels: + app: {{ include "common.fullname" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }} +spec: + capacity: + storage: {{ $global.Values.persistence.size}} + accessModes: + - {{ $global.Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data" + hostPath: + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml index ae5f7c5a81..c3c56f2282 100644 --- a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml +++ b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# Copyright © 2019 AT&T, Amdocs, Bell Canada, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -102,40 +102,33 @@ spec: valueFrom: fieldRef: fieldPath: status.podIP +{{- if .Values.persistence.enabled }} volumeMounts: - - name: {{ template "common.name" . }}-data + - name: {{ include "common.fullname" . }}-data mountPath: /var/lib/cassandra +{{- end }} resources: -{{ toYaml .Values.resources | indent 10 }} +{{ include "common.resources" . | indent 12 }} volumes: - name: localtime hostPath: path: /etc/localtime - {{- if not .Values.persistence.enabled }} - - name: {{ template "common.name" . }}-data - emptyDir: {} - {{- else }} +{{- if .Values.persistence.enabled }} volumeClaimTemplates: - - metadata: - name: {{ template "common.name" . }}-data - labels: - app: {{ template "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - annotations: - volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass }} - spec: - storageClassName: {{ .Values.persistence.storageClass }} - accessModes: - - {{ .Values.persistence.accessMode | quote }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} - selector: - matchLabels: - app: {{ include "common.name" . }} - release: "{{ .Release.Name }}" - {{- end }} + - metadata: + name: {{ include "common.fullname" . }}-data + labels: + name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + storageClassName: {{ include "common.storageClass" . }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} +{{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/common/music/charts/music-cassandra/templates/volumes.yaml b/kubernetes/common/music/charts/music-cassandra/templates/volumes.yaml deleted file mode 100644 index 83e7e189b5..0000000000 --- a/kubernetes/common/music/charts/music-cassandra/templates/volumes.yaml +++ /dev/null @@ -1,52 +0,0 @@ -{{/* -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ if .Values.persistence.enabled }} -{{- $root := . -}} -{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }} ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }} - namespace: {{ $root.Release.Namespace }} - labels: - type: {{ $root.Values.persistence.storageType }} - app: {{ $root.Values.service.name }} - chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} - release: {{ $root.Release.Name }} - heritage: {{ $root.Release.Service }} -spec: - capacity: - storage: {{ $root.Values.persistence.size }} - accessModes: - - {{ $root.Values.persistence.accessMode }} - hostPath: - path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{$i}} - persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }} - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 1 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - "{{ $root.Chart.Name }}" - topologyKey: kubernetes.io/hostname -{{ end }} -{{ end }} diff --git a/kubernetes/common/music/charts/music-cassandra/values.yaml b/kubernetes/common/music/charts/music-cassandra/values.yaml index d18dc68e67..460671d839 100644 --- a/kubernetes/common/music/charts/music-cassandra/values.yaml +++ b/kubernetes/common/music/charts/music-cassandra/values.yaml @@ -107,13 +107,23 @@ persistence: size: 2Gi mountPath: /dockerdata-nfs/ mountSubPath: common/cassandra/data - storageType: local - storageClass: "" +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) resources: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 2 - memory: 4Gi + small: + limits: + cpu: 500m + memory: 1.2Gi + requests: + cpu: 160m + memory: 900Mi + large: + limits: + cpu: 4 + memory: 10Gi + requests: + cpu: 2 + memory: 6Gi + unlimited: {} diff --git a/kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml b/kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml index 2e04b15561..2a38a6aad0 100755 --- a/kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml +++ b/kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml @@ -40,7 +40,7 @@ spec: - /root/ready.py args: - --container-name - - zookeeper + - zookeeper env: - name: NAMESPACE valueFrom: @@ -101,7 +101,7 @@ spec: mountPath: /opt/app/music/etc/music.properties subPath: music.properties resources: -{{ toYaml .Values.resources | indent 10 }} +{{ include "common.resources" . | indent 12 }} volumes: - name: shared-data emptyDir: {} diff --git a/kubernetes/common/music/charts/music-tomcat/values.yaml b/kubernetes/common/music/charts/music-tomcat/values.yaml index 05a1b17169..b91ffbd4e4 100755 --- a/kubernetes/common/music/charts/music-tomcat/values.yaml +++ b/kubernetes/common/music/charts/music-tomcat/values.yaml @@ -81,14 +81,26 @@ service: ingress: enabled: false -#resources: {} +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) resources: - limits: - cpu: 2 - memory: 2Gi - requests: - cpu: 2 - memory: 1Gi + small: + limits: + cpu: 900m + memory: 460Mi + requests: + cpu: 550m + memory: 360Mi + large: + limits: + cpu: 4 + memory: 2Gi + requests: + cpu: 2 + memory: 1Gi + unlimited: {} + properties: @@ -100,4 +112,3 @@ properties: # Admin API # ONAP AAF aafAdminUrl: - diff --git a/kubernetes/common/music/charts/zookeeper/templates/pv.yaml b/kubernetes/common/music/charts/zookeeper/templates/pv.yaml new file mode 100644 index 0000000000..795ad3188b --- /dev/null +++ b/kubernetes/common/music/charts/zookeeper/templates/pv.yaml @@ -0,0 +1,45 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{- $global := . }} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" $global }}-data-{{ $i }} + namespace: {{ include "common.namespace" $global }} + labels: + app: {{ include "common.fullname" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }} +spec: + capacity: + storage: {{ $global.Values.persistence.size}} + accessModes: + - {{ $global.Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data" + hostPath: + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/common/music/charts/zookeeper/templates/statefulset.yaml b/kubernetes/common/music/charts/zookeeper/templates/statefulset.yaml index 9e3549f20d..580042d090 100644 --- a/kubernetes/common/music/charts/zookeeper/templates/statefulset.yaml +++ b/kubernetes/common/music/charts/zookeeper/templates/statefulset.yaml @@ -82,7 +82,7 @@ spec: resources: {{ include "common.resources" . }} volumeMounts: - - name: zookeeper-data + - name: {{ include "common.fullname" . }}-data mountPath: /var/lib/zookeeper {{- if .Values.exporters.jmx.enabled }} @@ -162,30 +162,21 @@ spec: configMap: name: {{ .Release.Name }}-jmx-exporter {{- end }} - {{- if not .Values.persistence.enabled }} - - name: zookeeper-data - emptyDir: {} - {{- end }} {{- end }} {{- if .Values.persistence.enabled }} volumeClaimTemplates: - - metadata: - name: zookeeper-data - labels: - app: {{ .Chart.Name }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - annotations: - volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass }} - spec: - storageClassName: {{ .Values.persistence.storageClass }} - accessModes: - - {{ .Values.persistence.accessMode | quote }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} - selector: - matchLabels: - release: "{{ .Release.Name }}" + - metadata: + name: {{ include "common.fullname" . }}-data + labels: + name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + storageClassName: {{ include "common.storageClass" . }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} {{- end }} diff --git a/kubernetes/common/music/charts/zookeeper/templates/volumes.yaml b/kubernetes/common/music/charts/zookeeper/templates/volumes.yaml deleted file mode 100644 index b0c05fdbfd..0000000000 --- a/kubernetes/common/music/charts/zookeeper/templates/volumes.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{ if .Values.persistence.enabled }} -{{- $root := . -}} -{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }} ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }} - namespace: {{ $root.Release.Namespace }} - labels: - type: {{ $root.Values.persistence.storageType }} - app: {{ $root.Values.service.name }} - chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} - release: {{ $root.Release.Name }} - heritage: {{ $root.Release.Service }} -spec: - capacity: - storage: {{ $root.Values.persistence.size }} - accessModes: - - {{ $root.Values.persistence.accessMode }} - hostPath: - path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{$i}} - persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }} -{{ end }} -{{ end }} diff --git a/kubernetes/common/music/charts/zookeeper/values.yaml b/kubernetes/common/music/charts/zookeeper/values.yaml index ea02e6151e..28c9711e84 100644 --- a/kubernetes/common/music/charts/zookeeper/values.yaml +++ b/kubernetes/common/music/charts/zookeeper/values.yaml @@ -54,23 +54,23 @@ ports: protocol: TCP # Protocol for zookeeper container server port. # Resource Limit flavor -By Default using small -flavor: large +flavor: small # Segregation for Different environment (Small and Large) resources: small: limits: - cpu: 1 - memory: 1Gi + cpu: 500m + memory: 900Mi requests: - cpu: 500m - memory: 500Mi + cpu: 10m + memory: 730Mi large: limits: cpu: 3 memory: 2Gi requests: - cpu: 2 - memory: 1Gi + cpu: 2 + memory: 1Gi unlimited: {} nodeSelector: {} # Node label-values required to run zookeeper pods. @@ -78,7 +78,7 @@ nodeSelector: {} # Node label-values required to run zookeeper pods. tolerations: [] # Node taint overrides for zookeeper pods. affinity: {} # Criteria by which pod label-values influence scheduling for zookeeper pods. -affinity: +affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - topologyKey: "kubernetes.io/hostname" @@ -119,8 +119,6 @@ persistence: accessMode: ReadWriteOnce mountPath: /dockerdata-nfs mountSubPath: music/zookeeper - storageType: local - storageClass: "" size: 4Gi ## Exporters query apps for metrics and make those metrics available for diff --git a/kubernetes/common/mysql/templates/configmap.yaml b/kubernetes/common/mysql/templates/configmap.yaml deleted file mode 100644 index 65ac5f2d1e..0000000000 --- a/kubernetes/common/mysql/templates/configmap.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-db-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: - master.cnf: | - # Apply this config only on the master. - [mysqld] - sql_mode = "NO_ENGINE_SUBSTITUTION" - log-bin - [localpathprefix] - master - slave.cnf: | - # Apply this config only on slaves. - [mysqld] - sql_mode = "NO_ENGINE_SUBSTITUTION" - super-read-only - [localpathprefix] - slave diff --git a/kubernetes/common/mysql/templates/nfs-provisoner.yaml b/kubernetes/common/mysql/templates/nfs-provisoner.yaml deleted file mode 100644 index 355ad38235..0000000000 --- a/kubernetes/common/mysql/templates/nfs-provisoner.yaml +++ /dev/null @@ -1,78 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ if not .Values.disableNfsProvisioner }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - #replicas: {{ .Values.replicaCount }} - strategy: - type: Recreate - template: - metadata: - labels: - app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner - release: {{ .Release.Name }} - spec: - containers: - - name: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner - image: "{{ .Values.global.nfsprovisionerRepository | default .Values.nfsprovisionerRepository }}/{{ .Values.nfsprovisionerImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - name: nfs - containerPort: {{ .Values.service.nfsPort }} - - name: mountd - containerPort: {{ .Values.service.mountdPort }} - - name: rpcbind - containerPort: {{ .Values.service.rpcbindPort }} - - name: rpcbind-udp - containerPort: {{ .Values.service.rpcbindUdpPort }} - protocol: UDP - securityContext: - capabilities: - add: - - DAC_READ_SEARCH - - SYS_RESOURCE - args: - - "-provisioner={{ include "common.fullname" . }}/nfs" - env: - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: SERVICE_NAME - value: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: export-volume - mountPath: /export - volumes: - - name: export-volume - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{ end }} diff --git a/kubernetes/common/mysql/templates/pv.yaml b/kubernetes/common/mysql/templates/pv.yaml deleted file mode 100644 index 3bef651916..0000000000 --- a/kubernetes/common/mysql/templates/pv.yaml +++ /dev/null @@ -1,62 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if (and (and (.Values.persistence.enabled) (not .Values.persistence.existingClaim)) ( .Values.disableNfsProvisioner)) -}} -{{ $pvNum := default 1 .Values.replicaCount | int }} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-mysql0 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" . }}-mysql" - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}0 -{{ if gt $pvNum 1 }} ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-mysql1 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" . }}-mysql" - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}1 -{{ end }} -{{- end -}} diff --git a/kubernetes/common/mysql/templates/service.yaml b/kubernetes/common/mysql/templates/service.yaml deleted file mode 100644 index e1771c6054..0000000000 --- a/kubernetes/common/mysql/templates/service.yaml +++ /dev/null @@ -1,146 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - clusterIP: None -#{{ if not .Values.disableNfsProvisioner }} ---- -kind: Service -apiVersion: v1 -metadata: - name: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner - namespace: {{ include "common.namespace" . }} - labels: - app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - ports: - - name: nfs - port: {{ .Values.service.nfsPort }} - - name: mountd - port: {{ .Values.service.mountdPort }} - - name: rpcbind - port: {{ .Values.service.rpcbindPort }} - - name: rpcbind-udp - port: {{ .Values.service.rpcbindUdpPort }} - protocol: UDP - selector: - app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner -#{{ end }} ---- -# Client service for connecting to any MySQL instance for reads. -# Only master: sdnc-dbhost-0 accepts the write request. -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }}-read - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.sdnctlPrefix }}-sdnctldb01 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - clusterIP: None ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.sdnctlPrefix }}-sdnctldb02 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - clusterIP: None ---- -{{ if .Values.geoEnabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }}-nodeport - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-0 - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - ports: - - name: {{ .Values.service.portName | default .Values.service.name }}-1 - port: {{ .Values.service.internalPort }} - targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodeport1 }} - - name: {{ .Values.service.portName | default .Values.service.name }}-2 - port: {{ .Values.xtrabackup.internalPort }} - targetPort: {{ .Values.xtrabackup.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodeport2 }} - type: {{ .Values.service.type }} - selector: - statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-0 - release: {{ .Release.Name }} -{{ end }} diff --git a/kubernetes/common/mysql/templates/statefulset.yaml b/kubernetes/common/mysql/templates/statefulset.yaml deleted file mode 100644 index c3f8ae236f..0000000000 --- a/kubernetes/common/mysql/templates/statefulset.yaml +++ /dev/null @@ -1,263 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1beta1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - serviceName: {{ .Values.service.name }} - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - spec: - initContainers: -#{{ if not .Values.disableNfsProvisioner }} - - name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} -#{{ end }} - - name: init-mysql - image: "{{ .Values.dockerHubRepository }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - bash - - "-c" - - | - set -ex - # Generate mysql server-id from pod ordinal index. - [[ `hostname` =~ -([0-9]+)$ ]] || exit 1 - ordinal=${BASH_REMATCH[1]} - siteId={{ .Values.geoSiteId }} - echo BASH_REMATCH=${BASH_REMATCH} - echo [mysqld] > /mnt/conf.d/server-id.cnf - # Add an offset to avoid reserved server-id=0 value. - echo server-id=$(($siteId*100 + $ordinal)) >> /mnt/conf.d/server-id.cnf - # Copy appropriate conf.d files from config-map to emptyDir. - if [[ $ordinal -eq 0 ]]; then - cp /mnt/config-map/master.cnf /mnt/conf.d/ - else - cp /mnt/config-map/slave.cnf /mnt/conf.d/ - fi - volumeMounts: - - name: conf - mountPath: /mnt/conf.d - - name: config-map - mountPath: /mnt/config-map - - - name: clone-mysql - image: "{{ .Values.global.xtrabackupRepository | default .Values.xtrabackupRepository }}/{{ .Values.xtrabackupImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: db-root-password - command: - - bash - - "-c" - - | - set -ex - # Skip the clone if data already exists. - [[ -d /var/lib/mysql/mysql ]] && exit 0 - # Skip the clone on master (ordinal index 0). - [[ `hostname` =~ -([0-9]+)$ ]] || exit 1 - ordinal=${BASH_REMATCH[1]} - echo ${BASH_REMATCH} - [[ $ordinal -eq 0 ]] && exit 0 - # Clone data from previous peer. - ncat --recv-only {{ include "common.fullname" . }}-$(($ordinal-1)).{{ .Values.service.name }}.{{ include "common.namespace" . }} 3307 | xbstream -x -C {{ .Values.persistence.mysqlPath }} - # Prepare the backup. - xtrabackup --user=root --password=$MYSQL_ROOT_PASSWORD --prepare --target-dir=/var/lib/mysql - ls -l {{ .Values.persistence.mysqlPath }} - volumeMounts: - - name: {{ include "common.fullname" . }}-mysql - mountPath: {{ .Values.persistence.mysqlPath }} - - name: conf - mountPath: /etc/mysql/conf.d - - containers: - - name: {{ include "common.name" . }} - image: "{{ .Values.dockerHubRepository }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - exec: - command: ["mysqladmin", "ping"] - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - {{end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: db-root-password - - name: MYSQL_ROOT_HOST - value: '%' - - name: MYSQL_ALLOW_EMPTY_PASSWORD - value: {{ .Values.config.dbAllowEmptyPassword | default "0" | quote }} - volumeMounts: - - mountPath: {{ .Values.persistence.mysqlPath }} - name: {{ include "common.fullname" . }}-mysql - - mountPath: /etc/mysql/conf.d - name: conf - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - - - name: xtrabackup - image: "{{ .Values.global.xtrabackupRepository | default .Values.xtrabackupRepository }}/{{ .Values.xtrabackupImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: db-root-password - ports: - - containerPort: {{ .Values.xtrabackup.internalPort }} - name: xtrabackup - command: - - bash - - "-c" - - | - set -ex - cd {{ .Values.persistence.mysqlPath }} - ls -l - # Determine binlog position of cloned data, if any. - if [[ -f xtrabackup_slave_info ]]; then - echo "Inside xtrabackup_slave_info" - # XtraBackup already generated a partial "CHANGE MASTER TO" query - # because we're cloning from an existing slave. - mv xtrabackup_slave_info change_master_to.sql.in - # Ignore xtrabackup_binlog_info in this case (it's useless). - rm -f xtrabackup_binlog_info - elif [[ -f xtrabackup_binlog_info ]]; then - echo "Inside xtrabackup_binlog_info" - # We're cloning directly from master. Parse binlog position. - [[ `cat xtrabackup_binlog_info` =~ ^(.*?)[[:space:]]+(.*?)$ ]] || exit 1 - rm xtrabackup_binlog_info - echo "CHANGE MASTER TO MASTER_LOG_FILE='${BASH_REMATCH[1]}',\ - MASTER_LOG_POS=${BASH_REMATCH[2]}" > change_master_to.sql.in - fi - - [[ `hostname` =~ -([0-9]+)$ ]] || exit 1 - ordinal=${BASH_REMATCH[1]} - echo $ordinal - - mysqlhost={{ include "common.fullname" . }}-$(($ordinal)).{{ .Values.service.name }}.{{ include "common.namespace" . }} - echo $mysqlhost - - # Check if we need to complete a clone by starting replication. - if [[ -f change_master_to.sql.in ]]; then - echo "Waiting for mysqld to be ready (accepting connections)" - until mysql --user=root --password=$MYSQL_ROOT_PASSWORD -h $mysqlhost -e "SELECT 1"; do sleep 1; done - - echo "Initializing replication from clone position" - # In case of container restart, attempt this at-most-once. - mv change_master_to.sql.in change_master_to.sql.orig - mysql --user=root --password=$MYSQL_ROOT_PASSWORD -h $mysqlhost <<EOF - $(<change_master_to.sql.orig), - MASTER_HOST="{{ include "common.fullname" . }}-0.{{ .Values.service.name }}.{{ include "common.namespace" . }}", - MASTER_USER="root", - MASTER_PASSWORD="$MYSQL_ROOT_PASSWORD", - MASTER_CONNECT_RETRY=10; - START SLAVE; - EOF - fi - - # Start a server to send backups when requested by peers. - exec ncat --listen --keep-open --send-only --max-conns=1 3307 -c \ - "xtrabackup --user=root --password=$MYSQL_ROOT_PASSWORD --backup --slave-info --stream=xbstream --host=$mysqlhost" - volumeMounts: - - name: {{ include "common.fullname" . }}-mysql - mountPath: {{ .Values.persistence.mysqlPath }} - - name: conf - mountPath: /etc/mysql/conf.d - volumes: - - name: conf - emptyDir: {} - - name: config-map - configMap: - name: {{ include "common.fullname" . }}-db-configmap - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }}-mysql - {{ if not .Values.persistence.enabled }} - - name: {{ include "common.fullname" . }}-mysql - emptyDir: {} - {{ else }} - volumeClaimTemplates: - - metadata: - name: {{ include "common.fullname" . }}-mysql - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - name: {{ include "common.fullname" . }} - spec: - accessModes: [ {{ .Values.persistence.accessMode }} ] - storageClassName: {{ include "common.fullname" . }}-mysql - resources: - requests: - storage: {{ .Values.persistence.size }} - selector: - matchLabels: - name: {{ include "common.fullname" . }} - {{ end }} diff --git a/kubernetes/common/nfs-provisioner/templates/nfs-provisoner.yaml b/kubernetes/common/nfs-provisioner/templates/nfs-provisoner.yaml deleted file mode 100644 index 58cf7a3866..0000000000 --- a/kubernetes/common/nfs-provisioner/templates/nfs-provisoner.yaml +++ /dev/null @@ -1,78 +0,0 @@ -{{/* -# Copyright © 2019 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - strategy: - type: Recreate - template: - metadata: - labels: - app: {{ include "common.fullname" . }} - release: {{ .Release.Name }} - spec: - containers: - - name: {{ include "common.fullname" . }} - image: "{{ .Values.global.nfsprovisionerRepository | default .Values.nfsprovisionerRepository }}/{{ .Values.nfsprovisionerImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - name: nfs - containerPort: {{ .Values.service.nfsPort }} - - name: mountd - containerPort: {{ .Values.service.mountdPort }} - - name: rpcbind - containerPort: {{ .Values.service.rpcbindPort }} - - name: rpcbind-udp - containerPort: {{ .Values.service.rpcbindUdpPort }} - protocol: UDP - securityContext: - capabilities: - add: - - DAC_READ_SEARCH - - SYS_RESOURCE - args: - - "-provisioner={{ include "common.namespace" . }}/nfs" - env: - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: SERVICE_NAME - value: {{ include "common.servicename" . }} - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - volumeMounts: - - name: export-volume - mountPath: /export - {{- if .Values.affinity }} - affinity: - {{ toYaml .Values.affinity | indent 8 }} - {{- end }} - volumes: - - name: export-volume - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }} diff --git a/kubernetes/common/nfs-provisioner/templates/service.yaml b/kubernetes/common/nfs-provisioner/templates/service.yaml deleted file mode 100644 index f9bba0f872..0000000000 --- a/kubernetes/common/nfs-provisioner/templates/service.yaml +++ /dev/null @@ -1,39 +0,0 @@ -{{/* -# Copyright © 2019 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -kind: Service -apiVersion: v1 -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - ports: - - name: nfs - port: {{ .Values.service.nfsPort }} - - name: mountd - port: {{ .Values.service.mountdPort }} - - name: rpcbind - port: {{ .Values.service.rpcbindPort }} - - name: rpcbind-udp - port: {{ .Values.service.rpcbindUdpPort }} - protocol: UDP - selector: - app: {{ include "common.fullname" . }}
\ No newline at end of file diff --git a/kubernetes/common/mysql/.helmignore b/kubernetes/common/postgres-legacy/.helmignore index f0c1319444..f0c1319444 100644 --- a/kubernetes/common/mysql/.helmignore +++ b/kubernetes/common/postgres-legacy/.helmignore diff --git a/kubernetes/nbi/charts/mariadb/Chart.yaml b/kubernetes/common/postgres-legacy/Chart.yaml index 06ac100abb..eff8e36eba 100644 --- a/kubernetes/nbi/charts/mariadb/Chart.yaml +++ b/kubernetes/common/postgres-legacy/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada, Orange +# Copyright © 2018 Amdocs, AT&T, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: ONAP NBI MariaDB Service -name: mariadb +description: ONAP Postgres Server +name: postgres-legacy version: 5.0.0 diff --git a/kubernetes/common/nfs-provisioner/Chart.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/Chart.yaml index ad16ed747b..e2818139fa 100644 --- a/kubernetes/common/nfs-provisioner/Chart.yaml +++ b/kubernetes/common/postgres-legacy/charts/pgpool/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2019 Amdocs, Bell Canada +# Copyright © 2018 Amdocs, AT&T, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: NFS provisioner -name: nfs-provisioner +description: ONAP Postgres Server +name: pgpool version: 5.0.0 diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/configs/pgpool.conf b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pgpool.conf new file mode 100644 index 0000000000..f335174f40 --- /dev/null +++ b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pgpool.conf @@ -0,0 +1,677 @@ +# ---------------------------- +# pgPool-II configuration file a custom version +# ---------------------------- +# +# This file consists of lines of the form: +# +# name = value +# +# Whitespace may be used. Comments are introduced with "#" anywhere on a line. +# The complete list of parameter names and allowed values can be found in the +# pgPool-II documentation. +# +# This file is read on server startup and when the server receives a SIGHUP +# signal. If you edit the file on a running system, you have to SIGHUP the +# server for the changes to take effect, or use "pgpool reload". Some +# parameters, which are marked below, require a server shutdown and restart to +# take effect. +# + + +#------------------------------------------------------------------------------ +# CONNECTIONS +#------------------------------------------------------------------------------ + +# - pgpool Connection Settings - + +listen_addresses = '*' + # Host name or IP address to listen on: + # '*' for all, '' for no TCP/IP connections + # (change requires restart) +#port = 9999 +port = 5432 + # Port number + # (change requires restart) +socket_dir = '/tmp' + # Unix domain socket path + # The Debian package defaults to + # /var/run/postgresql + # (change requires restart) + + +# - pgpool Communication Manager Connection Settings - + +pcp_port = 9898 + # Port number for pcp + # (change requires restart) +pcp_socket_dir = '/tmp' + # Unix domain socket path for pcp + # The Debian package defaults to + # /var/run/postgresql + # (change requires restart) + +# - Backend Connection Settings - + +backend_hostname0 = '{{.Values.container.name.primary}}' +backend_port0 = 5432 +backend_weight0= 1 +backend_flag0= 'DISALLOW_TO_FAILOVER' + +backend_hostname1 = '{{.Values.container.name.replica}}' +backend_port1 = 5432 +backend_weight1= 1 +backend_flag1= 'DISALLOW_TO_FAILOVER' + +#backend_hostname0 = 'master' + # Host name or IP address to connect to for backend 0 +#backend_port0 = 5432 + # Port number for backend 0 +#backend_weight0 = 1 + # Weight for backend 0 (only in load balancing mode) +#backend_data_directory0 = '/data' + # Data directory for backend 0 +#backend_flag0 = 'ALLOW_TO_FAILOVER' + # Controls various backend behavior + # ALLOW_TO_FAILOVER or DISALLOW_TO_FAILOVER +#backend_hostname1 = 'standby' +#backend_port1 = 5432 +#backend_weight1 = 1 +#backend_data_directory1 = '/data1' +#backend_flag1 = 'ALLOW_TO_FAILOVER' + +# - Authentication - + +enable_pool_hba = on + # Use pool_hba.conf for client authentication +pool_passwd = 'pool_passwd' + # File name of pool_passwd for md5 authentication. + # "" disables pool_passwd. + # (change requires restart) +authentication_timeout = 60 + # Delay in seconds to complete client authentication + # 0 means no timeout. + +# - SSL Connections - + +ssl = off + # Enable SSL support + # (change requires restart) +#ssl_key = './server.key' + # Path to the SSL private key file + # (change requires restart) +#ssl_cert = './server.cert' + # Path to the SSL public certificate file + # (change requires restart) +#ssl_ca_cert = '' + # Path to a single PEM format file + # containing CA root certificate(s) + # (change requires restart) +#ssl_ca_cert_dir = '' + # Directory containing CA root certificate(s) + # (change requires restart) + + +#------------------------------------------------------------------------------ +# POOLS +#------------------------------------------------------------------------------ + +# - Pool size - + +num_init_children = 5 + # Number of pools + # (change requires restart) +max_pool = 1 + # Number of connections per pool + # (change requires restart) + +# - Life time - + +child_life_time = 300 + # Pool exits after being idle for this many seconds +child_max_connections = 0 + # Pool exits after receiving that many connections + # 0 means no exit +connection_life_time = 0 + # Connection to backend closes after being idle for this many seconds + # 0 means no close +client_idle_limit = 0 + # Client is disconnected after being idle for that many seconds + # (even inside an explicit transactions!) + # 0 means no disconnection + + +#------------------------------------------------------------------------------ +# LOGS +#------------------------------------------------------------------------------ + +# - Where to log - + +log_destination = 'stderr' + # Where to log + # Valid values are combinations of stderr, + # and syslog. Default to stderr. + +# - What to log - + +print_timestamp = on + # Print timestamp on each line + # (change requires restart) + +log_connections = on + # Log connections +log_hostname = on + # Hostname will be shown in ps status + # and in logs if connections are logged +log_statement = on + # Log all statements +log_per_node_statement = off + # Log all statements + # with node and backend informations +log_standby_delay = 'if_over_threshold' + # Log standby delay + # Valid values are combinations of always, + # if_over_threshold, none + +# - Syslog specific - + +syslog_facility = 'LOCAL0' + # Syslog local facility. Default to LOCAL0 +syslog_ident = 'pgpool' + # Syslog program identification string + # Default to 'pgpool' + +# - Debug - + +debug_level = 1 + # Debug message verbosity level + # 0 means no message, 1 or more mean verbose + + +#------------------------------------------------------------------------------ +# FILE LOCATIONS +#------------------------------------------------------------------------------ + +pid_file_name = '/tmp/pgpool.pid' + # PID file name + # (change requires restart) +logdir = '/tmp' + # Directory of pgPool status file + # (change requires restart) + + +#------------------------------------------------------------------------------ +# CONNECTION POOLING +#------------------------------------------------------------------------------ + +connection_cache = off + # Activate connection pools + # (change requires restart) + + # Semicolon separated list of queries + # to be issued at the end of a session + # The default is for 8.3 and later +reset_query_list = 'ABORT; DISCARD ALL' + # The following one is for 8.2 and before +#reset_query_list = 'ABORT; RESET ALL; SET SESSION AUTHORIZATION DEFAULT' + + +#------------------------------------------------------------------------------ +# REPLICATION MODE +#------------------------------------------------------------------------------ + +replication_mode = off + # Activate replication mode + # (change requires restart) +replicate_select = off + # Replicate SELECT statements + # when in replication or parallel mode + # replicate_select is higher priority than + # load_balance_mode. + +insert_lock = off + # Automatically locks a dummy row or a table + # with INSERT statements to keep SERIAL data + # consistency + # Without SERIAL, no lock will be issued +lobj_lock_table = '' + # When rewriting lo_creat command in + # replication mode, specify table name to + # lock + +# - Degenerate handling - + +replication_stop_on_mismatch = off + # On disagreement with the packet kind + # sent from backend, degenerate the node + # which is most likely "minority" + # If off, just force to exit this session + +failover_if_affected_tuples_mismatch = off + # On disagreement with the number of affected + # tuples in UPDATE/DELETE queries, then + # degenerate the node which is most likely + # "minority". + # If off, just abort the transaction to + # keep the consistency + + +#------------------------------------------------------------------------------ +# LOAD BALANCING MODE +#------------------------------------------------------------------------------ + +load_balance_mode = on + # Activate load balancing mode + # (change requires restart) +ignore_leading_white_space = on + # Ignore leading white spaces of each query +white_function_list = '' + # Comma separated list of function names + # that don't write to database + # Regexp are accepted +black_function_list = 'currval,lastval,nextval,setval' + # Comma separated list of function names + # that write to database + # Regexp are accepted + + +#------------------------------------------------------------------------------ +# MASTER/SLAVE MODE +#------------------------------------------------------------------------------ + +master_slave_mode = on + # Activate master/slave mode + # (change requires restart) +master_slave_sub_mode = 'stream' + # Master/slave sub mode + # Valid values are combinations slony or + # stream. Default is slony. + # (change requires restart) + +# - Streaming - + +sr_check_period = 10 + # Streaming replication check period + # Disabled (0) by default +sr_check_user = '{{.Values.credentials.pgusername}}' + # Streaming replication check user + # This is neccessary even if you disable streaming + # replication delay check by sr_check_period = 0 +sr_check_password = '{{.Values.credentials.pgpassword}}' + # Password for streaming replication check user +delay_threshold = 10000000 + # Threshold before not dispatching query to standby node + # Unit is in bytes + # Disabled (0) by default + +# - Special commands - + +follow_master_command = '' + # Executes this command after master failover + # Special values: + # %d = node id + # %h = host name + # %p = port number + # %D = database cluster path + # %m = new master node id + # %H = hostname of the new master node + # %M = old master node id + # %P = old primary node id + # %r = new master port number + # %R = new master database cluster path + # %% = '%' character + + +#------------------------------------------------------------------------------ +# PARALLEL MODE +#------------------------------------------------------------------------------ + +parallel_mode = off + # Activates parallel query mode + # (change requires restart) +pgpool2_hostname = '' + # Set pgpool2 hostname + # (change requires restart) + +# - System DB info - + +#system_db_hostname = 'localhost' + # (change requires restart) +#system_db_port = 5432 + # (change requires restart) +#system_db_dbname = 'pgpool' + # (change requires restart) +#system_db_schema = 'pgpool_catalog' + # (change requires restart) +#system_db_user = 'pgpool' + # (change requires restart) +#system_db_password = '' + # (change requires restart) + + +#------------------------------------------------------------------------------ +# HEALTH CHECK +#------------------------------------------------------------------------------ + +health_check_period = 20 + # Health check period + # Disabled (0) by default +health_check_timeout = 10 + # Health check timeout + # 0 means no timeout +health_check_user = '{{.Values.credentials.pgusername}}' + # Health check user +health_check_password = '{{.Values.credentials.pgpassword}}' + # Password for health check user +health_check_max_retries = 3 +connect_timeout = 10000 # Timeout value in milliseconds before giving up to connect to backend. + + # Maximum number of times to retry a failed health check before giving up. +health_check_retry_delay = 1 + # Amount of time to wait (in seconds) between retries. + + +#------------------------------------------------------------------------------ +# FAILOVER AND FAILBACK +#------------------------------------------------------------------------------ + +failover_command = '' + # Executes this command at failover + # Special values: + # %d = node id + # %h = host name + # %p = port number + # %D = database cluster path + # %m = new master node id + # %H = hostname of the new master node + # %M = old master node id + # %P = old primary node id + # %r = new master port number + # %R = new master database cluster path + # %% = '%' character +failback_command = '' + # Executes this command at failback. + # Special values: + # %d = node id + # %h = host name + # %p = port number + # %D = database cluster path + # %m = new master node id + # %H = hostname of the new master node + # %M = old master node id + # %P = old primary node id + # %r = new master port number + # %R = new master database cluster path + # %% = '%' character + +fail_over_on_backend_error = off + # Initiates failover when reading/writing to the + # backend communication socket fails + # If set to off, pgpool will report an + # error and disconnect the session. + +search_primary_node_timeout = 10 + # Timeout in seconds to search for the + # primary node when a failover occurs. + # 0 means no timeout, keep searching + # for a primary node forever. + +#------------------------------------------------------------------------------ +# ONLINE RECOVERY +#------------------------------------------------------------------------------ + +recovery_user = '{{.Values.credentials.pgusername}}' + # Online recovery user +recovery_password = '{{.Values.credentials.pgpassword}}' + # Online recovery password +recovery_1st_stage_command = '' + # Executes a command in first stage +recovery_2nd_stage_command = '' + # Executes a command in second stage +recovery_timeout = 90 + # Timeout in seconds to wait for the + # recovering node's postmaster to start up + # 0 means no wait +client_idle_limit_in_recovery = 0 + # Client is disconnected after being idle + # for that many seconds in the second stage + # of online recovery + # 0 means no disconnection + # -1 means immediate disconnection + + +#------------------------------------------------------------------------------ +# WATCHDOG +#------------------------------------------------------------------------------ + +# - Enabling - + +use_watchdog = off + # Activates watchdog + # (change requires restart) + +# -Connection to up stream servers - + +trusted_servers = '' + # trusted server list which are used + # to confirm network connection + # (hostA,hostB,hostC,...) + # (change requires restart) +ping_path = '/bin' + # ping command path + # (change requires restart) + +# - Watchdog communication Settings - + +wd_hostname = '' + # Host name or IP address of this watchdog + # (change requires restart) +wd_port = 9000 + # port number for watchdog service + # (change requires restart) +wd_authkey = '' + # Authentication key for watchdog communication + # (change requires restart) + +# - Virtual IP control Setting - + +delegate_IP = '' + # delegate IP address + # If this is empty, virtual IP never bring up. + # (change requires restart) +ifconfig_path = '/sbin' + # ifconfig command path + # (change requires restart) +if_up_cmd = 'ifconfig eth0:0 inet $_IP_$ netmask 255.255.255.0' + # startup delegate IP command + # (change requires restart) +if_down_cmd = 'ifconfig eth0:0 down' + # shutdown delegate IP command + # (change requires restart) + +arping_path = '/usr/sbin' # arping command path + # (change requires restart) + +arping_cmd = 'arping -U $_IP_$ -w 1' + # arping command + # (change requires restart) + +# - Behaivor on escalation Setting - + +clear_memqcache_on_escalation = on + # Clear all the query cache on shared memory + # when standby pgpool escalate to active pgpool + # (= virtual IP holder). + # This should be off if client connects to pgpool + # not using virtual IP. + # (change requires restart) +wd_escalation_command = '' + # Executes this command at escalation on new active pgpool. + # (change requires restart) + +# - Lifecheck Setting - + +# -- common -- + +wd_lifecheck_method = 'heartbeat' + # Method of watchdog lifecheck ('heartbeat' or 'query') + # (change requires restart) +wd_interval = 10 + # lifecheck interval (sec) > 0 + # (change requires restart) + +# -- heartbeat mode -- + +wd_heartbeat_port = 9694 + # Port number for receiving heartbeat signal + # (change requires restart) +wd_heartbeat_keepalive = 2 + # Interval time of sending heartbeat signal (sec) + # (change requires restart) +wd_heartbeat_deadtime = 30 + # Deadtime interval for heartbeat signal (sec) + # (change requires restart) +heartbeat_destination0 = 'host0_ip1' + # Host name or IP address of destination 0 + # for sending heartbeat signal. + # (change requires restart) +heartbeat_destination_port0 = 9694 + # Port number of destination 0 for sending + # heartbeat signal. Usually this is the + # same as wd_heartbeat_port. + # (change requires restart) +heartbeat_device0 = '' + # Name of NIC device (such like 'eth0') + # used for sending/receiving heartbeat + # signal to/from destination 0. + # This works only when this is not empty + # and pgpool has root privilege. + # (change requires restart) + +#heartbeat_destination1 = 'host0_ip2' +#heartbeat_destination_port1 = 9694 +#heartbeat_device1 = '' + +# -- query mode -- + +wd_life_point = 3 + # lifecheck retry times + # (change requires restart) +wd_lifecheck_query = 'SELECT 1' + # lifecheck query to pgpool from watchdog + # (change requires restart) +wd_lifecheck_dbname = 'template1' + # Database name connected for lifecheck + # (change requires restart) +wd_lifecheck_user = 'nobody' + # watchdog user monitoring pgpools in lifecheck + # (change requires restart) +wd_lifecheck_password = '' + # Password for watchdog user in lifecheck + # (change requires restart) + +# - Other pgpool Connection Settings - + +#other_pgpool_hostname0 = 'host0' + # Host name or IP address to connect to for other pgpool 0 + # (change requires restart) +#other_pgpool_port0 = 5432 + # Port number for othet pgpool 0 + # (change requires restart) +#other_wd_port0 = 9000 + # Port number for othet watchdog 0 + # (change requires restart) +#other_pgpool_hostname1 = 'host1' +#other_pgpool_port1 = 5432 +#other_wd_port1 = 9000 + + +#------------------------------------------------------------------------------ +# OTHERS +#------------------------------------------------------------------------------ +relcache_expire = 0 + # Life time of relation cache in seconds. + # 0 means no cache expiration(the default). + # The relation cache is used for cache the + # query result against PostgreSQL system + # catalog to obtain various information + # including table structures or if it's a + # temporary table or not. The cache is + # maintained in a pgpool child local memory + # and being kept as long as it survives. + # If someone modify the table by using + # ALTER TABLE or some such, the relcache is + # not consistent anymore. + # For this purpose, cache_expiration + # controls the life time of the cache. +relcache_size = 256 + # Number of relation cache + # entry. If you see frequently: + # "pool_search_relcache: cache replacement happend" + # in the pgpool log, you might want to increate this number. + +check_temp_table = on + # If on, enable temporary table check in SELECT statements. + # This initiates queries against system catalog of primary/master + # thus increases load of master. + # If you are absolutely sure that your system never uses temporary tables + # and you want to save access to primary/master, you could turn this off. + # Default is on. + + +#------------------------------------------------------------------------------ +# ON MEMORY QUERY MEMORY CACHE +#------------------------------------------------------------------------------ +memory_cache_enabled = off + # If on, use the memory cache functionality, off by default +memqcache_method = 'shmem' + # Cache storage method. either 'shmem'(shared memory) or + # 'memcached'. 'shmem' by default + # (change requires restart) +memqcache_memcached_host = 'localhost' + # Memcached host name or IP address. Mandatory if + # memqcache_method = 'memcached'. + # Defaults to localhost. + # (change requires restart) +memqcache_memcached_port = 11211 + # Memcached port number. Mondatory if memqcache_method = 'memcached'. + # Defaults to 11211. + # (change requires restart) +memqcache_total_size = 67108864 + # Total memory size in bytes for storing memory cache. + # Mandatory if memqcache_method = 'shmem'. + # Defaults to 64MB. + # (change requires restart) +memqcache_max_num_cache = 1000000 + # Total number of cache entries. Mandatory + # if memqcache_method = 'shmem'. + # Each cache entry consumes 48 bytes on shared memory. + # Defaults to 1,000,000(45.8MB). + # (change requires restart) +memqcache_expire = 0 + # Memory cache entry life time specified in seconds. + # 0 means infinite life time. 0 by default. + # (change requires restart) +memqcache_auto_cache_invalidation = on + # If on, invalidation of query cache is triggered by corresponding + # DDL/DML/DCL(and memqcache_expire). If off, it is only triggered + # by memqcache_expire. on by default. + # (change requires restart) +memqcache_maxcache = 409600 + # Maximum SELECT result size in bytes. + # Must be smaller than memqcache_cache_block_size. Defaults to 400KB. + # (change requires restart) +memqcache_cache_block_size = 1048576 + # Cache block size in bytes. Mandatory if memqcache_method = 'shmem'. + # Defaults to 1MB. + # (change requires restart) +memqcache_oiddir = '/var/log/pgpool/oiddir' + # Temporary work directory to record table oids + # (change requires restart) +white_memqcache_table_list = '' + # Comma separated list of table names to memcache + # that don't write to database + # Regexp are accepted +black_memqcache_table_list = '' + # Comma separated list of table names not to memcache + # that don't write to database + # Regexp are accepted diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_hba.conf b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_hba.conf new file mode 100644 index 0000000000..d8918409e8 --- /dev/null +++ b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_hba.conf @@ -0,0 +1,67 @@ +# pgpool Client Authentication Configuration File a custom version +# =============================================== +# +# The format rule in this file follows the rules in the PostgreSQL +# Administrator's Guide. Refer to chapter "Client Authentication" for a +# complete description. A short synopsis follows. +# +# This file controls: which hosts are allowed to connect, how clients +# are authenticated, which user names they can use, which databases they +# can access. Records take one of these forms: +# +# local DATABASE USER METHOD [OPTION] +# host DATABASE USER CIDR-ADDRESS METHOD [OPTION] +# +# (The uppercase items must be replaced by actual values.) +# +# The first field is the connection type: "local" is a Unix-domain +# socket, "host" is either a plain or SSL-encrypted TCP/IP socket. +# +# DATABASE can be "all", "sameuser", a database name, or a comma-separated +# list thereof. Note that "samegroup" like in PostgreSQL's pg_hba.conf +# file is not supported, since pgpool does not know which group a user +# belongs to. Also note that the database specified here may not exist in +# the backend PostgreSQL. pgpool will authenticate based on the database's +# name, not based on whether it exists or not. +# +# USER can be "all", a user name, or a comma-separated list thereof. In +# both the DATABASE and USER fields you can also write a file name prefixed +# with "@" to include names from a separate file. Note that a group name +# prefixed with "+" like in PostgreSQL's pg_hba.conf file is not supported +# because of the same reason as "samegroup" token. Also note that a user +# name specified here may not exist in the backend PostgreSQL. pgpool will +# authenticate based on the user's name, not based on whether he/she exists. +# +# CIDR-ADDRESS specifies the set of hosts the record matches. +# It is made up of an IP address and a CIDR mask that is an integer +# (between 0 and 32 (IPv4) that specifies the number of significant bits in +# the mask. Alternatively, you can write an IP address and netmask in +# separate columns to specify the set of hosts. +# +# METHOD can be "trust", "reject", "md5" or "pam". Note that "pam" sends passwords +# in clear text. +# +# OPTION is the name of the PAM service. Default service name is "pgpool" +# +# Database and user names containing spaces, commas, quotes and other special +# characters must be quoted. Quoting one of the keywords "all" or "sameuser" +# makes the name lose its special character, and just match a database or +# username with that name. +# +# This file is read on pgpool startup. If you edit the file on a running +# system, you have to restart the pgpool for the changes to take effect. + +# Put your actual configuration here +# ---------------------------------- +# +# If you want to allow non-local connections, you need to add more +# "host" records. In that case you will also need to make pgpool listen +# on a non-local interface via the listen_addresses configuration parameter. +# + +# TYPE DATABASE USER CIDR-ADDRESS METHOD + +# "local" is for Unix domain socket connections only +#local all all trust +# IPv4 local connections: +host all all 0.0.0.0/0 md5 diff --git a/kubernetes/common/postgres/charts/pgpool/configs/pool_passwd b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_passwd index 3636d1de74..3636d1de74 100644 --- a/kubernetes/common/postgres/charts/pgpool/configs/pool_passwd +++ b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_passwd diff --git a/kubernetes/common/nfs-provisioner/requirements.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/requirements.yaml index 542c262ef0..5b097f3ab7 100644 --- a/kubernetes/common/nfs-provisioner/requirements.yaml +++ b/kubernetes/common/postgres-legacy/charts/pgpool/requirements.yaml @@ -1,4 +1,4 @@ -# Copyright © 2019 Amdocs, Bell Canada +# Copyright © 2018 Amdocs, AT&T, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/common/mysql/templates/storageclass.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/templates/configmap.yaml index bbe4562d0a..e2c77ff910 100644..100755 --- a/kubernetes/common/mysql/templates/storageclass.yaml +++ b/kubernetes/common/postgres-legacy/charts/pgpool/templates/configmap.yaml @@ -1,4 +1,3 @@ -{{/* # Copyright © 2017 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -12,18 +11,16 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -*/}} -{{ if not .Values.disableNfsProvisioner }} -kind: StorageClass -apiVersion: storage.k8s.io/v1 +apiVersion: v1 +kind: ConfigMap metadata: - name: "{{ include "common.fullname" . }}-mysql" + name: {{ include "common.fullname" . }}-pgpool-configmap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} -provisioner: {{ include "common.fullname" . }}/nfs -{{ end }} +data: +{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }} diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/templates/deployment.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/templates/deployment.yaml new file mode 100644 index 0000000000..15fa18d81d --- /dev/null +++ b/kubernetes/common/postgres-legacy/charts/pgpool/templates/deployment.yaml @@ -0,0 +1,68 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +kind: Deployment +apiVersion: extensions/v1beta1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: 2 + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - image: "{{.Values.repository}}/{{.Values.image}}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }} + env: + - name: PG_PRIMARY_SERVICE_NAME + value: {{.Values.container.name.primary}} + - name: PG_REPLICA_SERVICE_NAME + value: {{.Values.container.name.replica}} + - name: PG_USERNAME + value: {{.Values.credentials.pgusername}} + - name: PG_PASSWORD + value: {{.Values.credentials.pgpassword}} + ports: + - containerPort: 5432 + name: pgpool + protocol: TCP + readinessProbe: + tcpSocket: + port: 5432 + initialDelaySeconds: 20 + periodSeconds: 10 + livenessProbe: + tcpSocket: + port: 5432 + initialDelaySeconds: 15 + periodSeconds: 20 + volumeMounts: + - name: pgpool-pgconf + mountPath: /pgconf/pgpoolconfigdir + readOnly: false + volumes: + - name: pgpool-pgconf + configMap: + name: {{ include "common.fullname" . }}-pgpool-configmap diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/templates/service.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/templates/service.yaml new file mode 100644 index 0000000000..86442a2740 --- /dev/null +++ b/kubernetes/common/postgres-legacy/charts/pgpool/templates/service.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/common/nfs-provisioner/values.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/values.yaml index 687219d680..cb732b7cd7 100644 --- a/kubernetes/common/nfs-provisioner/values.yaml +++ b/kubernetes/common/postgres-legacy/charts/pgpool/values.yaml @@ -1,50 +1,44 @@ -# Copyright © 2019 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- persistence:
- mountPath: /dockerdata-nfs
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-
-dockerHubRepository: registry.hub.docker.com
-pullPolicy: Always
-
-# default number of instances
-
-nodeSelector: {}
-
-affinity: {}
-
-service:
- name: nfs-provisioner
- nfsPort: 2049
- mountdPort: 20048
- rpcbindPort: 111
- rpcbindUdpPort: 111
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
- mountPath: /dockerdata-nfs
-
-## NFS provisioner image properties
-nfsprovisionerRepository: quay.io
-nfsprovisionerImage: kubernetes_incubator/nfs-provisioner:v1.0.8
-
+# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + persistence: {} + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: crunchydata +image: crunchy-pgpool:centos7-10.4-2.0.0 +pullPolicy: Always + +container: + port: 5432 + name: + primary: pgset-primary + replica: pgset-replica +credentials: + pgusername: testuser + pgpassword: password +service: + name: pgpool + type: ClusterIP + externalPort: 5432 + internalPort: 5432 diff --git a/kubernetes/common/mysql/requirements.yaml b/kubernetes/common/postgres-legacy/requirements.yaml index 79d7de4dd3..5b097f3ab7 100644 --- a/kubernetes/common/mysql/requirements.yaml +++ b/kubernetes/common/postgres-legacy/requirements.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 Amdocs, AT&T, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/common/postgres-legacy/templates/pv.yaml b/kubernetes/common/postgres-legacy/templates/pv.yaml new file mode 100644 index 0000000000..bcd67d79cb --- /dev/null +++ b/kubernetes/common/postgres-legacy/templates/pv.yaml @@ -0,0 +1,45 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +{{- $global := . }} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" $global }}-data-{{ $i }} + namespace: {{ include "common.namespace" $global }} + labels: + app: {{ include "common.fullname" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }} +spec: + capacity: + storage: {{ $global.Values.persistence.size}} + accessModes: + - {{ $global.Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data" + hostPath: + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/multicloud/charts/multicloud-lenovo/templates/configmap.yaml b/kubernetes/common/postgres-legacy/templates/secrets.yaml index f6eb87eab1..29de3af260 100644 --- a/kubernetes/multicloud/charts/multicloud-lenovo/templates/configmap.yaml +++ b/kubernetes/common/postgres-legacy/templates/secrets.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright (c) 2019 Lenovo +# Copyright © 2018 Amdocs, AT&T, Bell Canada # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. @@ -13,16 +13,19 @@ # # See the License for the specific language governing permissions and # # limitations under the License. */}} - apiVersion: v1 -kind: ConfigMap +kind: Secret metadata: - name: {{ include "common.fullname" . }}-log-configmap + name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }} + app: {{ include "common.fullname" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} +type: Opaque data: -{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }} + pg-primary-password: {{ .Values.config.pgPrimaryPassword | b64enc | quote }} + pg-user-password: {{ .Values.config.pgUserPassword | b64enc | quote }} + pg-root-password: {{ .Values.config.pgRootPassword | b64enc | quote }} + diff --git a/kubernetes/common/postgres/templates/service.yaml b/kubernetes/common/postgres-legacy/templates/service.yaml index 2a4e369ef4..2a4e369ef4 100644 --- a/kubernetes/common/postgres/templates/service.yaml +++ b/kubernetes/common/postgres-legacy/templates/service.yaml diff --git a/kubernetes/common/postgres/templates/statefulset.yaml b/kubernetes/common/postgres-legacy/templates/statefulset.yaml index db4a256f12..7c38d1d9d7 100644 --- a/kubernetes/common/postgres/templates/statefulset.yaml +++ b/kubernetes/common/postgres-legacy/templates/statefulset.yaml @@ -37,23 +37,13 @@ spec: - /bin/sh - -c - | - for i in $(seq 0 $(({{ .Values.replicaCount }}-1))); do - if [ ! -d /podroot/data$i ]; then - mkdir -p /podroot/data$i; - chown 26:26 /podroot/data$i; - chmod 700 /podroot/data$i; - fi; - done - env: - - name: POD_NAME - valueFrom: { fieldRef: { fieldPath: metadata.name } } - securityContext: - privileged: true + chown -R 26:26 /podroot/; + chmod 700 /podroot/; image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: init-sysctl + name: {{ include "common.name" . }}-prepare volumeMounts: - - name: {{ include "common.fullname" . }}-init + - name: {{ include "common.fullname" . }}-data mountPath: /podroot/ containers: - name: {{ include "common.name" . }} @@ -129,27 +119,25 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: {{ include "common.fullname" . }}-init - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountInitPath }} - name: {{ include "common.fullname" . }}-backup emptyDir: {} -#{{ if not .Values.persistence.enabled }} +{{- if not .Values.persistence.enabled }} - name: {{ include "common.fullname" . }}-data emptyDir: {} -#{{ else }} +{{- else }} volumeClaimTemplates: - metadata: name: {{ include "common.fullname" . }}-data labels: name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" spec: - accessModes: [ {{ .Values.persistence.accessMode }} ] - storageClassName: {{ include "common.fullname" . }}-data + accessModes: + - {{ .Values.persistence.accessMode | quote }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: - storage: {{ .Values.persistence.size }} - selector: - matchLabels: - name: {{ include "common.fullname" . }} -#{{ end }} + storage: {{ .Values.persistence.size | quote }} +{{- end }} diff --git a/kubernetes/common/mysql/values.yaml b/kubernetes/common/postgres-legacy/values.yaml index 9fd67fcabc..8dd5d0aaac 100644 --- a/kubernetes/common/mysql/values.yaml +++ b/kubernetes/common/postgres-legacy/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 Amdocs, AT&T, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,31 +21,54 @@ global: readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - ################################################################# # Application configuration defaults. ################################################################# -dockerHubRepository: registry.hub.docker.com -image: library/mysql:5.7 +# BusyBox image +busyboxRepository: registry.hub.docker.com +busyboxImage: library/busybox:latest + +postgresRepository: crunchydata +image: crunchy-postgres:centos7-10.4-2.0.0 pullPolicy: Always # application configuration config: - dbRootPassword: openECOMP1.0 + pgUserName: testuser + pgDatabase: userdb + pgPrimaryPassword: password + pgUserPassword: password + pgRootPassword: password + +container: + name: + primary: pgset-primary + replica: pgset-replica + +pgpool: + container: + port: 5432 + name: + primary: pgset-primary + replica: pgset-replica + credentials: + pgusername: testuser + pgpassword: password + service: + name: pgpool + # default number of instances -replicaCount: 1 +replicaCount: 2 nodeSelector: {} affinity: {} -disableNfsProvisioner: true - # probe configuration parameters liveness: - initialDelaySeconds: 30 + initialDelaySeconds: 300 periodSeconds: 10 timeoutSeconds: 5 # necessary to disable liveness probe when setting breakpoints @@ -53,7 +76,7 @@ liveness: enabled: true readiness: - initialDelaySeconds: 5 + initialDelaySeconds: 10 periodSeconds: 10 ## Persist data to a persitent volume @@ -75,21 +98,22 @@ persistence: accessMode: ReadWriteOnce size: 1Gi mountPath: /dockerdata-nfs - mountSubPath: "mysql/data" - mysqlPath: /var/lib/mysql + mountSubPath: postgres/data + mountInitPath: postgres service: - name: mysql - portName: mysql - internalPort: 3306 - # nfs provisioner ports - nfsPort: 2049 - mountdPort: 20048 - rpcbindPort: 111 - rpcbindUdpPort: 111 - type: NodePort - nodeport1: 72 - nodeport2: 73 + type: ClusterIP + name: pgset + externalPort: 5432 + internalPort: 5432 + type2: ClusterIP + name2: pgset-primary + externalPort2: 5432 + internalPort2: 5432 + type3: ClusterIP + name3: pgset-replica + externalPort3: 5432 + internalPort3: 5432 ingress: enabled: false @@ -113,21 +137,3 @@ resources: {} # cpu: 2 # memory: 4Gi -################################################################# -# Sidecar Configuration. -# -# xtrabackup configuration defaults. -################################################################# -xtrabackupRepository: gcr.io/google-samples -xtrabackupImage: xtrabackup:1.0 -xtrabackup: - internalPort: 3307 - -nfsprovisionerRepository: quay.io -nfsprovisionerImage: kubernetes_incubator/nfs-provisioner:v1.0.8 -nfsprovisionerPrefix: mysql - -sdnctlPrefix: mysql - -geoEnabled: false -geoSiteId: 1 diff --git a/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf b/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf index d8918409e8..580185c6f0 100644 --- a/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf +++ b/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf @@ -65,3 +65,4 @@ #local all all trust # IPv4 local connections: host all all 0.0.0.0/0 md5 + diff --git a/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml b/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml index 15fa18d81d..a4b0ca8657 100644 --- a/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml +++ b/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml @@ -31,6 +31,33 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: + initContainers: + - name: {{ include "common.name" . }}-job + image: "{{.Values.repository}}/{{.Values.image}}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: pgpool-pgconf + mountPath: /pgconf/pgpoolconfigdir + readOnly: false + - name: pgpool-pgconf-static + mountPath: /configdir/ + readOnly: false + command: + - /bin/sh + args: + - -c + - | + cp /configdir/pgpool.conf /pgconf/pgpoolconfigdir/ + cp /configdir/pool_hba.conf /pgconf/pgpoolconfigdir/ + pg_md5 -f /pgconf/pgpoolconfigdir/pgpool.conf --md5auth --username=${PG_USER} ${PG_PASSWORD} + env: + - name: PG_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: db-user-password + - name: PG_USER + value: {{ index .Values.credentials.pgusername }} containers: - image: "{{.Values.repository}}/{{.Values.image}}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -43,7 +70,10 @@ spec: - name: PG_USERNAME value: {{.Values.credentials.pgusername}} - name: PG_PASSWORD - value: {{.Values.credentials.pgpassword}} + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: db-user-password ports: - containerPort: 5432 name: pgpool @@ -64,5 +94,7 @@ spec: readOnly: false volumes: - name: pgpool-pgconf + emptyDir: {} + - name: pgpool-pgconf-static configMap: name: {{ include "common.fullname" . }}-pgpool-configmap diff --git a/kubernetes/vid/charts/vid-mariadb-galera/templates/secrets.yaml b/kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml index 233158f791..b449faca92 100644 --- a/kubernetes/vid/charts/vid-mariadb-galera/templates/secrets.yaml +++ b/kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml @@ -24,5 +24,5 @@ metadata: heritage: "{{ .Release.Service }}" type: Opaque data: - db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }} - user-password: {{ default "" .Values.config.userPassword | b64enc | quote }}
\ No newline at end of file + db-user-password: {{ default "" .Values.credentials.pgpassword | b64enc | quote }} + diff --git a/kubernetes/common/postgres/charts/pgpool/templates/service.yaml b/kubernetes/common/postgres/charts/pgpool/templates/service.yaml index 86442a2740..4306b264b2 100644 --- a/kubernetes/common/postgres/charts/pgpool/templates/service.yaml +++ b/kubernetes/common/postgres/charts/pgpool/templates/service.yaml @@ -15,11 +15,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.name }} + name: {{ .Values.service.portName }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} + name: {{ .Values.service.portName }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/common/postgres/charts/pgpool/values.yaml b/kubernetes/common/postgres/charts/pgpool/values.yaml index cb732b7cd7..8ceff8f964 100644 --- a/kubernetes/common/postgres/charts/pgpool/values.yaml +++ b/kubernetes/common/postgres/charts/pgpool/values.yaml @@ -38,7 +38,8 @@ credentials: pgusername: testuser pgpassword: password service: - name: pgpool + name: pgpool + portName: tcp-postgres type: ClusterIP externalPort: 5432 internalPort: 5432 diff --git a/kubernetes/common/postgres/configs/pg_hba.conf b/kubernetes/common/postgres/configs/pg_hba.conf new file mode 100644 index 0000000000..580185c6f0 --- /dev/null +++ b/kubernetes/common/postgres/configs/pg_hba.conf @@ -0,0 +1,68 @@ +# pgpool Client Authentication Configuration File a custom version +# =============================================== +# +# The format rule in this file follows the rules in the PostgreSQL +# Administrator's Guide. Refer to chapter "Client Authentication" for a +# complete description. A short synopsis follows. +# +# This file controls: which hosts are allowed to connect, how clients +# are authenticated, which user names they can use, which databases they +# can access. Records take one of these forms: +# +# local DATABASE USER METHOD [OPTION] +# host DATABASE USER CIDR-ADDRESS METHOD [OPTION] +# +# (The uppercase items must be replaced by actual values.) +# +# The first field is the connection type: "local" is a Unix-domain +# socket, "host" is either a plain or SSL-encrypted TCP/IP socket. +# +# DATABASE can be "all", "sameuser", a database name, or a comma-separated +# list thereof. Note that "samegroup" like in PostgreSQL's pg_hba.conf +# file is not supported, since pgpool does not know which group a user +# belongs to. Also note that the database specified here may not exist in +# the backend PostgreSQL. pgpool will authenticate based on the database's +# name, not based on whether it exists or not. +# +# USER can be "all", a user name, or a comma-separated list thereof. In +# both the DATABASE and USER fields you can also write a file name prefixed +# with "@" to include names from a separate file. Note that a group name +# prefixed with "+" like in PostgreSQL's pg_hba.conf file is not supported +# because of the same reason as "samegroup" token. Also note that a user +# name specified here may not exist in the backend PostgreSQL. pgpool will +# authenticate based on the user's name, not based on whether he/she exists. +# +# CIDR-ADDRESS specifies the set of hosts the record matches. +# It is made up of an IP address and a CIDR mask that is an integer +# (between 0 and 32 (IPv4) that specifies the number of significant bits in +# the mask. Alternatively, you can write an IP address and netmask in +# separate columns to specify the set of hosts. +# +# METHOD can be "trust", "reject", "md5" or "pam". Note that "pam" sends passwords +# in clear text. +# +# OPTION is the name of the PAM service. Default service name is "pgpool" +# +# Database and user names containing spaces, commas, quotes and other special +# characters must be quoted. Quoting one of the keywords "all" or "sameuser" +# makes the name lose its special character, and just match a database or +# username with that name. +# +# This file is read on pgpool startup. If you edit the file on a running +# system, you have to restart the pgpool for the changes to take effect. + +# Put your actual configuration here +# ---------------------------------- +# +# If you want to allow non-local connections, you need to add more +# "host" records. In that case you will also need to make pgpool listen +# on a non-local interface via the listen_addresses configuration parameter. +# + +# TYPE DATABASE USER CIDR-ADDRESS METHOD + +# "local" is for Unix domain socket connections only +#local all all trust +# IPv4 local connections: +host all all 0.0.0.0/0 md5 + diff --git a/kubernetes/common/postgres/templates/configmap.yaml b/kubernetes/common/postgres/templates/configmap.yaml new file mode 100644 index 0000000000..7abd39b9b9 --- /dev/null +++ b/kubernetes/common/postgres/templates/configmap.yaml @@ -0,0 +1,27 @@ +# Copyright © 2019 Amdocs, Bell Canada, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }} + diff --git a/kubernetes/common/postgres/templates/deployment-primary.yaml b/kubernetes/common/postgres/templates/deployment-primary.yaml new file mode 100644 index 0000000000..9cb3007400 --- /dev/null +++ b/kubernetes/common/postgres/templates/deployment-primary.yaml @@ -0,0 +1,138 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }}-primary + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-primary + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: "{{ .Values.container.name.primary }}" +spec: + serviceName: {{ .Values.service.name }} + replicas: 1 + template: + metadata: + labels: + app: {{ include "common.name" . }}-primary + release: {{ .Release.Name }} + name: "{{ .Values.container.name.primary }}" + spec: + initContainers: + - name: init-sysctl + command: + - /bin/sh + - -c + - | + chown 26:26 /podroot/; + chmod 700 /podroot/; + image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-data + mountPath: /podroot/ + containers: + - name: {{ include "common.name" . }} + image: "{{ .Values.postgresRepository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + {{- end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: PGHOST + value: /tmp + - name: PG_PRIMARY_USER + value: primaryuser + - name: PG_MODE + value: primary + - name: PG_PRIMARY_HOST + value: "{{ .Values.container.name.primary }}" + - name: PG_REPLICA_HOST + value: "{{ .Values.container.name.replica }}" + - name: PG_PRIMARY_PORT + value: "{{ .Values.service.internalPort }}" + - name: PG_PRIMARY_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-primary-password + - name: PG_USER + value: "{{ .Values.config.pgUserName }}" + - name: PG_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-user-password + - name: PG_DATABASE + value: "{{ .Values.config.pgDatabase }}" + - name: PG_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-root-password + volumeMounts: + - name: pool-hba-conf + mountPath: /pgconf/pool_hba.conf + subPath: pool_hba.conf + - mountPath: /pgdata + name: {{ include "common.fullname" . }}-data + - mountPath: /backup + name: {{ include "common.fullname" . }}-backup + readOnly: true + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-backup + emptyDir: {} + - name: {{ include "common.fullname" . }}-data +{{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-primary +{{- else }} + emptyDir: {} +{{ end }} + - name: pool-hba-conf + configMap: + name: {{ include "common.fullname" . }} diff --git a/kubernetes/common/postgres/templates/deployment-replica.yaml b/kubernetes/common/postgres/templates/deployment-replica.yaml new file mode 100644 index 0000000000..8f09a2f48f --- /dev/null +++ b/kubernetes/common/postgres/templates/deployment-replica.yaml @@ -0,0 +1,138 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }}-replica + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-replica + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: "{{ .Values.container.name.replica }}" +spec: + serviceName: {{ .Values.service.name }} + replicas: 1 + template: + metadata: + labels: + app: {{ include "common.name" . }}-replica + release: {{ .Release.Name }} + name: "{{ .Values.container.name.replica }}" + spec: + initContainers: + - name: init-sysctl + command: + - /bin/sh + - -c + - | + chown 26:26 /podroot/; + chmod 700 /podroot/; + image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-data + mountPath: /podroot/ + containers: + - name: {{ include "common.name" . }} + image: "{{ .Values.postgresRepository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + {{end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: PGHOST + value: /tmp + - name: PG_PRIMARY_USER + value: primaryuser + - name: PG_MODE + value: replica + - name: PG_PRIMARY_HOST + value: "{{.Values.container.name.primary}}" + - name: PG_REPLICA_HOST + value: "{{.Values.container.name.replica}}" + - name: PG_PRIMARY_PORT + value: "{{.Values.service.internalPort}}" + - name: PG_PRIMARY_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-primary-password + - name: PG_USER + value: "{{.Values.config.pgUserName}}" + - name: PG_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-user-password + - name: PG_DATABASE + value: "{{.Values.config.pgDatabase}}" + - name: PG_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: pg-root-password + volumeMounts: + - name: pool-hba-conf + mountPath: /pgconf/pool_hba.conf + subPath: pool_hba.conf + - mountPath: /pgdata + name: {{ include "common.fullname" . }}-data + - mountPath: /backup + name: {{ include "common.fullname" . }}-backup + readOnly: true + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-backup + emptyDir: {} + - name: {{ include "common.fullname" . }}-data +{{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-replica +{{- else }} + emptyDir: {} +{{ end }} + - name: pool-hba-conf + configMap: + name: {{ include "common.fullname" . }} diff --git a/kubernetes/common/postgres/templates/pv.yaml b/kubernetes/common/postgres/templates/pv-primary.yaml index 144a3f793b..1764868ffc 100644 --- a/kubernetes/common/postgres/templates/pv.yaml +++ b/kubernetes/common/postgres/templates/pv-primary.yaml @@ -14,10 +14,11 @@ # # limitations under the License. */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if include "common.needPV" . -}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }}-data0 + name: {{ include "common.fullname" . }}-primary namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.fullname" . }} @@ -30,29 +31,9 @@ spec: storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" . }}-data" + storageClassName: "{{ include "common.fullname" . }}-primary" persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}0 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-data1 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" . }}-data" - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}1 + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}/primary +{{- end -}} {{- end -}} diff --git a/kubernetes/common/postgres/templates/pv-replica.yaml b/kubernetes/common/postgres/templates/pv-replica.yaml new file mode 100644 index 0000000000..b67cac0c26 --- /dev/null +++ b/kubernetes/common/postgres/templates/pv-replica.yaml @@ -0,0 +1,39 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if include "common.needPV" . -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-replica + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-replica" + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}/replica +{{- end -}} +{{- end -}} diff --git a/kubernetes/policy/charts/mariadb/templates/pvc.yaml b/kubernetes/common/postgres/templates/pvc-primary.yaml index 1deed4e92a..e529da1bd5 100644 --- a/kubernetes/policy/charts/mariadb/templates/pvc.yaml +++ b/kubernetes/common/postgres/templates/pvc-primary.yaml @@ -1,6 +1,5 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,31 +18,28 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-primary namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }} + app: {{ include "common.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} {{- if .Values.persistence.annotations }} annotations: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" +{{- if include "common.needPV" . }} + storageClassName: "{{ include "common.fullname" . }}-primary" {{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} + storageClassName: {{ include "common.storageClass" . }} {{- end }} + storageClassName: "{{ include "common.fullname" . }}-primary" {{- end -}} diff --git a/kubernetes/common/mongo/templates/pvc.yaml b/kubernetes/common/postgres/templates/pvc-replica.yaml index 372c106800..41199b6861 100644 --- a/kubernetes/common/mongo/templates/pvc.yaml +++ b/kubernetes/common/postgres/templates/pvc-replica.yaml @@ -18,7 +18,7 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ include "common.fullname" . }}-data + name: {{ include "common.fullname" . }}-replica namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.fullname" . }} @@ -36,8 +36,9 @@ spec: resources: requests: storage: {{ .Values.persistence.size }} - selector: - matchLabels: - name: {{ include "common.fullname" . }} - storageClassName: "{{ include "common.fullname" . }}-data" +{{- if include "common.needPV" . }} + storageClassName: "{{ include "common.fullname" . }}-replica" +{{- else }} + storageClassName: {{ include "common.storageClass" . }} +{{- end }} {{- end -}} diff --git a/kubernetes/multicloud/charts/multicloud-lenovo/templates/service.yaml b/kubernetes/common/postgres/templates/service-common.yaml index 43f735a96e..da0505cfa6 100644 --- a/kubernetes/multicloud/charts/multicloud-lenovo/templates/service.yaml +++ b/kubernetes/common/postgres/templates/service-common.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright (c) 2019 Lenovo +# Copyright © 2018 Amdocs, AT&T, Bell Canada # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. @@ -13,11 +13,10 @@ # # See the License for the specific language governing permissions and # # limitations under the License. */}} - apiVersion: v1 kind: Service metadata: - name: {{ include "common.servicename" . }} + name: {{ .Values.service.name }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -25,37 +24,18 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} annotations: - msb.onap.org/service-info: '[ - { - "serviceName": "multicloud-thinkcloud", - "version": "v0", - "url": "/api/multicloud-thinkcloud/v0", - "protocol": "REST", - "port": "{{ .Values.service.externalPort }}", - "visualRange": "1" - }, - { - "serviceName": "multicloud-thinkcloud", - "version": "v1", - "url": "/api/multicloud-thinkcloud/v1", - "protocol": "REST", - "port": "{{ .Values.service.externalPort }}", - "visualRange": "1" - } - ]' - spec: + type: {{ .Values.service.type }} ports: - {{ if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end }} + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} - type: {{ .Values.service.type }} diff --git a/kubernetes/common/postgres/templates/service-primary.yaml b/kubernetes/common/postgres/templates/service-primary.yaml new file mode 100644 index 0000000000..501c01ecfe --- /dev/null +++ b/kubernetes/common/postgres/templates/service-primary.yaml @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name2 }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-primary + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type2 }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.portName2 }} + {{- else -}} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName2 }} + {{- end}} + selector: + name: "{{.Values.container.name.primary}}" + release: {{ .Release.Name }} diff --git a/kubernetes/common/postgres/templates/service-replica.yaml b/kubernetes/common/postgres/templates/service-replica.yaml new file mode 100644 index 0000000000..34f76d125e --- /dev/null +++ b/kubernetes/common/postgres/templates/service-replica.yaml @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name3 }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-replica + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type3 }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort3 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} + name: {{ .Values.service.portName3 }} + {{- else -}} + - port: {{ .Values.service.externalPort3 }} + targetPort: {{ .Values.service.internalPort3 }} + name: {{ .Values.service.portName3 }} + {{- end}} + selector: + name: "{{.Values.container.name.replica}}" + release: {{ .Release.Name }} diff --git a/kubernetes/common/postgres/values.yaml b/kubernetes/common/postgres/values.yaml index 8dd5d0aaac..3104ee79d2 100644 --- a/kubernetes/common/postgres/values.yaml +++ b/kubernetes/common/postgres/values.yaml @@ -104,14 +104,17 @@ persistence: service: type: ClusterIP name: pgset + portName: tcp-postgres externalPort: 5432 internalPort: 5432 type2: ClusterIP - name2: pgset-primary + name2: tcp-pgset-primary + portName2: tcp-postgres externalPort2: 5432 internalPort2: 5432 type3: ClusterIP - name3: pgset-replica + name3: tcp-pgset-replica + portName3: tcp-postgres externalPort3: 5432 internalPort3: 5432 @@ -136,4 +139,3 @@ resources: {} # requests: # cpu: 2 # memory: 4Gi - diff --git a/kubernetes/consul/templates/ingress.yaml b/kubernetes/consul/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/consul/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/consul/values.yaml b/kubernetes/consul/values.yaml index 93fd6506a1..d55ea4666e 100644 --- a/kubernetes/consul/values.yaml +++ b/kubernetes/consul/values.yaml @@ -60,7 +60,13 @@ service: {} ingress: enabled: false - + service: + - baseaddr: "consul-server" + name: "consul-server" + port: 8800 + config: + ssl: "none" + resources: {} odl: diff --git a/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pv.yaml b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pv.yaml index a8cf9f6d9d..da68e3400c 100755 --- a/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pv.yaml +++ b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pv.yaml @@ -15,7 +15,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if not .Values.persistence.storageClass -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -33,7 +33,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} -{{- end -}}
\ No newline at end of file +{{- end -}} diff --git a/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pvc.yaml b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pvc.yaml index 52891ffda0..6d51a09232 100755 --- a/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pvc.yaml +++ b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pvc.yaml @@ -30,21 +30,10 @@ metadata: {{ .Values.persistence.annotations | indent 4 }} {{- end }} spec: -{{- if not .Values.persistence.storageClass }} - selector: - matchLabels: - name: {{ include "common.fullname" . }} -{{- end }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} diff --git a/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml b/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml index 79fe5104b2..09012ead47 100755 --- a/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml +++ b/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml @@ -64,7 +64,7 @@ persistence: # storageClass: "nfs-dev-sc" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 1Gi # When using storage class, mountPath and mountSubPath are diff --git a/kubernetes/contrib/charts/awx/charts/awx/values.yaml b/kubernetes/contrib/charts/awx/charts/awx/values.yaml index 5974de32ff..fd77a12c0b 100755 --- a/kubernetes/contrib/charts/awx/charts/awx/values.yaml +++ b/kubernetes/contrib/charts/awx/charts/awx/values.yaml @@ -23,10 +23,10 @@ global: # global defaults # application image repository: ansible image: - web: awx_web:latest - task: awx_task:latest + web: awx_web:9.0.1 + task: awx_task:9.0.1 rabbitmq: awx_rabbitmq:3.7.4 - memcached: memcached:latest + memcached: memcached:1.5.20 pullPolicy: Always # application configuration @@ -76,7 +76,7 @@ persistence: # storageClass: "nfs-dev-sc" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 5Gi # When using storage class, mountPath and mountSubPath are diff --git a/kubernetes/contrib/charts/awx/requirements.yaml b/kubernetes/contrib/charts/awx/requirements.yaml index 486fc6585c..ca8971c138 100755 --- a/kubernetes/contrib/charts/awx/requirements.yaml +++ b/kubernetes/contrib/charts/awx/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~4.x-0 + version: ~5.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pv.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pv.yaml index f741cba64c..d2783cc628 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pv.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pv.yaml @@ -19,20 +19,21 @@ kind: PersistentVolume apiVersion: v1 metadata: - name: {{ .Release.Name }}-{{ .Values.persistence.staticPvName }} + name: {{ include "common.fullname" . }}-data namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" - name: {{ .Release.Name }}-{{ .Values.persistence.staticPvName }} + name: {{ include "common.fullname" . }} spec: capacity: storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}/app {{- end -}} diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pvc.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pvc.yaml index 3489049602..a72d8277a4 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pvc.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pvc.yaml @@ -30,21 +30,10 @@ metadata: {{ .Values.persistence.annotations | indent 4 }} {{- end }} spec: -{{- if not .Values.persistence.storageClass }} - selector: - matchLabels: - name: {{ .Release.Name }}-{{ .Values.persistence.staticPvName }} -{{- end }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} - {{- if .Values.persistence.storageClass }} - {{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" - {{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" - {{- end }} - {{- end }} -{{- end -}}
\ No newline at end of file + storageClassName: {{ include "common.storageClass" . }} +{{- end -}} diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pv.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pv.yaml index a19f5001e5..9b6ee1b59a 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pv.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pv.yaml @@ -15,7 +15,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if not .Values.persistence.storageClass -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -33,7 +33,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} -{{- end -}}
\ No newline at end of file +{{- end -}} diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pvc.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pvc.yaml index 30bba6da31..022a0fa8d8 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pvc.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pvc.yaml @@ -30,21 +30,10 @@ metadata: {{ .Values.persistence.annotations | indent 4 }} {{- end }} spec: -{{- if not .Values.persistence.storageClass }} - selector: - matchLabels: - name: {{ include "common.fullname" . }} -{{- end }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} + storageClassName: {{ include "common.storageClass" . }} {{- end -}} diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml index f2def04359..1db2457171 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml @@ -64,7 +64,7 @@ persistence: # storageClass: "nfs-dev-sc" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 1Gi # When using storage class, mountPath and mountSubPath are diff --git a/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_cluster_config.yaml b/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_cluster_config.yaml new file mode 100644 index 0000000000..937828a759 --- /dev/null +++ b/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_cluster_config.yaml @@ -0,0 +1,317 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + +--- + +kind: ConfigMap +apiVersion: v1 +metadata: + name: nginx-configuration + namespace: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: tcp-services + namespace: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: udp-services + namespace: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: nginx-ingress-serviceaccount + namespace: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: nginx-ingress-clusterrole + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx +rules: + - apiGroups: + - "" + resources: + - configmaps + - endpoints + - nodes + - pods + - secrets + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - "extensions" + - "networking.k8s.io" + resources: + - ingresses + verbs: + - get + - list + - watch + - apiGroups: + - "extensions" + - "networking.k8s.io" + resources: + - ingresses/status + verbs: + - update + +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: Role +metadata: + name: nginx-ingress-role + namespace: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx +rules: + - apiGroups: + - "" + resources: + - configmaps + - pods + - secrets + - namespaces + verbs: + - get + - apiGroups: + - "" + resources: + - configmaps + resourceNames: + # Defaults to "<election-id>-<ingress-class>" + # Here: "<ingress-controller-leader>-<nginx>" + # This has to be adapted if you change either parameter + # when launching the nginx-ingress-controller. + - "ingress-controller-leader-nginx" + verbs: + - get + - update + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - apiGroups: + - "" + resources: + - endpoints + verbs: + - get + +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: RoleBinding +metadata: + name: nginx-ingress-role-nisa-binding + namespace: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: nginx-ingress-role +subjects: + - kind: ServiceAccount + name: nginx-ingress-serviceaccount + namespace: ingress-nginx + +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: nginx-ingress-clusterrole-nisa-binding + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: nginx-ingress-clusterrole +subjects: + - kind: ServiceAccount + name: nginx-ingress-serviceaccount + namespace: ingress-nginx + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nginx-ingress-controller + namespace: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + template: + metadata: + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + annotations: + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + spec: + serviceAccountName: nginx-ingress-serviceaccount + containers: + - name: nginx-ingress-controller + image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.25.1 + args: + - /nginx-ingress-controller + - --configmap=$(POD_NAMESPACE)/nginx-configuration + - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services + - --udp-services-configmap=$(POD_NAMESPACE)/udp-services + - --publish-service=$(POD_NAMESPACE)/ingress-nginx + - --annotations-prefix=nginx.ingress.kubernetes.io + - --enable-ssl-passthrough=true + securityContext: + allowPrivilegeEscalation: true + capabilities: + drop: + - ALL + add: + - NET_BIND_SERVICE + # www-data -> 33 + runAsUser: 33 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - name: http + containerPort: 80 + - name: https + containerPort: 443 + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 10 + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 10 + +--- +kind: Service +apiVersion: v1 +metadata: + name: ingress-nginx + namespace: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx +spec: + externalTrafficPolicy: Local + type: LoadBalancer + selector: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + ports: + - name: http + port: 80 + targetPort: http + - name: https + port: 443 + targetPort: https + +--- + +apiVersion: v1 +kind: Service +metadata: + name: ingress-nginx + namespace: ingress-nginx + labels: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx +spec: + type: NodePort + ports: + - name: http + port: 80 + targetPort: 80 + protocol: TCP + - name: https + port: 443 + targetPort: 443 + protocol: TCP + selector: + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + +--- + diff --git a/kubernetes/dcaegen2/Chart.yaml b/kubernetes/dcaegen2/Chart.yaml index 9c23194558..6dbd40679e 100644 --- a/kubernetes/dcaegen2/Chart.yaml +++ b/kubernetes/dcaegen2/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP DCAE Gen2 name: dcaegen2 -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/dcaegen2/Makefile b/kubernetes/dcaegen2/Makefile index fcd62da048..f10f2fc682 100644 --- a/kubernetes/dcaegen2/Makefile +++ b/kubernetes/dcaegen2/Makefile @@ -1,31 +1,48 @@ +# Copyright © 2019 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. make-dcaegen2: make-dcae-bootstrap make-dcae-cloudify-manager make-dcae-config-binding-service make-dcae-healthcheck make-dcae-redis make-dcae-servicechange-handler make-dcae-inventory-api make-dcae-deployment-handler make-dcae-policy-handler make-dcae-dashboard make-dcae-bootstrap: - cd charts && helm dep up dcae-bootstrap && helm lint dcae-bootstrap + cd components && helm dep up dcae-bootstrap && helm lint dcae-bootstrap make-dcae-cloudify-manager: - cd charts && helm dep up dcae-cloudify-manager && helm lint dcae-cloudify-manager + cd components && helm dep up dcae-cloudify-manager && helm lint dcae-cloudify-manager make-dcae-config-binding-service: - cd charts && helm dep up dcae-config-binding-service && helm lint dcae-config-binding-service + cd components && helm dep up dcae-config-binding-service && helm lint dcae-config-binding-service make-dcae-healthcheck: - cd charts && helm dep up dcae-healthcheck && helm lint dcae-healthcheck + cd components && helm dep up dcae-healthcheck && helm lint dcae-healthcheck make-dcae-redis: - cd charts && helm dep up dcae-redis && helm lint dcae-redis + cd components && helm dep up dcae-redis && helm lint dcae-redis make-dcae-servicechange-handler: - cd charts && helm dep up dcae-servicechange-handler && helm lint dcae-servicechange-handler + cd components && helm dep up dcae-servicechange-handler && helm lint dcae-servicechange-handler make-dcae-inventory-api: - cd charts/dcae-servicechange-handler/charts && helm dep up dcae-inventory-api && helm lint dcae-inventory-api + cd components && helm dep up dcae-inventory-api && helm lint dcae-inventory-api make-dcae-deployment-handler: - cd charts && helm dep up dcae-deployment-handler && helm lint dcae-deployment-handler + cd components && helm dep up dcae-deployment-handler && helm lint dcae-deployment-handler make-dcae-policy-handler: - cd charts && helm dep up dcae-policy-handler && helm lint dcae-policy-handler + cd components && helm dep up dcae-policy-handler && helm lint dcae-policy-handler make-dcae-dashboard: - cd charts && helm dep up dcae-dashboard && helm lint dcae-dashboard + cd components && helm dep up dcae-dashboard && helm lint dcae-dashboard + +clean: + @find . -type f -name '*.tgz' -delete + @find . -type f -name '*.lock' -delete diff --git a/kubernetes/dcaegen2/charts/dcae-redis/templates/pv.yaml b/kubernetes/dcaegen2/charts/dcae-redis/templates/pv.yaml deleted file mode 100644 index 5573179d87..0000000000 --- a/kubernetes/dcaegen2/charts/dcae-redis/templates/pv.yaml +++ /dev/null @@ -1,227 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}0 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}0 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}1 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}1 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}2 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}2 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}3 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}3 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}4 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}4 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}5 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}5 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}6 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}6 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}7 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}7 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}8 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}8 ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}9 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - storageClassName: manual - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}9 - -{{- end -}} diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/.helmignore b/kubernetes/dcaegen2/components/dcae-bootstrap/.helmignore index f0c1319444..f0c1319444 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/.helmignore +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/.helmignore diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/Chart.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/Chart.yaml index b92c9439e8..87b6a87ee2 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/Chart.yaml @@ -19,4 +19,4 @@ apiVersion: v1 description: ONAP DCAE Bootstrap name: dcae-bootstrap -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/requirements.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml index 4b650c06dd..6b90aa3144 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml @@ -20,6 +20,7 @@ dependencies: - name: common version: ~5.x-0 repository: '@local' - - name: postgres + - name: postgres-legacy version: ~5.x-0 repository: '@local' + alias: postgres diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/certs/cacert.pem b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/certs/cacert.pem index 897c8ae499..897c8ae499 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/certs/cacert.pem +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/certs/cacert.pem diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/dmaap-plugin.json b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/dmaap-plugin.json index 41404b0199..41404b0199 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/dmaap-plugin.json +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/dmaap-plugin.json diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json index d459d5bb95..d459d5bb95 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml index 2718e1882f..2718e1882f 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml index f330e647b4..f330e647b4 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-holmes_engine-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-holmes_engine-inputs.yaml index f6a4c7cf85..f6a4c7cf85 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-holmes_engine-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-holmes_engine-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-holmes_rules-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-holmes_rules-inputs.yaml index 7ede89e521..7ede89e521 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-holmes_rules-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-holmes_rules-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml index a6fbea1e1d..a6fbea1e1d 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-pgaas-initdb-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-pgaas-initdb-inputs.yaml index 23bb080690..23bb080690 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-pgaas-initdb-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-pgaas-initdb-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-prh-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-prh-inputs.yaml index 1491e731d8..1491e731d8 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-prh-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-prh-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml index aa2b9a3f18..aa2b9a3f18 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-tca-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tca-inputs.yaml index 9240094fa9..9240094fa9 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-tca-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tca-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml index 69e7cb76de..69e7cb76de 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/configmap.yaml index 21134ada9f..21134ada9f 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/configmap.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/configmap.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml index be5a769a37..be5a769a37 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/secret.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/secret.yaml index 87dc6cd219..87dc6cd219 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/secret.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/secret.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml index d1b9170e69..3ecdff7d5d 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml @@ -101,12 +101,12 @@ default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager # Use to override default setting in blueprints componentImages: - holmes_rules: onap/holmes/rule-management:1.2.6 - holmes_engine: onap/holmes/engine-management:1.2.5 + holmes_rules: onap/holmes/rule-management:1.2.7 + holmes_engine: onap/holmes/engine-management:1.2.6 tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.1.2 ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.4.5 snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0 - prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.3.1 + prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.3.2 hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.3.0 # Resource Limit flavor -By Default using small diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/.helmignore b/kubernetes/dcaegen2/components/dcae-cloudify-manager/.helmignore index f0c1319444..f0c1319444 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/.helmignore +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/.helmignore diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/Chart.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/Chart.yaml index 159e2b5933..5a23621f2a 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/Chart.yaml @@ -19,4 +19,4 @@ apiVersion: v1 description: ONAP DCAE Cloudify Manager name: dcae-cloudify-manager -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/README.md b/kubernetes/dcaegen2/components/dcae-cloudify-manager/README.md index c995a62c09..c995a62c09 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/README.md +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/README.md diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/requirements.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/requirements.yaml index 57ee781445..57ee781445 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/requirements.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/resources/config/config.txt b/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/config.txt index 7606ba55ae..7606ba55ae 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/resources/config/config.txt +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/config.txt diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/resources/config/log/filebeat.yml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/log/filebeat.yml index 1a3f693a12..1a3f693a12 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/resources/config/log/filebeat.yml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/log/filebeat.yml diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/configmap.yaml index b8dadaae89..b8dadaae89 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/configmap.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/configmap.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml index b3e90a2efb..2fd9a6d0a1 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml @@ -129,8 +129,12 @@ spec: hostPath: path: /etc/localtime - name: cm-persistent + {{- if .Values.persistence.enabled }} persistentVolumeClaim: claimName: {{ include "common.fullname" . }}-data + {{- else }} + emptyDir: {} + {{- end }} - emptyDir: {} name: tls-info imagePullSecrets: diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/job.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/job.yaml index bd0ea517f6..bd0ea517f6 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/job.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/job.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/namespace.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/namespace.yaml index 57cbe89cc1..57cbe89cc1 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/namespace.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/namespace.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/pv.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/pv.yaml index bef681ad27..b454b5ae44 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/pv.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/pv.yaml @@ -16,6 +16,8 @@ # limitations under the License. # ============LICENSE_END========================================================= +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) }} kind: PersistentVolume apiVersion: v1 metadata: @@ -28,10 +30,13 @@ metadata: heritage: "{{ .Release.Service }}" name: {{ include "common.fullname" . }} spec: - storageClassName: manual capacity: storage: {{ .Values.persistence.size }} accessModes: - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} +{{- end -}} diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/pvc.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/pvc.yaml index 6740082b37..c4de971f39 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/pvc.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/pvc.yaml @@ -14,6 +14,7 @@ # limitations under the License. # ============LICENSE_END========================================================= +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} kind: PersistentVolumeClaim apiVersion: v1 metadata: @@ -22,12 +23,10 @@ metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} spec: - storageClassName: manual accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} - selector: - matchLabels: - name: {{ include "common.fullname" . }}
\ No newline at end of file +{{- end -}} diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/secret.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/secret.yaml index d290204c03..d290204c03 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/secret.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/secret.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/service.yaml index 7eaf4b6ae2..7eaf4b6ae2 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/service.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/service.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml index d8db056f96..60fd7e55b3 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml @@ -105,3 +105,4 @@ persistence: size: 4Gi mountPath: /dockerdata-nfs mountSubPath: dcae-cm/data + volumeReclaimPolicy: Retain diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/Chart.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/Chart.yaml index f1aa82bc69..8d9a28a4b4 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-config-binding-service/Chart.yaml @@ -18,4 +18,4 @@ apiVersion: v1 description: ONAP DCAE Config Binding Service name: dcae-config-binding-service -version: 5.0.0
\ No newline at end of file +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/requirements.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/requirements.yaml index 57ee781445..57ee781445 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-config-binding-service/requirements.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml b/kubernetes/dcaegen2/components/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml index 1a3f693a12..1a3f693a12 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml +++ b/kubernetes/dcaegen2/components/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/configmap.yaml index a150cbd336..a150cbd336 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/configmap.yaml +++ b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/configmap.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/deployment.yaml index c3e63fb968..c3e63fb968 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/deployment.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/service.yaml index 8176e77c1e..8176e77c1e 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml +++ b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/service.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/values.yaml index 8cff544d93..8cff544d93 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-config-binding-service/values.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/.helmignore b/kubernetes/dcaegen2/components/dcae-dashboard/.helmignore index 50af031725..50af031725 100644 --- a/kubernetes/dcaegen2/charts/dcae-dashboard/.helmignore +++ b/kubernetes/dcaegen2/components/dcae-dashboard/.helmignore diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/Chart.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/Chart.yaml index 5250c17584..a46ea7ec52 100644 --- a/kubernetes/dcaegen2/charts/dcae-dashboard/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/Chart.yaml @@ -2,4 +2,4 @@ apiVersion: v1 appVersion: "1.0" description: DCAE Dashboard name: dcae-dashboard -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/requirements.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/requirements.yaml index b0e70b3c2f..b0e70b3c2f 100644 --- a/kubernetes/dcaegen2/charts/dcae-dashboard/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/requirements.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/resources/log/filebeat.yml b/kubernetes/dcaegen2/components/dcae-dashboard/resources/log/filebeat.yml index 0e5ee9bffa..0e5ee9bffa 100644 --- a/kubernetes/dcaegen2/charts/dcae-dashboard/resources/log/filebeat.yml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/resources/log/filebeat.yml diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/templates/configmap.yaml index 41d5826e13..41d5826e13 100644 --- a/kubernetes/dcaegen2/charts/dcae-dashboard/templates/configmap.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/templates/configmap.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/templates/deployment.yaml index 779844c0e3..779844c0e3 100644 --- a/kubernetes/dcaegen2/charts/dcae-dashboard/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/templates/deployment.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/templates/service.yaml index 39f16bd6b1..39f16bd6b1 100644 --- a/kubernetes/dcaegen2/charts/dcae-dashboard/templates/service.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/templates/service.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/values.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml index 615afc42c2..615afc42c2 100644 --- a/kubernetes/dcaegen2/charts/dcae-dashboard/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/.helmignore b/kubernetes/dcaegen2/components/dcae-deployment-handler/.helmignore index f0c1319444..f0c1319444 100644 --- a/kubernetes/dcaegen2/charts/dcae-deployment-handler/.helmignore +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/.helmignore diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/Chart.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/Chart.yaml index 042eb68648..e918b7717c 100644 --- a/kubernetes/dcaegen2/charts/dcae-deployment-handler/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/Chart.yaml @@ -18,4 +18,4 @@ apiVersion: v1 description: ONAP DCAE Deployment Handler name: dcae-deployment-handler -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/requirements.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/requirements.yaml index 2dabd190b1..2dabd190b1 100644 --- a/kubernetes/dcaegen2/charts/dcae-deployment-handler/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/requirements.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/config/config.json b/kubernetes/dcaegen2/components/dcae-deployment-handler/resources/config/config.json index 026355a909..026355a909 100644 --- a/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/config/config.json +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/resources/config/config.json diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/log/filebeat.yml b/kubernetes/dcaegen2/components/dcae-deployment-handler/resources/log/filebeat.yml index 0e5ee9bffa..0e5ee9bffa 100644 --- a/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/log/filebeat.yml +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/resources/log/filebeat.yml diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/configmap.yaml index 39af31a4f3..39af31a4f3 100644 --- a/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/configmap.yaml +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/configmap.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/deployment.yaml index a67197849f..a67197849f 100644 --- a/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/deployment.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/service.yaml index 088d381d50..088d381d50 100644 --- a/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/service.yaml +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/service.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml index 30893b6d7c..30893b6d7c 100644 --- a/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/Chart.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/Chart.yaml index c6db31d6f6..7c10b31b58 100644 --- a/kubernetes/dcaegen2/charts/dcae-healthcheck/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-healthcheck/Chart.yaml @@ -19,4 +19,4 @@ apiVersion: v1 description: ONAP DCAE Health Check name: dcae-healthcheck -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/requirements.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/requirements.yaml index 500ab3c5f9..500ab3c5f9 100644 --- a/kubernetes/dcaegen2/charts/dcae-healthcheck/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-healthcheck/requirements.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/templates/deployment.yaml index d38681d8c2..d38681d8c2 100644 --- a/kubernetes/dcaegen2/charts/dcae-healthcheck/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-healthcheck/templates/deployment.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/templates/service.yaml index cc5ffcefeb..cc5ffcefeb 100644 --- a/kubernetes/dcaegen2/charts/dcae-healthcheck/templates/service.yaml +++ b/kubernetes/dcaegen2/components/dcae-healthcheck/templates/service.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml index fb5a195e60..fb5a195e60 100644 --- a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/Chart.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/Chart.yaml index e1735ec8e3..face827504 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/Chart.yaml @@ -18,4 +18,4 @@ apiVersion: v1 description: ONAP DCAE Inventory API Service name: dcae-inventory-api -version: 5.0.0
\ No newline at end of file +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/requirements.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/requirements.yaml index 9136278557..3e79830cc1 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/requirements.yaml @@ -17,6 +17,7 @@ dependencies: - name: common version: ~5.x-0 repository: '@local' - - name: postgres + - name: postgres-legacy version: ~5.x-0 repository: '@local' + alias: postgres diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/resources/config/config.json b/kubernetes/dcaegen2/components/dcae-inventory-api/resources/config/config.json index c8c7dd79f1..c8c7dd79f1 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/resources/config/config.json +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/resources/config/config.json diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/configmap.yaml index 9cda43c499..9cda43c499 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/configmap.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/configmap.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml index 28eeae23a1..28eeae23a1 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/service.yaml index 088d381d50..088d381d50 100644 --- a/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/service.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/service.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/values.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml index 8e4430c37e..8e4430c37e 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/.helmignore b/kubernetes/dcaegen2/components/dcae-policy-handler/.helmignore index f0c1319444..f0c1319444 100644 --- a/kubernetes/dcaegen2/charts/dcae-policy-handler/.helmignore +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/.helmignore diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/Chart.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/Chart.yaml index d2b275b615..dfcc52e116 100644 --- a/kubernetes/dcaegen2/charts/dcae-policy-handler/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/Chart.yaml @@ -18,4 +18,4 @@ apiVersion: v1 description: ONAP DCAE Policy Handler name: dcae-policy-handler -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/requirements.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/requirements.yaml index 2dabd190b1..2dabd190b1 100644 --- a/kubernetes/dcaegen2/charts/dcae-policy-handler/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/requirements.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json b/kubernetes/dcaegen2/components/dcae-policy-handler/resources/config/config.json index 7342ca633a..7342ca633a 100644 --- a/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/resources/config/config.json diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/log/filebeat.yml b/kubernetes/dcaegen2/components/dcae-policy-handler/resources/log/filebeat.yml index 1a3f693a12..1a3f693a12 100644 --- a/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/log/filebeat.yml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/resources/log/filebeat.yml diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/configmap.yaml index 39af31a4f3..39af31a4f3 100644 --- a/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/configmap.yaml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/configmap.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml index 8c1c8741aa..8c1c8741aa 100644 --- a/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/service.yaml index 088d381d50..088d381d50 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/service.yaml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/service.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml index 3b15c55118..3b15c55118 100644 --- a/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-redis/.helmignore b/kubernetes/dcaegen2/components/dcae-redis/.helmignore index f0c1319444..f0c1319444 100644 --- a/kubernetes/dcaegen2/charts/dcae-redis/.helmignore +++ b/kubernetes/dcaegen2/components/dcae-redis/.helmignore diff --git a/kubernetes/dcaegen2/charts/dcae-redis/Chart.yaml b/kubernetes/dcaegen2/components/dcae-redis/Chart.yaml index 49ae5d27b5..d4c264f713 100644 --- a/kubernetes/dcaegen2/charts/dcae-redis/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-redis/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP DCAE Redis name: dcae-redis -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-redis/requirements.yaml b/kubernetes/dcaegen2/components/dcae-redis/requirements.yaml index c0e6595354..c0e6595354 100644 --- a/kubernetes/dcaegen2/charts/dcae-redis/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-redis/requirements.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-redis/resources/redis/scripts/redis-cluster-config.sh b/kubernetes/dcaegen2/components/dcae-redis/resources/redis/scripts/redis-cluster-config.sh index 49872863a9..49872863a9 100755 --- a/kubernetes/dcaegen2/charts/dcae-redis/resources/redis/scripts/redis-cluster-config.sh +++ b/kubernetes/dcaegen2/components/dcae-redis/resources/redis/scripts/redis-cluster-config.sh diff --git a/kubernetes/dcaegen2/charts/dcae-redis/templates/NOTES.txt b/kubernetes/dcaegen2/components/dcae-redis/templates/NOTES.txt index 0a386aa131..0a386aa131 100644 --- a/kubernetes/dcaegen2/charts/dcae-redis/templates/NOTES.txt +++ b/kubernetes/dcaegen2/components/dcae-redis/templates/NOTES.txt diff --git a/kubernetes/dcaegen2/charts/dcae-redis/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/configmap.yaml index 85ebee672b..85ebee672b 100644 --- a/kubernetes/dcaegen2/charts/dcae-redis/templates/configmap.yaml +++ b/kubernetes/dcaegen2/components/dcae-redis/templates/configmap.yaml diff --git a/kubernetes/dcaegen2/components/dcae-redis/templates/ingress.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/dcaegen2/components/dcae-redis/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/dcaegen2/components/dcae-redis/templates/pv.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/pv.yaml new file mode 100644 index 0000000000..29026044f1 --- /dev/null +++ b/kubernetes/dcaegen2/components/dcae-redis/templates/pv.yaml @@ -0,0 +1,45 @@ +{{/* +# Copyright © 2017 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +{{- $global := . }} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) }} +{{- range $i := until (int $global.Values.replicaCount)}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" $global }}-data-{{$i}} + namespace: {{ include "common.namespace" $global }} + labels: + app: {{ include "common.fullname" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }} +spec: + capacity: + storage: {{ $global.Values.persistence.size}} + accessModes: + - {{ $global.Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data" + hostPath: + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/dcaegen2/charts/dcae-redis/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/service.yaml index 636f512a53..636f512a53 100644 --- a/kubernetes/dcaegen2/charts/dcae-redis/templates/service.yaml +++ b/kubernetes/dcaegen2/components/dcae-redis/templates/service.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-redis/templates/statefulset.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/statefulset.yaml index 5a5b220e61..d5fa6340d3 100644 --- a/kubernetes/dcaegen2/charts/dcae-redis/templates/statefulset.yaml +++ b/kubernetes/dcaegen2/components/dcae-redis/templates/statefulset.yaml @@ -96,23 +96,27 @@ spec: - name: {{ include "common.fullname" . }}-scripts configMap: name: {{ include "common.fullname" . }}-scripts - defaultMode: 0755 + defaultMode: 0755 - name: localtime hostPath: path: /etc/localtime + {{- if not .Values.persistence.enabled }} + - name: {{ include "common.fullname" . }}-data + emptyDir: {} + {{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" + {{- if .Values.persistence.enabled }} volumeClaimTemplates: - metadata: name: {{ include "common.fullname" . }}-data labels: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }} spec: - accessModes: [ {{ .Values.persistence.accessMode }} ] - storageClassName: manual + accessModes: + - {{ .Values.persistence.accessMode | quote }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: - storage: {{ .Values.persistence.size }} - selector: - matchLabels: - name: {{ include "common.fullname" . }} + storage: {{ .Values.persistence.size | quote}} + {{- end }} diff --git a/kubernetes/dcaegen2/charts/dcae-redis/values.yaml b/kubernetes/dcaegen2/components/dcae-redis/values.yaml index 40812f2144..0b342e81bb 100644 --- a/kubernetes/dcaegen2/charts/dcae-redis/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-redis/values.yaml @@ -93,7 +93,15 @@ persistence: ingress: enabled: false - + service: + - baseaddr: "dcaeredis" + name: "dcae-redis" + port: 6379 + - baseaddr: "dcaeredisgossip" + name: "dcae-redis" + port: 16379 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/Chart.yaml b/kubernetes/dcaegen2/components/dcae-servicechange-handler/Chart.yaml index 64c891097c..3b96aca5b9 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-servicechange-handler/Chart.yaml @@ -18,4 +18,4 @@ apiVersion: v1 description: ONAP DCAE Service Change Handler name: dcae-servicechange-handler -version: 5.0.0
\ No newline at end of file +version: 6.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/requirements.yaml b/kubernetes/dcaegen2/components/dcae-servicechange-handler/requirements.yaml index 57ee781445..57ee781445 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-servicechange-handler/requirements.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/resources/config/config.json b/kubernetes/dcaegen2/components/dcae-servicechange-handler/resources/config/config.json index 4578d4c4ee..4578d4c4ee 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/resources/config/config.json +++ b/kubernetes/dcaegen2/components/dcae-servicechange-handler/resources/config/config.json diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-servicechange-handler/templates/configmap.yaml index 9cda43c499..9cda43c499 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/configmap.yaml +++ b/kubernetes/dcaegen2/components/dcae-servicechange-handler/templates/configmap.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-servicechange-handler/templates/deployment.yaml index d948d3425b..d948d3425b 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-servicechange-handler/templates/deployment.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-servicechange-handler/values.yaml index 0b88a65c69..0b88a65c69 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-servicechange-handler/values.yaml diff --git a/kubernetes/dcaegen2/requirements.yaml b/kubernetes/dcaegen2/requirements.yaml index ad039c205b..cd04d8a907 100644 --- a/kubernetes/dcaegen2/requirements.yaml +++ b/kubernetes/dcaegen2/requirements.yaml @@ -16,3 +16,44 @@ dependencies: - name: common version: ~5.x-0 repository: '@local' + - name: dcae-bootstrap + version: ~6.x-0 + repository: 'file://components/dcae-bootstrap' + condition: dcae-bootstrap.enabled + - name: dcae-cloudify-manager + version: ~6.x-0 + repository: 'file://components/dcae-cloudify-manager' + condition: dcae-cloudify-manager.enabled + - name: dcae-config-binding-service + version: ~6.x-0 + repository: 'file://components/dcae-config-binding-service' + condition: dcae-config-binding-service.enabled + - name: dcae-healthcheck + version: ~6.x-0 + repository: 'file://components/dcae-healthcheck' + condition: dcae-healthcheck.enabled + - name: dcae-redis + version: ~6.x-0 + repository: 'file://components/dcae-redis' + condition: dcae-redis.enabled + - name: dcae-servicechange-handler + version: ~6.x-0 + repository: 'file://components/dcae-servicechange-handler' + condition: dcae-servicechange-handler.enabled + - name: dcae-inventory-api + version: ~6.x-0 + repository: 'file://components/dcae-inventory-api' + condition: dcae-inventory-api.enabled + - name: dcae-deployment-handler + version: ~6.x-0 + repository: 'file://components/dcae-deployment-handler' + condition: dcae-deployment-handler.enabled + - name: dcae-policy-handler + version: ~6.x-0 + repository: 'file://components/dcae-policy-handler' + condition: dcae-policy-handler.enabled + - name: dcae-dashboard + version: ~6.x-0 + repository: 'file://components/dcae-dashboard' + condition: dcae-dashboard.enabled + diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties index bcfefe93cf..e43182daa3 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties +++ b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties @@ -25,7 +25,7 @@ # ##################################################### # Indicator for whether to use AAF -UseAAF: true +UseAAF: {{ .Values.global.aafEnabled }} # csit: stubs out some southbound APIs for csit csit: No diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/dmaap/onap.json b/kubernetes/dmaap/components/dmaap-bc/resources/dmaap/onap.json index 9099e046ed..23b111c8f3 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/dmaap/onap.json +++ b/kubernetes/dmaap/components/dmaap-bc/resources/dmaap/onap.json @@ -4,7 +4,7 @@ {{- else -}} "dmaapName": "{{ include "common.namespace" . }}", {{- end}} - "drProvUrl": "https://dmaap-dr-prov:8443", + "drProvUrl": "https://dmaap-dr-prov", "version": "1", "topicNsRoot": "org.onap.dmaap", "bridgeAdminTopic": "DCAE_MM_AGENT" diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml index fffd4db847..36963bfaf5 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml @@ -1,4 +1,3 @@ - # Modifications Copyright © 2018 Amdocs,Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -31,11 +30,8 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: - hostAliases: - - ip: "10.12.5.145" - hostnames: - - "aaf-onap-test.osaaf.org" initContainers: +{{- if .Values.global.aafEnabled }} - command: - /root/ready.py args: @@ -50,7 +46,41 @@ spec: image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-aaf-readiness -{{ if .Values.PG.enabled }} + - name: {{ include "common.name" . }}-dbc-aaf-config + image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"] + volumeMounts: + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.name" . }}-aaf-config + env: + - name: APP_FQI + value: "{{ .Values.aafConfig.fqi }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace }}:8095" + - name: aaf_locator_container + value: "{{ .Values.global.aafLocatorContainer }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_fqdn + value: "{{ .Values.aafConfig.fqdn }}" + - name: aaf_locator_public_fqdn + value: "{{.Values.aafConfig.publicFqdn}}" + - name: aaf_locator_app_ns + value: "{{ .Values.global.aafAppNs }}" + - name: DEPLOY_FQI + value: "{{ .Values.aafConfig.aafDeployFqi }}" + - name: DEPLOY_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "common.fullname" . }}-secret + key: aaf-deploy-password + - name: cadi_longitude + value: "{{ .Values.aafConfig.cadiLongitude }}" + - name: cadi_latitude + value: "{{ .Values.aafConfig.cadiLatitude }}" +{{- end }} +{{- if .Values.PG.enabled }} - command: - /root/ready.py args: @@ -73,7 +103,7 @@ spec: ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} - {{if eq .Values.liveness.enabled true }} + {{ if eq .Values.liveness.enabled true -}} livenessProbe: httpGet: port: {{ .Values.service.internalPort }} @@ -92,7 +122,6 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - # NOTE: on the following several configMaps, careful to include / at end # since there may be more than one file in each mountPath - name: {{ include "common.name" . }}-config @@ -100,9 +129,8 @@ spec: - name: {{ include "common.name" . }}-aaf-config mountPath: /opt/app/dmaapbc/etc/org.onap.dmaap-bc.props subPath: org.onap.dmaap-bc.props - resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/ingress.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-bc/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/nbi/charts/mariadb/templates/secrets.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/secrets.yaml index 254d86f8ee..ed5ba14dda 100644 --- a/kubernetes/nbi/charts/mariadb/templates/secrets.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/secrets.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada, Orange + +# Modifications Copyright © 2019 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,6 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +{{- if .Values.global.aafEnabled }} apiVersion: v1 kind: Secret metadata: @@ -24,5 +26,5 @@ metadata: heritage: {{ .Release.Service }} type: Opaque data: - db-user-password: {{ .Values.config.db.password | b64enc | quote }} - db-root-password: {{ .Values.config.db.root_password | b64enc | quote }} + aaf-deploy-password: {{ index .Values.aafConfig.aafDeployPass | b64enc | quote }} +{{- end }} diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml index 171ac45788..f0e9e179fa 100644 --- a/kubernetes/dmaap/components/dmaap-bc/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -47,6 +47,19 @@ topicMgrPwd: demo123456! adminUser: aaf_admin@people.osaaf.org adminPwd: demo123456! +#AAF local config +aafConfig: + aafDeployFqi: dmaap-bc@dmaap-bc.onap.org + aafDeployPass: demo123456! + fqdn: dmaap-bc + fqi: dmaap-bc@dmaap-bc.onap.org + publicFqdn: dmaap-bc.onap.org + cadiLatitude: 0.0 + cadiLongitude: 0.0 + +persistence: + aafCredsPath: /opt/app/osaaf/local + # for Casablanca default deployment, leave this true to # get a topic namespace that matches MR. When set to false, # it will compose the topic namespace using the kubernetes namespace value @@ -120,6 +133,12 @@ postgres: ingress: enabled: false + service: + - baseaddr: "dmaapbc" + name: "dmaap-bc" + port: 8443 + config: + ssl: "redirect" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties deleted file mode 100644 index 043bb8bced..0000000000 --- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties +++ /dev/null @@ -1,23 +0,0 @@ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US -cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile -cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -cadi_keystore_password=WGxd2P6MDo*Bi4+UdzWs{?$8 -cadi_key_password=WGxd2P6MDo*Bi4+UdzWs{?$8 -cadi_alias=dmaap-dr-node@dmaap-dr.onap.org -cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -cadi_truststore_password=)OBvCd{e{aWq.^mJJdX:S:1& - -aaf_env=DEV -aaf_locate_url=https://aaf-locate:8095 -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 -cadi_protocols=TLSv1.1,TLSv1.2 -cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1 -fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1 -gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1 - -cadi_latitude=53.423 -cadi_longitude=7.940 - -cadi_loglevel=INFO
\ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties index 4379dfbf1d..3a95b5a221 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties @@ -71,43 +71,19 @@ SpoolDir=/opt/app/datartr/spool # # The path to the redirection data file # -#RedirectionFile: etc/redirections.dat +RedirectionFile = etc/redirections.dat # # The type of keystore for https -# -KeyStoreType=jks -# -# The path to the keystore for https -# -KeyStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -# -# The password for the https keystore -# -KeyStorePassword=WGxd2P6MDo*Bi4+UdzWs{?$8 -# -# The password for the private key in the https keystore -# -KeyPassword=WGxd2P6MDo*Bi4+UdzWs{?$8 +KeyStoreType = PKCS12 # # The type of truststore for https -# -TrustStoreType=jks -# -# The path to the truststore for https -# -TrustStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -# -# The password for the https truststore -# -TrustStorePassword=)OBvCd{e{aWq.^mJJdX:S:1& +TrustStoreType = jks # # The path to the file used to trigger an orderly shutdown -# -QuiesceFile=etc/SHUTDOWN +QuiesceFile = etc/SHUTDOWN # # The key used to generate passwords for node to node transfers -# -NodeAuthKey=Node123! +NodeAuthKey = Node123! # # DR_NODE DEFAULT ENABLED TLS PROTOCOLS NodeHttpsProtocols = TLSv1.1|TLSv1.2 @@ -121,9 +97,9 @@ AAFInstance = legacy # AAF action to generate permission string - default should be publish AAFAction = publish # -# AAF URL to connect to AAF server -AafUrl = https://aaf-locate:8095 -# # AAF CADI enabled flag CadiEnabled = false +# +# AAF Props file path +AAFPropsFilePath = /opt/app/osaaf/local/org.onap.dmaap-dr.props diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/ingress.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/pv-aaf.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/pv-aaf.yaml new file mode 100644 index 0000000000..9b71b93290 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/pv-aaf.yaml @@ -0,0 +1,54 @@ +{{/* + # ============LICENSE_START======================================================= + # Copyright (C) 2019 Nordix Foundation. + # ================================================================================ + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + # + # SPDX-License-Identifier: Apache-2.0 + # ============LICENSE_END========================================================= +*/}} + + +{{- if .Values.global.aafEnabled }} +{{- $global := . }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} +--- +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" $global }}-aaf-props-{{ $i }} + namespace: {{ include "common.namespace" $global }} + labels: + app: {{ include "common.name" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }}-aaf-props +spec: + capacity: + storage: {{ $global.Values.persistence.aafCredsSize }} + accessModes: + - {{ $global.Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" $global }}-data-aaf-props" + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.aafCredsMountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/pv-event.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/pv-event.yaml new file mode 100644 index 0000000000..1dd7302695 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/pv-event.yaml @@ -0,0 +1,51 @@ +{{/* + # ============LICENSE_START======================================================= + # Copyright (C) 2019 Nordix Foundation. + # ================================================================================ + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + # + # SPDX-License-Identifier: Apache-2.0 + # ============LICENSE_END========================================================= +*/}} + +--- +{{- $global := . }} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" $global }}-event-logs-{{ $i }} + namespace: {{ include "common.namespace" $global }} + labels: + app: {{ include "common.fullname" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }}-event-logs +spec: + capacity: + storage: {{ $global.Values.persistence.eventLogSize}} + accessModes: + - {{ $global.Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data-event-logs" + hostPath: + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.eventLogsMountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/pv-spool.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/pv-spool.yaml new file mode 100644 index 0000000000..5e1c339815 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/pv-spool.yaml @@ -0,0 +1,50 @@ +{{/* + # ============LICENSE_START======================================================= + # Copyright (C) 2019 Nordix Foundation. + # ================================================================================ + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + # + # SPDX-License-Identifier: Apache-2.0 + # ============LICENSE_END========================================================= +*/}} + +{{- $global := . }} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" $global }}-spool-data-{{$i}} + namespace: {{ include "common.namespace" $global }} + labels: + app: {{ include "common.fullname" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }}-spool-data +spec: + capacity: + storage: {{ $global.Values.persistence.spoolSize}} + accessModes: + - {{ $global.Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" $global }}-data" + hostPath: + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.spoolMountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml index a190d0d7d2..7ab2f8356d 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml @@ -45,15 +45,51 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + {{- if .Values.global.aafEnabled }} + - name: {{ include "common.name" . }}-dr-node-aaf-config + image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-props + command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"] + env: + - name: APP_FQI + value: "{{ .Values.aafConfig.fqi }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace }}:8095" + - name: aaf_locator_container + value: "{{ .Values.global.aafLocatorContainer }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_fqdn + value: "{{ .Values.aafConfig.fqdn }}" + - name: aaf_locator_public_fqdn + value: "{{.Values.aafConfig.publicFqdn}}" + - name: aaf_locator_app_ns + value: "{{ .Values.global.aafAppNs }}" + - name: DEPLOY_FQI + value: "{{ .Values.aafConfig.aafDeployFqi }}" + - name: DEPLOY_PASSWORD + value: "{{ .Values.aafConfig.aafDeployPass }}" + - name: cadi_longitude + value: "{{ .Values.aafConfig.cadiLongitude }}" + - name: cadi_latitude + value: "{{ .Values.aafConfig.cadiLatitude }}" + {{- end }} - name: {{ include "common.name" . }}-permission-fixer image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: {{ .Values.persistence.spoolPath }} - name: {{ include "common.fullname" . }}-spool-data-pvc + name: {{ include "common.fullname" . }}-data - mountPath: {{ .Values.persistence.eventLogsPath }} - name: {{ include "common.fullname" . }}-event-logs-pvc - command: ["chown","-Rf","1000:1001", "/opt/app/datartr"] + name: {{ include "common.fullname" . }}-event-logs + {{- if .Values.global.aafEnabled }} + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-props + {{- end }} + command: ["chown","-Rf","1000:1001", "/opt/app/"] containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -74,26 +110,27 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: + {{- if .Values.global.aafEnabled }} + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-props + {{- end }} - mountPath: {{ .Values.persistence.spoolPath }} - name: {{ include "common.fullname" . }}-spool-data-pvc + name: {{ include "common.fullname" . }}-data - mountPath: {{ .Values.persistence.eventLogsPath }} - name: {{ include "common.fullname" . }}-event-logs-pvc + name: {{ include "common.fullname" . }}-event-logs - mountPath: /etc/localtime name: localtime readOnly: false - mountPath: /opt/app/datartr/etc/node.properties name: {{ include "common.fullname" . }}-config subPath: node.properties - - mountPath: /opt/app/datartr/etc/drNodeCadi.properties - name: {{ include "common.fullname" . }}-config - subPath: drNodeCadi.properties - mountPath: /opt/app/datartr/etc/logback.xml name: {{ include "common.fullname" . }}-log-conf subPath: logback.xml - mountPath: {{ .Values.global.loggingDirectory }} name: {{ include "common.fullname" . }}-logs resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} @@ -101,8 +138,8 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | indent 10 }} - {{- end }} - # Filebeat sidecar container + {{- end -}} + # Filebeat sidecar container - name: {{ include "common.name" . }}-filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -126,8 +163,6 @@ spec: items: - key: node.properties path: node.properties - - key: drNodeCadi.properties - path: drNodeCadi.properties - name: {{ include "common.fullname" . }}-log-conf configMap: name: {{ include "common.fullname" . }}-log @@ -136,34 +171,61 @@ spec: name: {{ include "common.fullname" . }}-dmaap-dr-node-filebeat-configmap - name: {{ include "common.fullname" . }}-data-filebeat emptyDir: {} + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + {{- if not .Values.persistence.enabled }} - name: {{ include "common.fullname" . }}-event-logs-pvc emptyDir: {} - - name: {{ include "common.fullname" . }}-logs + - name: {{ include "common.fullname" . }}-data + emptyDir: {} + {{- if .Values.global.aafEnabled }} + - name: {{ include "common.fullname" . }}-aaf-props-pvc emptyDir: {} + {{- end }} + {{- end }} +{{- if .Values.persistence.enabled }} volumeClaimTemplates: - metadata: - name: {{ include "common.fullname" . }}-spool-data-pvc + name: {{ include "common.fullname" . }}-data labels: name: {{ include "common.fullname" . }} spec: - accessModes: [ {{ .Values.persistence.accessMode }} ] - storageClassName: {{ include "common.fullname" . }}-spool-data-stcl + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.spoolSize }} - selector: - matchLabels: - name: {{ include "common.fullname" . }}-spool-data-pv - metadata: - name: {{ include "common.fullname" . }}-event-logs-pvc + name: {{ include "common.fullname" . }}-event-logs labels: name: {{ include "common.fullname" . }} spec: - accessModes: [ {{ .Values.persistence.accessMode }} ] - storageClassName: {{ include "common.fullname" . }}-event-logs-stcl + accessModes: + - {{ .Values.persistence.accessMode }} + {{- if eq "True" (include "common.needPV" .) }} + storageClassName: "{{ include "common.fullname" . }}-data-event-logs" + {{- else }} + storageClassName: {{ include "common.storageClass" . }} + {{- end }} resources: requests: storage: {{ .Values.persistence.eventLogSize }} - selector: - matchLabels: - name: {{ include "common.fullname" . }}-event-logs-pv +{{- if .Values.global.aafEnabled }} + - metadata: + name: {{ include "common.fullname" . }}-aaf-props + labels: + name: {{ include "common.fullname" . }} + spec: + accessModes: + - {{ .Values.persistence.accessMode }} + {{- if eq "True" (include "common.needPV" .) }} + storageClassName: "{{ include "common.fullname" . }}-data-aaf-props" + {{- else }} + storageClassName: {{ include "common.storageClass" . }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.aafCredsSize }} +{{- end }} +{{- end }} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index b5e459b6b9..1b992af27e 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -17,14 +17,12 @@ ################################################################# global: loggingDirectory: /var/log/onap/datarouter - busyBoxImage: busybox:1.30 - busyBoxRepository: docker.io ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-node:2.1.2 +image: onap/dmaap/datarouter-node:2.1.3 pullPolicy: Always # flag to enable debugging - application support required @@ -58,15 +56,36 @@ persistence: mountPath: /dockerdata-nfs spoolMountSubPath: data-router/dr-node/spool-data - spoolSize: 1Gi + spoolSize: 2Gi spoolPath: /opt/app/datartr/spool eventLogsMountSubPath: data-router/dr-node/event-logs - eventLogSize: 1Gi + eventLogSize: 2Gi eventLogsPath: /opt/app/datartr/logs + aafCredsMountSubPath: data-router/dr-node/aaf-props + aafCredsSize: 10M + aafCredsPath: /opt/app/osaaf/local + +#AAF local config +aafConfig: + aafDeployFqi: dmaap-dr@dmaap-dr.onap.org + aafDeployPass: demo123456! + fqdn: dmaap-dr-node + fqi: dmaap-dr-node@dmaap-dr.onap.org + publicFqdn: dmaap-dr.onap.org + cadiLatitude: 0.0 + cadiLongitude: 0.0 + + ingress: enabled: false + service: + - baseaddr: "dmaapdrnode" + name: "dmaap-dr-node" + port: 8443 + config: + ssl: "redirect" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties deleted file mode 100644 index 79abe22a6a..0000000000 --- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties +++ /dev/null @@ -1,23 +0,0 @@ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US -cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile -cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -cadi_keystore_password=FZNkU,B%NJzcT1v7;^v]M#ZX -cadi_key_password=FZNkU,B%NJzcT1v7;^v]M#ZX -cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org -cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -cadi_truststore_password=+mzf@J.D^;3!![*Xr.z$c#?b - -aaf_env=DEV -aaf_locate_url=https://aaf-locate:8095 -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 -cadi_protocols=TLSv1.1,TLSv1.2 -cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1 -fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1 -gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1 - -cadi_latitude=53.423 -cadi_longitude=7.940 - -cadi_loglevel=INFO
\ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties index 52f1f3f5c0..c7714d33a4 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties @@ -23,16 +23,12 @@ #Jetty Server properties -org.onap.dmaap.datarouter.provserver.http.port = {{.Values.global.dmaapDrProvExtPort}} -org.onap.dmaap.datarouter.provserver.https.port = {{.Values.global.dmaapDrProvExtPort2}} +org.onap.dmaap.datarouter.provserver.http.port = {{.Values.config.dmaapDrProv.internalPort}} +org.onap.dmaap.datarouter.provserver.https.port = {{.Values.config.dmaapDrProv.internalPort2}} org.onap.dmaap.datarouter.provserver.https.relaxation = true -org.onap.dmaap.datarouter.provserver.keymanager.password = FZNkU,B%NJzcT1v7;^v]M#ZX -org.onap.dmaap.datarouter.provserver.keystore.type = jks -org.onap.dmaap.datarouter.provserver.keystore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -org.onap.dmaap.datarouter.provserver.keystore.password = FZNkU,B%NJzcT1v7;^v]M#ZX -org.onap.dmaap.datarouter.provserver.truststore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -org.onap.dmaap.datarouter.provserver.truststore.password = +mzf@J.D^;3!![*Xr.z$c#?b +org.onap.dmaap.datarouter.provserver.aafprops.path = /opt/app/osaaf/local/org.onap.dmaap-dr.props + org.onap.dmaap.datarouter.provserver.accesslog.dir = /opt/app/datartr/logs org.onap.dmaap.datarouter.provserver.spooldir = /opt/app/datartr/spool org.onap.dmaap.datarouter.provserver.dbscripts = /opt/app/datartr/etc/misc @@ -61,6 +57,3 @@ org.onap.dmaap.datarouter.provserver.aaf.instance = legacy org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe -# AAF URL to connect to AAF server -org.onap.dmaap.datarouter.provserver.cadi.aaf.url = https://aaf-locate:8095 - diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml index ea487d0571..96839b52d7 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml @@ -31,56 +31,109 @@ spec: spec: hostname: {{ .Values.global.dmaapDrProvName }} initContainers: - - command: - - /root/ready.py - args: - - --container-name - - {{ .Values.config.dmaapDrDb.mariadbContName }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + - name: {{ include "common.name" . }}-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - {{ .Values.config.dmaapDrDb.mariadbContName }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + {{- if .Values.global.aafEnabled }} + - name: {{ include "common.name" . }}-aaf-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - aaf-locate + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: {{ include "common.name" . }}-dr-prov-aaf-config + image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"] + volumeMounts: + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-config-vol + env: + - name: APP_FQI + value: "{{ .Values.aafConfig.fqi }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace }}:8095" + - name: aaf_locator_container + value: "{{ .Values.global.aafLocatorContainer }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_fqdn + value: "{{ .Values.aafConfig.fqdn }}" + - name: aaf_locator_public_fqdn + value: "{{.Values.aafConfig.publicFqdn}}" + - name: aaf_locator_app_ns + value: "{{ .Values.global.aafAppNs }}" + - name: DEPLOY_FQI + value: "{{ .Values.aafConfig.aafDeployFqi }}" + - name: DEPLOY_PASSWORD + value: "{{ .Values.aafConfig.aafDeployPass }}" + - name: cadi_longitude + value: "{{ .Values.aafConfig.cadiLongitude }}" + - name: cadi_latitude + value: "{{ .Values.aafConfig.cadiLatitude }}" + - name: {{ include "common.name" . }}-permission-fixer + image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-config-vol + command: ["chown","-Rf","1000:1001", "/opt/app/"] + {{ end }} containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - - containerPort: {{ .Values.global.dmaapDrProvExtPort }} - - containerPort: {{ .Values.global.dmaapDrProvExtPort2 }} + - containerPort: {{ .Values.config.dmaapDrProv.internalPort }} {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.global.dmaapDrProvExtPort }} + port: {{ .Values.config.dmaapDrProv.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.global.dmaapDrProvExtPort }} + port: {{ .Values.config.dmaapDrProv.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: + {{- if .Values.global.aafEnabled }} + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-config-vol + {{- end }} - mountPath: /etc/localtime name: localtime readOnly: false - mountPath: /opt/app/datartr/etc/provserver.properties name: {{ include "common.fullname" . }}-config subPath: provserver.properties - - mountPath: /opt/app/datartr/etc/drProvCadi.properties - name: {{ include "common.fullname" . }}-config - subPath: drProvCadi.properties - mountPath: /opt/app/datartr/etc/logback.xml name: {{ include "common.fullname" . }}-log-conf subPath: logback.xml - mountPath: {{ .Values.global.loggingDirectory }} name: {{ include "common.fullname" . }}-logs resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} @@ -88,8 +141,8 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | indent 10 }} - {{- end }} - # Filebeat sidecar container + {{- end -}} + # Filebeat sidecar container - name: {{ include "common.name" . }}-filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -111,8 +164,6 @@ spec: items: - key: provserver.properties path: provserver.properties - - key: drProvCadi.properties - path: drProvCadi.properties - name: {{ include "common.fullname" . }}-log-conf configMap: name: {{ include "common.fullname" . }}-log @@ -123,5 +174,14 @@ spec: emptyDir: {} - name: {{ include "common.fullname" . }}-logs emptyDir: {} + {{- if .Values.global.aafEnabled }} + - name: {{ include "common.fullname" . }}-aaf-config-vol + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-aaf-props + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/ingress.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml index 7b71bb03a2..acf87b81a9 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml @@ -39,12 +39,10 @@ spec: {{ end }} - name: REQUESTID value: "{{.Chart.Name}}-post-install" - volumeMounts: - mountPath: /etc/localtime name: localtime readOnly: true - # NOTE: on the following several configMaps, careful to include / at end # since there may be more than one file in each mountPath # NOTE: the basename of the subdirectory is important - it matches the DBCL API URI diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/pv.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml index 016a6ea023..fba1bf9036 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/pv.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml @@ -17,45 +17,29 @@ # SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= */}} - +{{- if .Values.global.aafEnabled }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }}-spool-data-pv + name: {{ include "common.fullname" . }}-aaf-props namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }} + app: {{ include "common.name" . }}-aaf-props chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }}-spool-data-pv + name: {{ include "common.fullname" . }}-aaf-props spec: capacity: - storage: {{ .Values.persistence.spoolSize }} + storage: {{ .Values.persistence.aafCredsSize}} accessModes: - {{ .Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" . }}-spool-data-stcl" + storageClassName: "{{ include "common.fullname" . }}-data" persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: - path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.spoolMountSubPath }} ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-event-logs-pv - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }}-event-logs-pv -spec: - capacity: - storage: {{ .Values.persistence.eventLogSize }} - accessModes: - - {{ .Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" . }}-event-logs-stcl" - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.eventLogsMountSubPath }}
\ No newline at end of file + path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.aafCredsMountSubPath }} +{{ end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml new file mode 100644 index 0000000000..b75daf5f12 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml @@ -0,0 +1,44 @@ +{{/* + # ============LICENSE_START======================================================= + # Copyright (C) 2019 Nordix Foundation. + # ================================================================================ + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + # + # SPDX-License-Identifier: Apache-2.0 + # ============LICENSE_END========================================================= +*/}} +{{- if .Values.global.aafEnabled }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-aaf-props + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} + resources: + requests: + storage: {{ .Values.persistence.aafCredsSize }} +{{ end -}} +{{ end -}} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml index 7a94fdb2cd..734ab72c03 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml @@ -38,7 +38,7 @@ metadata: spec: type: {{ .Values.config.dmaapDrProv.servicetype }} ports: - {{if eq .Values.config.dmaapDrProv.servicetype "NodePort" -}} + {{- if eq .Values.config.dmaapDrProv.servicetype "NodePort" -}} {{- if .Values.global.allow_http }} - port: {{ .Values.global.dmaapDrProvExtPort }} targetPort: {{ .Values.config.dmaapDrProv.internalPort }} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index 195bcb47be..80b15c7063 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -23,7 +23,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-prov:2.1.2 +image: onap/dmaap/datarouter-prov:2.1.3 pullPolicy: Always # flag to enable debugging - application support required @@ -52,30 +52,22 @@ readiness: ## Persist data to a persitent volume persistence: - enabled: false + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + mountPath: /dockerdata-nfs + + aafCredsMountSubPath: data-router/dr-prov/aaf-props + aafCredsSize: 10M + aafCredsPath: /opt/app/osaaf/local ingress: enabled: false - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 2000m - memory: 4Gi - requests: - cpu: 500m - memory: 1Gi - large: - limits: - cpu: 4000m - memory: 8Gi - requests: - cpu: 1000m - memory: 2Gi - unlimited: {} + service: + - baseaddr: "dmaapdrprov" + name: "dmaap-dr-prov" + port: 8443 + config: + ssl: "redirect" config: # dr provisioning server configuration @@ -111,3 +103,33 @@ mariadb: size: 1Gi mountSubPath: data-router/dr-db-data disableNfsProvisioner: true + +#AAF local config +aafConfig: + aafDeployFqi: dmaap-dr@dmaap-dr.onap.org + aafDeployPass: demo123456! + fqdn: dmaap-dr-prov + fqi: dmaap-dr-prov@dmaap-dr.onap.org + publicFqdn: dmaap-dr.onap.org + cadiLatitude: 0.0 + cadiLongitude: 0.0 + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2000m + memory: 4Gi + requests: + cpu: 500m + memory: 1Gi + large: + limits: + cpu: 4000m + memory: 8Gi + requests: + cpu: 1000m + memory: 2Gi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/pv.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/pv.yaml index 44c9576abe..3dca738273 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/pv.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/pv.yaml @@ -12,28 +12,30 @@ # See the License for the specific language governing permissions and # limitations under the License. -{{- $root := . -}} +{{- $global := . -}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{ range $i, $e := until (atoi (quote $global.Values.replicaCount) | default 3) }} --- apiVersion: v1 kind: PersistentVolume metadata: - name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }} - namespace: {{ $root.Release.Namespace }} + name: {{ $global.Release.Name }}-{{ $global.Values.service.name }}-{{ $i }} + namespace: {{ $global.Release.Namespace }} labels: - app: {{ $root.Values.service.name }} - chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} - release: {{ $root.Release.Name }} - heritage: {{ $root.Release.Service }} + app: {{ $global.Values.service.name }} + chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }} + release: {{ $global.Release.Name }} + heritage: {{ $global.Release.Service }} spec: capacity: - storage: {{ $root.Values.persistence.size }} + storage: {{ $global.Values.persistence.size }} accessModes: - - {{ $root.Values.persistence.accessMode }} + - {{ $global.Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }} - persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }} + path: {{ $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} +{{ end }} {{ end }} {{ end }} - diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml index bfe4b11ba7..104a46bd51 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml @@ -113,12 +113,14 @@ spec: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end }} readinessProbe: tcpSocket: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} env: - name: HOST_IP valueFrom: @@ -185,15 +187,10 @@ spec: spec: accessModes: - {{ .Values.persistence.accessMode | quote }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size | quote }} - selector: - matchLabels: - release: "{{ .Release.Name }}" - app: {{ .Values.service.name }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - heritage: "{{ .Release.Service }}" {{ end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml index f5a7c7ebb5..873e72e0d2 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml @@ -71,6 +71,7 @@ tolerations: {} liveness: initialDelaySeconds: 60 periodSeconds: 10 + timeoutSeconds: 1 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true @@ -78,6 +79,7 @@ liveness: readiness: initialDelaySeconds: 60 periodSeconds: 10 + timeoutSeconds: 1 ## Persist data to a persitent volume persistence: diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml index 51c4149094..64e51339c4 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml @@ -73,6 +73,7 @@ spec: - "rm /tmp/lprobe.txt" initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end }} readinessProbe: exec: @@ -83,6 +84,7 @@ spec: - "rm /tmp/rprobe.txt" initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} env: - name: KAFKA_HEAP_OPTS value: "{{ .Values.kafkaHeapOptions }}" diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml index 2f63406a08..676f6342f4 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml @@ -56,6 +56,7 @@ affinity: {} liveness: initialDelaySeconds: 60 periodSeconds: 20 + timeoutSeconds: 5 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true @@ -63,6 +64,7 @@ liveness: readiness: initialDelaySeconds: 60 periodSeconds: 20 + timeoutSeconds: 5 service: diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/pv.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/pv.yaml index 44c9576abe..3dca738273 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/pv.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/pv.yaml @@ -12,28 +12,30 @@ # See the License for the specific language governing permissions and # limitations under the License. -{{- $root := . -}} +{{- $global := . -}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }} +{{- if eq "True" (include "common.needPV" .) -}} +{{ range $i, $e := until (atoi (quote $global.Values.replicaCount) | default 3) }} --- apiVersion: v1 kind: PersistentVolume metadata: - name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }} - namespace: {{ $root.Release.Namespace }} + name: {{ $global.Release.Name }}-{{ $global.Values.service.name }}-{{ $i }} + namespace: {{ $global.Release.Namespace }} labels: - app: {{ $root.Values.service.name }} - chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} - release: {{ $root.Release.Name }} - heritage: {{ $root.Release.Service }} + app: {{ $global.Values.service.name }} + chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }} + release: {{ $global.Release.Name }} + heritage: {{ $global.Release.Service }} spec: capacity: - storage: {{ $root.Values.persistence.size }} + storage: {{ $global.Values.persistence.size }} accessModes: - - {{ $root.Values.persistence.accessMode }} + - {{ $global.Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }} - persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }} + path: {{ $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }} + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} +{{ end }} {{ end }} {{ end }} - diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml index 50b047a906..17b87f8b09 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml @@ -86,6 +86,7 @@ spec: - "zookeeper-ready.sh 2181" initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end }} readinessProbe: exec: @@ -95,6 +96,7 @@ spec: - "zookeeper-ready.sh 2181" initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} env: - name: ZK_REPLICAS value: "{{ .Values.replicaCount }}" @@ -131,17 +133,10 @@ spec: spec: accessModes: - {{ .Values.persistence.accessMode | quote }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size | quote }} - selector: - matchLabels: - release: "{{ .Release.Name }}" - app: {{ .Values.service.name }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - heritage: "{{ .Release.Service }}" {{ end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" - - diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml index 734736d193..eeb77ba7fd 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml @@ -61,6 +61,7 @@ tolerations: {} liveness: initialDelaySeconds: 10 periodSeconds: 10 + timeoutSeconds: 1 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true @@ -68,6 +69,7 @@ liveness: readiness: initialDelaySeconds: 10 periodSeconds: 10 + timeoutSeconds: 1 #Zookeeper properties zk: diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index f7b51d1b9e..21524ef30c 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -60,15 +60,17 @@ spec: port: {{ .Values.service.externalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end -}} readinessProbe: tcpSocket: port: {{ .Values.service.externalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} env: - name: enableCadi - value: "true" + value: "{{ .Values.global.aafEnabled }}" volumeMounts: - mountPath: /etc/localtime name: localtime @@ -86,7 +88,7 @@ spec: subPath: mykey name: mykey resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} volumes: - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index 7561bc24a3..06c966997f 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -55,6 +55,7 @@ affinity: {} liveness: initialDelaySeconds: 70 periodSeconds: 10 + timeoutSeconds: 1 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true @@ -62,6 +63,7 @@ liveness: readiness: initialDelaySeconds: 70 periodSeconds: 10 + timeoutSeconds: 1 service: type: NodePort diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index 89c8baa1a4..4c0d8d584e 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -25,6 +25,8 @@ global: loggingImage: beats/filebeat:5.5.0 clientImage: onap/dmaap/dbc-client:1.0.9 repository: nexus3.onap.org:10001 + busyBoxImage: busybox:1.30 + busyBoxRepository: docker.io #Global DMaaP app config allow_http: true @@ -35,8 +37,15 @@ global: #dmaap-dr-prov server configuration dmaapDrProvName: dmaap-dr-prov - dmaapDrProvExtPort2: 8443 - dmaapDrProvExtPort: 8080 + dmaapDrProvExtPort2: 443 + dmaapDrProvExtPort: 80 + + #AAF global config overrides + aafEnabled: true + aafAgentImage: onap/aaf/aaf_agent:2.1.15 + aafAppNs: org.osaaf.aaf + aafLocatorContainer: oom + #Component overrides diff --git a/kubernetes/helm/plugins/deploy/deploy.sh b/kubernetes/helm/plugins/deploy/deploy.sh index 1622689386..3da189b908 100755 --- a/kubernetes/helm/plugins/deploy/deploy.sh +++ b/kubernetes/helm/plugins/deploy/deploy.sh @@ -140,13 +140,12 @@ deploy() { # actual upgrade/install of parent and subcharts. DEPLOY_FLAGS=$(resolve_deploy_flags "$FLAGS") - # determine if upgrading individual subchart or entire parent + subcharts + # determine if upgrading individual subchart or entire parent + subcharts SUBCHART_RELEASE="$(cut -d'-' -f2 <<<"$RELEASE")" - if [[ ! -d "$CACHE_SUBCHART_DIR/$SUBCHART_RELEASE" ]]; then + # update specified subchart without parent + RELEASE="$(cut -d'-' -f1 <<<"$RELEASE")" + if [[ $SUBCHART_RELEASE == $RELEASE ]]; then SUBCHART_RELEASE= - else - # update specified subchart without parent - RELEASE="$(cut -d'-' -f1 <<<"$RELEASE")" fi # clear previously cached charts diff --git a/kubernetes/log/charts/log-elasticsearch/templates/ingress.yaml b/kubernetes/log/charts/log-elasticsearch/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/log/charts/log-elasticsearch/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/log/charts/log-elasticsearch/templates/pv.yaml b/kubernetes/log/charts/log-elasticsearch/templates/pv.yaml index fd21cdfc1f..fdea287cbd 100644 --- a/kubernetes/log/charts/log-elasticsearch/templates/pv.yaml +++ b/kubernetes/log/charts/log-elasticsearch/templates/pv.yaml @@ -17,7 +17,7 @@ kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-data namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -31,6 +31,7 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} diff --git a/kubernetes/log/charts/log-elasticsearch/templates/pvc.yaml b/kubernetes/log/charts/log-elasticsearch/templates/pvc.yaml index abab145a8f..d2eddc227d 100644 --- a/kubernetes/log/charts/log-elasticsearch/templates/pvc.yaml +++ b/kubernetes/log/charts/log-elasticsearch/templates/pvc.yaml @@ -29,11 +29,9 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} diff --git a/kubernetes/log/charts/log-elasticsearch/values.yaml b/kubernetes/log/charts/log-elasticsearch/values.yaml index 9c3525aec8..d43a66afe1 100644 --- a/kubernetes/log/charts/log-elasticsearch/values.yaml +++ b/kubernetes/log/charts/log-elasticsearch/values.yaml @@ -75,7 +75,7 @@ persistence: ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 1Gi mountPath: /dockerdata-nfs mountSubPath: log/elasticsearch/data @@ -94,7 +94,12 @@ service: ingress: enabled: false - + service: + - baseaddr: "loges" + name: "log-es" + port: 9200 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) @@ -113,4 +118,4 @@ resources: requests: cpu: 1 memory: 4Gi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/log/charts/log-kibana/templates/ingress.yaml b/kubernetes/log/charts/log-kibana/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/log/charts/log-kibana/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/log/charts/log-kibana/values.yaml b/kubernetes/log/charts/log-kibana/values.yaml index 5132768206..d69ab8ef42 100644 --- a/kubernetes/log/charts/log-kibana/values.yaml +++ b/kubernetes/log/charts/log-kibana/values.yaml @@ -77,8 +77,15 @@ service: externalPort: 5601 internalPort: 5601 nodePort: 53 + ingress: enabled: false + service: + - baseaddr: "logkibana" + name: "log-kibana" + port: 5601 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/log/charts/log-logstash/templates/ingress.yaml b/kubernetes/log/charts/log-logstash/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/log/charts/log-logstash/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/log/charts/log-logstash/values.yaml b/kubernetes/log/charts/log-logstash/values.yaml index 246b812d42..a6e6c966ab 100644 --- a/kubernetes/log/charts/log-logstash/values.yaml +++ b/kubernetes/log/charts/log-logstash/values.yaml @@ -74,6 +74,15 @@ service: internalPort2: 9600 ingress: enabled: false + service: + - baseaddr: "logls" + name: "log-ls" + port: 5044 + - baseaddr: "loglshttp" + name: "log-ls" + port: 9600 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/modeling/charts/modeling-etsicatalog/templates/pv.yaml b/kubernetes/modeling/charts/modeling-etsicatalog/templates/pv.yaml index d1e1b04121..68696fbccd 100644 --- a/kubernetes/modeling/charts/modeling-etsicatalog/templates/pv.yaml +++ b/kubernetes/modeling/charts/modeling-etsicatalog/templates/pv.yaml @@ -14,6 +14,7 @@ # limitations under the License. */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -31,6 +32,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}}
\ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/modeling/charts/modeling-etsicatalog/templates/pvc.yaml b/kubernetes/modeling/charts/modeling-etsicatalog/templates/pvc.yaml index 74ba690fa6..d3d5d9e0a4 100644 --- a/kubernetes/modeling/charts/modeling-etsicatalog/templates/pvc.yaml +++ b/kubernetes/modeling/charts/modeling-etsicatalog/templates/pvc.yaml @@ -29,19 +29,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}}
\ No newline at end of file +{{- end -}} diff --git a/kubernetes/modeling/charts/modeling-etsicatalog/templates/service.yaml b/kubernetes/modeling/charts/modeling-etsicatalog/templates/service.yaml index 217e6af759..7f0a3ad15c 100644 --- a/kubernetes/modeling/charts/modeling-etsicatalog/templates/service.yaml +++ b/kubernetes/modeling/charts/modeling-etsicatalog/templates/service.yaml @@ -31,7 +31,7 @@ metadata: "protocol": "REST", "port": "{{.Values.service.externalPort}}", "visualRange":"1" - } + }, { "serviceName": "etsicatalog", "version": "v1", @@ -39,7 +39,7 @@ metadata: "protocol": "REST", "port": "{{.Values.service.externalPort}}", "visualRange":"1" - } + }, { "serviceName": "nsd", "version": "v1", @@ -47,7 +47,7 @@ metadata: "protocol": "REST", "port": "{{.Values.service.externalPort}}", "visualRange":"1" - } + }, { "serviceName": "vnfpkgm", "version": "v1", diff --git a/kubernetes/msb/charts/msb-consul/templates/ingress.yaml b/kubernetes/msb/charts/msb-consul/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/msb/charts/msb-consul/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/msb/charts/msb-consul/values.yaml b/kubernetes/msb/charts/msb-consul/values.yaml index 3cb5c74c14..d11649754f 100644 --- a/kubernetes/msb/charts/msb-consul/values.yaml +++ b/kubernetes/msb/charts/msb-consul/values.yaml @@ -49,7 +49,7 @@ readiness: periodSeconds: 10 service: - type: NodePort + type: ClusterIP name: msb-consul externalPort: 8500 internalPort: 8500 @@ -57,6 +57,12 @@ service: ingress: enabled: false + service: + - baseaddr: "msbconsul" + name: "msb-consul" + port: 8500 + config: + ssl: "none" flavor: small diff --git a/kubernetes/msb/charts/msb-discovery/templates/ingress.yaml b/kubernetes/msb/charts/msb-discovery/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/msb/charts/msb-discovery/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/msb/charts/msb-discovery/values.yaml b/kubernetes/msb/charts/msb-discovery/values.yaml index b47127865d..abb12775e8 100644 --- a/kubernetes/msb/charts/msb-discovery/values.yaml +++ b/kubernetes/msb/charts/msb-discovery/values.yaml @@ -51,7 +51,7 @@ readiness: periodSeconds: 10 service: - type: NodePort + type: ClusterIP name: msb-discovery externalPort: 10081 internalPort: 10081 @@ -59,6 +59,12 @@ service: ingress: enabled: false + service: + - baseaddr: "msbdiscovery" + name: "msb-discovery" + port: 10081 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/msb/charts/msb-eag/templates/ingress.yaml b/kubernetes/msb/charts/msb-eag/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/msb/charts/msb-eag/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/msb/charts/msb-eag/templates/service.yaml b/kubernetes/msb/charts/msb-eag/templates/service.yaml index 2055b21392..bc5e661c54 100644 --- a/kubernetes/msb/charts/msb-eag/templates/service.yaml +++ b/kubernetes/msb/charts/msb-eag/templates/service.yaml @@ -26,9 +26,6 @@ spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: http-{{ .Values.service.name }} - port: {{ .Values.service.externalPortHttps }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePortHttps }} name: https-{{ .Values.service.name }} diff --git a/kubernetes/msb/charts/msb-eag/values.yaml b/kubernetes/msb/charts/msb-eag/values.yaml index e25fa28685..535c135d25 100644 --- a/kubernetes/msb/charts/msb-eag/values.yaml +++ b/kubernetes/msb/charts/msb-eag/values.yaml @@ -56,13 +56,18 @@ service: name: msb-eag externalPort: 80 internalPort: 80 - nodePort: 82 externalPortHttps: 443 internalPortHttps: 443 nodePortHttps: 84 ingress: enabled: false + service: + - baseaddr: "msbeag" + name: "msb-eag" + port: 443 + config: + ssl: "redirect" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/msb/charts/msb-iag/templates/ingress.yaml b/kubernetes/msb/charts/msb-iag/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/msb/charts/msb-iag/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/msb/charts/msb-iag/templates/service.yaml b/kubernetes/msb/charts/msb-iag/templates/service.yaml index 2055b21392..bc5e661c54 100644 --- a/kubernetes/msb/charts/msb-iag/templates/service.yaml +++ b/kubernetes/msb/charts/msb-iag/templates/service.yaml @@ -26,9 +26,6 @@ spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: http-{{ .Values.service.name }} - port: {{ .Values.service.externalPortHttps }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePortHttps }} name: https-{{ .Values.service.name }} diff --git a/kubernetes/msb/charts/msb-iag/values.yaml b/kubernetes/msb/charts/msb-iag/values.yaml index 4aaeaeadc3..6d1f7ac3e6 100644 --- a/kubernetes/msb/charts/msb-iag/values.yaml +++ b/kubernetes/msb/charts/msb-iag/values.yaml @@ -63,6 +63,12 @@ service: ingress: enabled: false + service: + - baseaddr: "msbiag" + name: "msb-iag" + port: 443 + config: + ssl: "redirect" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/multicloud/charts/multicloud-fcaps/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-fcaps/resources/config/log/log.yml index dced27d69f..49e532065d 100644 --- a/kubernetes/multicloud/charts/multicloud-fcaps/resources/config/log/log.yml +++ b/kubernetes/multicloud/charts/multicloud-fcaps/resources/config/log/log.yml @@ -34,7 +34,7 @@ handlers: class: "logging.handlers.RotatingFileHandler" filename: "/var/log/onap/multicloud/openstack/fcaps/fcaps.log" formatter: "mdcFormat" - maxBytes: 1024*1024*50 + maxBytes: 52428800 backupCount: 10 formatters: diff --git a/kubernetes/multicloud/charts/multicloud-k8s/values.yaml b/kubernetes/multicloud/charts/multicloud-k8s/values.yaml index e7117d7e9f..3c7b1d3a65 100644 --- a/kubernetes/multicloud/charts/multicloud-k8s/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-k8s/values.yaml @@ -26,8 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image -repository: registry.hub.docker.com -image: onap/multicloud-k8s:0.5.0 +repository: nexus3.onap.org:10001 +image: onap/multicloud/k8s:0.5.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/multicloud/charts/multicloud-lenovo/Chart.yaml b/kubernetes/multicloud/charts/multicloud-lenovo/Chart.yaml deleted file mode 100644 index fc682be388..0000000000 --- a/kubernetes/multicloud/charts/multicloud-lenovo/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright (c) 2019 Lenovo -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP multicloud OpenStack Lenovo Plugin -name: multicloud-lenovo -version: 5.0.0 diff --git a/kubernetes/multicloud/charts/multicloud-lenovo/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-lenovo/resources/config/log/log.yml deleted file mode 100644 index 08a9348fd4..0000000000 --- a/kubernetes/multicloud/charts/multicloud-lenovo/resources/config/log/log.yml +++ /dev/null @@ -1,47 +0,0 @@ -# Copyright (c) 2019 Lenovo Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -version: 1 -disable_existing_loggers: False - -loggers: - thinkcloud: - handlers: [thinkcloud_handler] - level: "DEBUG" - propagate: False - newton_base: - handlers: [thinkcloud_handler] - level: "DEBUG" - propagate: False - common: - handlers: [thinkcloud_handler] - level: "DEBUG" - propagate: False - -handlers: - thinkcloud_handler: - level: "DEBUG" - class: "logging.handlers.RotatingFileHandler" - filename: "/var/log/onap/multicloud/openstack/lenovo/thinkcloud.log" - formatter: "mdcFormat" - maxBytes: 1024*1024*50 - backupCount: 10 - -formatters: - standard: - format: "%(asctime)s|||||%(name)s||%(thread)||%(funcName)s||%(levelname)s||%(message)s" - mdcFormat: - format: "%(asctime)s|||||%(name)s||%(thread)s||%(funcName)s||%(levelname)s||%(message)s||||%(mdc)s \t" - mdcfmt: "{requestID} {invocationID} {serviceName} {serviceIP}" - datefmt: "%Y-%m-%d %H:%M:%S" - (): onaplogging.mdcformatter.MDCFormatter diff --git a/kubernetes/multicloud/charts/multicloud-lenovo/templates/NOTES.txt b/kubernetes/multicloud/charts/multicloud-lenovo/templates/NOTES.txt deleted file mode 100644 index 7df04139e2..0000000000 --- a/kubernetes/multicloud/charts/multicloud-lenovo/templates/NOTES.txt +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright (c) 2019 Lenovo -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/multicloud/charts/multicloud-lenovo/templates/deployment.yaml b/kubernetes/multicloud/charts/multicloud-lenovo/templates/deployment.yaml deleted file mode 100644 index 3be4d7cef7..0000000000 --- a/kubernetes/multicloud/charts/multicloud-lenovo/templates/deployment.yaml +++ /dev/null @@ -1,110 +0,0 @@ -{{/* -# Copyright (c) 2019 Lenovo -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - name: {{ include "common.name" . }} - annotations: - sidecar.istio.io/inject: "{{.Values.istioSidecar}}" - spec: - containers: - - env: - - name: MSB_ADDR - value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}" - - name: MSB_PORT - value: "{{ .Values.config.msbPort }}" - - name: AAI_ADDR - value: aai.{{ include "common.namespace" . }} - - name: AAI_PORT - value: "{{ .Values.config.aai.port }}" - - name: AAI_SCHEMA_VERSION - value: "{{ .Values.config.aai.schemaVersion }}" - - name: AAI_USERNAME - value: "{{ .Values.config.aai.username }}" - - name: AAI_PASSWORD - value: "{{ .Values.config.aai.password }}" - name: {{ include "common.name" . }} - volumeMounts: - - mountPath: /var/log/onap - name: lenovo-log - - mountPath: /opt/lenovo/thinkcloud/pub/config/log.yml - name: lenovo-logconfig - subPath: log.yml - resources: -{{ include "common.resources" . | indent 12 }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{ if .Values.liveness.enabled }} - livenessProbe: - httpGet: - path: /api/multicloud-thinkcloud/v1/swagger.json - port: {{ .Values.service.internalPort }} - scheme: HTTP - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - successThreshold: {{ .Values.liveness.successThreshold }} - failureThreshold: {{ .Values.liveness.failureThreshold }} - {{ end }} - # side car containers - - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: filebeat-onap - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - name: filebeat-conf - subPath: filebeat.yml - - mountPath: /var/log/onap - name: lenovo-log - - mountPath: /usr/share/filebeat/data - name: lenovo-data-filebeat - - volumes: - - name: lenovo-log - emptyDir: {} - - name: lenovo-data-filebeat - emptyDir: {} - - name: filebeat-conf - configMap: - name: multicloud-filebeat-configmap - - name: lenovo-logconfig - configMap: - name: {{ include "common.fullname" . }}-log-configmap - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" - restartPolicy: Always diff --git a/kubernetes/multicloud/charts/multicloud-lenovo/values.yaml b/kubernetes/multicloud/charts/multicloud-lenovo/values.yaml deleted file mode 100644 index 953f35503a..0000000000 --- a/kubernetes/multicloud/charts/multicloud-lenovo/values.yaml +++ /dev/null @@ -1,87 +0,0 @@ -# Copyright (c) 2019 Lenovo -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 304 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-lenovo:1.3.4 -pullPolicy: Always - -#Istio sidecar injection policy -istioSidecar: true - -# application configuration -config: - msbgateway: msb-iag - msbPort: 80 - aai: - port: 8443 - schemaVersion: v13 - username: AAI - password: AAI - -service: - type: ClusterIP - name: multicloud-thinkcloud - portName: multicloud-thinkcloud - externalPort: 9010 - internalPort: 9010 - nodePort: 86 - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 5 - enabled: true - -ingress: - enabled: false - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 1 - memory: 4Gi - requests: - cpu: 10m - memory: 1Gi - large: - limits: - cpu: 2 - memory: 8Gi - requests: - cpu: 20m - memory: 2Gi - unlimited: {} diff --git a/kubernetes/multicloud/charts/multicloud-pike/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-pike/resources/config/log/log.yml index 935d9ca62e..8e40564093 100644 --- a/kubernetes/multicloud/charts/multicloud-pike/resources/config/log/log.yml +++ b/kubernetes/multicloud/charts/multicloud-pike/resources/config/log/log.yml @@ -34,7 +34,7 @@ handlers: class: "logging.handlers.RotatingFileHandler" filename: "/var/log/onap/multicloud/openstack/pike/pike.log" formatter: "mdcFormat" - maxBytes: 1024*1024*50 + maxBytes: 52428800 backupCount: 10 formatters: diff --git a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/templates/pv.yaml b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/templates/pv.yaml index 62203fb329..db801e0987 100644 --- a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/templates/pv.yaml +++ b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/templates/pv.yaml @@ -15,8 +15,8 @@ */}} {{- if .Values.global.alertmanager.enabled -}} - {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -34,8 +34,9 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} - -{{- end -}}
\ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/templates/pvc.yaml b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/templates/pvc.yaml index 8ea5faca82..f4e237c6f1 100644 --- a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/templates/pvc.yaml +++ b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/templates/pvc.yaml @@ -32,21 +32,12 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} -{{- end -}}
\ No newline at end of file +{{- end -}} diff --git a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/templates/pv.yaml b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/templates/pv.yaml index aa3a956c06..6cc1b938b8 100644 --- a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/templates/pv.yaml +++ b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/templates/pv.yaml @@ -15,8 +15,8 @@ */}} {{- if .Values.global.grafana.enabled -}} - {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -33,9 +33,10 @@ spec: storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-data" persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} - -{{- end -}}
\ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/templates/pvc.yaml b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/templates/pvc.yaml index 2900395d17..e629fc290a 100644 --- a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/templates/pvc.yaml +++ b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/templates/pvc.yaml @@ -32,21 +32,12 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} -{{- end -}}
\ No newline at end of file +{{- end -}} diff --git a/kubernetes/multicloud/charts/multicloud-prometheus/templates/pv.yaml b/kubernetes/multicloud/charts/multicloud-prometheus/templates/pv.yaml index 961b6bba63..6a75441843 100644 --- a/kubernetes/multicloud/charts/multicloud-prometheus/templates/pv.yaml +++ b/kubernetes/multicloud/charts/multicloud-prometheus/templates/pv.yaml @@ -15,8 +15,8 @@ */}} {{- if .Values.global.prometheus.enabled -}} - {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -33,9 +33,10 @@ spec: storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-data" persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} - -{{- end -}}
\ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/multicloud/charts/multicloud-prometheus/templates/pvc.yaml b/kubernetes/multicloud/charts/multicloud-prometheus/templates/pvc.yaml index 73fcc30ba6..4cc525a465 100644 --- a/kubernetes/multicloud/charts/multicloud-prometheus/templates/pvc.yaml +++ b/kubernetes/multicloud/charts/multicloud-prometheus/templates/pvc.yaml @@ -32,21 +32,12 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} -{{- end -}}
\ No newline at end of file +{{- end -}} diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/log.yml index 30445572d9..8ec5449266 100644 --- a/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/log.yml +++ b/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/log.yml @@ -34,7 +34,7 @@ handlers: class: "logging.handlers.RotatingFileHandler" filename: "/var/log/onap/multicloud/openstack/starlingx/starlingx.log" formatter: "mdcFormat" - maxBytes: 1024*1024*50 + maxBytes: 52428800 backupCount: 10 formatters: diff --git a/kubernetes/multicloud/charts/multicloud-windriver/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-windriver/resources/config/log/log.yml index e606d03ce3..7e1735df08 100644 --- a/kubernetes/multicloud/charts/multicloud-windriver/resources/config/log/log.yml +++ b/kubernetes/multicloud/charts/multicloud-windriver/resources/config/log/log.yml @@ -34,7 +34,7 @@ handlers: class: "logging.handlers.RotatingFileHandler" filename: "/var/log/onap/multicloud/openstack/windriver/titanium_cloud.log" formatter: "mdcFormat" - maxBytes: 1024*1024*50 + maxBytes: 52428800 backupCount: 10 formatters: diff --git a/kubernetes/multicloud/charts/multicloud-windriver/templates/pv.yaml b/kubernetes/multicloud/charts/multicloud-windriver/templates/pv.yaml index e2e326d34f..d7464b1a01 100644 --- a/kubernetes/multicloud/charts/multicloud-windriver/templates/pv.yaml +++ b/kubernetes/multicloud/charts/multicloud-windriver/templates/pv.yaml @@ -15,6 +15,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -32,6 +33,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} diff --git a/kubernetes/multicloud/charts/multicloud-windriver/templates/pvc.yaml b/kubernetes/multicloud/charts/multicloud-windriver/templates/pvc.yaml index 5bc04cdfd3..d138732565 100644 --- a/kubernetes/multicloud/charts/multicloud-windriver/templates/pvc.yaml +++ b/kubernetes/multicloud/charts/multicloud-windriver/templates/pvc.yaml @@ -30,11 +30,9 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} diff --git a/kubernetes/multicloud/values.yaml b/kubernetes/multicloud/values.yaml index 9fd0789e32..645b826efb 100644 --- a/kubernetes/multicloud/values.yaml +++ b/kubernetes/multicloud/values.yaml @@ -23,6 +23,7 @@ global: artifactImage: onap/multicloud/framework-artifactbroker:1.4.2 prometheus: enabled: false + persistence: {} ################################################################# # Application configuration defaults. diff --git a/kubernetes/nbi/charts/mariadb/requirements.yaml b/kubernetes/nbi/charts/mariadb/requirements.yaml deleted file mode 100644 index 56097c0af4..0000000000 --- a/kubernetes/nbi/charts/mariadb/requirements.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: common - version: ~5.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' diff --git a/kubernetes/nbi/charts/mariadb/templates/NOTES.txt b/kubernetes/nbi/charts/mariadb/templates/NOTES.txt deleted file mode 100644 index 4d3c96fcd9..0000000000 --- a/kubernetes/nbi/charts/mariadb/templates/NOTES.txt +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada , Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/nbi/charts/mariadb/templates/deployment.yaml b/kubernetes/nbi/charts/mariadb/templates/deployment.yaml deleted file mode 100644 index b432d0e431..0000000000 --- a/kubernetes/nbi/charts/mariadb/templates/deployment.yaml +++ /dev/null @@ -1,99 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - args: - - --lower-case-table-names=1 - - --wait_timeout=28800 - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: MYSQL_DATABASE - value: "{{ .Values.config.db.database }}" - - name: MYSQL_USER - value: "{{ .Values.config.db.user }}" - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-secret - key: db-user-password - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-secret - key: db-root-password - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /var/lib/mysql - name: mariadb-data - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: mariadb-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/nbi/charts/mariadb/templates/pvc.yaml b/kubernetes/nbi/charts/mariadb/templates/pvc.yaml deleted file mode 100644 index 19ea299872..0000000000 --- a/kubernetes/nbi/charts/mariadb/templates/pvc.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/kubernetes/nbi/charts/mariadb/templates/service.yaml b/kubernetes/nbi/charts/mariadb/templates/service.yaml deleted file mode 100644 index 99a7128f3e..0000000000 --- a/kubernetes/nbi/charts/mariadb/templates/service.yaml +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - clusterIP: None diff --git a/kubernetes/nbi/charts/mariadb/values.yaml b/kubernetes/nbi/charts/mariadb/values.yaml deleted file mode 100644 index 70fa143b9a..0000000000 --- a/kubernetes/nbi/charts/mariadb/values.yaml +++ /dev/null @@ -1,95 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - persistence: {} - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: mariadb:10.3.14 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -# Example: -config: - db: - user: nbi_user - password: nbi_user - root_password: change_me - database: maria -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -## Persist data to a persitent volume -persistence: - enabled: true - volumeReclaimPolicy: Retain - accessMode: ReadWriteOnce - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: mariadb/data - -service: - type: ClusterIP - name: policydb - portName: policydb - internalPort: 3306 - -ingress: - enabled: false - -# Resource Limit flavor -flavor: small -resources: - small: - limits: - cpu: 1 - memory: 500Mi - requests: - cpu: 10m - memory: 200Mi - large: - limits: - cpu: 1 - memory: 1Gi - requests: - cpu: 20m - memory: 400Mi - unlimited: {} diff --git a/kubernetes/nbi/requirements.yaml b/kubernetes/nbi/requirements.yaml index b440b1e30f..f0c4b8e374 100644 --- a/kubernetes/nbi/requirements.yaml +++ b/kubernetes/nbi/requirements.yaml @@ -23,4 +23,11 @@ dependencies: - name: mongo version: ~5.x-0 repository: '@local' - + - name: mariadb-galera + version: ~5.x-0 + repository: '@local' + condition: global.mariadbGalera.localCluster + - name: mariadb-init + version: ~5.x-0 + repository: '@local' + condition: not global.mariadbGalera.localCluster diff --git a/kubernetes/nbi/templates/deployment.yaml b/kubernetes/nbi/templates/deployment.yaml index 889e25e623..7f9220d98b 100644 --- a/kubernetes/nbi/templates/deployment.yaml +++ b/kubernetes/nbi/templates/deployment.yaml @@ -30,7 +30,7 @@ spec: labels: app: {{ include "common.name" . }} release: {{ .Release.Name }} - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }} spec: containers: - name: {{ include "common.name" . }} @@ -54,14 +54,14 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: SPRING_DATASOURCE_URL - value: jdbc:mariadb://{{ .Values.mariadb.service.name }}.{{ include "common.namespace" . }}:{{.Values.mariadb.service.internalPort }}/{{ .Values.mariadb.config.db.database }} + value: jdbc:mariadb://{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}/{{ index .Values "mariadb-galera" "config" "mysqlDatabase" }} - name: SPRING_DATASOURCE_USERNAME - value: {{ .Values.mariadb.config.db.user }} + value: {{ index .Values "mariadb-galera" "config" "userName" }} - name: SPRING_DATASOURCE_PASSWORD valueFrom: secretKeyRef: - name: {{ template "common.fullname" . }}-secret - key: db-user-password + name: {{ include "common.mariadbSecret" . }} + key: {{ include "common.mariadbSecretParam" . }} - name: SPRING_DATA_MONGODB_HOST value: {{ .Values.mongo.service.name }}.{{ include "common.namespace" . }} - name: SPRING_DATA_MONGODB_PORT @@ -77,7 +77,7 @@ spec: - name: NBI_URL value: "http://nbi.{{ include "common.namespace" . }}:8080/nbi/api/v4" - name: SDC_HOST - value: "http://sdc-be.{{ include "common.namespace" . }}:8080" + value: "https://sdc-be.{{ include "common.namespace" . }}:8443" - name: SDC_HEADER_ECOMPINSTANCEID value: {{ .Values.config.ecompInstanceId }} - name: SDC_HEADER_AUTHORIZATION @@ -93,7 +93,7 @@ spec: value: {{ .Values.so_authorization }} {{- end }} - name: DMAAP_HOST - value: "http://message-router.{{ include "common.namespace" . }}:3904" + value: "https://message-router.{{ include "common.namespace" . }}:3905" - name: LOGGING_LEVEL_ORG_ONAP_NBI value: {{ .Values.config.loglevel }} - name: MSB_ENABLED diff --git a/kubernetes/nbi/tests/deployment_test.yaml b/kubernetes/nbi/tests/deployment_test.yaml new file mode 100644 index 0000000000..7c8a1b0dbb --- /dev/null +++ b/kubernetes/nbi/tests/deployment_test.yaml @@ -0,0 +1,205 @@ +--- +suite: test deployment behavior +templates: + - deployment.yaml +tests: + - it: "should render with default values (global)" + asserts: + - isKind: + of: Deployment + - equal: + path: metadata.name + value: RELEASE-NAME-nbi + - equal: + path: metadata.namespace + value: NAMESPACE + - matchRegex: + path: metadata.labels.app + pattern: nbi + - matchRegex: + path: spec.template.metadata.labels.app + pattern: nbi + - equal: + path: spec.template.metadata.name + value: RELEASE-NAME-nbi + - equal: + path: spec.replicas + value: 1 + - isNull: + path: spec.template.spec.nodeSelector + - isNull: + path: spec.template.spec.affinity + + - it: "should render with default value (container)" + asserts: + - equal: + path: spec.template.spec.containers[0].name + value: nbi + - equal: + path: spec.template.spec.containers[0].image + value: nexus3.onap.org:10001/onap/externalapi/nbi:5.0.1 + - equal: + path: spec.template.spec.containers[0].imagePullPolicy + value: IfNotPresent + - contains: + path: spec.template.spec.containers[0].env + content: + name: SPRING_DATASOURCE_URL + value: jdbc:mariadb://mariadb-galera:3306/nbi + - contains: + path: spec.template.spec.containers[0].env + content: + name: SPRING_DATASOURCE_USERNAME + value: rene + - contains: + path: spec.template.spec.containers[0].env + content: + name: SPRING_DATASOURCE_PASSWORD + valueFrom: + secretKeyRef: + name: RELEASE-NAME-nbi-config + key: db-user-password + - contains: + path: spec.template.spec.containers[0].env + content: + name: SPRING_DATA_MONGODB_HOST + value: nbi-mongohost.NAMESPACE + - contains: + path: spec.template.spec.containers[0].env + content: + name: SPRING_DATA_MONGODB_PORT + value: "27017" + - contains: + path: spec.template.spec.containers[0].env + content: + name: SPRING_DATA_MONGODB_DATABASE + value: ServiceOrderDB + - contains: + path: spec.template.spec.containers[0].env + content: + name: ONAP_LCPCLOUDREGIONID + value: RegionOne + - contains: + path: spec.template.spec.containers[0].env + content: + name: ONAP_TENANTID + value: 31047205ce114b60833b23e400d6a535 + - contains: + path: spec.template.spec.containers[0].env + content: + name: ONAP_CLOUDOWNER + value: CloudOwner + - contains: + path: spec.template.spec.containers[0].env + content: + name: NBI_URL + value: http://nbi.NAMESPACE:8080/nbi/api/v4 + - contains: + path: spec.template.spec.containers[0].env + content: + name: SDC_HOST + value: https://sdc-be.NAMESPACE:8443 + - contains: + path: spec.template.spec.containers[0].env + content: + name: SDC_HEADER_ECOMPINSTANCEID + value: OOM + - contains: + path: spec.template.spec.containers[0].env + content: + name: SDC_HEADER_AUTHORIZATION + value: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU= + - contains: + path: spec.template.spec.containers[0].env + content: + name: AAI_HOST + value: https://aai.NAMESPACE:8443 + - contains: + path: spec.template.spec.containers[0].env + content: + name: AAI_HEADER_AUTHORIZATION + value: Basic QUFJOkFBSQ== + - contains: + path: spec.template.spec.containers[0].env + content: + name: SO_HOST + value: http://so.NAMESPACE:8080 + - contains: + path: spec.template.spec.containers[0].env + content: + name: DMAAP_HOST + value: http://message-router.NAMESPACE:3904 + - contains: + path: spec.template.spec.containers[0].env + content: + name: LOGGING_LEVEL_ORG_ONAP_NBI + value: INFO + - contains: + path: spec.template.spec.containers[0].env + content: + name: MSB_ENABLED + value: "true" + - contains: + path: spec.template.spec.containers[0].env + content: + name: MSB_DISCOVERY_HOST + value: msb-discovery.NAMESPACE + - contains: + path: spec.template.spec.containers[0].env + content: + name: MSB_DISCOVERY_PORT + value: "10081" + - equal: + path: spec.template.spec.containers[0].livenessProbe + value: + initialDelaySeconds: 180 + periodSeconds: 30 + tcpSocket: + port: 8080 + - equal: + path: spec.template.spec.containers[0].readinessProbe + value: + initialDelaySeconds: 185 + periodSeconds: 30 + tcpSocket: + port: 8080 + - contains: + path: spec.template.spec.containers[0].ports + content: + containerPort: 8080 + - equal: + path: spec.template.spec.containers[0].resources.limits.cpu + value: 1 + - equal: + path: spec.template.spec.containers[0].resources.limits.memory + value: 2Gi + - equal: + path: spec.template.spec.containers[0].resources.requests.cpu + value: 100m + - equal: + path: spec.template.spec.containers[0].resources.requests.memory + value: 1Gi + - it: "should render when deciding to use local cluster (container)" + set: + global: + mariadbGalera: + localCluster: true + asserts: + - contains: + path: spec.template.spec.containers[0].env + content: + name: SPRING_DATASOURCE_URL + value: jdbc:mariadb://nbi-galera:3306/nbi + - contains: + path: spec.template.spec.containers[0].env + content: + name: SPRING_DATASOURCE_USERNAME + value: rene + - contains: + path: spec.template.spec.containers[0].env + content: + name: SPRING_DATASOURCE_PASSWORD + valueFrom: + secretKeyRef: + name: RELEASE-NAME-nbi-nbi-galera + key: user-password diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index 494cf7372d..30f7d2d18e 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -19,9 +19,15 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:1.1.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + mariadbGalera: &mariadbGalera + #This flag allows SO to instantiate its own mariadb-galera cluster + localCluster: false + service: mariadb-galera + internalPort: 3306 + nameOverride: mariadb-galera subChartsOnly: enabled: true @@ -29,7 +35,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 image: onap/externalapi/nbi:5.0.1 -pullPolicy: Always +pullPolicy: IfNotPresent sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU= aai_authorization: Basic QUFJOkFBSQ== so_authorization: @@ -44,21 +50,27 @@ config: openStackRegion: RegionOne openStackVNFTenantId: 31047205ce114b60833b23e400d6a535 -mariadb: - nameOverride: nbi-mariadb +mariadb-galera: + # '&mariadbConfig' means we "store" the values for later use in the file + # with '*mariadbConfig' pointer. + config: &mariadbConfig + userName: rene + userPassword: lkjgklqsdareyhjujlnnbvfvdttuiukgpiokqbfsjdhfigquosegombvjfqhb + mariadbRootPassword: dhqjdshjdsguryebvcnbvcvdsqghyjqgktgjjfhjfghbfs + mysqlDatabase: nbi + nameOverride: nbi-galera service: - name: nbi-mariadbhost + name: nbi-galera + portName: nbi-galera internalPort: 3306 - config: - db: - database: nbi - user: rene - password: lkjgklqsdareyhjujlnnbvfvdttuiukgpiokqbfsjdhfigquosegombvjfqhb - root_password: dhqjdshjdsguryebvcnbvcvdsqghyjqgktgjjfhjfghbfs + replicaCount: 1 persistence: - mountSubPath: nbi/maria/data enabled: true - disableNfsProvisioner: true + mountSubPath: nbi/maria/data + +mariadb-init: + config: *mariadbConfig + nameOverride: nbi-config mongo: nameOverride: nbi-mongo diff --git a/kubernetes/onap/requirements.yaml b/kubernetes/onap/requirements.yaml index 8b186c01d6..314622f4c6 100755 --- a/kubernetes/onap/requirements.yaml +++ b/kubernetes/onap/requirements.yaml @@ -57,7 +57,7 @@ dependencies: repository: '@local' condition: contrib.enabled - name: dcaegen2 - version: ~5.x-0 + version: ~6.x-0 repository: '@local' condition: dcaegen2.enabled - name: dmaap @@ -92,10 +92,6 @@ dependencies: version: ~5.x-0 repository: '@local' condition: nbi.enabled - - name: nfs-provisioner - version: ~5.x-0 - repository: '@local' - condition: nfs-provisioner.enabled - name: pnda version: ~5.x-0 repository: '@local' diff --git a/kubernetes/onap/resources/environments/minimal-onap.yaml b/kubernetes/onap/resources/environments/minimal-onap.yaml index 989174c1c4..336e93788c 100644 --- a/kubernetes/onap/resources/environments/minimal-onap.yaml +++ b/kubernetes/onap/resources/environments/minimal-onap.yaml @@ -13,10 +13,10 @@ # limitations under the License. -# This override file is used to deploy a minmal configuration to -# to onboard and deploy a VNF. +# This override file is used to deploy a minimal configuration to +# onboard and deploy a VNF. # It includes the following components: -# A&AI, DMAAP, Portal, Robot, SDC, SDNC, SO, VID +# A&AI, Cassandra, DMAAP, Portal, Robot, SDC, SDNC, SO, VID # # Minimal resources are also reviewed for the various containers # A&AI: no override => to be fixed @@ -52,7 +52,7 @@ aaf: appc: enabled: false cassandra: - enabled: false + enabled: true replicaCount: 1 clamp: enabled: false diff --git a/kubernetes/onap/resources/environments/public-cloud.yaml b/kubernetes/onap/resources/environments/public-cloud.yaml index 2d4360c579..3062e4e3fa 100644 --- a/kubernetes/onap/resources/environments/public-cloud.yaml +++ b/kubernetes/onap/resources/environments/public-cloud.yaml @@ -95,11 +95,24 @@ portal: readiness: initialDelaySeconds: 60 sdc: + sdc-fe: + liveness: + initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 + readiness: + initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 sdc-be: liveness: initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 readiness: initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 sdc-cs: liveness: initialDelaySeconds: 120 @@ -107,14 +120,18 @@ sdc: initialDelaySeconds: 120 sdc-es: liveness: - initialDelaySeconds: 60 + initialDelaySeconds: 120 readiness: initialDelaySeconds: 120 sdc-onboarding-be: liveness: initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 readiness: initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 sdnc: liveness: initialDelaySeconds: 60 diff --git a/kubernetes/onap/resources/overrides/environment.yaml b/kubernetes/onap/resources/overrides/environment.yaml index 75ce8e529b..2788e244e2 100644 --- a/kubernetes/onap/resources/overrides/environment.yaml +++ b/kubernetes/onap/resources/overrides/environment.yaml @@ -157,11 +157,24 @@ portal: readiness: periodSeconds: 60 sdc: + sdc-fe: + liveness: + initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 + readiness: + initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 sdc-be: liveness: initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 readiness: initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 sdc-cs: liveness: initialDelaySeconds: 120 @@ -177,8 +190,12 @@ sdc: sdc-onboarding-be: liveness: initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 readiness: initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 sdnc: liveness: initialDelaySeconds: 60 diff --git a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx.yaml b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml index 7ef1e02714..291a0321f7 100644 --- a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx.yaml +++ b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml @@ -68,16 +68,14 @@ sdnc: enabled: true so: enabled: true + ingress: + enabled: true so-monitoring: + ingress: + enabled: true + so-vnfm-adapter: + ingress: enabled: true - ingress: - enabled: true - service: - - path: "/so-monitoring" - name: "so-monitoring" - port: 9091 - annotations: - nginx.ingress.kubernetes.io/ssl-redirect: "false" uui: enabled: true vfc: @@ -85,15 +83,11 @@ vfc: vid: enabled: true ingress: - enabled: true - service: - - path: "/vid" - name: "vid-http" - port: 8080 - annotations: - nginx.ingress.kubernetes.io/ssl-redirect: "false" + enabled: true vnfsdk: enabled: true -nginx-ingress: - enabled: true +#ingress virtualhost based configuration +global: + ingress: + enabled: true diff --git a/kubernetes/onap/resources/overrides/onap-vfw.yaml b/kubernetes/onap/resources/overrides/onap-vfw.yaml index 323961fba3..a0602eb498 100644 --- a/kubernetes/onap/resources/overrides/onap-vfw.yaml +++ b/kubernetes/onap/resources/overrides/onap-vfw.yaml @@ -52,4 +52,6 @@ sdc: sdnc: enabled: true so: - enabled: true
\ No newline at end of file + enabled: true +vid: + enabled: true diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 672ae2ef9e..5344a423f3 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -57,6 +57,12 @@ global: # flag to enable debugging - application support required debugEnabled: false + #Global ingress configuration + ingress: + enabled: false + virtualhost: + enabled: true + baseurl: "simpledemo.onap.org" ################################################################# # Enable/disable and configure helm charts (ie. applications) # to customize the ONAP deployment. @@ -113,8 +119,6 @@ nbi: # openstack configuration openStackRegion: "Yolo" openStackVNFTenantId: "1234" -nfs-provisioner: - enabled: false policy: enabled: false pomba: @@ -169,4 +173,4 @@ vid: vnfsdk: enabled: false modeling: - enabled: false + enabled: false
\ No newline at end of file diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties index 6b72dd4360..32636f4b2e 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties @@ -53,6 +53,11 @@ cmso.minizinc.command.mzn=scripts/minizinc/generic_attributes.mzn mechid.user=oof@oof.onap.org mechid.pass=enc:vfxQdJ1mgdcI7S6SPrzNaw== +aaf.urls=https://aaf-locate:8095 +aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties +aaf.enabled=true +aaf.namespace=org.onap.oof + cadi_loglevel=DEBUG cadi_prop_files=/share/etc/certs/org.onap.oof.props aaf.user.roles=/share/etc/certs/AAFUserRoles.properties
\ No newline at end of file diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml index 096332ba23..af56717fdc 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml @@ -25,12 +25,12 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/optf-cmso-optimizer:2.0.0 +image: onap/optf-cmso-optimizer:2.1.1 pullPolicy: Always #init container image dbinit: - image: onap/optf-cmso-dbinit:2.0.0 + image: onap/optf-cmso-dbinit:2.1.1 # flag to enable debugging - application support required debugEnabled: false @@ -54,7 +54,7 @@ liveness: enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 120 periodSeconds: 10 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties index c6c93eda9c..68b36886e0 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties @@ -102,6 +102,11 @@ mechid.pass=enc:vfxQdJ1mgdcI7S6SPrzNaw== cmso.dispatch.url=http://localhost:8089 +aaf.urls=https://aaf-locate:8095 +aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties +aaf.enabled=true +aaf.namespace=org.onap.oof + cadi_loglevel=DEBUG cadi_prop_files=/share/etc/certs/org.onap.oof.props aaf.user.roles=/share/etc/certs/AAFUserRoles.properties diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/mock.py b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/mock.py deleted file mode 100644 index b678a4e8d4..0000000000 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/mock.py +++ /dev/null @@ -1,83 +0,0 @@ - # ------------------------------------------------------------------------- - # Copyright (c) 2019 AT&T Intellectual Property - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - # - # ------------------------------------------------------------------------- - # - -from flask import Flask -from flask import request -from flask import Response -from flask import json -from flask import send_from_directory -import requests -from threading import Thread -import time - -import os -import fnmatch -import re -import time -import datetime - -app = Flask(__name__) -ROOT_MOCK_DIR = os.path.dirname(os.path.abspath(__file__)) -DATA_DIR = os.path.join(ROOT_MOCK_DIR, "data") -global requestNum -requestNum = 1 - -######################################################################## -######################################################################## -@app.route('/onap/so/infra/orchestrationRequests/v7/schedule/<VNFNAME>', methods=['GET', 'POST']) -def soSchedule(VNFNAME): - if request.method == 'POST': - testid = request.headers.environ["HTTP_X_TRANSACTIONID"] - response = { - "status" : "202", - "entity" : { - "requestReferences" : { - "requestId" : "000001" - } - } - } - resp = Response(json.dumps(response), 200, mimetype='application/json') - return resp - - - else : - return "Helloooooo!!!!" - -######################################################################## -######################################################################## -@app.route('/onap/so/infra/orchestrationRequests/v7/<REQUESTID>', methods=['GET']) -def soStatus(REQUESTID): - response = {"request" : { "requestStatus" : { - "requestState" : "COMPLETE", - "statusMessage" : "Done.", - "percentProgress" : 100, - "finishTime" : "" - }}} - now = datetime.datetime.utcnow() - #response["finishTime"] = now.strftime("%Y-%m-%dT%H:%M:%SZ") - response["request"]["requestStatus"]["finishTime"] = now.strftime("%a, %d %b %Y %H:%M:%S GMT") - resp = Response(json.dumps(response), 200, mimetype='application/json') - - return resp - -######################################################################## -######################################################################## -if __name__ == "__main__": - app.run(host= '0.0.0.0',port=5000) - #app.run() - diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/msosimulator.sh b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/msosimulator.sh deleted file mode 100644 index c87a26bb7a..0000000000 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/msosimulator.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh -pip install flask -pip install requests -python /share/etc/config/mock.py diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml index b26f6dd6c0..1b17ed2ae4 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml @@ -84,16 +84,11 @@ spec: resources: {{ include "common.resources" . }} - name: mso-simulator - image: "{{ .Values.global.pythonRepository }}/{{ .Values.global.pythonImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.robotimage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - name: {{ include "common.fullname" . }}-config mountPath: /share/etc/config - command: - - /bin/sh - args: - - -x - - /share/etc/config/msosimulator.sh ports: - containerPort: 5000 resources: @@ -179,10 +174,6 @@ spec: path: ticketmgt.properties - key: liquibase.properties path: liquibase.properties - - key: mock.py - path: mock.py - - key: msosimulator.sh - path: msosimulator.sh - name: {{ include "common.fullname" . }}-logs emptyDir: {} - name: {{ include "common.fullname" . }}-filebeat diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml index 3dad361b4a..85f6094615 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml @@ -19,20 +19,19 @@ global: # global defaults nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - pythonRepository: library - pythonImage: python:3.6-alpine subChartsOnly: enabled: true # application image repository: nexus3.onap.org:10001 -image: onap/optf-cmso-service:2.0.0 +image: onap/optf-cmso-service:2.1.1 +robotimage: onap/optf-cmso-robot:2.1.1 pullPolicy: Always #init container image dbinit: - image: onap/optf-cmso-dbinit:2.0.0 + image: onap/optf-cmso-dbinit:2.1.1 # flag to enable debugging - application support required debugEnabled: false @@ -56,7 +55,7 @@ liveness: enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 120 periodSeconds: 10 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties index d687ab376d..e8fb5b6b4f 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties @@ -30,4 +30,9 @@ #------------------------------------------------------------------------------- cadi_loglevel=DEBUG cadi_prop_files=/share/etc/certs/org.onap.oof.props -aaf.user.roles=/share/etc/certs/AAFUserRoles.properties
\ No newline at end of file +aaf.user.roles=/share/etc/certs/AAFUserRoles.properties + +aaf.urls=https://aaf-locate:8095 +aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties +aaf.enabled=true +aaf.namespace=org.onap.oof
\ No newline at end of file diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml index 7d093c1000..300a72cbae 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml @@ -26,7 +26,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/optf-cmso-ticketmgt:2.0.0 +image: onap/optf-cmso-ticketmgt:2.1.1 pullPolicy: Always @@ -52,7 +52,7 @@ liveness: enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 120 periodSeconds: 10 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties index d687ab376d..e8fb5b6b4f 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties @@ -30,4 +30,9 @@ #------------------------------------------------------------------------------- cadi_loglevel=DEBUG cadi_prop_files=/share/etc/certs/org.onap.oof.props -aaf.user.roles=/share/etc/certs/AAFUserRoles.properties
\ No newline at end of file +aaf.user.roles=/share/etc/certs/AAFUserRoles.properties + +aaf.urls=https://aaf-locate:8095 +aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties +aaf.enabled=true +aaf.namespace=org.onap.oof
\ No newline at end of file diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml index dc8040efaa..c8ac5d7880 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml @@ -25,7 +25,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/optf-cmso-topology:2.0.0 +image: onap/optf-cmso-topology:2.1.1 pullPolicy: Always @@ -51,7 +51,7 @@ liveness: enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 120 periodSeconds: 10 diff --git a/kubernetes/oof/templates/ingress.yaml b/kubernetes/oof/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/oof/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/oof/values.yaml b/kubernetes/oof/values.yaml index a9b2b2a9c5..e540aa096a 100644 --- a/kubernetes/oof/values.yaml +++ b/kubernetes/oof/values.yaml @@ -21,6 +21,7 @@ global: readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + persistence: {} ################################################################# # Application configuration defaults. ################################################################# @@ -151,3 +152,9 @@ service: nodePort: 48 ingress: enabled: false + service: + - baseaddr: "oofosdf" + name: "oof-osdf" + port: 8698 + config: + ssl: "none"
\ No newline at end of file diff --git a/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/job.yaml b/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/job.yaml index a98761ffc6..1106f1310b 100644 --- a/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/job.yaml +++ b/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/job.yaml @@ -79,16 +79,9 @@ spec: configMap: name: {{ include "common.fullname" . }}-secrets - name: {{ include "common.fullname" . }}-logs - persitentVolumeClaim: - claimName: {{ include "common.fullname" . }}-logs - volumeClaimTemplates: - - metadata: - name: {{ include "common.fullname" . }}-logs - labels: - name: {{ include "common.fullname" . }} - spec: - accessModes: [ {{ .Values.persistence.accessMode }} ] - storageClassName: manual - resources: - requests: - storage: {{ .Values.persistence.size }} + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} diff --git a/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/pv.yaml b/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/pv.yaml index bf2d40bc65..0d20b9687e 100644 --- a/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/pv.yaml +++ b/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/pv.yaml @@ -19,7 +19,7 @@ kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }}-logs + name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -34,7 +34,7 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}0 - + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pvc.yaml b/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/pvc.yaml index e6aacd1b96..4b93a0ed76 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pvc.yaml +++ b/kubernetes/pnda/charts/dcae-pnda-bootstrap/templates/pvc.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright 2018 Intel Corporation, Inc +# Copyright © 2019 Amdocs, Bell Canada, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,7 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} kind: PersistentVolumeClaim apiVersion: v1 @@ -30,19 +29,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} diff --git a/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf index 01c79be6e3..0989a02e2e 100644 --- a/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf +++ b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf @@ -63,5 +63,5 @@ BRMS_UEB_API_KEY= BRMS_UEB_API_SECRET= #Dependency.json file version -BRMS_DEPENDENCY_VERSION=1.4.2 -BRMS_MODELS_DEPENDENCY_VERSION=2.0.2 +BRMS_DEPENDENCY_VERSION=1.5.3 +BRMS_MODELS_DEPENDENCY_VERSION=2.1.4 diff --git a/kubernetes/policy/charts/brmsgw/values.yaml b/kubernetes/policy/charts/brmsgw/values.yaml index ef817f0be6..03b3a3c2af 100644 --- a/kubernetes/policy/charts/brmsgw/values.yaml +++ b/kubernetes/policy/charts/brmsgw/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 ################################################################# # Application configuration defaults. diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/pv.yaml b/kubernetes/policy/charts/drools/charts/nexus/templates/pv.yaml index bf372b3744..f45e9d4b58 100644 --- a/kubernetes/policy/charts/drools/charts/nexus/templates/pv.yaml +++ b/kubernetes/policy/charts/drools/charts/nexus/templates/pv.yaml @@ -16,6 +16,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -33,6 +34,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/pvc.yaml b/kubernetes/policy/charts/drools/charts/nexus/templates/pvc.yaml index 1deed4e92a..a082319789 100644 --- a/kubernetes/policy/charts/drools/charts/nexus/templates/pvc.yaml +++ b/kubernetes/policy/charts/drools/charts/nexus/templates/pvc.yaml @@ -31,19 +31,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} diff --git a/kubernetes/policy/charts/drools/charts/nexus/values.yaml b/kubernetes/policy/charts/drools/charts/nexus/values.yaml index 2f80892ab2..2024bca973 100644 --- a/kubernetes/policy/charts/drools/charts/nexus/values.yaml +++ b/kubernetes/policy/charts/drools/charts/nexus/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 ubuntuInitRepository: oomk8s ubuntuInitImage: ubuntu-init:1.0.0 persistence: {} diff --git a/kubernetes/policy/charts/drools/resources/configmaps/base.conf b/kubernetes/policy/charts/drools/resources/configmaps/base.conf index ba39b0b5ad..0b982fd7d0 100644 --- a/kubernetes/policy/charts/drools/resources/configmaps/base.conf +++ b/kubernetes/policy/charts/drools/resources/configmaps/base.conf @@ -17,7 +17,7 @@ JVM_OPTIONS={{.Values.server.jvmOpts}} -# SYSTEM software configuration +# SYSTEM software configuration POLICY_HOME=/opt/app/policy POLICY_LOGS=/var/log/onap/policy/pdpd @@ -35,9 +35,9 @@ SNAPSHOT_REPOSITORY_URL=http://{{.Values.global.nexus.nameOverride}}:{{.Values.n RELEASE_REPOSITORY_ID=policy-nexus-releases RELEASE_REPOSITORY_URL=http://{{.Values.global.nexus.nameOverride}}:{{.Values.nexus.port}}/nexus/content/repositories/releases/ -# Relational (SQL) DB access +# Relational (SQL) DB access -SQL_HOST={{.Values.global.mariadb.nameOverride}} +SQL_HOST={{ .Values.global.mariadb.service.name }} # AAF @@ -57,6 +57,10 @@ PDPD_CONFIGURATION_PARTITION_KEY= POLICY_PDP_PAP_TOPIC=POLICY-PDP-PAP +# Symmetric Key for encoded sensitive data + +SYMM_KEY= + # PAP PAP_HOST=policy-pap @@ -90,3 +94,8 @@ VFC_URL= # SDNC SDNC_URL=http://sdnc.{{.Release.Namespace}}:8282/restconf/operations + +# CDS + +CDS_GRPC_HOST={{.Values.cds.grpc.svcName}} +CDS_GRPC_PORT={{.Values.cds.grpc.svcPort}} diff --git a/kubernetes/policy/charts/drools/resources/secrets/credentials.conf b/kubernetes/policy/charts/drools/resources/secrets/credentials.conf index 36d3c3b376..57269c18af 100644 --- a/kubernetes/policy/charts/drools/resources/secrets/credentials.conf +++ b/kubernetes/policy/charts/drools/resources/secrets/credentials.conf @@ -54,3 +54,6 @@ SDNC_PASSWORD={{.Values.sdnc.password}} HEALTHCHECK_USER={{.Values.telemetry.user}} HEALTHCHECK_PASSWORD={{.Values.telemetry.password}} + +CDS_GRPC_USERNAME={{.Values.cds.grpc.user}} +CDS_GRPC_PASSWORD={{.Values.cds.grpc.password}} diff --git a/kubernetes/policy/charts/drools/templates/configmap.yaml b/kubernetes/policy/charts/drools/templates/configmap.yaml index 7daf473db2..9a92ad9769 100644 --- a/kubernetes/policy/charts/drools/templates/configmap.yaml +++ b/kubernetes/policy/charts/drools/templates/configmap.yaml @@ -18,5 +18,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} +{{- with .Files.Glob "resources/configmaps/*{.zip,store}" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} data: -{{ tpl (.Files.Glob "resources/configmaps/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/configmaps/*.{conf,sh,properties,xml,keyfile}").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/drools/templates/statefulset.yaml b/kubernetes/policy/charts/drools/templates/statefulset.yaml index bb21ae14aa..9f9ca355c3 100644 --- a/kubernetes/policy/charts/drools/templates/statefulset.yaml +++ b/kubernetes/policy/charts/drools/templates/statefulset.yaml @@ -40,7 +40,7 @@ spec: - /root/ready.py args: - --container-name - - {{ .Values.global.mariadb.nameOverride }} + - {{ .Release.Name }}-galera-config - --container-name - {{ .Values.global.nexus.nameOverride }} env: diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml index 88e664d22b..fbb4211920 100644 --- a/kubernetes/policy/charts/drools/values.yaml +++ b/kubernetes/policy/charts/drools/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 ubuntuImage: ubuntu:16.04 @@ -29,7 +29,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pdpd-cl:1.5.2 +image: onap/policy-pdpd-cl:1.5.3 pullPolicy: Always # flag to enable debugging - application support required @@ -127,6 +127,13 @@ dmaap: key: password: +cds: + grpc: + user: ccsdkapps + password: ccsdkapps + svcName: cds-blueprints-processor-grpc + svcPort: 9111 + # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) diff --git a/kubernetes/policy/charts/mariadb/Chart.yaml b/kubernetes/policy/charts/mariadb/Chart.yaml deleted file mode 100644 index 59bd592fdd..0000000000 --- a/kubernetes/policy/charts/mariadb/Chart.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP Policy MariaDB Service -name: mariadb -version: 5.0.0 diff --git a/kubernetes/policy/charts/mariadb/requirements.yaml b/kubernetes/policy/charts/mariadb/requirements.yaml deleted file mode 100644 index 05d49a8d7b..0000000000 --- a/kubernetes/policy/charts/mariadb/requirements.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: common - version: ~5.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' diff --git a/kubernetes/policy/charts/mariadb/templates/NOTES.txt b/kubernetes/policy/charts/mariadb/templates/NOTES.txt deleted file mode 100644 index 5d0107eb99..0000000000 --- a/kubernetes/policy/charts/mariadb/templates/NOTES.txt +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/policy/charts/mariadb/templates/configmap.yaml b/kubernetes/policy/charts/mariadb/templates/configmap.yaml deleted file mode 100644 index 87dc6d3fbb..0000000000 --- a/kubernetes/policy/charts/mariadb/templates/configmap.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-configmap - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/db.sh").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/mariadb/templates/deployment.yaml b/kubernetes/policy/charts/mariadb/templates/deployment.yaml deleted file mode 100644 index c64fb9ab0f..0000000000 --- a/kubernetes/policy/charts/mariadb/templates/deployment.yaml +++ /dev/null @@ -1,104 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - args: - - --lower-case-table-names=1 - - --wait_timeout=28800 - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-secret - key: db-root-password - - name: MYSQL_USER - value: policy_user - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-secret - key: db-user-password - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /docker-entrypoint-initdb.d - name: mariadb-conf - - mountPath: /var/lib/mysql - name: mariadb-data - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: mariadb-conf - configMap: - name: {{ include "common.fullname" . }}-configmap - defaultMode: 0755 - - name: mariadb-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/mariadb/templates/service.yaml b/kubernetes/policy/charts/mariadb/templates/service.yaml deleted file mode 100644 index 9d5d13ab04..0000000000 --- a/kubernetes/policy/charts/mariadb/templates/service.yaml +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018-2019 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - ports: - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} diff --git a/kubernetes/policy/charts/mariadb/values.yaml b/kubernetes/policy/charts/mariadb/values.yaml deleted file mode 100644 index 9b7102dbeb..0000000000 --- a/kubernetes/policy/charts/mariadb/values.yaml +++ /dev/null @@ -1,96 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018-2019 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - persistence: {} - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: mariadb:10.2.25 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -# Example: -config: - mysqlRootPassword: secret - mysqlUserName: policy_user - mysqlPassword: policy_user -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 120 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 120 - periodSeconds: 10 - -## Persist data to a persitent volume -persistence: - enabled: true - volumeReclaimPolicy: Retain - accessMode: ReadWriteOnce - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: mariadb/data - -service: - type: ClusterIP - name: policydb - portName: policydb - externalPort: 3306 - internalPort: 3306 - -ingress: - enabled: false - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 1 - memory: 2Gi - requests: - cpu: 10m - memory: 0.5Gi - large: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 20m - memory: 1Gi - unlimited: {} diff --git a/kubernetes/policy/charts/pdp/values.yaml b/kubernetes/policy/charts/pdp/values.yaml index 20f4614b07..af5bb9e383 100644 --- a/kubernetes/policy/charts/pdp/values.yaml +++ b/kubernetes/policy/charts/pdp/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 diff --git a/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml b/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml index 937a5b4afd..23fd1b56d0 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml +++ b/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml @@ -1,5 +1,6 @@ # ============LICENSE_START======================================================= # Copyright (C) 2018 Ericsson. All rights reserved. +# Modifications Copyright (C) 2020 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,5 +22,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} +{{- with .Files.Glob "resources/config/*store" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*.{json,xml}").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-api/resources/config/config.json b/kubernetes/policy/charts/policy-api/resources/config/config.json index 397f850095..8952ae86d8 100644 --- a/kubernetes/policy/charts/policy-api/resources/config/config.json +++ b/kubernetes/policy/charts/policy-api/resources/config/config.json @@ -29,9 +29,9 @@ "name": "PolicyProviderParameterGroup", "implementation": "org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl", "databaseDriver": "org.mariadb.jdbc.Driver", - "databaseUrl": "jdbc:mariadb://{{.Values.global.mariadb.nameOverride}}:3306/policyadmin", - "databaseUser": "policy_user", - "databasePassword": "cG9saWN5X3VzZXI=", + "databaseUrl": "jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/policyadmin", + "databaseUser": "{{ .Values.global.mariadb.config.userName }}", + "databasePassword": "{{ .Values.global.mariadb.config.userPassword | b64enc }}", "persistenceUnit": "PolicyMariaDb" } } diff --git a/kubernetes/policy/charts/policy-api/templates/configmap.yaml b/kubernetes/policy/charts/policy-api/templates/configmap.yaml index d90b0c93dc..e2a3de7756 100644 --- a/kubernetes/policy/charts/policy-api/templates/configmap.yaml +++ b/kubernetes/policy/charts/policy-api/templates/configmap.yaml @@ -1,5 +1,6 @@ # ============LICENSE_START======================================================= # Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright (C) 2020 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,5 +22,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} +{{- with .Files.Glob "resources/config/*store" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} data: -{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*.{json,xml}").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-api/templates/deployment.yaml b/kubernetes/policy/charts/policy-api/templates/deployment.yaml index b79c6bf9c7..505ba891c9 100644 --- a/kubernetes/policy/charts/policy-api/templates/deployment.yaml +++ b/kubernetes/policy/charts/policy-api/templates/deployment.yaml @@ -21,7 +21,7 @@ spec: - /root/ready.py args: - --container-name - - {{ .Values.global.mariadb.nameOverride }} + - {{ .Release.Name }}-galera-config env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf index 44e754b90b..571104491e 100644 --- a/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf +++ b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf @@ -19,10 +19,10 @@ KEYSTORE_PASSWD=Pol1cy_0nap TRUSTSTORE_PASSWD=Pol1cy_0nap JDBC_DRIVER=org.mariadb.jdbc.Driver -JDBC_URL=jdbc:mariadb://{{ .Values.global.mariadb.nameOverride }}:{{.Values.config.mariadbPort}}/onap_sdk?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30 -JDBC_LOG_URL=jdbc:mariadb://{{ .Values.global.mariadb.nameOverride }}:{{.Values.config.mariadbPort}}/log?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30 -JDBC_USER=policy_user -JDBC_PASSWORD=policy_user +JDBC_URL=jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/onap_sdk?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30 +JDBC_LOG_URL=jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/log?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30 +JDBC_USER={{ .Values.global.mariadb.config.userName }} +JDBC_PASSWORD={{ .Values.global.mariadb.config.userPassword }} site_name=site_1 fp_monitor_interval=30 diff --git a/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh b/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh index fc27782a2d..052b6f2c2f 100644 --- a/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh +++ b/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh @@ -42,7 +42,7 @@ if [[ -f /opt/app/policy/etc/build.info ]]; then echo "Found existing installation, will not reinstall" . /opt/app/policy/etc/profile.d/env.sh -else +else if [[ -d config ]]; then cp config/*.conf . fi @@ -80,7 +80,7 @@ else # (which does nothing if the db is already up-to-date) dbuser=$(echo $(grep '^JDBC_USER=' base.conf | cut -f2 -d=)) dbpw=$(echo $(grep '^JDBC_PASSWORD=' base.conf | cut -f2 -d=)) - db_upgrade_remote.sh $dbuser $dbpw {{.Values.global.mariadb.nameOverride}} + db_upgrade_remote.sh $dbuser $dbpw {{.Values.global.mariadb.service.name}} fi fi diff --git a/kubernetes/policy/charts/policy-common/values.yaml b/kubernetes/policy/charts/policy-common/values.yaml index a098560269..57eacc56f0 100644 --- a/kubernetes/policy/charts/policy-common/values.yaml +++ b/kubernetes/policy/charts/policy-common/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -30,7 +30,6 @@ debugEnabled: false config: logstashServiceName: log-ls logstashPort: 5044 - mariadbPort: 3306 # default number of instances replicaCount: 1 diff --git a/kubernetes/policy/charts/policy-distribution/templates/configmap.yaml b/kubernetes/policy/charts/policy-distribution/templates/configmap.yaml index 318ad34491..23fd1b56d0 100644 --- a/kubernetes/policy/charts/policy-distribution/templates/configmap.yaml +++ b/kubernetes/policy/charts/policy-distribution/templates/configmap.yaml @@ -1,5 +1,6 @@ # ============LICENSE_START======================================================= # Copyright (C) 2018 Ericsson. All rights reserved. +# Modifications Copyright (C) 2020 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,6 +22,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} +{{- with .Files.Glob "resources/config/*store" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} data: -{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }} - +{{ tpl (.Files.Glob "resources/config/*.{json,xml}").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-pap/resources/config/config.json b/kubernetes/policy/charts/policy-pap/resources/config/config.json index 3f33ed95a0..48065aeb4b 100644 --- a/kubernetes/policy/charts/policy-pap/resources/config/config.json +++ b/kubernetes/policy/charts/policy-pap/resources/config/config.json @@ -40,9 +40,9 @@ "name": "PolicyProviderParameterGroup", "implementation": "org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl", "databaseDriver": "org.mariadb.jdbc.Driver", - "databaseUrl": "jdbc:mariadb://{{.Values.global.mariadb.nameOverride}}:3306/policyadmin", - "databaseUser": "policy_user", - "databasePassword": "cG9saWN5X3VzZXI=", + "databaseUrl": "jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/{{ .Values.global.mariadb.config.mysqlDatabase }}", + "databaseUser": "{{ .Values.global.mariadb.config.userName }}", + "databasePassword": "{{ .Values.global.mariadb.config.userPassword | b64enc }}", "persistenceUnit": "PolicyMariaDb" }, "topicParameterGroup": { @@ -55,6 +55,11 @@ "topic" : "POLICY-PDP-PAP", "servers" : [ "message-router" ], "topicCommInfrastructure" : "dmaap" + }, + { + "topic" : "POLICY-NOTIFICATION", + "servers" : [ "message-router" ], + "topicCommInfrastructure" : "dmaap" }] } } diff --git a/kubernetes/policy/charts/policy-pap/templates/configmap.yaml b/kubernetes/policy/charts/policy-pap/templates/configmap.yaml index 19ce6a8f20..372bf4dcca 100644 --- a/kubernetes/policy/charts/policy-pap/templates/configmap.yaml +++ b/kubernetes/policy/charts/policy-pap/templates/configmap.yaml @@ -1,5 +1,5 @@ # ============LICENSE_START======================================================= -# Copyright (C) 2019 Nordix Foundation. +# Copyright (C) 2019-2020 Nordix Foundation. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,6 +21,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} +{{- with .Files.Glob "resources/config/*store" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} - +{{ tpl (.Files.Glob "resources/config/*.{json,xml}").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-pap/templates/deployment.yaml b/kubernetes/policy/charts/policy-pap/templates/deployment.yaml index 3332f60944..a3adfeebc2 100644 --- a/kubernetes/policy/charts/policy-pap/templates/deployment.yaml +++ b/kubernetes/policy/charts/policy-pap/templates/deployment.yaml @@ -21,7 +21,7 @@ spec: - /root/ready.py args: - --container-name - - {{ .Values.global.mariadb.nameOverride }} + - {{ .Values.global.mariadb.service.name }} env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json index 4483a1b51a..7fd8572c1f 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json +++ b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json @@ -16,7 +16,8 @@ # SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= { - "name": "XacmlPdpGroup", + "name": "XacmlPdpParameters", + "pdpGroup": "defaultGroup", "restServerParameters": { "host": "0.0.0.0", "port": 6969, diff --git a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/xacml.properties b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/xacml.properties index be9a3faa45..29feeb6e24 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/xacml.properties +++ b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/xacml.properties @@ -48,6 +48,6 @@ xacml.pip.engines=count-recent-operations,get-operation-outcome # JPA Properties # javax.persistence.jdbc.driver=org.mariadb.jdbc.Driver -javax.persistence.jdbc.url=jdbc:mariadb://{{ .Values.global.mariadb.nameOverride }}:3306/operationshistory -javax.persistence.jdbc.user=policy_user -javax.persistence.jdbc.password=cG9saWN5X3VzZXI= +javax.persistence.jdbc.url=jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/operationshistory +javax.persistence.jdbc.user={{ .Values.global.mariadb.config.userName }} +javax.persistence.jdbc.password={{ .Values.global.mariadb.config.userPassword | b64enc }} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml index f689f4d6e8..3ca4f82963 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml @@ -1,5 +1,6 @@ # ============LICENSE_START======================================================= # Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright (C) 2020 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,5 +22,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} +{{- with .Files.Glob "resources/config/*store" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*.{json,properties,xml}").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml index da9b0197d3..ced19b9f52 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml @@ -21,7 +21,7 @@ spec: - /root/ready.py args: - --container-name - - {{ .Values.global.mariadb.nameOverride }} + - {{ .Release.Name }}-galera-config env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/policy/requirements.yaml b/kubernetes/policy/requirements.yaml index 05d49a8d7b..589dfa4810 100644 --- a/kubernetes/policy/requirements.yaml +++ b/kubernetes/policy/requirements.yaml @@ -20,3 +20,6 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: mariadb-galera + version: ~5.x-0 + repository: '@local' diff --git a/kubernetes/policy/charts/mariadb/resources/config/db.sh b/kubernetes/policy/resources/config/db.sh index a5eb7f55c2..ef821a11d4 100644 --- a/kubernetes/policy/charts/mariadb/resources/config/db.sh +++ b/kubernetes/policy/resources/config/db.sh @@ -14,7 +14,7 @@ # limitations under the License. #!/bin/bash -xv - +mysql() { /usr/bin/mysql -h ${MYSQL_HOST} -P ${MYSQL_USER} "$@"; }; for db in support onap_sdk log migration operationshistory10 pooling policyadmin operationshistory do mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};" diff --git a/kubernetes/policy/templates/configmap.yaml b/kubernetes/policy/templates/configmap.yaml index bd1af397b3..8c804c35ed 100644 --- a/kubernetes/policy/templates/configmap.yaml +++ b/kubernetes/policy/templates/configmap.yaml @@ -36,4 +36,11 @@ metadata: namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }} - +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-db-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/db.sh").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/templates/deployment.yaml b/kubernetes/policy/templates/deployment.yaml index 5feb37415b..355b8fc75d 100644 --- a/kubernetes/policy/templates/deployment.yaml +++ b/kubernetes/policy/templates/deployment.yaml @@ -36,7 +36,7 @@ spec: - /root/ready.py args: - --container-name - - {{ .Values.global.mariadb.nameOverride }} + - {{ .Release.Name }}-galera-config env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/policy/templates/job.yaml b/kubernetes/policy/templates/job.yaml new file mode 100644 index 0000000000..9ed09e82d7 --- /dev/null +++ b/kubernetes/policy/templates/job.yaml @@ -0,0 +1,77 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ .Release.Name }}-galera-config + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-job + release: {{ .Release.Name }} +spec: + template: + metadata: + labels: + app: {{ include "common.name" . }}-job + release: {{ .Release.Name }} + spec: + initContainers: +#This container checks that all galera instances are up before initializing it. + - name: {{ include "common.name" . }}-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + - --container-name + - {{ index .Values "mariadb-galera" "service" "name" }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - name: {{ .Release.Name }}-galera-config + image: {{ .Values.mariadb_image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: /dbcmd-config/db.sh + name: {{ include "common.fullname" . }}-config + subPath: db.sh + command: + - /bin/sh + args: + - -x + - /dbcmd-config/db.sh + env: + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-secret + key: db-root-password + - name: MYSQL_HOST + value: "{{ index .Values "mariadb-galera" "service" "name" }}" + - name: MYSQL_USER + value: "{{ index .Values "mariadb-galera" "config" "userName" }}" + - name: MYSQL_PORT + value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}" + restartPolicy: Never + volumes: + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-db-configmap + items: + - key: db.sh + path: db.sh diff --git a/kubernetes/policy/charts/mariadb/templates/secrets.yaml b/kubernetes/policy/templates/secrets.yaml index 3efe66c818..eb5b0020ee 100644 --- a/kubernetes/policy/charts/mariadb/templates/secrets.yaml +++ b/kubernetes/policy/templates/secrets.yaml @@ -1,5 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2018 AT&T, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -25,6 +25,5 @@ metadata: heritage: {{ .Release.Service }} type: Opaque data: - db-root-password: {{ .Values.config.mysqlRootPassword | b64enc | quote }} - db-user-password: {{ .Values.config.mysqlPassword | b64enc | quote }} - + db-user-password: {{ index .Values "mariadb-galera" "config" "userPassword" | b64enc | quote }} + db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }} diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 3648647483..ca1a8a3c21 100644 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -19,22 +19,32 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 ubuntuImage: ubuntu:16.04 - mariadb: - nameOverride: policydb pdp: nameOverride: pdp pap: - nameOverride: pap + nameOverride: policy drools: nameOverride: drools brmwgw: nameOverride: brmsgw nexus: nameOverride: nexus + mariadb: + # '&mariadbConfig' means we "store" the values for later use in the file + # with '*mariadbConfig' pointer. + config: &mariadbConfig + userName: policy_user + userPassword: policy_user + mariadbRootPassword: secret + mysqlDatabase: policyadmin + service: &mariadbService + name: policy-mariadb + portName: mysql-policy + internalPort: 3306 ################################################################# # Application configuration defaults. @@ -42,17 +52,16 @@ global: # application image repository: nexus3.onap.org:10001 image: onap/policy-pe:1.5.2 +mariadb_image: library/mariadb:10 pullPolicy: Always subChartsOnly: enabled: true -nameOverride: pap - +pap: + nameOverride: pap pdp: nameOverride: pdp -mariadb: - nameOverride: policydb drools: nameOverride: drools brmwgw: @@ -101,6 +110,20 @@ service: ingress: enabled: false +mariadb-galera: + # mariadb-galera.config and global.mariadb.config must be equals + config: *mariadbConfig + nameOverride: policy-mariadb + # mariadb-galera.service and global.mariadb.service must be equals + service: *mariadbService + replicaCount: 1 + persistence: + enabled: true + mountSubPath: policy/maria/data + externalConfig: |- + [mysqld] + lower_case_table_names = 1 + # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) diff --git a/kubernetes/pomba/charts/pomba-data-router/templates/ingress.yaml b/kubernetes/pomba/charts/pomba-data-router/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/pomba/charts/pomba-data-router/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/pomba/charts/pomba-data-router/templates/pv.yaml b/kubernetes/pomba/charts/pomba-data-router/templates/pv.yaml index 184728f8ad..63829cb185 100644 --- a/kubernetes/pomba/charts/pomba-data-router/templates/pv.yaml +++ b/kubernetes/pomba/charts/pomba-data-router/templates/pv.yaml @@ -15,6 +15,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -31,7 +32,9 @@ spec: storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-data" persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} diff --git a/kubernetes/pomba/charts/pomba-data-router/templates/pvc.yaml b/kubernetes/pomba/charts/pomba-data-router/templates/pvc.yaml index e27c3311e9..49f1d6886f 100644 --- a/kubernetes/pomba/charts/pomba-data-router/templates/pvc.yaml +++ b/kubernetes/pomba/charts/pomba-data-router/templates/pvc.yaml @@ -25,24 +25,16 @@ metadata: chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} {{- if .Values.persistence.annotations }} annotations: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} diff --git a/kubernetes/pomba/charts/pomba-data-router/values.yaml b/kubernetes/pomba/charts/pomba-data-router/values.yaml index ec70f4b619..f891dce42f 100644 --- a/kubernetes/pomba/charts/pomba-data-router/values.yaml +++ b/kubernetes/pomba/charts/pomba-data-router/values.yaml @@ -24,7 +24,7 @@ global: persistence: {} readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - + # application image repository: nexus3.onap.org:10001 image: onap/data-router:1.3.3 @@ -70,6 +70,12 @@ service: ingress: enabled: false + service: + - baseaddr: "pombadatarouter" + name: "pomba-data-router" + port: 9502 + config: + ssl: "none" persistence: enabled: true @@ -88,7 +94,7 @@ persistence: ## GKE, AWS & OpenStack) ## ## storageClass: "-" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 2Gi mountPath: /dockerdata-nfs mountSubPath: pomba/data-router/logs diff --git a/kubernetes/pomba/charts/pomba-elasticsearch/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/templates/deployment.yaml index 93b5539cfc..2e6f1fde54 100644 --- a/kubernetes/pomba/charts/pomba-elasticsearch/templates/deployment.yaml +++ b/kubernetes/pomba/charts/pomba-elasticsearch/templates/deployment.yaml @@ -108,10 +108,18 @@ spec: - key: elasticsearch.yml path: elasticsearch.yml - name: {{ include "common.fullname" . }}-data + {{- if .Values.persistence.enabled }} persistentVolumeClaim: claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} - name: {{ include "common.fullname" . }}-logs - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPathLogs }} + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-logs + {{- else }} + emptyDir: {} + {{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/vid/charts/vid-mariadb-galera/templates/pv.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pv-data.yaml index f682196931..7c6cfe543d 100644 --- a/kubernetes/vid/charts/vid-mariadb-galera/templates/pv.yaml +++ b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pv-data.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2019 Amdocs, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,6 +15,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -32,6 +33,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} diff --git a/kubernetes/nbi/charts/mariadb/templates/pv.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pv-logs.yaml index 4645f473a6..a4cccd2af7 100644 --- a/kubernetes/nbi/charts/mariadb/templates/pv.yaml +++ b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pv-logs.yaml @@ -1,6 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 Orange +# Copyright © 2019 Amdocs, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,23 +15,26 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-logs namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-logs spec: capacity: - storage: {{ .Values.persistence.size }} + storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-logs" hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPathLogs }} +{{- end -}} {{- end -}} diff --git a/kubernetes/pomba/charts/pomba-elasticsearch/templates/pv.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pv.yaml deleted file mode 100644 index 31230a9ed7..0000000000 --- a/kubernetes/pomba/charts/pomba-elasticsearch/templates/pv.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} diff --git a/kubernetes/vid/charts/vid-mariadb-galera/templates/pvc.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pvc-data.yaml index c3de6e8150..b536d7b58d 100644 --- a/kubernetes/vid/charts/vid-mariadb-galera/templates/pvc.yaml +++ b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pvc-data.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2019 Amdocs, Bell Canada, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -25,24 +25,16 @@ metadata: chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} {{- if .Values.persistence.annotations }} annotations: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} diff --git a/kubernetes/pomba/charts/pomba-elasticsearch/templates/pvc-logs.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pvc-logs.yaml new file mode 100644 index 0000000000..ec8e75be99 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pvc-logs.yaml @@ -0,0 +1,44 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-logs + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-logs +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} +{{- if eq "True" (include "common.needPV" .) }} + storageClassName: "{{ include "common.fullname" . }}-logs" +{{- else }} + storageClassName: {{ include "common.storageClass" . }} +{{- end }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- end -}} diff --git a/kubernetes/pomba/charts/pomba-elasticsearch/templates/pvc.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/templates/pvc.yaml deleted file mode 100644 index c046f4604a..0000000000 --- a/kubernetes/pomba/charts/pomba-elasticsearch/templates/pvc.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- end -}} diff --git a/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml index 00eb921779..8201eff7b1 100644 --- a/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml +++ b/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml @@ -74,7 +74,7 @@ persistence: ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 1Gi mountPath: /dockerdata-nfs mountSubPath: pomba/elasticsearch/data diff --git a/kubernetes/pomba/charts/pomba-kibana/templates/ingress.yaml b/kubernetes/pomba/charts/pomba-kibana/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/pomba/charts/pomba-kibana/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/pomba/charts/pomba-kibana/values.yaml b/kubernetes/pomba/charts/pomba-kibana/values.yaml index 53725b7798..c892f1b85e 100644 --- a/kubernetes/pomba/charts/pomba-kibana/values.yaml +++ b/kubernetes/pomba/charts/pomba-kibana/values.yaml @@ -80,8 +80,15 @@ service: externalPort: 5601 internalPort: 5601 nodePort: 34 + ingress: enabled: false + service: + - baseaddr: "pombakibana" + name: "pomba-kibana" + port: 5601 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/pomba/charts/pomba-networkdiscovery/templates/ingress.yaml b/kubernetes/pomba/charts/pomba-networkdiscovery/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/pomba/charts/pomba-networkdiscovery/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/pomba/charts/pomba-networkdiscovery/values.yaml b/kubernetes/pomba/charts/pomba-networkdiscovery/values.yaml index dba7f59bac..ae613c6034 100644 --- a/kubernetes/pomba/charts/pomba-networkdiscovery/values.yaml +++ b/kubernetes/pomba/charts/pomba-networkdiscovery/values.yaml @@ -94,7 +94,13 @@ service: ingress: enabled: false - + service: + - baseaddr: "pombanetworkdiscovery" + name: "pomba-networkdiscovery" + port: 8443 + config: + ssl: "redirect" + # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) diff --git a/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/aai-environment.properties b/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/aai-environment.properties index 2d600ce41a..cd5c62e96b 100644 --- a/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/aai-environment.properties +++ b/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/aai-environment.properties @@ -5,7 +5,7 @@ trustStorePath=/auth/tomcat_keystore #trustStorePassword intentionally left blank trustStorePassword.x= keyStorePath=/auth/client-cert-onap.p12 -keyStorePassword.x=dfcfd1003bdde18de8efea3c8661510e +keyStorePassword.x=OBF: keyManagerFactoryAlgorithm=SunX509 keyStoreType=PKCS12 securityProtocol=TLS diff --git a/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties b/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties index f15f46dd11..7d335aed50 100644 --- a/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties +++ b/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties @@ -18,5 +18,5 @@ poa-audit-result.name=POA-AUDIT-RESULT poa-audit-result.host=message-router:3904 poa-audit-result.publisher.partition=1 poa-audit-result.username= -poa-audit-result.password= +poa-audit-result.password=OBF: poa-audit-result.transport.type=HTTPAUTH diff --git a/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties b/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties index 79aa5398ae..15c60afcc4 100644 --- a/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties +++ b/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties @@ -17,7 +17,7 @@ poa-rule-validation.name=POA-RULE-VALIDATION poa-rule-validation.host=message-router:3904 poa-rule-validation.username= -poa-rule-validation.password= +poa-rule-validation.password=OBF: poa-rule-validation.consumer.group=poa-validator-test poa-rule-validation.consumer.id=test poa-rule-validation.transport.type=HTTPAUTH diff --git a/kubernetes/portal/charts/portal-app/templates/ingress.yaml b/kubernetes/portal/charts/portal-app/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/portal/charts/portal-app/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/portal/charts/portal-app/values.yaml b/kubernetes/portal/charts/portal-app/values.yaml index 8d9cee0d4e..59a11ad6cf 100644 --- a/kubernetes/portal/charts/portal-app/values.yaml +++ b/kubernetes/portal/charts/portal-app/values.yaml @@ -88,6 +88,12 @@ messageRouter: ingress: enabled: false + service: + - baseaddr: portalapp + name: "portal-app" + port: 8443 + config: + ssl: "redirect" # Resource Limit flavor -By Default using small flavor: small @@ -95,11 +101,11 @@ flavor: small resources: small: limits: - cpu: 2 - memory: 10Gi + cpu: 2.2 + memory: 800Mi requests: - cpu: 1 - memory: 6Gi + cpu: 30m + memory: 460Mi large: limits: cpu: 4 diff --git a/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml b/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml index 2040794074..96e865d8cf 100644 --- a/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml +++ b/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml @@ -65,7 +65,7 @@ spec: - name: CASSPASS value: "{{ .Values.config.cassandraPassword }}" - name: JVM_OPTS - value: "{{ .Values.config.cassandraJvmOpts }}" + value: "{{ .Values.config.cassandraJvmOpts }}" - name: POD_IP valueFrom: fieldRef: diff --git a/kubernetes/portal/charts/portal-cassandra/templates/pv.yaml b/kubernetes/portal/charts/portal-cassandra/templates/pv.yaml index 252ca76599..f6119246ed 100644 --- a/kubernetes/portal/charts/portal-cassandra/templates/pv.yaml +++ b/kubernetes/portal/charts/portal-cassandra/templates/pv.yaml @@ -16,6 +16,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -33,6 +34,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} diff --git a/kubernetes/portal/charts/portal-cassandra/templates/pvc.yaml b/kubernetes/portal/charts/portal-cassandra/templates/pvc.yaml index 1deed4e92a..a082319789 100644 --- a/kubernetes/portal/charts/portal-cassandra/templates/pvc.yaml +++ b/kubernetes/portal/charts/portal-cassandra/templates/pvc.yaml @@ -31,19 +31,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} diff --git a/kubernetes/portal/charts/portal-cassandra/values.yaml b/kubernetes/portal/charts/portal-cassandra/values.yaml index e08f59b971..65fcdbe84a 100644 --- a/kubernetes/portal/charts/portal-cassandra/values.yaml +++ b/kubernetes/portal/charts/portal-cassandra/values.yaml @@ -98,11 +98,11 @@ flavor: small resources: small: limits: - cpu: 2 - memory: 8Gi + cpu: 500m + memory: 3.75Gi requests: - cpu: 1 - memory: 4Gi + cpu: 160m + memory: 2.8Gi large: limits: cpu: 4 diff --git a/kubernetes/portal/charts/portal-mariadb/templates/pv.yaml b/kubernetes/portal/charts/portal-mariadb/templates/pv.yaml index 252ca76599..f6119246ed 100644 --- a/kubernetes/portal/charts/portal-mariadb/templates/pv.yaml +++ b/kubernetes/portal/charts/portal-mariadb/templates/pv.yaml @@ -16,6 +16,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -33,6 +34,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} diff --git a/kubernetes/portal/charts/portal-mariadb/templates/pvc.yaml b/kubernetes/portal/charts/portal-mariadb/templates/pvc.yaml index 1deed4e92a..a082319789 100644 --- a/kubernetes/portal/charts/portal-mariadb/templates/pvc.yaml +++ b/kubernetes/portal/charts/portal-mariadb/templates/pvc.yaml @@ -31,19 +31,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}} diff --git a/kubernetes/portal/charts/portal-mariadb/values.yaml b/kubernetes/portal/charts/portal-mariadb/values.yaml index e6896f17c1..e6aab2a2e3 100644 --- a/kubernetes/portal/charts/portal-mariadb/values.yaml +++ b/kubernetes/portal/charts/portal-mariadb/values.yaml @@ -132,11 +132,11 @@ flavor: small resources: small: limits: - cpu: 800m - memory: 1Gi + cpu: 460m + memory: 175Mi requests: - cpu: 400m - memory: 500Mi + cpu: 10m + memory: 100Mi large: limits: cpu: 2 diff --git a/kubernetes/portal/charts/portal-sdk/templates/ingress.yaml b/kubernetes/portal/charts/portal-sdk/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/portal/charts/portal-sdk/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/portal/charts/portal-sdk/values.yaml b/kubernetes/portal/charts/portal-sdk/values.yaml index 4a0124d7a5..8572ff83da 100644 --- a/kubernetes/portal/charts/portal-sdk/values.yaml +++ b/kubernetes/portal/charts/portal-sdk/values.yaml @@ -82,6 +82,12 @@ messageRouter: ingress: enabled: false + service: + - baseaddr: portalsdk + name: "portal-sdk" + port: 8080 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small @@ -89,11 +95,11 @@ flavor: small resources: small: limits: - cpu: 4 - memory: 10Gi + cpu: 600m + memory: 1.6Gi requests: - cpu: 2 - memory: 5Gi + cpu: 10m + memory: 1.3Gi large: limits: cpu: 8 diff --git a/kubernetes/portal/charts/portal-widget/values.yaml b/kubernetes/portal/charts/portal-widget/values.yaml index 37f4294fb4..7a02509737 100644 --- a/kubernetes/portal/charts/portal-widget/values.yaml +++ b/kubernetes/portal/charts/portal-widget/values.yaml @@ -75,10 +75,10 @@ resources: small: limits: cpu: 1 - memory: 4Gi + memory: 430Mi requests: - cpu: 500m - memory: 2Gi + cpu: 1m + memory: 360Mi large: limits: cpu: 2 diff --git a/kubernetes/portal/charts/portal-zookeeper/values.yaml b/kubernetes/portal/charts/portal-zookeeper/values.yaml index c7c8030339..6037d246cf 100644 --- a/kubernetes/portal/charts/portal-zookeeper/values.yaml +++ b/kubernetes/portal/charts/portal-zookeeper/values.yaml @@ -62,11 +62,11 @@ flavor: small resources: small: limits: - cpu: 500m - memory: 600Mi + cpu: 100m + memory: 200Mi requests: - cpu: 250m - memory: 300Mi + cpu: 1m + memory: 80Mi large: limits: cpu: 1 diff --git a/kubernetes/portal/values.yaml b/kubernetes/portal/values.yaml index 9dbdd7cfd9..8c84cbdbb4 100644 --- a/kubernetes/portal/values.yaml +++ b/kubernetes/portal/values.yaml @@ -52,3 +52,6 @@ zookeeper: messageRouter: service: name: message-router + +ingress: + enabled: false
\ No newline at end of file diff --git a/kubernetes/readiness/.gitignore b/kubernetes/readiness/.gitignore new file mode 100644 index 0000000000..90cb66eacd --- /dev/null +++ b/kubernetes/readiness/.gitignore @@ -0,0 +1,15 @@ +# Eclipse +.classpath +.factorypath +.project +.pydevproject +.settings/ + +# IntelliJ +.idea/* +*.iml + +# Mac OS +*DS_Store* + +/target
\ No newline at end of file diff --git a/kubernetes/readiness/pom.xml b/kubernetes/readiness/pom.xml new file mode 100644 index 0000000000..af834ff4c2 --- /dev/null +++ b/kubernetes/readiness/pom.xml @@ -0,0 +1,109 @@ +<!-- + + ============LICENSE_START======================================================= + org.onap.aai + ================================================================================ + Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + ============LICENSE_END========================================================= + +--> +<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>org.onap.oparent</groupId> + <artifactId>oparent</artifactId> + <version>2.0.0</version> + </parent> + + <groupId>org.onap.oom.readiness.check</groupId> + <artifactId>readiness-check-docker</artifactId> + <version>2.2.1-SNAPSHOT</version> + <packaging>pom</packaging> + <name>oom-readiness-check-image</name> + <description>Contains dockerfiles and scrtipts for readiness-ckeck image.</description> + + <properties> + <docker.fabric.version>0.31.0</docker.fabric.version> + <oom.docker.namespace>onap</oom.docker.namespace> + </properties> + + <build> + <plugins> + <plugin> + <groupId>io.fabric8</groupId> + <artifactId>docker-maven-plugin</artifactId> + <version>${docker.fabric.version}</version> + <configuration> + <verbose>true</verbose> + <apiVersion>1.23</apiVersion> + <images> + <image> + <name>${docker.push.registry}/${oom.docker.namespace}/readiness-check:%l</name> + <build> + <filter>@</filter> + <assembly> + <mode>dir</mode> + <inline xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2" xsi:schemaLocation="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2 http://maven.apache.org/xsd/assembly-1.1.2.xsd"> + <fileSets> + <fileSet> + <directory>${project.basedir}/src/main/scripts</directory> + <outputDirectory>/</outputDirectory> + <includes> + <include>**/*</include> + </includes> + </fileSet> + </fileSets> + </inline> + </assembly> + <tags> + <tag>latest</tag> + <tag>latest-${project.version}</tag> + </tags> + <cleanup>try</cleanup> + <dockerFileDir>${project.basedir}/src/main/docker</dockerFileDir> + </build> + </image> + </images> + </configuration> + <executions> + <execution> + <id>clean-images</id> + <phase>pre-clean</phase> + <goals> + <goal>remove</goal> + </goals> + <configuration> + <removeAll>true</removeAll> + </configuration> + </execution> + <execution> + <id>generate-images</id> + <phase>package</phase> + <goals> + <goal>build</goal> + </goals> + </execution> + <execution> + <id>push-images</id> + <phase>deploy</phase> + <goals> + <goal>push</goal> + </goals> + </execution> + </executions> + </plugin> + </plugins> + </build> +</project>
\ No newline at end of file diff --git a/kubernetes/readiness/docker/init/Dockerfile b/kubernetes/readiness/src/main/docker/Dockerfile index b060915354..638e8efd67 100644 --- a/kubernetes/readiness/docker/init/Dockerfile +++ b/kubernetes/readiness/src/main/docker/Dockerfile @@ -1,4 +1,4 @@ -FROM python:2-alpine +FROM python:3-alpine3.9 ENV no_proxy "localhost,127.0.0.1,.cluster.local,$KUBERNETES_SERVICE_HOST" # Setup Corporate proxy @@ -10,11 +10,8 @@ RUN pip install requests pyyaml kubernetes ENV CERT="/var/run/secrets/kubernetes.io/serviceaccount/ca.crt" ENV TOKEN="/var/run/secrets/kubernetes.io/serviceaccount/token" -COPY ready.py /root/ready.py -RUN chmod a+x /root/ready.py - -COPY job_complete.py /root/job_complete.py -RUN chmod a+x /root/job_complete.py +COPY maven/ /root/ +RUN chmod -R a+x /root/ ENTRYPOINT ["/root/ready.py"] CMD [""]
\ No newline at end of file diff --git a/kubernetes/readiness/docker/init/job_complete.py b/kubernetes/readiness/src/main/scripts/job_complete.py index a9570c5951..a9570c5951 100644 --- a/kubernetes/readiness/docker/init/job_complete.py +++ b/kubernetes/readiness/src/main/scripts/job_complete.py diff --git a/kubernetes/readiness/docker/init/ready.py b/kubernetes/readiness/src/main/scripts/ready.py index db7105a18d..93932073cd 100644 --- a/kubernetes/readiness/docker/init/ready.py +++ b/kubernetes/readiness/src/main/scripts/ready.py @@ -79,7 +79,7 @@ def wait_for_deployment_complete(deployment_name): response = api.read_namespaced_deployment(deployment_name, namespace) s = response.status if (s.unavailable_replicas is None and - s.updated_replicas == response.spec.replicas and + ( s.updated_replicas is None or s.updated_replicas == response.spec.replicas ) and s.replicas == response.spec.replicas and s.ready_replicas == response.spec.replicas and s.observed_generation == response.metadata.generation): @@ -92,6 +92,20 @@ def wait_for_deployment_complete(deployment_name): log.error("Exception when waiting for deployment status: %s\n" % e) +def wait_for_daemonset_complete(daemonset_name): + try: + response = api_instance.read_namespaced_daemon_set(daemonset_name, namespace) + s = response.status + if s.desired_number_scheduled == s.number_ready: + log.info("DaemonSet: " + str(s.number_ready) + "/" + str(s.desired_number_scheduled) + " nodes ready --> " + daemonset_name + " is ready") + return True + else: + log.info("DaemonSet: " + str(s.number_ready) + "/" + str(s.desired_number_scheduled) + " nodes ready --> " + daemonset_name + " is not ready") + return False + except Exception as e: + log.error("Exception when waiting for DaemonSet status: %s\n" % e) + + def is_ready(container_name): ready = False log.info("Checking if " + container_name + " is ready") @@ -112,6 +126,8 @@ def is_ready(container_name): ready = wait_for_deployment_complete(deployment_name) elif i.metadata.owner_references[0].kind == "Job": ready = is_job_complete(name) + elif i.metadata.owner_references[0].kind == "DaemonSet": + ready = wait_for_daemonset_complete(i.metadata.owner_references[0].name) return ready @@ -123,7 +139,7 @@ def is_ready(container_name): def read_name(item): - return item.metadata.owner_reference[0].name + return item.metadata.owner_references[0].name def get_deployment_name(replicaset): diff --git a/kubernetes/robot b/kubernetes/robot -Subproject 1d36d59796cf69d8bba1d833a7faa2709bef531 +Subproject 4bd799e5dbcbf2131a685bf73319e962ace86f5 diff --git a/kubernetes/sdc/charts/sdc-be/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-be/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/sdc/charts/sdc-be/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-be/values.yaml b/kubernetes/sdc/charts/sdc-be/values.yaml index 5ba797c8ab..8ac6c27dba 100644 --- a/kubernetes/sdc/charts/sdc-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-be/values.yaml @@ -73,6 +73,13 @@ service: ingress: enabled: false + service: + - baseaddr: "sdcbe" + name: "sdc-be" + port: 8080 + config: + ssl: "none" + # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-dcae-dt/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-dt/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml b/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml index 7a1fffcc8e..df0606fdbe 100644 --- a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml @@ -61,6 +61,15 @@ service: ingress: enabled: false + service: + - baseaddr: "dcaedt" + name: "sdc-dcae-dt" + port: 8186 + - baseaddr: "dcaedt2" + name: "sdc-dcae-dt" + port: 9446 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-dcae-fe/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/sdc/charts/sdc-dcae-fe/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml b/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml index f38ef30196..a5794b28c3 100644 --- a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml @@ -66,7 +66,15 @@ service: ingress: enabled: false - + service: + - baseaddr: "dcaedt" + name: "sdc-dcae-fe" + port: 8183 + - baseaddr: "dcaedt2" + name: "sdc-dcae-fe" + port: 9444 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) diff --git a/kubernetes/sdc/charts/sdc-es/templates/pv.yaml b/kubernetes/sdc/charts/sdc-es/templates/pv.yaml index 618b23a584..8edf342f3a 100644 --- a/kubernetes/sdc/charts/sdc-es/templates/pv.yaml +++ b/kubernetes/sdc/charts/sdc-es/templates/pv.yaml @@ -16,6 +16,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -33,6 +34,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}}
\ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml b/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml index e1f01b67fe..5251283ddf 100644 --- a/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml +++ b/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml @@ -31,19 +31,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} {{- end -}}
\ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml index 62dffd6376..ee4da9b7b1 100644 --- a/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml @@ -73,12 +73,14 @@ spec: port: {{ .Values.service.internalPort2 }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end }} readinessProbe: tcpSocket: port: {{ .Values.service.internalPort2 }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} resources: {{ include "common.resources" . | indent 12 }} env: diff --git a/kubernetes/sdc/charts/sdc-fe/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-fe/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/sdc/charts/sdc-fe/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-fe/values.yaml b/kubernetes/sdc/charts/sdc-fe/values.yaml index 6831555a44..c6f39f9822 100644 --- a/kubernetes/sdc/charts/sdc-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-fe/values.yaml @@ -38,8 +38,8 @@ config: dcae_source_url: "https://sdc.dcae.plugin.simpledemo.onap.org:30264/dcaed/#/home" dcae_dt_discovery_url: "https://sdc-dcae-dt:9446/dcae/#/dcae/home" dcae_dt_source_url: "https://sdc.dcae.plugin.simpledemo.onap.org:30266/dcae/#/dcae/home" - workflow_discovery_url: "http://sdc-wfd-fe:8080/workflows" - workflow_source_url: "https://sdc.workflow.plugin.simpledemo.onap.org:30431/workflows/" + workflow_discovery_url: "https://sdc-wfd-fe:8443/workflows" + workflow_source_url: "https://sdc.workflow.plugin.simpledemo.onap.org:30256/workflows/" # default number of instances replicaCount: 1 @@ -51,14 +51,16 @@ affinity: {} # probe configuration parameters liveness: initialDelaySeconds: 10 - periodSeconds: 10 + periodSeconds: 60 + timeoutSeconds: 15 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: initialDelaySeconds: 10 - periodSeconds: 10 + periodSeconds: 60 + timeoutSeconds: 15 service: #Example service definition with external, internal and node ports. @@ -78,6 +80,12 @@ service: ingress: enabled: false + service: + - baseaddr: "sdcfe" + name: "sdc-fe" + port: 9443 + config: + ssl: "redirect" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml index 70895d308d..dee139beb5 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml @@ -60,6 +60,7 @@ spec: - "/var/lib/ready-probe.sh" initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end }} readinessProbe: exec: @@ -67,6 +68,7 @@ spec: - "/var/lib/ready-probe.sh" initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} resources: {{ include "common.resources" . | indent 12 }} env: diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml index b292ff9448..70f6d959ce 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml @@ -16,10 +16,11 @@ # limitations under the License. */}} {{- if and .Values.persistence.enabled (not .Values.cert.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }}-cert + name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -33,6 +34,8 @@ spec: accessModes: - {{ .Values.cert.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.cert.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.cert.persistence.mountSubPath }} -{{- end -}}
\ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml index eb2c372a33..662370d204 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml @@ -31,19 +31,10 @@ metadata: {{ toYaml .Values.cert.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.cert.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.cert.persistence.size }} -{{- if .Values.cert.persistence.storageClass }} -{{- if (eq "-" .Values.cert.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.cert.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}}
\ No newline at end of file +{{- end -}} diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml index ce04d480f0..a6a3f6bd22 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml @@ -48,15 +48,17 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 60 - periodSeconds: 10 + initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 60 - periodSeconds: 10 + initialDelaySeconds: 120 + periodSeconds: 60 + timeoutSeconds: 15 service: type: ClusterIP diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl b/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl index c69fb7c81c..298a2cd673 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl @@ -1,29 +1 @@ -{{- define "sdc-wfd-be.volumes" }} - {{ if .Values.config.cassandraSSLEnabled }} - - name: {{ include "common.fullname" . }}-cassandra-client-truststore - hostPath: - path: /etc/cassandra-client-truststore/truststore - type: File - {{- end }} - {{ if .Values.config.serverSSLEnabled }} - - name: {{ include "common.fullname" . }}-server-https-keystore - hostPath: - path: /config/server-https-keystore/keystore - type: File - {{- end }} -{{- end }} - -{{- define "sdc-wfd-be.volumeMounts" }} - {{ if .Values.config.cassandraSSLEnabled }} - - name: {{ include "common.fullname" . }}-cassandra-client-truststore - mountPath: /etc/cassandra-client-truststore/truststore - subPath: truststore - readOnly: true - {{- end }} - {{ if .Values.config.serverSSLEnabled }} - - name: {{ include "common.fullname" . }}-server-https-keystore - mountPath: /etc/server-https-keystore/keystore - subPath: keystore - readOnly: true - {{- end }} -{{- end }}
\ No newline at end of file +{{- define "wfd-be.internalPort" }}{{ if .Values.config.serverSSLEnabled }}{{ .Values.service.internalPort2 }}{{ else }}{{ .Values.service.internalPort }}{{ end }}{{- end }} diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml index 0bf1bf5d31..00a986f4d2 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml @@ -53,20 +53,19 @@ spec: image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} + - containerPort: {{ template "wfd-be.internalPort" . }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ template "wfd-be.internalPort" . }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ template "wfd-be.internalPort" . }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: @@ -89,7 +88,8 @@ spec: - name: CS_TRUST_STORE_PATH value: "{{ .Values.config.cassandraTrustStorePath }}" - name: CS_TRUST_STORE_PASSWORD - value: "{{ .Values.config.cassandraTrustStorePassword }}" + valueFrom: + secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: cs_truststore_password} - name: SDC_PROTOCOL value: "{{ .Values.config.sdcProtocol }}" - name: SDC_ENDPOINT @@ -97,7 +97,8 @@ spec: - name: SDC_USER value: "{{ .Values.config.sdcExternalUser }}" - name: SDC_PASSWORD - value: "{{ .Values.config.sdcExternalUserPassword }}" + valueFrom: + secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: wf_external_user_password} - name: SERVER_SSL_ENABLED value: "{{ .Values.config.serverSSLEnabled }}" - name: SERVER_SSL_KEYSTORE_TYPE @@ -105,10 +106,14 @@ spec: - name: SERVER_SSL_KEYSTORE_PATH value: "{{ .Values.config.serverSSLKeyStorePath }}" - name: SERVER_SSL_KEY_PASSWORD - value: "{{ .Values.config.serverSSLKeyPassword }}" - volumeMounts: - {{- template "sdc-wfd-be.volumeMounts" . }} - volumes: - {{- template "sdc-wfd-be.volumes" . }} + valueFrom: + secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: keystore_password} + - name: SERVER_SSL_TRUSTSTORE_TYPE + value: "{{ .Values.config.serverSSLTrustStoreType }}" + - name: SERVER_SSL_TRUSTSTORE_PATH + value: "{{ .Values.config.serverSSLTrustStorePath }}" + - name: SERVER_SSL_TRUST_PASSWORD + valueFrom: + secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: truststore_password} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/service.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/service.yaml index 14a937fe00..fee95ba42e 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/service.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/service.yaml @@ -28,13 +28,13 @@ spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} + - port: {{ template "wfd-be.internalPort" . }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName | default "http" }} + name: {{ .Values.service.portName }} {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }} + - port: {{ if .Values.config.serverSslEnabled }}{{ .Values.service.externalPort2 }}{{ else }}{{ .Values.service.externalPort }}{{ end }} + targetPort: {{ template "wfd-be.internalPort" . }} + name: {{ .Values.service.portName }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml index 0a250e4fce..68f487674d 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml @@ -28,13 +28,10 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-backend:1.5.1 -configInitImage: onap/workflow-init:1.5.1 +image: onap/workflow-backend:1.6.0 +configInitImage: onap/workflow-init:1.6.0 pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - initJob: enabled: true @@ -43,17 +40,21 @@ config: cassandraAuthenticationEnabled: true cassandraThriftClientPort: 9160 cassandraClientPort: 9042 - sdcProtocol: HTTP - sdcEndpoint: sdc-be:8080 + + sdcProtocol: HTTPS + sdcEndpoint: sdc-be:8443 sdcExternalUser: workflow - sdcExternalUserPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U - serverSSLEnabled: false + + serverSSLEnabled: true + serverSSLKeyStoreType: jks - serverSSLKeyStorePath: /etc/server-https-keystore/keystore - serverSSLKeyPassword: password + serverSSLKeyStorePath: /etc/keystore + + serverSSLTrustStoreType: jks + serverSSLTrustStorePath: /etc/truststore + cassandraSSLEnabled: false - cassandraTrustStorePath: /etc/cassandra-client-truststore/truststore - cassandraTrustStorePassword: password + cassandraTrustStorePath: /etc/truststore # default number of instances replicaCount: 1 @@ -76,16 +77,23 @@ readiness: service: type: NodePort + portName: sdc-wfd-be internalPort: 8080 externalPort: 8080 internalPort2: 8443 externalPort2: 8443 - portName: sdc-wfd-be - nodePort: "57" + nodePort: "57" # only one node port. set to http or https port depending on isHttpsEnabled property + ingress: enabled: false - + service: + - baseaddr: "sdcwfdbe" + name: "sdc-wfd-be" + port: 8443 + config: + ssl: "redirect" + resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/_helper.tpl b/kubernetes/sdc/charts/sdc-wfd-fe/templates/_helper.tpl new file mode 100644 index 0000000000..546bab7ddf --- /dev/null +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/_helper.tpl @@ -0,0 +1 @@ +{{- define "wfd-fe.internalPort" }}{{ if .Values.config.isHttpsEnabled }}{{ .Values.service.internalPort2 }}{{ else }}{{ .Values.service.internalPort }}{{ end }}{{- end }} diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml index 0be06f3985..08ecaa6daa 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml @@ -50,18 +50,17 @@ spec: image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} + - containerPort: {{ template "wfd-fe.internalPort" . }} {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ template "wfd-fe.internalPort" . }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ template "wfd-fe.internalPort" . }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: @@ -75,41 +74,19 @@ spec: value: "{{ .Values.config.isHttpsEnabled}}" {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }} - name: KEYSTORE_PASS - {{- if .Values.global.security.keysFromCa }} valueFrom: - secretKeyRef: - name: mft-sdc - key: keystore-password.txt - {{ else }} - value: {{ .Values.global.security.keyStorePass}} - {{- end }} + secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: keystore_password} - name: TRUSTSTORE_PASS - {{- if .Values.global.security.keysFromCa }} valueFrom: - secretKeyRef: - name: mft-catruststore - key: keystore-password.txt - {{ else }} - value: {{ .Values.global.security.trustStorePass}} - {{- end }} + secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: truststore_password} - name: TRUSTSTORE_PATH value: "{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }}" - name: KEYSTORE_PATH value: "{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }}" - - name: TRUSTSTORE_TYPE - value: {{ .Values.security.truststore.type }} - - name: KEYSTORE_TYPE - value: {{ .Values.security.keystore.type }} + - name: TRUST_ALL + value: "{{ .Values.config.isTrustAll}}" {{ end }} volumeMounts: - {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }} - - name: {{ include "common.fullname" . }}-jetty-https-truststore - mountPath: /var/lib/jetty/{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }} - subPath: {{ .Values.security.truststoreFilename }} - - name: {{ include "common.fullname" . }}-jetty-https-keystore - mountPath: /var/lib/jetty/etc/{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }} - subPath: {{ .Values.security.keystoreFilename }} - {{ end }} - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime readOnly: true @@ -123,7 +100,6 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} - # side car containers - name: {{ include "common.name" . }}-filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml index e10de6df20..8f87c68f1e 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml @@ -1,59 +1 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -{{- define "rules.wf" -}} -- http: - paths: - - path: /workflows/ - backend: - serviceName: {{.Values.service.name}} - servicePort: {{.Values.service.internalPort}} -{{- end -}} - -{{- if .Values.ingress.enabled }} - -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: {{ include "common.fullname" . }}-ingress - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -{{- with .Values.ingress.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} -spec: - rules: -{{- if .Values.ingress.hosts}} -{{- range .Values.ingress.hosts}} -{{- include "rules.wf" $ | nindent 2}} -{{- if .}} - host: {{. | quote}} -{{- end}} -{{- end}} - tls: - - hosts: -{{- range .Values.ingress.hosts}} -{{- if .}} - - {{ . | quote }} -{{- end}} -{{- end }} -{{- else}} -{{- include "rules.wf" . | nindent 2}} -{{- end}} -{{ end }} +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml index 87ca3607d7..d8a105513a 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml @@ -29,7 +29,7 @@ metadata: "version": "v1", "url": "/", "protocol": "UI", - "port": "{{ .Values.service.internalPort }}", + "port": "{{ .Values.service.internalPort2 }}", "visualRange":"0|1" } ]' @@ -37,19 +37,13 @@ spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} + - port: {{ template "wfd-fe.internalPort" . }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName | default "http" }} - - port: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName2 | default "https" }} + name: {{ .Values.service.portName }} {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 | default "https" }} + - port: {{ if .Values.config.isHttpsEnabled }}{{ .Values.service.externalPort2 }}{{ else }}{{ .Values.service.externalPort }}{{ end }} + targetPort: {{ template "wfd-fe.internalPort" . }} + name: {{ .Values.service.portName }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml index 91cdead023..fc30297885 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-frontend:1.5.1 +image: onap/workflow-frontend:1.6.0 pullPolicy: Always # flag to enable debugging - application support required @@ -36,16 +36,15 @@ debugEnabled: false config: javaOptions: "-Xmx256m -Xms256m" - backendServerURL: "http://sdc-wfd-be:8080" + backendServerURL: "https://sdc-wfd-be:8443" isHttpsEnabled: true - + # following flag decides whether to check the certificate on the outgoing proxy request or whether to trust all parties + isTrustAll: true # https relevant settings. Change in case you have other trust files then default ones. security: - isDefaultStore: true - truststoreType: "JKS" - keystoreType: "JKS" - truststoreFilename: "truststore" - keystoreFilename: "keystore" + isDefaultStore: false + truststoreFilename: "org.onap.sdc.trust.jks" + keystoreFilename: "org.onap.sdc.p12" storePath: "etc" # default number of instances @@ -71,25 +70,24 @@ service: type: NodePort internalPort: 8080 externalPort: 8080 - portName: sdc-wfd-fe - nodePort: "56" - portName2: sdc-wfd-fe2 internalPort2: 8443 externalPort2: 8443 - nodePort2: "31" + portName: sdc-wfd-fe + nodePort: "56" # only one node port. set to http or https port depending on isHttpsEnabled property ingress: enabled: false - hosts: ~ + service: + - baseaddr: "sdcwfdfe" + name: "sdc-wfd-fe" + port: 8443 annotations: ingress.kubernetes.io/secure-backends: "false" nginx.ingress.kubernetes.io/secure-backends: "false" nginx.ingress.kubernetes.io/proxy-body-size: "0" nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/backend-protocol: "HTTP" - nginx.ingress.kubernetes.io/rewrite-target: /workflows/ - nginx.ingress.kubernetes.io/server-snippet: | - underscores_in_headers on; + nginx.ingress.kubernetes.io/rewrite-target: "/workflows/" resources: {} # We usually recommend not to specify default resources and to leave this as a conscious diff --git a/kubernetes/sdc/templates/secrets.yaml b/kubernetes/sdc/templates/secrets.yaml index b3470e2ea2..1f59ab27c1 100644 --- a/kubernetes/sdc/templates/secrets.yaml +++ b/kubernetes/sdc/templates/secrets.yaml @@ -30,3 +30,9 @@ data: sdc_password: "{{ .Values.global.secrets.sdc_password }}" #default user: cs_password: "{{ .Values.global.secrets.cs_password }}" + cs_truststore_password: "{{ .Values.global.secrets.cs_truststore_password }}" + # ssl - stores + truststore_password: "{{ .Values.global.secrets.truststore_password }}" + keystore_password: "{{ .Values.global.secrets.keystore_password }}" + # workflow + wf_external_user_password: "{{ .Values.global.secrets.wf_external_user_password }}"
\ No newline at end of file diff --git a/kubernetes/sdc/values.yaml b/kubernetes/sdc/values.yaml index cafa59ad77..a7006bc56c 100644 --- a/kubernetes/sdc/values.yaml +++ b/kubernetes/sdc/values.yaml @@ -22,6 +22,10 @@ global: sdc_password: QWExMjM0JV4h #Should be the password of shared cassandra instance/chart cs_password: Y2Fzc2FuZHJh + cs_truststore_password: XS5dW3hndHplXWhCaHoqd3ldfW0jbGYq + truststore_password: XS5dW3hndHplXWhCaHoqd3ldfW0jbGYq + keystore_password: IXBwSi5KdlduMGhHaClvVkZdKFtLdile + wf_external_user_password: S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ== ubuntuInitRepository: oomk8s ubuntuInitImage: ubuntu-init:1.0.0 cassandra: diff --git a/kubernetes/sdnc/charts/dmaap-listener/values.yaml b/kubernetes/sdnc/charts/dmaap-listener/values.yaml index 1e2d74aa15..4965d96908 100644 --- a/kubernetes/sdnc/charts/dmaap-listener/values.yaml +++ b/kubernetes/sdnc/charts/dmaap-listener/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdnc-dmaap-listener-image:1.7.3 +image: onap/sdnc-dmaap-listener-image:1.7.6 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml index d681807040..db7c63cfa4 100644 --- a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml +++ b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdnc-ansible-server-image:1.7.3 +image: onap/sdnc-ansible-server-image:1.7.6 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json b/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json index 28da59ea29..8560ca1acc 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json +++ b/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json @@ -2,9 +2,9 @@ "MainMenu": "gamma", "dbConnLimit": "100", "home": "/opt/admportal", - "sslEnabled": "false", - "nonSslPort": "{{.Values.service.internalPort}}", - "ConexusNetworkPort": "8443", + "sslEnabled": "true", + "nonSslPort": "8543", + "ConexusNetworkPort": "{{.Values.service.internalPort}}", "AppNetworkPort": "8543", "clusterPort": "8443", "serviceHomingServiceType": "SDN-ETHERNET-INTERNET", @@ -45,8 +45,8 @@ "odlConexusPort": "8181", "odlUser": "admin", "odlPasswd": "{{.Values.config.odlPassword}}", - "ConexusNetwork_sslCert": "", - "ConexusNetwork_sslKey": "", + "ConexusNetwork_sslCert": "{{.Values.config.storesDir}}/org.onap.sdnc.p12", + "ConexusNetwork_sslKey": "{{.Values.config.keystorePwd}}", "AppNetwork_sslCert": "", "AppNetwork_sslKey": "", "hostnameList": [ diff --git a/kubernetes/sdnc/charts/sdnc-portal/values.yaml b/kubernetes/sdnc/charts/sdnc-portal/values.yaml index 28db0d5836..7ff000e8cb 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/values.yaml +++ b/kubernetes/sdnc/charts/sdnc-portal/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/admportal-sdnc-image:1.7.3 +image: onap/admportal-sdnc-image:1.7.6 config: dbRootPassword: secretpassword dbSdnctlPassword: gamma @@ -35,14 +35,14 @@ config: configDir: /opt/onap/sdnc/data/properties storesDir: /opt/onap/sdnc/data/stores odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U - keystorePwd: ?w5&!M;8v1XF;:Xd;g*%S$IY + keystorePwd: ff^G9D]yf&r}Ktum@BJ0YB?N mariadbGalera: chartName: mariadb-galera serviceName: mariadb-galera internalPort: 3306 # default number of instances -replicaCount: 1 +replicaCount: 0 nodeSelector: {} diff --git a/kubernetes/sdnc/charts/ueb-listener/values.yaml b/kubernetes/sdnc/charts/ueb-listener/values.yaml index 352069d3d5..b4b42fdbc5 100644 --- a/kubernetes/sdnc/charts/ueb-listener/values.yaml +++ b/kubernetes/sdnc/charts/ueb-listener/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdnc-ueb-listener-image:1.7.3 +image: onap/sdnc-ueb-listener-image:1.7.6 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/resources/config/bin/startODL.sh b/kubernetes/sdnc/resources/config/bin/startODL.sh index 5586ebbca6..5f5f811fd0 100755 --- a/kubernetes/sdnc/resources/config/bin/startODL.sh +++ b/kubernetes/sdnc/resources/config/bin/startODL.sh @@ -120,6 +120,7 @@ SDNC_BIN=${SDNC_BIN:-/opt/onap/sdnc/bin} CCSDK_HOME=${CCSDK_HOME:-/opt/onap/ccsdk} ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false} GEO_ENABLED=${GEO_ENABLED:-false} +SDNC_AAF_ENABLED=${SDNC_AAF_ENABLED:-false} SDNRWT=${SDNRWT:-false} SDNRWT_BOOTFEATURES=${SDNRWT_BOOTFEATURES:-sdnr-wt-feature-aggregator} export ODL_ADMIN_PASSWORD ODL_ADMIN_USERNAME @@ -128,8 +129,24 @@ echo "Settings:" echo " ENABLE_ODL_CLUSTER=$ENABLE_ODL_CLUSTER" echo " SDNC_REPLICAS=$SDNC_REPLICAS" echo " SDNRWT=$SDNRWT" - - +echo " AAF_ENABLED=$SDNC_AAF_ENABLED" + + +if $SDNC_AAF_ENABLED; then + export SDNC_STORE_DIR=/opt/app/osaaf/local + export SDNC_CONFIG_DIR=/opt/app/osaaf/local + export SDNC_KEYPASS=`cat /opt/app/osaaf/local/.pass` + export SDNC_KEYSTORE=org.onap.sdnc.p12 + sed -i '/cadi_prop_files/d' $ODL_HOME/etc/system.properties + echo "cadi_prop_files=$SDNC_CONFIG_DIR/org.onap.sdnc.props" >> $ODL_HOME/etc/system.properties + + sed -i '/org.ops4j.pax.web.ssl.keystore/d' $ODL_HOME/etc/custom.properties + sed -i '/org.ops4j.pax.web.ssl.password/d' $ODL_HOME/etc/custom.properties + sed -i '/org.ops4j.pax.web.ssl.keypassword/d' $ODL_HOME/etc/custom.properties + echo org.ops4j.pax.web.ssl.keystore=$SDNC_STORE_DIR/$SDNC_KEYSTORE >> $ODL_HOME/etc/custom.properties + echo org.ops4j.pax.web.ssl.password=$SDNC_KEYPASS >> $ODL_HOME/etc/custom.properties + echo org.ops4j.pax.web.ssl.keypassword=$SDNC_KEYPASS >> $ODL_HOME/etc/custom.properties +fi if [ ! -f ${SDNC_HOME}/.installed ] then diff --git a/kubernetes/sdnc/resources/env.yaml b/kubernetes/sdnc/resources/env.yaml index 2ad42f79a6..6e38ae99d6 100644 --- a/kubernetes/sdnc/resources/env.yaml +++ b/kubernetes/sdnc/resources/env.yaml @@ -12,6 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +SDNC_AAF_ENABLED: "{{ .Values.global.aafEnabled }}" SDNC_GEO_ENABLED: "{{ .Values.config.geoEnabled }}" SDNC_IS_PRIMARY_CLUSTER: "{{ .Values.config.isPrimaryCluster }}" SDNC_ODL_COUNT: "{{ .Values.replicaCount }}" diff --git a/kubernetes/sdnc/sdnc-prom/templates/deployment.yaml b/kubernetes/sdnc/sdnc-prom/templates/deployment.yaml index d457bd8f98..78cd1865e9 100644 --- a/kubernetes/sdnc/sdnc-prom/templates/deployment.yaml +++ b/kubernetes/sdnc/sdnc-prom/templates/deployment.yaml @@ -89,7 +89,11 @@ spec: name: {{ include "common.fullname" . }}-scripts defaultMode: 0755 - name: core-dns-keyfile - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} imagePullSecrets: - name: {{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/mariadb/templates/pv.yaml b/kubernetes/sdnc/sdnc-prom/templates/pv.yaml index bf372b3744..ccd990ffb1 100644 --- a/kubernetes/policy/charts/mariadb/templates/pv.yaml +++ b/kubernetes/sdnc/sdnc-prom/templates/pv.yaml @@ -1,6 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Copyright © 2019 Amdocs, Bell Canada, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,25 +13,27 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-data namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }} + app: {{ include "common.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" name: {{ include "common.fullname" . }} spec: capacity: - storage: {{ .Values.persistence.size }} + storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}} diff --git a/kubernetes/common/mariadb-galera/templates/pvc.yaml b/kubernetes/sdnc/sdnc-prom/templates/pvc.yaml index e27c3311e9..64e96218ed 100644 --- a/kubernetes/common/mariadb-galera/templates/pvc.yaml +++ b/kubernetes/sdnc/sdnc-prom/templates/pvc.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2019 Amdocs, Bell Canada, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,7 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} kind: PersistentVolumeClaim apiVersion: v1 @@ -25,24 +24,16 @@ metadata: chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} {{- if .Values.persistence.annotations }} annotations: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" + storageClassName: {{ include "common.storageClass" . }} {{- end }} -{{- end }} -{{- end -}} diff --git a/kubernetes/sdnc/templates/ingress.yaml b/kubernetes/sdnc/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/sdnc/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/sdnc/templates/pv-certs.yaml b/kubernetes/sdnc/templates/pv-certs.yaml new file mode 100644 index 0000000000..54266d1c52 --- /dev/null +++ b/kubernetes/sdnc/templates/pv-certs.yaml @@ -0,0 +1,38 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +{{ if .Values.certpersistence.enabled }} +--- +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-certs + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-certs +spec: + capacity: + storage: {{ .Values.certpersistence.size }} + accessModes: + - {{ .Values.certpersistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-certs" + persistentVolumeReclaimPolicy: {{ .Values.certpersistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.certpersistence.mountPath }}/{{ .Release.Name }}/{{ .Values.certpersistence.mountSubPath }} +{{ end }} diff --git a/kubernetes/sdnc/templates/pv-data.yaml b/kubernetes/sdnc/templates/pv-data.yaml new file mode 100644 index 0000000000..a6324e4545 --- /dev/null +++ b/kubernetes/sdnc/templates/pv-data.yaml @@ -0,0 +1,46 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} + +{{- $global := . }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} +{{- range $i := until (int $global.Values.replicaCount)}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" $global }}-data-{{ $i }} + namespace: {{ include "common.namespace" $global }} + labels: + app: {{ include "common.fullname" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }} +spec: + capacity: + storage: {{ $global.Values.persistence.size}} + accessModes: + - {{ $global.Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" $global }}-data" + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} +{{if ne $i (int $global.Values.replicaCount) }} +--- +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/sdnc/templates/pv.yaml b/kubernetes/sdnc/templates/pv.yaml deleted file mode 100644 index 5a6566a80b..0000000000 --- a/kubernetes/sdnc/templates/pv.yaml +++ /dev/null @@ -1,116 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{ $pvNum := default 1 .Values.replicaCount | int }} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-mdsal0 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" . }}-mdsal" - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}0 -{{ if gt $pvNum 1 }} ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-mdsal1 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" . }}-mdsal" - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}1 -{{ end }} -{{ if gt $pvNum 2 }} ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-mdsal2 - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" . }}-mdsal" - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}2 -{{ end }} -{{- end -}} -{{ if .Values.certpersistence.enabled }} ---- -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-pv-certs - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-pv-certs - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }}-certs -spec: - capacity: - storage: {{ .Values.certpersistence.size }} - accessModes: - - {{ .Values.certpersistence.accessMode }} -{{- if .Values.certpersistence.storageClass }} -{{- if (eq "-" .Values.certpersistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.certpersistence.storageClass }}" -{{- end }} -{{- end }} - persistentVolumeReclaimPolicy: {{ .Values.certpersistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.certpersistence.mountPath }}/{{ .Values.certpersistence.mountSubPath }} -{{ end }} - - - diff --git a/kubernetes/sdnc/templates/pvc.yaml b/kubernetes/sdnc/templates/pvc.yaml index aa9515b6b5..21c2dbc8cc 100644 --- a/kubernetes/sdnc/templates/pvc.yaml +++ b/kubernetes/sdnc/templates/pvc.yaml @@ -2,31 +2,27 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ include "common.fullname" .}}-pvc-certs + name: {{ include "common.fullname" .}}-certs namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }}-pvc-certs + app: {{ include "common.name" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-certs {{- if .Values.certpersistence.annotations }} annotations: {{ toYaml .Values.certpersistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }}-pv-certs accessModes: - {{ .Values.certpersistence.accessMode }} resources: requests: storage: {{ .Values.certpersistence.size }} -{{- if .Values.certpersistence.storageClass }} -{{- if (eq "-" .Values.certpersistence.storageClass) }} - storageClassName: "" +{{- if eq "True" (include "common.needPV" .) }} + storageClassName: "{{ include "common.fullname" . }}-certs" {{- else }} - storageClassName: "{{ .Values.certpersistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}}
\ No newline at end of file + storageClassName: {{ include "common.storageClass" . }} + {{- end }} +{{- end -}} diff --git a/kubernetes/sdnc/templates/secret-aaf.yaml b/kubernetes/sdnc/templates/secret-aaf.yaml new file mode 100644 index 0000000000..cd2e539b28 --- /dev/null +++ b/kubernetes/sdnc/templates/secret-aaf.yaml @@ -0,0 +1,15 @@ +{{ if .Values.global.aafEnabled }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-aaf + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: + aaf-password: {{ .Values.aaf_init.deploy_pass | b64enc | quote }} +{{ end }} diff --git a/kubernetes/sdnc/templates/service.yaml b/kubernetes/sdnc/templates/service.yaml index db6d73a3c5..d2136ccb0b 100644 --- a/kubernetes/sdnc/templates/service.yaml +++ b/kubernetes/sdnc/templates/service.yaml @@ -40,6 +40,9 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} + {{ if not .Values.global.aafEnabled }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }} + {{ end }} name: "{{ .Values.service.portName }}-8282" - port: {{ .Values.service.externalPort2 }} targetPort: {{ .Values.service.internalPort2 }} @@ -50,7 +53,9 @@ spec: name: "{{ .Values.service.portName }}-8280" - port: {{ .Values.service.externalPort4 }} targetPort: {{ .Values.service.internalPort4 }} + {{ if .Values.global.aafEnabled }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }} + {{ end }} name: "{{ .Values.service.portName }}-8443" {{- else -}} - port: {{ .Values.service.externalPort }} diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index e3ac50fc61..536eaaf552 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -46,13 +46,66 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + name: {{ include "common.name" . }}-readiness + {{ if .Values.global.aafEnabled }} + - name: {{ include "common.name" . }}-aaf-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - aaf-locate + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: {{ include "common.name" . }}-aaf + image: {{ .Values.global.repository }}/{{ .Values.aaf_init.agentImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: {{ .Values.certpersistence.certPath }} + name: {{ include "common.fullname" . }}-certs + command: + - bash + - -c + - | + /opt/app/aaf_config/bin/agent.sh && + cd /opt/app/osaaf/local && + /opt/app/aaf_config/bin/agent.sh local showpass | grep cadi_keystore_password= | cut -d= -f 2 > /opt/app/osaaf/local/.pass 2>&1 + env: + - name: APP_FQI + value: "{{ .Values.aaf_init.fqi }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:8095" + - name: aaf_locator_container + value: "oom" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_fqdn + value: "{{ .Values.aaf_init.fqdn }}" + - name: aaf_locator_app_ns + value: "{{ .Values.aaf_init.app_ns }}" + - name: DEPLOY_FQI + value: "{{ .Values.aaf_init.deploy_fqi }}" + - name: DEPLOY_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" .}}-aaf + key: aaf-password + - name: cadi_longitude + value: "{{ .Values.aaf_init.cadi_longitude }}" + - name: cadi_latitude + value: "{{ .Values.aaf_init.cadi_latitude }}" + {{ end }} - name: {{ include "common.name" . }}-chown image: "busybox" command: ["sh", "-c", "chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} ; chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certpersistence.certPath }}"] volumeMounts: - mountPath: {{ .Values.persistence.mdsalPath }} - name: {{ include "common.fullname" . }}-mdsal + name: {{ include "common.fullname" . }}-data - mountPath: {{ .Values.certpersistence.certPath }} name: {{ include "common.fullname" . }}-certs containers: @@ -99,6 +152,8 @@ spec: value: "{{ .Values.config.isPrimaryCluster }}" - name: GEO_ENABLED value: "{{ .Values.config.geoEnabled}}" + - name: SDNC_AAF_ENABLED + value: "{{ .Values.global.aafEnabled}}" - name: SDNC_REPLICAS value: "{{ .Values.replicaCount }}" - name: MYSQL_HOST @@ -140,7 +195,7 @@ spec: name: properties subPath: blueprints-processor-adaptor.properties - mountPath: {{ .Values.persistence.mdsalPath }} - name: {{ include "common.fullname" . }}-mdsal + name: {{ include "common.fullname" . }}-data - mountPath: /var/log/onap name: logs - mountPath: {{ .Values.certpersistence.certPath }} @@ -204,26 +259,27 @@ spec: - name: {{ include "common.fullname" . }}-certs {{ if .Values.certpersistence.enabled }} persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-pvc-certs + claimName: {{ include "common.fullname" . }}-certs {{ else }} emptyDir: {} {{ end }} {{ if not .Values.persistence.enabled }} - - name: {{ include "common.fullname" . }}-mdsal + - name: {{ include "common.fullname" . }}-data emptyDir: {} {{ else }} volumeClaimTemplates: - metadata: - name: {{ include "common.fullname" . }}-mdsal + name: {{ include "common.fullname" . }}-data labels: name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" spec: - accessModes: [ {{ .Values.persistence.accessMode }} ] - storageClassName: {{ include "common.fullname" . }}-mdsal + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} - selector: - matchLabels: - name: {{ include "common.fullname" . }} - {{ end }} + {{- end }} diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index e0dc1302b2..4447a7dfaa 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -25,6 +25,7 @@ global: loggingImage: beats/filebeat:5.5.0 persistence: mountPath: /dockerdata-nfs + aafEnabled: true ################################################################# # Application configuration defaults. @@ -32,7 +33,7 @@ global: # application images repository: nexus3.onap.org:10001 pullPolicy: Always -image: onap/sdnc-image:1.7.3 +image: onap/sdnc-image:1.7.6 # flag to enable debugging - application support required @@ -102,6 +103,17 @@ config: internalPort: 3306 # dependency / sub-chart configuration +aaf_init: + agentImage: onap/aaf/aaf_agent:2.1.15 + app_ns: "org.osaaf.aaf" + fqi: "sdnc@sdnc.onap.org" + fqdn: "sdnc" + public_fqdn: "sdnc.onap.org" + deploy_fqi: "deployer@people.osaaf.org" + deploy_pass: "demo123456!" + cadi_latitude: "38.0" + cadi_longitude: "-72.0" + cds: enabled: false @@ -250,11 +262,17 @@ certpersistence: size: 50Mi mountPath: /dockerdata-nfs mountSubPath: sdnc/certs - certPath: /opt/opendaylight/current/certs + certPath: /opt/app/osaaf ##storageClass: "manual" ingress: enabled: false + service: + - baseaddr: "sdnc" + name: "sdnc" + port: 8443 + config: + ssl: "redirect" #Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml index d1f23e9a10..5930b5d5be 100755 --- a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml @@ -360,7 +360,7 @@ spring: so: vnfm: adapter: - url: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/ + url: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/ auth: Basic dm5mbTpwYXNzd29yZDEk org: onap: diff --git a/kubernetes/so/charts/so-bpmn-infra/values.yaml b/kubernetes/so/charts/so-bpmn-infra/values.yaml index 89b0eb4183..a7925b79e5 100755 --- a/kubernetes/so/charts/so-bpmn-infra/values.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/bpmn-infra:1.5.2 +image: onap/so/bpmn-infra:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml index b643c4ae9e..2ea2cffe27 100755 --- a/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml @@ -58,6 +58,8 @@ cloud_config: tenant_metadata: true identity_server_type: "KEYSTONE" identity_authentication_type: "RACKSPACE_APIKEY" + project_domain_name: "PROJECT_DOMAIN_NAME" + user_domain_name: "USER_DOMAIN_NAME" DEFAULT_KEYSTONE: identity_url: "{{ .Values.config.openStackKeyStoneUrl }}" mso_id: "{{ .Values.config.openStackUserName }}" @@ -67,6 +69,8 @@ cloud_config: tenant_metadata: true identity_server_type: "KEYSTONE" identity_authentication_type: "USERNAME_PASSWORD" + project_domain_name: "{{ .Values.config.openStackProjectDomainName }}" + user_domain_name: "{{ .Values.config.openStackUserDomainName }}" cloud_sites: Dallas: region_id: "DFW" diff --git a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml index 57b7fe50b2..4685fd166a 100755 --- a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml +++ b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/catalog-db-adapter:1.5.2 +image: onap/so/catalog-db-adapter:1.5.3 pullPolicy: Always replicaCount: 1 @@ -81,6 +81,8 @@ config: openStackServiceTenantName: "service" openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" openStackTenantId: "d570c718cbc545029f40e50b75eb13df" + openStackProjectDomainName: "openStackProjectDomainName" + openStackUserDomainName: "openStackUserDomainName" nodeSelector: {} tolerations: [] affinity: {} diff --git a/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/01-create-camundabpmn.sh b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/01-create-camundabpmn.sh new file mode 100755 index 0000000000..b6d30e405b --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/01-create-camundabpmn.sh @@ -0,0 +1,40 @@ +#!/bin/sh +# +# ============LICENSE_START========================================== +# =================================================================== +# Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# =================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END============================================ +# +# ECOMP and OpenECOMP are trademarks +# and service marks of AT&T Intellectual Property. +# + +echo "Creating camundabpmn database . . ." 1>/tmp/mariadb-camundabpmn.log 2>&1 + +mysql -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1 +DROP DATABASE IF EXISTS `camundabpmn`; +CREATE DATABASE `camundabpmn`; +DROP USER IF EXISTS 'camundauser'; +CREATE USER 'camundauser'; +GRANT ALL on camundabpmn.* to 'camundauser' identified by 'camunda123' with GRANT OPTION; +FLUSH PRIVILEGES; +EOF + +cd /docker-entrypoint-initdb.d/db-sql-scripts + +mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < mariadb_engine_7.10.0.sql || exit 1 +mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < mariadb_identity_7.10.0.sql || exit 1 + +echo "Created camundabpmn database . . ." 1>>/tmp/mariadb-camundabpmn.log 2>&1 diff --git a/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/02-create-requestdb.sh b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/02-create-requestdb.sh new file mode 100755 index 0000000000..b27760552d --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/02-create-requestdb.sh @@ -0,0 +1,35 @@ +#!/bin/sh +# +# ============LICENSE_START========================================== +# =================================================================== +# Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# =================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END============================================ +# +# ECOMP and OpenECOMP are trademarks +# and service marks of AT&T Intellectual Property. +# + +echo "Creating requestdb database . . ." 1>/tmp/mariadb-requestdb.log 2>&1 + +mysql -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1 +DROP DATABASE IF EXISTS `requestdb`; +CREATE DATABASE /*!32312 IF NOT EXISTS*/ `requestdb` /*!40100 DEFAULT CHARACTER SET latin1 */; +DROP USER IF EXISTS 'requestuser'; +CREATE USER 'requestuser'; +GRANT ALL on requestdb.* to 'requestuser' identified by 'request123' with GRANT OPTION; +FLUSH PRIVILEGES; +EOF + +echo "Created requestdb database . . ." 1>>/tmp/mariadb-requestdb.log 2>&1 diff --git a/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/03-create-catalogdb.sh b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/03-create-catalogdb.sh new file mode 100755 index 0000000000..10fb4b18db --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/03-create-catalogdb.sh @@ -0,0 +1,35 @@ +#!/bin/sh +# +# ============LICENSE_START========================================== +# =================================================================== +# Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# =================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END============================================ +# +# ECOMP and OpenECOMP are trademarks +# and service marks of AT&T Intellectual Property. +# + +echo "Creating catalogdb database . . ." 1>/tmp/mariadb-catalogdb.log 2>&1 + +mysql -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1 +DROP DATABASE IF EXISTS `catalogdb`; +CREATE DATABASE /*!32312 IF NOT EXISTS*/ `catalogdb` /*!40100 DEFAULT CHARACTER SET latin1 */; +DROP USER IF EXISTS 'cataloguser'; +CREATE USER 'cataloguser'; +GRANT ALL on catalogdb.* to 'cataloguser' identified by 'catalog123' with GRANT OPTION; +FLUSH PRIVILEGES; +EOF + +echo "Created catalogdb database . . ." 1>>/tmp/mariadb-catalogdb.log 2>&1 diff --git a/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/04-create-so-user.sh b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/04-create-so-user.sh new file mode 100755 index 0000000000..9c96720775 --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/04-create-so-user.sh @@ -0,0 +1,36 @@ +#!/bin/sh +# +# ============LICENSE_START========================================== +# =================================================================== +# Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# =================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END============================================ +# +# ECOMP and OpenECOMP are trademarks +# and service marks of AT&T Intellectual Property. +# + +echo "Creating so user . . ." 1>/tmp/mariadb-so-user.log 2>&1 + +mysql -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1 +DROP USER IF EXISTS 'so_user'; +CREATE USER 'so_user'; +GRANT USAGE ON *.* TO 'so_user'@'%' IDENTIFIED BY 'so_User123'; +GRANT SELECT, INSERT, UPDATE, DELETE, EXECUTE, SHOW VIEW ON `requestdb`.* TO 'so_user'@'%'; +GRANT SELECT, INSERT, UPDATE, DELETE, EXECUTE, SHOW VIEW ON `catalogdb`.* TO 'so_user'@'%'; +GRANT SELECT, INSERT, UPDATE, DELETE, EXECUTE, SHOW VIEW ON `camundabpmn`.* TO 'so_user'@'%'; +FLUSH PRIVILEGES; +EOF + +echo "Created so user . . ." 1>>/tmp/mariadb-so-user.log 2>&1 diff --git a/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/05-create-so-admin.sh b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/05-create-so-admin.sh new file mode 100755 index 0000000000..6eb3baaffa --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/05-create-so-admin.sh @@ -0,0 +1,36 @@ +#!/bin/sh +# +# ============LICENSE_START========================================== +# =================================================================== +# Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# =================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END============================================ +# +# ECOMP and OpenECOMP are trademarks +# and service marks of AT&T Intellectual Property. +# + +echo "Creating so admin user . . ." 1>/tmp/mariadb-so-admin.log 2>&1 + +mysql -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1 +DROP USER IF EXISTS 'so_admin'; +CREATE USER 'so_admin'; +GRANT USAGE ON *.* TO 'so_admin'@'%' IDENTIFIED BY 'so_Admin123'; +GRANT ALL PRIVILEGES ON `camundabpmn`.* TO 'so_admin'@'%' WITH GRANT OPTION; +GRANT ALL PRIVILEGES ON `requestdb`.* TO 'so_admin'@'%' WITH GRANT OPTION; +GRANT ALL PRIVILEGES ON `catalogdb`.* TO 'so_admin'@'%' WITH GRANT OPTION; +FLUSH PRIVILEGES; +EOF + +echo "Created so admin user . . ." 1>>/tmp/mariadb-so-admin.log 2>&1 diff --git a/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_engine_7.10.0.sql b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_engine_7.10.0.sql new file mode 100644 index 0000000000..41377fb9eb --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_engine_7.10.0.sql @@ -0,0 +1,1299 @@ +-- +-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) +-- +-- Licensed under the Apache License, Version 2.0 (the "License"); +-- you may not use this file except in compliance with the License. +-- You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +use camundabpmn; + +create table ACT_GE_PROPERTY ( + NAME_ varchar(64), + VALUE_ varchar(300), + REV_ integer, + primary key (NAME_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +insert into ACT_GE_PROPERTY +values ('schema.version', 'fox', 1); + +insert into ACT_GE_PROPERTY +values ('schema.history', 'create(fox)', 1); + +insert into ACT_GE_PROPERTY +values ('next.dbid', '1', 1); + +insert into ACT_GE_PROPERTY +values ('deployment.lock', '0', 1); + +insert into ACT_GE_PROPERTY +values ('history.cleanup.job.lock', '0', 1); + +insert into ACT_GE_PROPERTY +values ('startup.lock', '0', 1); + +create table ACT_GE_BYTEARRAY ( + ID_ varchar(64), + REV_ integer, + NAME_ varchar(255), + DEPLOYMENT_ID_ varchar(64), + BYTES_ LONGBLOB, + GENERATED_ TINYINT, + TENANT_ID_ varchar(64), + TYPE_ integer, + CREATE_TIME_ datetime(3), + ROOT_PROC_INST_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RE_DEPLOYMENT ( + ID_ varchar(64), + NAME_ varchar(255), + DEPLOY_TIME_ timestamp(3), + SOURCE_ varchar(255), + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_EXECUTION ( + ID_ varchar(64), + REV_ integer, + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + BUSINESS_KEY_ varchar(255), + PARENT_ID_ varchar(64), + PROC_DEF_ID_ varchar(64), + SUPER_EXEC_ varchar(64), + SUPER_CASE_EXEC_ varchar(64), + CASE_INST_ID_ varchar(64), + ACT_ID_ varchar(255), + ACT_INST_ID_ varchar(64), + IS_ACTIVE_ TINYINT, + IS_CONCURRENT_ TINYINT, + IS_SCOPE_ TINYINT, + IS_EVENT_SCOPE_ TINYINT, + SUSPENSION_STATE_ integer, + CACHED_ENT_STATE_ integer, + SEQUENCE_COUNTER_ bigint, + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_JOB ( + ID_ varchar(64) NOT NULL, + REV_ integer, + TYPE_ varchar(255) NOT NULL, + LOCK_EXP_TIME_ timestamp(3) NULL, + LOCK_OWNER_ varchar(255), + EXCLUSIVE_ boolean, + EXECUTION_ID_ varchar(64), + PROCESS_INSTANCE_ID_ varchar(64), + PROCESS_DEF_ID_ varchar(64), + PROCESS_DEF_KEY_ varchar(255), + RETRIES_ integer, + EXCEPTION_STACK_ID_ varchar(64), + EXCEPTION_MSG_ varchar(4000), + DUEDATE_ timestamp(3) NULL, + REPEAT_ varchar(255), + HANDLER_TYPE_ varchar(255), + HANDLER_CFG_ varchar(4000), + DEPLOYMENT_ID_ varchar(64), + SUSPENSION_STATE_ integer NOT NULL DEFAULT 1, + JOB_DEF_ID_ varchar(64), + PRIORITY_ bigint NOT NULL DEFAULT 0, + SEQUENCE_COUNTER_ bigint, + TENANT_ID_ varchar(64), + CREATE_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_JOBDEF ( + ID_ varchar(64) NOT NULL, + REV_ integer, + PROC_DEF_ID_ varchar(64), + PROC_DEF_KEY_ varchar(255), + ACT_ID_ varchar(255), + JOB_TYPE_ varchar(255) NOT NULL, + JOB_CONFIGURATION_ varchar(255), + SUSPENSION_STATE_ integer, + JOB_PRIORITY_ bigint, + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RE_PROCDEF ( + ID_ varchar(64) not null, + REV_ integer, + CATEGORY_ varchar(255), + NAME_ varchar(255), + KEY_ varchar(255) not null, + VERSION_ integer not null, + DEPLOYMENT_ID_ varchar(64), + RESOURCE_NAME_ varchar(4000), + DGRM_RESOURCE_NAME_ varchar(4000), + HAS_START_FORM_KEY_ TINYINT, + SUSPENSION_STATE_ integer, + TENANT_ID_ varchar(64), + VERSION_TAG_ varchar(64), + HISTORY_TTL_ integer, + STARTABLE_ boolean NOT NULL default TRUE, + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_TASK ( + ID_ varchar(64), + REV_ integer, + EXECUTION_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + PROC_DEF_ID_ varchar(64), + CASE_EXECUTION_ID_ varchar(64), + CASE_INST_ID_ varchar(64), + CASE_DEF_ID_ varchar(64), + NAME_ varchar(255), + PARENT_TASK_ID_ varchar(64), + DESCRIPTION_ varchar(4000), + TASK_DEF_KEY_ varchar(255), + OWNER_ varchar(255), + ASSIGNEE_ varchar(255), + DELEGATION_ varchar(64), + PRIORITY_ integer, + CREATE_TIME_ timestamp(3), + DUE_DATE_ datetime(3), + FOLLOW_UP_DATE_ datetime(3), + SUSPENSION_STATE_ integer, + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_IDENTITYLINK ( + ID_ varchar(64), + REV_ integer, + GROUP_ID_ varchar(255), + TYPE_ varchar(255), + USER_ID_ varchar(255), + TASK_ID_ varchar(64), + PROC_DEF_ID_ varchar(64), + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_VARIABLE ( + ID_ varchar(64) not null, + REV_ integer, + TYPE_ varchar(255) not null, + NAME_ varchar(255) not null, + EXECUTION_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + CASE_EXECUTION_ID_ varchar(64), + CASE_INST_ID_ varchar(64), + TASK_ID_ varchar(64), + BYTEARRAY_ID_ varchar(64), + DOUBLE_ double, + LONG_ bigint, + TEXT_ LONGBLOB, + TEXT2_ LONGBLOB, + VAR_SCOPE_ varchar(64) not null, + SEQUENCE_COUNTER_ bigint, + IS_CONCURRENT_LOCAL_ TINYINT, + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_EVENT_SUBSCR ( + ID_ varchar(64) not null, + REV_ integer, + EVENT_TYPE_ varchar(255) not null, + EVENT_NAME_ varchar(255), + EXECUTION_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + ACTIVITY_ID_ varchar(255), + CONFIGURATION_ varchar(255), + CREATED_ timestamp(3) not null, + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_INCIDENT ( + ID_ varchar(64) not null, + REV_ integer not null, + INCIDENT_TIMESTAMP_ timestamp(3) not null, + INCIDENT_MSG_ varchar(4000), + INCIDENT_TYPE_ varchar(255) not null, + EXECUTION_ID_ varchar(64), + ACTIVITY_ID_ varchar(255), + PROC_INST_ID_ varchar(64), + PROC_DEF_ID_ varchar(64), + CAUSE_INCIDENT_ID_ varchar(64), + ROOT_CAUSE_INCIDENT_ID_ varchar(64), + CONFIGURATION_ varchar(255), + TENANT_ID_ varchar(64), + JOB_DEF_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_AUTHORIZATION ( + ID_ varchar(64) not null, + REV_ integer not null, + TYPE_ integer not null, + GROUP_ID_ varchar(255), + USER_ID_ varchar(255), + RESOURCE_TYPE_ integer not null, + RESOURCE_ID_ varchar(255), + PERMS_ integer, + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_FILTER ( + ID_ varchar(64) not null, + REV_ integer not null, + RESOURCE_TYPE_ varchar(255) not null, + NAME_ varchar(255) not null, + OWNER_ varchar(255), + QUERY_ LONGTEXT not null, + PROPERTIES_ LONGTEXT, + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_METER_LOG ( + ID_ varchar(64) not null, + NAME_ varchar(64) not null, + REPORTER_ varchar(255), + VALUE_ bigint, + TIMESTAMP_ timestamp(3), + MILLISECONDS_ bigint DEFAULT 0, + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_EXT_TASK ( + ID_ varchar(64) not null, + REV_ integer not null, + WORKER_ID_ varchar(255), + TOPIC_NAME_ varchar(255), + RETRIES_ integer, + ERROR_MSG_ varchar(4000), + ERROR_DETAILS_ID_ varchar(64), + LOCK_EXP_TIME_ timestamp(3) NULL, + SUSPENSION_STATE_ integer, + EXECUTION_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + PROC_DEF_ID_ varchar(64), + PROC_DEF_KEY_ varchar(255), + ACT_ID_ varchar(255), + ACT_INST_ID_ varchar(64), + TENANT_ID_ varchar(64), + PRIORITY_ bigint NOT NULL DEFAULT 0, + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_RU_BATCH ( + ID_ varchar(64) not null, + REV_ integer not null, + TYPE_ varchar(255), + TOTAL_JOBS_ integer, + JOBS_CREATED_ integer, + JOBS_PER_SEED_ integer, + INVOCATIONS_PER_JOB_ integer, + SEED_JOB_DEF_ID_ varchar(64), + BATCH_JOB_DEF_ID_ varchar(64), + MONITOR_JOB_DEF_ID_ varchar(64), + SUSPENSION_STATE_ integer, + CONFIGURATION_ varchar(255), + TENANT_ID_ varchar(64), + CREATE_USER_ID_ varchar(255), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create index ACT_IDX_EXEC_ROOT_PI on ACT_RU_EXECUTION(ROOT_PROC_INST_ID_); +create index ACT_IDX_EXEC_BUSKEY on ACT_RU_EXECUTION(BUSINESS_KEY_); +create index ACT_IDX_EXEC_TENANT_ID on ACT_RU_EXECUTION(TENANT_ID_); +create index ACT_IDX_TASK_CREATE on ACT_RU_TASK(CREATE_TIME_); +create index ACT_IDX_TASK_ASSIGNEE on ACT_RU_TASK(ASSIGNEE_); +create index ACT_IDX_TASK_TENANT_ID on ACT_RU_TASK(TENANT_ID_); +create index ACT_IDX_IDENT_LNK_USER on ACT_RU_IDENTITYLINK(USER_ID_); +create index ACT_IDX_IDENT_LNK_GROUP on ACT_RU_IDENTITYLINK(GROUP_ID_); +create index ACT_IDX_EVENT_SUBSCR_CONFIG_ on ACT_RU_EVENT_SUBSCR(CONFIGURATION_); +create index ACT_IDX_EVENT_SUBSCR_TENANT_ID on ACT_RU_EVENT_SUBSCR(TENANT_ID_); +create index ACT_IDX_VARIABLE_TASK_ID on ACT_RU_VARIABLE(TASK_ID_); +create index ACT_IDX_VARIABLE_TENANT_ID on ACT_RU_VARIABLE(TENANT_ID_); +create index ACT_IDX_ATHRZ_PROCEDEF on ACT_RU_IDENTITYLINK(PROC_DEF_ID_); +create index ACT_IDX_INC_CONFIGURATION on ACT_RU_INCIDENT(CONFIGURATION_); +create index ACT_IDX_INC_TENANT_ID on ACT_RU_INCIDENT(TENANT_ID_); +-- CAM-5914 +create index ACT_IDX_JOB_EXECUTION_ID on ACT_RU_JOB(EXECUTION_ID_); +-- this index needs to be limited in mariadb see CAM-6938 +create index ACT_IDX_JOB_HANDLER on ACT_RU_JOB(HANDLER_TYPE_(100),HANDLER_CFG_(155)); +create index ACT_IDX_JOB_PROCINST on ACT_RU_JOB(PROCESS_INSTANCE_ID_); +create index ACT_IDX_JOB_TENANT_ID on ACT_RU_JOB(TENANT_ID_); +create index ACT_IDX_JOBDEF_TENANT_ID on ACT_RU_JOBDEF(TENANT_ID_); + +-- new metric milliseconds column +CREATE INDEX ACT_IDX_METER_LOG_MS ON ACT_RU_METER_LOG(MILLISECONDS_); +CREATE INDEX ACT_IDX_METER_LOG_NAME_MS ON ACT_RU_METER_LOG(NAME_, MILLISECONDS_); +CREATE INDEX ACT_IDX_METER_LOG_REPORT ON ACT_RU_METER_LOG(NAME_, REPORTER_, MILLISECONDS_); + +-- old metric timestamp column +CREATE INDEX ACT_IDX_METER_LOG_TIME ON ACT_RU_METER_LOG(TIMESTAMP_); +CREATE INDEX ACT_IDX_METER_LOG ON ACT_RU_METER_LOG(NAME_, TIMESTAMP_); + +create index ACT_IDX_EXT_TASK_TOPIC on ACT_RU_EXT_TASK(TOPIC_NAME_); +create index ACT_IDX_EXT_TASK_TENANT_ID on ACT_RU_EXT_TASK(TENANT_ID_); +create index ACT_IDX_EXT_TASK_PRIORITY ON ACT_RU_EXT_TASK(PRIORITY_); +create index ACT_IDX_EXT_TASK_ERR_DETAILS ON ACT_RU_EXT_TASK(ERROR_DETAILS_ID_); +create index ACT_IDX_AUTH_GROUP_ID ON ACT_RU_AUTHORIZATION(GROUP_ID_); +create index ACT_IDX_JOB_JOB_DEF_ID on ACT_RU_JOB(JOB_DEF_ID_); + +alter table ACT_GE_BYTEARRAY + add constraint ACT_FK_BYTEARR_DEPL + foreign key (DEPLOYMENT_ID_) + references ACT_RE_DEPLOYMENT (ID_); + +alter table ACT_RU_EXECUTION + add constraint ACT_FK_EXE_PROCINST + foreign key (PROC_INST_ID_) + references ACT_RU_EXECUTION (ID_) on delete cascade on update cascade; + +alter table ACT_RU_EXECUTION + add constraint ACT_FK_EXE_PARENT + foreign key (PARENT_ID_) + references ACT_RU_EXECUTION (ID_); + +alter table ACT_RU_EXECUTION + add constraint ACT_FK_EXE_SUPER + foreign key (SUPER_EXEC_) + references ACT_RU_EXECUTION (ID_); + +alter table ACT_RU_EXECUTION + add constraint ACT_FK_EXE_PROCDEF + foreign key (PROC_DEF_ID_) + references ACT_RE_PROCDEF (ID_); + +alter table ACT_RU_IDENTITYLINK + add constraint ACT_FK_TSKASS_TASK + foreign key (TASK_ID_) + references ACT_RU_TASK (ID_); + +alter table ACT_RU_IDENTITYLINK + add constraint ACT_FK_ATHRZ_PROCEDEF + foreign key (PROC_DEF_ID_) + references ACT_RE_PROCDEF(ID_); + +alter table ACT_RU_TASK + add constraint ACT_FK_TASK_EXE + foreign key (EXECUTION_ID_) + references ACT_RU_EXECUTION (ID_); + +alter table ACT_RU_TASK + add constraint ACT_FK_TASK_PROCINST + foreign key (PROC_INST_ID_) + references ACT_RU_EXECUTION (ID_); + +alter table ACT_RU_TASK + add constraint ACT_FK_TASK_PROCDEF + foreign key (PROC_DEF_ID_) + references ACT_RE_PROCDEF (ID_); + +alter table ACT_RU_VARIABLE + add constraint ACT_FK_VAR_EXE + foreign key (EXECUTION_ID_) + references ACT_RU_EXECUTION (ID_); + +alter table ACT_RU_VARIABLE + add constraint ACT_FK_VAR_PROCINST + foreign key (PROC_INST_ID_) + references ACT_RU_EXECUTION(ID_); + +alter table ACT_RU_VARIABLE + add constraint ACT_FK_VAR_BYTEARRAY + foreign key (BYTEARRAY_ID_) + references ACT_GE_BYTEARRAY (ID_); + +alter table ACT_RU_JOB + add constraint ACT_FK_JOB_EXCEPTION + foreign key (EXCEPTION_STACK_ID_) + references ACT_GE_BYTEARRAY (ID_); + +alter table ACT_RU_EVENT_SUBSCR + add constraint ACT_FK_EVENT_EXEC + foreign key (EXECUTION_ID_) + references ACT_RU_EXECUTION(ID_); + +alter table ACT_RU_INCIDENT + add constraint ACT_FK_INC_EXE + foreign key (EXECUTION_ID_) + references ACT_RU_EXECUTION (ID_); + +alter table ACT_RU_INCIDENT + add constraint ACT_FK_INC_PROCINST + foreign key (PROC_INST_ID_) + references ACT_RU_EXECUTION (ID_); + +alter table ACT_RU_INCIDENT + add constraint ACT_FK_INC_PROCDEF + foreign key (PROC_DEF_ID_) + references ACT_RE_PROCDEF (ID_); + +alter table ACT_RU_INCIDENT + add constraint ACT_FK_INC_CAUSE + foreign key (CAUSE_INCIDENT_ID_) + references ACT_RU_INCIDENT (ID_) on delete cascade on update cascade; + +alter table ACT_RU_INCIDENT + add constraint ACT_FK_INC_RCAUSE + foreign key (ROOT_CAUSE_INCIDENT_ID_) + references ACT_RU_INCIDENT (ID_) on delete cascade on update cascade; + +alter table ACT_RU_EXT_TASK + add constraint ACT_FK_EXT_TASK_ERROR_DETAILS + foreign key (ERROR_DETAILS_ID_) + references ACT_GE_BYTEARRAY (ID_); + +create index ACT_IDX_INC_JOB_DEF on ACT_RU_INCIDENT(JOB_DEF_ID_); +alter table ACT_RU_INCIDENT + add constraint ACT_FK_INC_JOB_DEF + foreign key (JOB_DEF_ID_) + references ACT_RU_JOBDEF (ID_); + +alter table ACT_RU_AUTHORIZATION + add constraint ACT_UNIQ_AUTH_USER + unique (USER_ID_,TYPE_,RESOURCE_TYPE_,RESOURCE_ID_); + +alter table ACT_RU_AUTHORIZATION + add constraint ACT_UNIQ_AUTH_GROUP + unique (GROUP_ID_,TYPE_,RESOURCE_TYPE_,RESOURCE_ID_); + +alter table ACT_RU_VARIABLE + add constraint ACT_UNIQ_VARIABLE + unique (VAR_SCOPE_, NAME_); + +alter table ACT_RU_EXT_TASK + add constraint ACT_FK_EXT_TASK_EXE + foreign key (EXECUTION_ID_) + references ACT_RU_EXECUTION (ID_); + +create index ACT_IDX_BATCH_SEED_JOB_DEF ON ACT_RU_BATCH(SEED_JOB_DEF_ID_); +alter table ACT_RU_BATCH + add constraint ACT_FK_BATCH_SEED_JOB_DEF + foreign key (SEED_JOB_DEF_ID_) + references ACT_RU_JOBDEF (ID_); + +create index ACT_IDX_BATCH_MONITOR_JOB_DEF ON ACT_RU_BATCH(MONITOR_JOB_DEF_ID_); +alter table ACT_RU_BATCH + add constraint ACT_FK_BATCH_MONITOR_JOB_DEF + foreign key (MONITOR_JOB_DEF_ID_) + references ACT_RU_JOBDEF (ID_); + +create index ACT_IDX_BATCH_JOB_DEF ON ACT_RU_BATCH(BATCH_JOB_DEF_ID_); +alter table ACT_RU_BATCH + add constraint ACT_FK_BATCH_JOB_DEF + foreign key (BATCH_JOB_DEF_ID_) + references ACT_RU_JOBDEF (ID_); + +-- indexes for deadlock problems - https://app.camunda.com/jira/browse/CAM-2567 -- +create index ACT_IDX_INC_CAUSEINCID on ACT_RU_INCIDENT(CAUSE_INCIDENT_ID_); +create index ACT_IDX_INC_EXID on ACT_RU_INCIDENT(EXECUTION_ID_); +create index ACT_IDX_INC_PROCDEFID on ACT_RU_INCIDENT(PROC_DEF_ID_); +create index ACT_IDX_INC_PROCINSTID on ACT_RU_INCIDENT(PROC_INST_ID_); +create index ACT_IDX_INC_ROOTCAUSEINCID on ACT_RU_INCIDENT(ROOT_CAUSE_INCIDENT_ID_); +-- index for deadlock problem - https://app.camunda.com/jira/browse/CAM-4440 -- +create index ACT_IDX_AUTH_RESOURCE_ID on ACT_RU_AUTHORIZATION(RESOURCE_ID_); +-- index to prevent deadlock on fk constraint - https://app.camunda.com/jira/browse/CAM-5440 -- +create index ACT_IDX_EXT_TASK_EXEC on ACT_RU_EXT_TASK(EXECUTION_ID_); + +-- indexes to improve deployment +create index ACT_IDX_BYTEARRAY_ROOT_PI on ACT_GE_BYTEARRAY(ROOT_PROC_INST_ID_); +create index ACT_IDX_BYTEARRAY_RM_TIME on ACT_GE_BYTEARRAY(REMOVAL_TIME_); +create index ACT_IDX_BYTEARRAY_NAME on ACT_GE_BYTEARRAY(NAME_); +create index ACT_IDX_DEPLOYMENT_NAME on ACT_RE_DEPLOYMENT(NAME_); +create index ACT_IDX_DEPLOYMENT_TENANT_ID on ACT_RE_DEPLOYMENT(TENANT_ID_); +create index ACT_IDX_JOBDEF_PROC_DEF_ID ON ACT_RU_JOBDEF(PROC_DEF_ID_); +create index ACT_IDX_JOB_HANDLER_TYPE ON ACT_RU_JOB(HANDLER_TYPE_); +create index ACT_IDX_EVENT_SUBSCR_EVT_NAME ON ACT_RU_EVENT_SUBSCR(EVENT_NAME_); +create index ACT_IDX_PROCDEF_DEPLOYMENT_ID ON ACT_RE_PROCDEF(DEPLOYMENT_ID_); +create index ACT_IDX_PROCDEF_TENANT_ID ON ACT_RE_PROCDEF(TENANT_ID_); +create index ACT_IDX_PROCDEF_VER_TAG ON ACT_RE_PROCDEF(VERSION_TAG_); +-- +-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) +-- +-- Licensed under the Apache License, Version 2.0 (the "License"); +-- you may not use this file except in compliance with the License. +-- You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +-- create case definition table -- +create table ACT_RE_CASE_DEF ( + ID_ varchar(64) not null, + REV_ integer, + CATEGORY_ varchar(255), + NAME_ varchar(255), + KEY_ varchar(255) not null, + VERSION_ integer not null, + DEPLOYMENT_ID_ varchar(64), + RESOURCE_NAME_ varchar(4000), + DGRM_RESOURCE_NAME_ varchar(4000), + TENANT_ID_ varchar(64), + HISTORY_TTL_ integer, + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +-- create case execution table -- +create table ACT_RU_CASE_EXECUTION ( + ID_ varchar(64) NOT NULL, + REV_ integer, + CASE_INST_ID_ varchar(64), + SUPER_CASE_EXEC_ varchar(64), + SUPER_EXEC_ varchar(64), + BUSINESS_KEY_ varchar(255), + PARENT_ID_ varchar(64), + CASE_DEF_ID_ varchar(64), + ACT_ID_ varchar(255), + PREV_STATE_ integer, + CURRENT_STATE_ integer, + REQUIRED_ boolean, + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +-- create case sentry part table -- + +create table ACT_RU_CASE_SENTRY_PART ( + ID_ varchar(64) NOT NULL, + REV_ integer, + CASE_INST_ID_ varchar(64), + CASE_EXEC_ID_ varchar(64), + SENTRY_ID_ varchar(255), + TYPE_ varchar(255), + SOURCE_CASE_EXEC_ID_ varchar(64), + STANDARD_EVENT_ varchar(255), + SOURCE_ varchar(255), + VARIABLE_EVENT_ varchar(255), + VARIABLE_NAME_ varchar(255), + SATISFIED_ boolean, + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +-- create index on business key -- +create index ACT_IDX_CASE_EXEC_BUSKEY on ACT_RU_CASE_EXECUTION(BUSINESS_KEY_); + +-- https://app.camunda.com/jira/browse/CAM-9165 +create index ACT_IDX_CASE_EXE_CASE_INST on ACT_RU_CASE_EXECUTION(CASE_INST_ID_); + +-- create foreign key constraints on ACT_RU_CASE_EXECUTION -- +alter table ACT_RU_CASE_EXECUTION + add constraint ACT_FK_CASE_EXE_CASE_INST + foreign key (CASE_INST_ID_) + references ACT_RU_CASE_EXECUTION(ID_) on delete cascade on update cascade; + +alter table ACT_RU_CASE_EXECUTION + add constraint ACT_FK_CASE_EXE_PARENT + foreign key (PARENT_ID_) + references ACT_RU_CASE_EXECUTION(ID_); + +alter table ACT_RU_CASE_EXECUTION + add constraint ACT_FK_CASE_EXE_CASE_DEF + foreign key (CASE_DEF_ID_) + references ACT_RE_CASE_DEF(ID_); + +-- create foreign key constraints on ACT_RU_VARIABLE -- +alter table ACT_RU_VARIABLE + add constraint ACT_FK_VAR_CASE_EXE + foreign key (CASE_EXECUTION_ID_) + references ACT_RU_CASE_EXECUTION(ID_); + +alter table ACT_RU_VARIABLE + add constraint ACT_FK_VAR_CASE_INST + foreign key (CASE_INST_ID_) + references ACT_RU_CASE_EXECUTION(ID_); + +-- create foreign key constraints on ACT_RU_TASK -- +alter table ACT_RU_TASK + add constraint ACT_FK_TASK_CASE_EXE + foreign key (CASE_EXECUTION_ID_) + references ACT_RU_CASE_EXECUTION(ID_); + +alter table ACT_RU_TASK + add constraint ACT_FK_TASK_CASE_DEF + foreign key (CASE_DEF_ID_) + references ACT_RE_CASE_DEF(ID_); + +-- create foreign key constraints on ACT_RU_CASE_SENTRY_PART -- +alter table ACT_RU_CASE_SENTRY_PART + add constraint ACT_FK_CASE_SENTRY_CASE_INST + foreign key (CASE_INST_ID_) + references ACT_RU_CASE_EXECUTION(ID_); + +alter table ACT_RU_CASE_SENTRY_PART + add constraint ACT_FK_CASE_SENTRY_CASE_EXEC + foreign key (CASE_EXEC_ID_) + references ACT_RU_CASE_EXECUTION(ID_); + +create index ACT_IDX_CASE_DEF_TENANT_ID on ACT_RE_CASE_DEF(TENANT_ID_); +create index ACT_IDX_CASE_EXEC_TENANT_ID on ACT_RU_CASE_EXECUTION(TENANT_ID_); +-- +-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) +-- +-- Licensed under the Apache License, Version 2.0 (the "License"); +-- you may not use this file except in compliance with the License. +-- You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +-- create decision definition table -- +create table ACT_RE_DECISION_DEF ( + ID_ varchar(64) not null, + REV_ integer, + CATEGORY_ varchar(255), + NAME_ varchar(255), + KEY_ varchar(255) not null, + VERSION_ integer not null, + DEPLOYMENT_ID_ varchar(64), + RESOURCE_NAME_ varchar(4000), + DGRM_RESOURCE_NAME_ varchar(4000), + DEC_REQ_ID_ varchar(64), + DEC_REQ_KEY_ varchar(255), + TENANT_ID_ varchar(64), + HISTORY_TTL_ integer, + VERSION_TAG_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +-- create decision requirements definition table -- +create table ACT_RE_DECISION_REQ_DEF ( + ID_ varchar(64) NOT NULL, + REV_ integer, + CATEGORY_ varchar(255), + NAME_ varchar(255), + KEY_ varchar(255) NOT NULL, + VERSION_ integer NOT NULL, + DEPLOYMENT_ID_ varchar(64), + RESOURCE_NAME_ varchar(4000), + DGRM_RESOURCE_NAME_ varchar(4000), + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +alter table ACT_RE_DECISION_DEF + add constraint ACT_FK_DEC_REQ + foreign key (DEC_REQ_ID_) + references ACT_RE_DECISION_REQ_DEF(ID_); + +create index ACT_IDX_DEC_DEF_TENANT_ID on ACT_RE_DECISION_DEF(TENANT_ID_); +create index ACT_IDX_DEC_DEF_REQ_ID on ACT_RE_DECISION_DEF(DEC_REQ_ID_); +create index ACT_IDX_DEC_REQ_DEF_TENANT_ID on ACT_RE_DECISION_REQ_DEF(TENANT_ID_); +-- +-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) +-- +-- Licensed under the Apache License, Version 2.0 (the "License"); +-- you may not use this file except in compliance with the License. +-- You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +create table ACT_HI_PROCINST ( + ID_ varchar(64) not null, + PROC_INST_ID_ varchar(64) not null, + BUSINESS_KEY_ varchar(255), + PROC_DEF_KEY_ varchar(255), + PROC_DEF_ID_ varchar(64) not null, + START_TIME_ datetime(3) not null, + END_TIME_ datetime(3), + REMOVAL_TIME_ datetime(3), + DURATION_ bigint, + START_USER_ID_ varchar(255), + START_ACT_ID_ varchar(255), + END_ACT_ID_ varchar(255), + SUPER_PROCESS_INSTANCE_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + SUPER_CASE_INSTANCE_ID_ varchar(64), + CASE_INST_ID_ varchar(64), + DELETE_REASON_ varchar(4000), + TENANT_ID_ varchar(64), + STATE_ varchar(255), + primary key (ID_), + unique (PROC_INST_ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_ACTINST ( + ID_ varchar(64) not null, + PARENT_ACT_INST_ID_ varchar(64), + PROC_DEF_KEY_ varchar(255), + PROC_DEF_ID_ varchar(64) not null, + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64) not null, + EXECUTION_ID_ varchar(64) not null, + ACT_ID_ varchar(255) not null, + TASK_ID_ varchar(64), + CALL_PROC_INST_ID_ varchar(64), + CALL_CASE_INST_ID_ varchar(64), + ACT_NAME_ varchar(255), + ACT_TYPE_ varchar(255) not null, + ASSIGNEE_ varchar(64), + START_TIME_ datetime(3) not null, + END_TIME_ datetime(3), + DURATION_ bigint, + ACT_INST_STATE_ integer, + SEQUENCE_COUNTER_ bigint, + TENANT_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_TASKINST ( + ID_ varchar(64) not null, + TASK_DEF_KEY_ varchar(255), + PROC_DEF_KEY_ varchar(255), + PROC_DEF_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + EXECUTION_ID_ varchar(64), + CASE_DEF_KEY_ varchar(255), + CASE_DEF_ID_ varchar(64), + CASE_INST_ID_ varchar(64), + CASE_EXECUTION_ID_ varchar(64), + ACT_INST_ID_ varchar(64), + NAME_ varchar(255), + PARENT_TASK_ID_ varchar(64), + DESCRIPTION_ varchar(4000), + OWNER_ varchar(255), + ASSIGNEE_ varchar(255), + START_TIME_ datetime(3) not null, + END_TIME_ datetime(3), + DURATION_ bigint, + DELETE_REASON_ varchar(4000), + PRIORITY_ integer, + DUE_DATE_ datetime(3), + FOLLOW_UP_DATE_ datetime(3), + TENANT_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_VARINST ( + ID_ varchar(64) not null, + PROC_DEF_KEY_ varchar(255), + PROC_DEF_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + EXECUTION_ID_ varchar(64), + ACT_INST_ID_ varchar(64), + CASE_DEF_KEY_ varchar(255), + CASE_DEF_ID_ varchar(64), + CASE_INST_ID_ varchar(64), + CASE_EXECUTION_ID_ varchar(64), + TASK_ID_ varchar(64), + NAME_ varchar(255) not null, + VAR_TYPE_ varchar(100), + CREATE_TIME_ datetime(3), + REV_ integer, + BYTEARRAY_ID_ varchar(64), + DOUBLE_ double, + LONG_ bigint, + TEXT_ LONGBLOB, + TEXT2_ LONGBLOB, + TENANT_ID_ varchar(64), + STATE_ varchar(20), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_DETAIL ( + ID_ varchar(64) not null, + TYPE_ varchar(255) not null, + PROC_DEF_KEY_ varchar(255), + PROC_DEF_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + EXECUTION_ID_ varchar(64), + CASE_DEF_KEY_ varchar(255), + CASE_DEF_ID_ varchar(64), + CASE_INST_ID_ varchar(64), + CASE_EXECUTION_ID_ varchar(64), + TASK_ID_ varchar(64), + ACT_INST_ID_ varchar(64), + VAR_INST_ID_ varchar(64), + NAME_ varchar(255) not null, + VAR_TYPE_ varchar(255), + REV_ integer, + TIME_ datetime(3) not null, + BYTEARRAY_ID_ varchar(64), + DOUBLE_ double, + LONG_ bigint, + TEXT_ LONGBLOB, + TEXT2_ LONGBLOB, + SEQUENCE_COUNTER_ bigint, + TENANT_ID_ varchar(64), + OPERATION_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_IDENTITYLINK ( + ID_ varchar(64) not null, + TIMESTAMP_ timestamp(3) not null, + TYPE_ varchar(255), + USER_ID_ varchar(255), + GROUP_ID_ varchar(255), + TASK_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + PROC_DEF_ID_ varchar(64), + OPERATION_TYPE_ varchar(64), + ASSIGNER_ID_ varchar(64), + PROC_DEF_KEY_ varchar(255), + TENANT_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_COMMENT ( + ID_ varchar(64) not null, + TYPE_ varchar(255), + TIME_ datetime(3) not null, + USER_ID_ varchar(255), + TASK_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + ACTION_ varchar(255), + MESSAGE_ varchar(4000), + FULL_MSG_ LONGBLOB, + TENANT_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_ATTACHMENT ( + ID_ varchar(64) not null, + REV_ integer, + USER_ID_ varchar(255), + NAME_ varchar(255), + DESCRIPTION_ varchar(4000), + TYPE_ varchar(255), + TASK_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + URL_ varchar(4000), + CONTENT_ID_ varchar(64), + TENANT_ID_ varchar(64), + CREATE_TIME_ datetime(3), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_OP_LOG ( + ID_ varchar(64) not null, + DEPLOYMENT_ID_ varchar(64), + PROC_DEF_ID_ varchar(64), + PROC_DEF_KEY_ varchar(255), + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + EXECUTION_ID_ varchar(64), + CASE_DEF_ID_ varchar(64), + CASE_INST_ID_ varchar(64), + CASE_EXECUTION_ID_ varchar(64), + TASK_ID_ varchar(64), + JOB_ID_ varchar(64), + JOB_DEF_ID_ varchar(64), + BATCH_ID_ varchar(64), + USER_ID_ varchar(255), + TIMESTAMP_ timestamp(3) not null, + OPERATION_TYPE_ varchar(64), + OPERATION_ID_ varchar(64), + ENTITY_TYPE_ varchar(30), + PROPERTY_ varchar(64), + ORG_VALUE_ varchar(4000), + NEW_VALUE_ varchar(4000), + TENANT_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_INCIDENT ( + ID_ varchar(64) not null, + PROC_DEF_KEY_ varchar(255), + PROC_DEF_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + EXECUTION_ID_ varchar(64), + CREATE_TIME_ timestamp(3) not null, + END_TIME_ timestamp(3) null, + INCIDENT_MSG_ varchar(4000), + INCIDENT_TYPE_ varchar(255) not null, + ACTIVITY_ID_ varchar(255), + CAUSE_INCIDENT_ID_ varchar(64), + ROOT_CAUSE_INCIDENT_ID_ varchar(64), + CONFIGURATION_ varchar(255), + INCIDENT_STATE_ integer, + TENANT_ID_ varchar(64), + JOB_DEF_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_JOB_LOG ( + ID_ varchar(64) not null, + TIMESTAMP_ timestamp(3) not null, + JOB_ID_ varchar(64) not null, + JOB_DUEDATE_ timestamp(3) NULL, + JOB_RETRIES_ integer, + JOB_PRIORITY_ bigint NOT NULL DEFAULT 0, + JOB_EXCEPTION_MSG_ varchar(4000), + JOB_EXCEPTION_STACK_ID_ varchar(64), + JOB_STATE_ integer, + JOB_DEF_ID_ varchar(64), + JOB_DEF_TYPE_ varchar(255), + JOB_DEF_CONFIGURATION_ varchar(255), + ACT_ID_ varchar(255), + ROOT_PROC_INST_ID_ varchar(64), + EXECUTION_ID_ varchar(64), + PROCESS_INSTANCE_ID_ varchar(64), + PROCESS_DEF_ID_ varchar(64), + PROCESS_DEF_KEY_ varchar(255), + DEPLOYMENT_ID_ varchar(64), + SEQUENCE_COUNTER_ bigint, + TENANT_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_BATCH ( + ID_ varchar(64) not null, + TYPE_ varchar(255), + TOTAL_JOBS_ integer, + JOBS_PER_SEED_ integer, + INVOCATIONS_PER_JOB_ integer, + SEED_JOB_DEF_ID_ varchar(64), + MONITOR_JOB_DEF_ID_ varchar(64), + BATCH_JOB_DEF_ID_ varchar(64), + TENANT_ID_ varchar(64), + CREATE_USER_ID_ varchar(255), + START_TIME_ datetime(3) not null, + END_TIME_ datetime(3), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_EXT_TASK_LOG ( + ID_ varchar(64) not null, + TIMESTAMP_ timestamp(3) not null, + EXT_TASK_ID_ varchar(64) not null, + RETRIES_ integer, + TOPIC_NAME_ varchar(255), + WORKER_ID_ varchar(255), + PRIORITY_ bigint NOT NULL DEFAULT 0, + ERROR_MSG_ varchar(4000), + ERROR_DETAILS_ID_ varchar(64), + ACT_ID_ varchar(255), + ACT_INST_ID_ varchar(64), + EXECUTION_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + PROC_DEF_ID_ varchar(64), + PROC_DEF_KEY_ varchar(255), + TENANT_ID_ varchar(64), + STATE_ integer, + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create index ACT_IDX_HI_PRO_INST_END on ACT_HI_PROCINST(END_TIME_); +create index ACT_IDX_HI_PRO_I_BUSKEY on ACT_HI_PROCINST(BUSINESS_KEY_); +create index ACT_IDX_HI_PRO_INST_TENANT_ID on ACT_HI_PROCINST(TENANT_ID_); +create index ACT_IDX_HI_PRO_INST_PROC_DEF_KEY on ACT_HI_PROCINST(PROC_DEF_KEY_); +create index ACT_IDX_HI_PRO_INST_PROC_TIME on ACT_HI_PROCINST(START_TIME_, END_TIME_); +create index ACT_IDX_HI_PI_PDEFID_END_TIME on ACT_HI_PROCINST(PROC_DEF_ID_, END_TIME_); +create index ACT_IDX_HI_PRO_INST_ROOT_PI on ACT_HI_PROCINST(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_PRO_INST_RM_TIME on ACT_HI_PROCINST(REMOVAL_TIME_); + +create index ACT_IDX_HI_ACTINST_ROOT_PI on ACT_HI_ACTINST(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_ACT_INST_START on ACT_HI_ACTINST(START_TIME_); +create index ACT_IDX_HI_ACT_INST_END on ACT_HI_ACTINST(END_TIME_); +create index ACT_IDX_HI_ACT_INST_PROCINST on ACT_HI_ACTINST(PROC_INST_ID_, ACT_ID_); +create index ACT_IDX_HI_ACT_INST_COMP on ACT_HI_ACTINST(EXECUTION_ID_, ACT_ID_, END_TIME_, ID_); +create index ACT_IDX_HI_ACT_INST_STATS on ACT_HI_ACTINST(PROC_DEF_ID_, PROC_INST_ID_, ACT_ID_, END_TIME_, ACT_INST_STATE_); +create index ACT_IDX_HI_ACT_INST_TENANT_ID on ACT_HI_ACTINST(TENANT_ID_); +create index ACT_IDX_HI_ACT_INST_PROC_DEF_KEY on ACT_HI_ACTINST(PROC_DEF_KEY_); +create index ACT_IDX_HI_AI_PDEFID_END_TIME on ACT_HI_ACTINST(PROC_DEF_ID_, END_TIME_); +create index ACT_IDX_HI_ACT_INST_RM_TIME on ACT_HI_ACTINST(REMOVAL_TIME_); + +create index ACT_IDX_HI_TASKINST_ROOT_PI on ACT_HI_TASKINST(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_TASK_INST_TENANT_ID on ACT_HI_TASKINST(TENANT_ID_); +create index ACT_IDX_HI_TASK_INST_PROC_DEF_KEY on ACT_HI_TASKINST(PROC_DEF_KEY_); +create index ACT_IDX_HI_TASKINST_PROCINST on ACT_HI_TASKINST(PROC_INST_ID_); +create index ACT_IDX_HI_TASKINSTID_PROCINST on ACT_HI_TASKINST(ID_,PROC_INST_ID_); +create index ACT_IDX_HI_TASK_INST_RM_TIME on ACT_HI_TASKINST(REMOVAL_TIME_); +create index ACT_IDX_HI_TASK_INST_START on ACT_HI_TASKINST(START_TIME_); +create index ACT_IDX_HI_TASK_INST_END on ACT_HI_TASKINST(END_TIME_); + +create index ACT_IDX_HI_DETAIL_ROOT_PI on ACT_HI_DETAIL(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_DETAIL_PROC_INST on ACT_HI_DETAIL(PROC_INST_ID_); +create index ACT_IDX_HI_DETAIL_ACT_INST on ACT_HI_DETAIL(ACT_INST_ID_); +create index ACT_IDX_HI_DETAIL_CASE_INST on ACT_HI_DETAIL(CASE_INST_ID_); +create index ACT_IDX_HI_DETAIL_CASE_EXEC on ACT_HI_DETAIL(CASE_EXECUTION_ID_); +create index ACT_IDX_HI_DETAIL_TIME on ACT_HI_DETAIL(TIME_); +create index ACT_IDX_HI_DETAIL_NAME on ACT_HI_DETAIL(NAME_); +create index ACT_IDX_HI_DETAIL_TASK_ID on ACT_HI_DETAIL(TASK_ID_); +create index ACT_IDX_HI_DETAIL_TENANT_ID on ACT_HI_DETAIL(TENANT_ID_); +create index ACT_IDX_HI_DETAIL_PROC_DEF_KEY on ACT_HI_DETAIL(PROC_DEF_KEY_); +create index ACT_IDX_HI_DETAIL_BYTEAR on ACT_HI_DETAIL(BYTEARRAY_ID_); +create index ACT_IDX_HI_DETAIL_RM_TIME on ACT_HI_DETAIL(REMOVAL_TIME_); +create index ACT_IDX_HI_DETAIL_TASK_BYTEAR on ACT_HI_DETAIL(BYTEARRAY_ID_, TASK_ID_); + +create index ACT_IDX_HI_IDENT_LNK_ROOT_PI on ACT_HI_IDENTITYLINK(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_IDENT_LNK_USER on ACT_HI_IDENTITYLINK(USER_ID_); +create index ACT_IDX_HI_IDENT_LNK_GROUP on ACT_HI_IDENTITYLINK(GROUP_ID_); +create index ACT_IDX_HI_IDENT_LNK_TENANT_ID on ACT_HI_IDENTITYLINK(TENANT_ID_); +create index ACT_IDX_HI_IDENT_LNK_PROC_DEF_KEY on ACT_HI_IDENTITYLINK(PROC_DEF_KEY_); +create index ACT_IDX_HI_IDENT_LINK_TASK on ACT_HI_IDENTITYLINK(TASK_ID_); +create index ACT_IDX_HI_IDENT_LINK_RM_TIME on ACT_HI_IDENTITYLINK(REMOVAL_TIME_); + +create index ACT_IDX_HI_VARINST_ROOT_PI on ACT_HI_VARINST(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_PROCVAR_PROC_INST on ACT_HI_VARINST(PROC_INST_ID_); +create index ACT_IDX_HI_PROCVAR_NAME_TYPE on ACT_HI_VARINST(NAME_, VAR_TYPE_); +create index ACT_IDX_HI_CASEVAR_CASE_INST on ACT_HI_VARINST(CASE_INST_ID_); +create index ACT_IDX_HI_VAR_INST_TENANT_ID on ACT_HI_VARINST(TENANT_ID_); +create index ACT_IDX_HI_VAR_INST_PROC_DEF_KEY on ACT_HI_VARINST(PROC_DEF_KEY_); +create index ACT_IDX_HI_VARINST_BYTEAR on ACT_HI_VARINST(BYTEARRAY_ID_); +create index ACT_IDX_HI_VARINST_RM_TIME on ACT_HI_VARINST(REMOVAL_TIME_); + +create index ACT_IDX_HI_INCIDENT_TENANT_ID on ACT_HI_INCIDENT(TENANT_ID_); +create index ACT_IDX_HI_INCIDENT_PROC_DEF_KEY on ACT_HI_INCIDENT(PROC_DEF_KEY_); +create index ACT_IDX_HI_INCIDENT_ROOT_PI on ACT_HI_INCIDENT(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_INCIDENT_PROCINST on ACT_HI_INCIDENT(PROC_INST_ID_); +create index ACT_IDX_HI_INCIDENT_RM_TIME on ACT_HI_INCIDENT(REMOVAL_TIME_); + +create index ACT_IDX_HI_JOB_LOG_ROOT_PI on ACT_HI_JOB_LOG(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_JOB_LOG_PROCINST on ACT_HI_JOB_LOG(PROCESS_INSTANCE_ID_); +create index ACT_IDX_HI_JOB_LOG_PROCDEF on ACT_HI_JOB_LOG(PROCESS_DEF_ID_); +create index ACT_IDX_HI_JOB_LOG_TENANT_ID on ACT_HI_JOB_LOG(TENANT_ID_); +create index ACT_IDX_HI_JOB_LOG_JOB_DEF_ID on ACT_HI_JOB_LOG(JOB_DEF_ID_); +create index ACT_IDX_HI_JOB_LOG_PROC_DEF_KEY on ACT_HI_JOB_LOG(PROCESS_DEF_KEY_); +create index ACT_IDX_HI_JOB_LOG_EX_STACK on ACT_HI_JOB_LOG(JOB_EXCEPTION_STACK_ID_); +create index ACT_IDX_HI_JOB_LOG_RM_TIME on ACT_HI_JOB_LOG(REMOVAL_TIME_); + +create index ACT_HI_BAT_RM_TIME on ACT_HI_BATCH(REMOVAL_TIME_); + +create index ACT_HI_EXT_TASK_LOG_ROOT_PI on ACT_HI_EXT_TASK_LOG(ROOT_PROC_INST_ID_); +create index ACT_HI_EXT_TASK_LOG_PROCINST on ACT_HI_EXT_TASK_LOG(PROC_INST_ID_); +create index ACT_HI_EXT_TASK_LOG_PROCDEF on ACT_HI_EXT_TASK_LOG(PROC_DEF_ID_); +create index ACT_HI_EXT_TASK_LOG_PROC_DEF_KEY on ACT_HI_EXT_TASK_LOG(PROC_DEF_KEY_); +create index ACT_HI_EXT_TASK_LOG_TENANT_ID on ACT_HI_EXT_TASK_LOG(TENANT_ID_); +create index ACT_IDX_HI_EXTTASKLOG_ERRORDET on ACT_HI_EXT_TASK_LOG(ERROR_DETAILS_ID_); +create index ACT_HI_EXT_TASK_LOG_RM_TIME on ACT_HI_EXT_TASK_LOG(REMOVAL_TIME_); + +create index ACT_IDX_HI_OP_LOG_ROOT_PI on ACT_HI_OP_LOG(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_OP_LOG_PROCINST on ACT_HI_OP_LOG(PROC_INST_ID_); +create index ACT_IDX_HI_OP_LOG_PROCDEF on ACT_HI_OP_LOG(PROC_DEF_ID_); +create index ACT_IDX_HI_OP_LOG_TASK on ACT_HI_OP_LOG(TASK_ID_); +create index ACT_IDX_HI_OP_LOG_RM_TIME on ACT_HI_OP_LOG(REMOVAL_TIME_); +create index ACT_IDX_HI_OP_LOG_TIMESTAMP on ACT_HI_OP_LOG(TIMESTAMP_); + +create index ACT_IDX_HI_COMMENT_TASK on ACT_HI_COMMENT(TASK_ID_); +create index ACT_IDX_HI_COMMENT_ROOT_PI on ACT_HI_COMMENT(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_COMMENT_PROCINST on ACT_HI_COMMENT(PROC_INST_ID_); +create index ACT_IDX_HI_COMMENT_RM_TIME on ACT_HI_COMMENT(REMOVAL_TIME_); + +create index ACT_IDX_HI_ATTACHMENT_CONTENT on ACT_HI_ATTACHMENT(CONTENT_ID_); +create index ACT_IDX_HI_ATTACHMENT_ROOT_PI on ACT_HI_ATTACHMENT(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_ATTACHMENT_PROCINST on ACT_HI_ATTACHMENT(PROC_INST_ID_); +create index ACT_IDX_HI_ATTACHMENT_TASK on ACT_HI_ATTACHMENT(TASK_ID_); +create index ACT_IDX_HI_ATTACHMENT_RM_TIME on ACT_HI_ATTACHMENT(REMOVAL_TIME_); +-- +-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) +-- +-- Licensed under the Apache License, Version 2.0 (the "License"); +-- you may not use this file except in compliance with the License. +-- You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +create table ACT_HI_CASEINST ( + ID_ varchar(64) not null, + CASE_INST_ID_ varchar(64) not null, + BUSINESS_KEY_ varchar(255), + CASE_DEF_ID_ varchar(64) not null, + CREATE_TIME_ datetime(3) not null, + CLOSE_TIME_ datetime(3), + DURATION_ bigint, + STATE_ integer, + CREATE_USER_ID_ varchar(255), + SUPER_CASE_INSTANCE_ID_ varchar(64), + SUPER_PROCESS_INSTANCE_ID_ varchar(64), + TENANT_ID_ varchar(64), + primary key (ID_), + unique (CASE_INST_ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_HI_CASEACTINST ( + ID_ varchar(64) not null, + PARENT_ACT_INST_ID_ varchar(64), + CASE_DEF_ID_ varchar(64) not null, + CASE_INST_ID_ varchar(64) not null, + CASE_ACT_ID_ varchar(255) not null, + TASK_ID_ varchar(64), + CALL_PROC_INST_ID_ varchar(64), + CALL_CASE_INST_ID_ varchar(64), + CASE_ACT_NAME_ varchar(255), + CASE_ACT_TYPE_ varchar(255), + CREATE_TIME_ datetime(3) not null, + END_TIME_ datetime(3), + DURATION_ bigint, + STATE_ integer, + REQUIRED_ boolean, + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create index ACT_IDX_HI_CAS_I_CLOSE on ACT_HI_CASEINST(CLOSE_TIME_); +create index ACT_IDX_HI_CAS_I_BUSKEY on ACT_HI_CASEINST(BUSINESS_KEY_); +create index ACT_IDX_HI_CAS_I_TENANT_ID on ACT_HI_CASEINST(TENANT_ID_); +create index ACT_IDX_HI_CAS_A_I_CREATE on ACT_HI_CASEACTINST(CREATE_TIME_); +create index ACT_IDX_HI_CAS_A_I_END on ACT_HI_CASEACTINST(END_TIME_); +create index ACT_IDX_HI_CAS_A_I_COMP on ACT_HI_CASEACTINST(CASE_ACT_ID_, END_TIME_, ID_); +create index ACT_IDX_HI_CAS_A_I_CASEINST on ACT_HI_CASEACTINST(CASE_INST_ID_, CASE_ACT_ID_); +create index ACT_IDX_HI_CAS_A_I_TENANT_ID on ACT_HI_CASEACTINST(TENANT_ID_); +-- +-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) +-- +-- Licensed under the Apache License, Version 2.0 (the "License"); +-- you may not use this file except in compliance with the License. +-- You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +-- create history decision instance table -- +create table ACT_HI_DECINST ( + ID_ varchar(64) NOT NULL, + DEC_DEF_ID_ varchar(64) NOT NULL, + DEC_DEF_KEY_ varchar(255) NOT NULL, + DEC_DEF_NAME_ varchar(255), + PROC_DEF_KEY_ varchar(255), + PROC_DEF_ID_ varchar(64), + PROC_INST_ID_ varchar(64), + CASE_DEF_KEY_ varchar(255), + CASE_DEF_ID_ varchar(64), + CASE_INST_ID_ varchar(64), + ACT_INST_ID_ varchar(64), + ACT_ID_ varchar(255), + EVAL_TIME_ datetime(3) not null, + REMOVAL_TIME_ datetime(3), + COLLECT_VALUE_ double, + USER_ID_ varchar(255), + ROOT_DEC_INST_ID_ varchar(64), + ROOT_PROC_INST_ID_ varchar(64), + DEC_REQ_ID_ varchar(64), + DEC_REQ_KEY_ varchar(255), + TENANT_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +-- create history decision input table -- +create table ACT_HI_DEC_IN ( + ID_ varchar(64) NOT NULL, + DEC_INST_ID_ varchar(64) NOT NULL, + CLAUSE_ID_ varchar(64), + CLAUSE_NAME_ varchar(255), + VAR_TYPE_ varchar(100), + BYTEARRAY_ID_ varchar(64), + DOUBLE_ double, + LONG_ bigint, + TEXT_ LONGBLOB, + TEXT2_ LONGBLOB, + TENANT_ID_ varchar(64), + CREATE_TIME_ datetime(3), + ROOT_PROC_INST_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +-- create history decision output table -- +create table ACT_HI_DEC_OUT ( + ID_ varchar(64) NOT NULL, + DEC_INST_ID_ varchar(64) NOT NULL, + CLAUSE_ID_ varchar(64), + CLAUSE_NAME_ varchar(255), + RULE_ID_ varchar(64), + RULE_ORDER_ integer, + VAR_NAME_ varchar(255), + VAR_TYPE_ varchar(100), + BYTEARRAY_ID_ varchar(64), + DOUBLE_ double, + LONG_ bigint, + TEXT_ LONGBLOB, + TEXT2_ LONGBLOB, + TENANT_ID_ varchar(64), + CREATE_TIME_ datetime(3), + ROOT_PROC_INST_ID_ varchar(64), + REMOVAL_TIME_ datetime(3), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + + +create index ACT_IDX_HI_DEC_INST_ID on ACT_HI_DECINST(DEC_DEF_ID_); +create index ACT_IDX_HI_DEC_INST_KEY on ACT_HI_DECINST(DEC_DEF_KEY_); +create index ACT_IDX_HI_DEC_INST_PI on ACT_HI_DECINST(PROC_INST_ID_); +create index ACT_IDX_HI_DEC_INST_CI on ACT_HI_DECINST(CASE_INST_ID_); +create index ACT_IDX_HI_DEC_INST_ACT on ACT_HI_DECINST(ACT_ID_); +create index ACT_IDX_HI_DEC_INST_ACT_INST on ACT_HI_DECINST(ACT_INST_ID_); +create index ACT_IDX_HI_DEC_INST_TIME on ACT_HI_DECINST(EVAL_TIME_); +create index ACT_IDX_HI_DEC_INST_TENANT_ID on ACT_HI_DECINST(TENANT_ID_); +create index ACT_IDX_HI_DEC_INST_ROOT_ID on ACT_HI_DECINST(ROOT_DEC_INST_ID_); +create index ACT_IDX_HI_DEC_INST_REQ_ID on ACT_HI_DECINST(DEC_REQ_ID_); +create index ACT_IDX_HI_DEC_INST_REQ_KEY on ACT_HI_DECINST(DEC_REQ_KEY_); +create index ACT_IDX_HI_DEC_INST_ROOT_PI on ACT_HI_DECINST(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_DEC_INST_RM_TIME on ACT_HI_DECINST(REMOVAL_TIME_); + + +create index ACT_IDX_HI_DEC_IN_INST on ACT_HI_DEC_IN(DEC_INST_ID_); +create index ACT_IDX_HI_DEC_IN_CLAUSE on ACT_HI_DEC_IN(DEC_INST_ID_, CLAUSE_ID_); +create index ACT_IDX_HI_DEC_IN_ROOT_PI on ACT_HI_DEC_IN(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_DEC_IN_RM_TIME on ACT_HI_DEC_IN(REMOVAL_TIME_); + +create index ACT_IDX_HI_DEC_OUT_INST on ACT_HI_DEC_OUT(DEC_INST_ID_); +create index ACT_IDX_HI_DEC_OUT_RULE on ACT_HI_DEC_OUT(RULE_ORDER_, CLAUSE_ID_); +create index ACT_IDX_HI_DEC_OUT_ROOT_PI on ACT_HI_DEC_OUT(ROOT_PROC_INST_ID_); +create index ACT_IDX_HI_DEC_OUT_RM_TIME on ACT_HI_DEC_OUT(REMOVAL_TIME_); diff --git a/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_identity_7.10.0.sql b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_identity_7.10.0.sql new file mode 100644 index 0000000000..35cb979781 --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_identity_7.10.0.sql @@ -0,0 +1,105 @@ +-- +-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) +-- +-- Licensed under the Apache License, Version 2.0 (the "License"); +-- you may not use this file except in compliance with the License. +-- You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +use camundabpmn; + +create table ACT_ID_GROUP ( + ID_ varchar(64), + REV_ integer, + NAME_ varchar(255), + TYPE_ varchar(255), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_ID_MEMBERSHIP ( + USER_ID_ varchar(64), + GROUP_ID_ varchar(64), + primary key (USER_ID_, GROUP_ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_ID_USER ( + ID_ varchar(64), + REV_ integer, + FIRST_ varchar(255), + LAST_ varchar(255), + EMAIL_ varchar(255), + PWD_ varchar(255), + SALT_ varchar(255), + LOCK_EXP_TIME_ timestamp(3) NULL, + ATTEMPTS_ integer, + PICTURE_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_ID_INFO ( + ID_ varchar(64), + REV_ integer, + USER_ID_ varchar(64), + TYPE_ varchar(64), + KEY_ varchar(255), + VALUE_ varchar(255), + PASSWORD_ LONGBLOB, + PARENT_ID_ varchar(255), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_ID_TENANT ( + ID_ varchar(64), + REV_ integer, + NAME_ varchar(255), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +create table ACT_ID_TENANT_MEMBER ( + ID_ varchar(64) not null, + TENANT_ID_ varchar(64) not null, + USER_ID_ varchar(64), + GROUP_ID_ varchar(64), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +alter table ACT_ID_MEMBERSHIP + add constraint ACT_FK_MEMB_GROUP + foreign key (GROUP_ID_) + references ACT_ID_GROUP (ID_); + +alter table ACT_ID_MEMBERSHIP + add constraint ACT_FK_MEMB_USER + foreign key (USER_ID_) + references ACT_ID_USER (ID_); + +alter table ACT_ID_TENANT_MEMBER + add constraint ACT_UNIQ_TENANT_MEMB_USER + unique (TENANT_ID_, USER_ID_); + +alter table ACT_ID_TENANT_MEMBER + add constraint ACT_UNIQ_TENANT_MEMB_GROUP + unique (TENANT_ID_, GROUP_ID_); + +alter table ACT_ID_TENANT_MEMBER + add constraint ACT_FK_TENANT_MEMB + foreign key (TENANT_ID_) + references ACT_ID_TENANT (ID_); + +alter table ACT_ID_TENANT_MEMBER + add constraint ACT_FK_TENANT_MEMB_USER + foreign key (USER_ID_) + references ACT_ID_USER (ID_); + +alter table ACT_ID_TENANT_MEMBER + add constraint ACT_FK_TENANT_MEMB_GROUP + foreign key (GROUP_ID_) + references ACT_ID_GROUP (ID_); diff --git a/kubernetes/so/charts/so-mariadb/templates/configmap.yaml b/kubernetes/so/charts/so-mariadb/templates/configmap.yaml new file mode 100644 index 0000000000..8f10b2eb27 --- /dev/null +++ b/kubernetes/so/charts/so-mariadb/templates/configmap.yaml @@ -0,0 +1,39 @@ +# Copyright 2018 © Samsung Electronics Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-mariadb-sh + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/docker-entrypoint-initdb.d/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-mariadb-sql + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/docker-entrypoint-initdb.d/db-sql-scripts/*").AsConfig . | indent 2 }} diff --git a/kubernetes/so/charts/so-mariadb/templates/job.yaml b/kubernetes/so/charts/so-mariadb/templates/job.yaml index a20564e513..7e10e48945 100755..100644 --- a/kubernetes/so/charts/so-mariadb/templates/job.yaml +++ b/kubernetes/so/charts/so-mariadb/templates/job.yaml @@ -111,21 +111,6 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - name: {{ include "common.name" . }}-inject-testlab-project - command: - - /bin/bash - - -c - - > - git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit; - echo "Clone complete. Copying from /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d to /docker-entrypoint-initdb.d"; - cp -rf /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d/* /docker-entrypoint-initdb.d; - chmod -R 755 /docker-entrypoint-initdb.d; - echo "Done."; - image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: docker-entrypoint-initdb-d - mountPath: "/docker-entrypoint-initdb.d" containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -161,8 +146,10 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - - name: docker-entrypoint-initdb-d + - name: docker-entrypoint-initdb-d-sh mountPath: "/docker-entrypoint-initdb.d" + - name: docker-entrypoint-initdb-d-sql + mountPath: "/docker-entrypoint-initdb.d/db-sql-scripts" {{- if .Values.global.migration.enabled }} - name: backup-storage mountPath: /var/data/mariadb @@ -181,8 +168,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: docker-entrypoint-initdb-d - emptyDir: {} + - name: docker-entrypoint-initdb-d-sh + configMap: + name: {{ include "common.fullname" . }}-mariadb-sh + - name: docker-entrypoint-initdb-d-sql + configMap: + name: {{ include "common.fullname" . }}-mariadb-sql {{- if .Values.global.migration.enabled }} - name: backup-storage persistentVolumeClaim: diff --git a/kubernetes/so/charts/so-mariadb/templates/pv.yaml b/kubernetes/so/charts/so-mariadb/templates/pv.yaml index 5f5d09e2eb..f8315ef5f9 100755..100644 --- a/kubernetes/so/charts/so-mariadb/templates/pv.yaml +++ b/kubernetes/so/charts/so-mariadb/templates/pv.yaml @@ -36,6 +36,7 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end }} diff --git a/kubernetes/so/charts/so-mariadb/templates/pvc.yaml b/kubernetes/so/charts/so-mariadb/templates/pvc.yaml index 92d5eed0c4..17ff7730c7 100755..100644 --- a/kubernetes/so/charts/so-mariadb/templates/pvc.yaml +++ b/kubernetes/so/charts/so-mariadb/templates/pvc.yaml @@ -33,20 +33,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }}-migration accessModes: - {{ .Values.persistence.accessMode }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" + storageClassName: {{ include "common.storageClass" . }} {{- end }} -{{- end }} -{{- end }} - diff --git a/kubernetes/so/charts/so-mariadb/templates/secrets.yaml b/kubernetes/so/charts/so-mariadb/templates/secrets.yaml index 99ccb55445..99ccb55445 100755..100644 --- a/kubernetes/so/charts/so-mariadb/templates/secrets.yaml +++ b/kubernetes/so/charts/so-mariadb/templates/secrets.yaml diff --git a/kubernetes/so/charts/so-monitoring/templates/ingress.yaml b/kubernetes/so/charts/so-monitoring/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/so/charts/so-monitoring/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/so/charts/so-monitoring/values.yaml b/kubernetes/so/charts/so-monitoring/values.yaml index 7539e47af9..240ca1511d 100644 --- a/kubernetes/so/charts/so-monitoring/values.yaml +++ b/kubernetes/so/charts/so-monitoring/values.yaml @@ -32,7 +32,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/so-monitoring:1.5.2 +image: onap/so/so-monitoring:1.5.3 pullPolicy: Always replicaCount: 1 @@ -81,7 +81,13 @@ livenessProbe: successThreshold: 1 failureThreshold: 3 ingress: - enabled: false + enabled: false + service: + - baseaddr: "somonitoring" + name: "so-monitoring" + port: 9091 + config: + ssl: "none" nodeSelector: {} tolerations: [] -affinity: {} +affinity: {}
\ No newline at end of file diff --git a/kubernetes/so/charts/so-openstack-adapter/values.yaml b/kubernetes/so/charts/so-openstack-adapter/values.yaml index c570f5eb45..8dc7e830d2 100755 --- a/kubernetes/so/charts/so-openstack-adapter/values.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/values.yaml @@ -26,7 +26,7 @@ global: ################################################################# # Application configuration defaults. ################################################################# -image: onap/so/openstack-adapter:1.5.2 +image: onap/so/openstack-adapter:1.5.3 pullPolicy: Always repository: nexus3.onap.org:10001 diff --git a/kubernetes/so/charts/so-request-db-adapter/values.yaml b/kubernetes/so/charts/so-request-db-adapter/values.yaml index 028d123a31..58e6412847 100755 --- a/kubernetes/so/charts/so-request-db-adapter/values.yaml +++ b/kubernetes/so/charts/so-request-db-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/request-db-adapter:1.5.2 +image: onap/so/request-db-adapter:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-sdc-controller/values.yaml b/kubernetes/so/charts/so-sdc-controller/values.yaml index 1259435ec9..2cce8bb2dd 100755 --- a/kubernetes/so/charts/so-sdc-controller/values.yaml +++ b/kubernetes/so/charts/so-sdc-controller/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/sdc-controller:1.5.2 +image: onap/so/sdc-controller:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml index c313dd563c..5062a1f8f0 100755 --- a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml @@ -136,7 +136,7 @@ org: mobility: '': query: GET|60000|sdncurl5| - myurl: http://so-sdnc-adapter{{ include "common.namespace" . }}:8086/adapters/rest/SDNCNotify + myurl: http://so-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/rest/SDNCNotify rest: bpelurl: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage sdncauth: ED07A7EE5F099FA53369C3DF2240AD68A00154676EEDBC6F8C16BAA83B1912941B8941ABD48683D2C1072DA7040659692DE936A59BBF42A038CF71DE67B4A375190071EC76EA657801B033C135 diff --git a/kubernetes/so/charts/so-sdnc-adapter/values.yaml b/kubernetes/so/charts/so-sdnc-adapter/values.yaml index e48c9c93e2..d1be03b541 100755 --- a/kubernetes/so/charts/so-sdnc-adapter/values.yaml +++ b/kubernetes/so/charts/so-sdnc-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/sdnc-adapter:1.5.2 +image: onap/so/sdnc-adapter:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-vfc-adapter/values.yaml b/kubernetes/so/charts/so-vfc-adapter/values.yaml index 1663fb350c..b15a67ffe8 100755 --- a/kubernetes/so/charts/so-vfc-adapter/values.yaml +++ b/kubernetes/so/charts/so-vfc-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/vfc-adapter:1.5.2 +image: onap/so/vfc-adapter:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml index 8650f05897..5213700df0 100755 --- a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml @@ -25,7 +25,17 @@ spring: password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' role: ACTUATOR server: - port: {{ index .Values.containerPort }} + port: {{ index .Values.containerPort }} + ssl: + key-alias: so@so.onap.org + key--store-password: 'ywsqCy:EEo#j}HJHM7z^Rk[L' + key-store: classpath:so-vnfm-adapter.p12 + key-store-type: PKCS12 +http: + client: + ssl: + trust-store: classpath:org.onap.so.trust.jks + trust-store-password: ',sx#.C*W)]wVgJC6ccFHI#:H' mso: key: 07a7159d3bf51a0e53be7a8f89699be7 site-name: localSite @@ -38,4 +48,12 @@ sdc: key: 566B754875657232314F5548556D3665 endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443 vnfmadapter: - endpoint: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092 + endpoint: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092 +etsi-catalog-manager: + vnfpkgm: + {{- if .Values.global.msbEnabled }} + endpoint: http://msb-iag.{{ include "common.namespace" . }}:80/api/vnfpkgm/v1 + {{- else }} + endpoint: http://modeling-etsicatalog.{{ include "common.namespace" . }}:8806/api/vnfpkgm/v1 + {{- end }} + diff --git a/kubernetes/so/charts/so-vnfm-adapter/templates/ingress.yaml b/kubernetes/so/charts/so-vnfm-adapter/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/so/charts/so-vnfm-adapter/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/so/charts/so-vnfm-adapter/values.yaml b/kubernetes/so/charts/so-vnfm-adapter/values.yaml index d29bff28aa..78333767f6 100755 --- a/kubernetes/so/charts/so-vnfm-adapter/values.yaml +++ b/kubernetes/so/charts/so-vnfm-adapter/values.yaml @@ -26,7 +26,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/vnfm-adapter:1.5.2 +image: onap/so/vnfm-adapter:1.5.3 pullPolicy: Always replicaCount: 1 @@ -72,6 +72,12 @@ livenessProbe: failureThreshold: 3 ingress: enabled: false + service: + - baseaddr: "sovnfmadapter" + name: "so-vnfm-adapter" + port: 9092 + config: + ssl: "redirect" nodeSelector: {} tolerations: [] -affinity: {} +affinity: {}
\ No newline at end of file diff --git a/kubernetes/so/templates/ingress.yaml b/kubernetes/so/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/so/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index ae126fa78e..9af34af88e 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -38,12 +38,13 @@ global: dbPort: 3306 dbUser: root dbPassword: secretpassword + msbEnabled: true ################################################################# # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/api-handler-infra:1.5.2 +image: onap/so/api-handler-infra:1.5.3 pullPolicy: Always replicaCount: 1 @@ -105,3 +106,12 @@ mariadb-galera: persistence: mountSubPath: so/mariadb-galera/data enabled: true + +ingress: + enabled: false + service: + - baseaddr: "so" + name: "so" + port: 8080 + config: + ssl: "none" diff --git a/kubernetes/uui/charts/uui-server/templates/ingress.yaml b/kubernetes/uui/charts/uui-server/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/uui/charts/uui-server/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/uui/charts/uui-server/values.yaml b/kubernetes/uui/charts/uui-server/values.yaml index c58eb81f37..e7856d3a4d 100644 --- a/kubernetes/uui/charts/uui-server/values.yaml +++ b/kubernetes/uui/charts/uui-server/values.yaml @@ -64,6 +64,12 @@ service: ingress: enabled: false + service: + - baseaddr: uuiserver + name: "uui-server" + port: 8082 + config: + ssl: "none" # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little diff --git a/kubernetes/uui/templates/ingress.yaml b/kubernetes/uui/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/uui/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/uui/values.yaml b/kubernetes/uui/values.yaml index 4d1f8887df..bfecdb7d4f 100644 --- a/kubernetes/uui/values.yaml +++ b/kubernetes/uui/values.yaml @@ -64,6 +64,12 @@ service: ingress: enabled: false + service: + - baseaddr: uui + name: "uui" + port: 8080 + config: + ssl: "none" # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little diff --git a/kubernetes/vfc/charts/vfc-catalog/templates/pv.yaml b/kubernetes/vfc/charts/vfc-catalog/templates/pv.yaml index d1e1b04121..68696fbccd 100644 --- a/kubernetes/vfc/charts/vfc-catalog/templates/pv.yaml +++ b/kubernetes/vfc/charts/vfc-catalog/templates/pv.yaml @@ -14,6 +14,7 @@ # limitations under the License. */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -31,6 +32,8 @@ spec: accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}}
\ No newline at end of file +{{- end -}} +{{- end -}} diff --git a/kubernetes/vfc/charts/vfc-catalog/templates/pvc.yaml b/kubernetes/vfc/charts/vfc-catalog/templates/pvc.yaml index 74ba690fa6..d3d5d9e0a4 100644 --- a/kubernetes/vfc/charts/vfc-catalog/templates/pvc.yaml +++ b/kubernetes/vfc/charts/vfc-catalog/templates/pvc.yaml @@ -29,19 +29,10 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}}
\ No newline at end of file +{{- end -}} diff --git a/kubernetes/vid/charts/vid-mariadb-galera/Chart.yaml b/kubernetes/vid/charts/vid-mariadb-galera/Chart.yaml deleted file mode 100644 index 041914734f..0000000000 --- a/kubernetes/vid/charts/vid-mariadb-galera/Chart.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP VID MariaDB Galera cluster -name: vid_mariadb_galera -version: 5.0.0 -keywords: - - mariadb - - mysql - - database - - sql - - galera - - cluster
\ No newline at end of file diff --git a/kubernetes/vid/charts/vid-mariadb-galera/templates/NOTES.txt b/kubernetes/vid/charts/vid-mariadb-galera/templates/NOTES.txt deleted file mode 100644 index c44fa8948e..0000000000 --- a/kubernetes/vid/charts/vid-mariadb-galera/templates/NOTES.txt +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -MariaDB-Galera service can be accessed via port 3306 on the following DNS name from within your cluster: -{{ include "common.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local - -To connect to your database: - -1. Run a pod that you can use as a client: - - kubectl run {{ include "common.fullname" . }}-client --rm --tty -i --image mariadb --command -- bash - -2. Connect using the mysql cli, then provide your password: - $ mysql -h {{ include "common.fullname" . }} {{- if .Values.mysqlRootPassword }} -p {{ .Values.mysqlRootPassword }}{{- end -}} - diff --git a/kubernetes/vid/charts/vid-mariadb-galera/templates/configmap.yaml b/kubernetes/vid/charts/vid-mariadb-galera/templates/configmap.yaml deleted file mode 100644 index ba6adc0018..0000000000 --- a/kubernetes/vid/charts/vid-mariadb-galera/templates/configmap.yaml +++ /dev/null @@ -1,45 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-confd - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }} ---- -{{- if .Values.externalConfig }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-externalconfig - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: - my_extra.cnf: |- - [mysqld] - lower_case_table_names = 1 - -#{{ toYaml .Values.externalConfig | indent 4 }} -#{{- end -}} diff --git a/kubernetes/vid/charts/vid-mariadb-galera/templates/service.yaml b/kubernetes/vid/charts/vid-mariadb-galera/templates/service.yaml deleted file mode 100644 index ae11a26629..0000000000 --- a/kubernetes/vid/charts/vid-mariadb-galera/templates/service.yaml +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - annotations: - service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" -# name: {{ include "common.servicename" . }} - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -spec: - ports: - - name: {{ .Values.service.portName }} - port: {{ .Values.service.internalPort }} - clusterIP: None - selector: - app: {{ include "common.fullname" . }} diff --git a/kubernetes/vid/charts/vid-mariadb-galera/templates/statefulset.yaml b/kubernetes/vid/charts/vid-mariadb-galera/templates/statefulset.yaml deleted file mode 100644 index e90b1564e8..0000000000 --- a/kubernetes/vid/charts/vid-mariadb-galera/templates/statefulset.yaml +++ /dev/null @@ -1,140 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1beta1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -spec: -# serviceName: {{ include "common.fullname" . }} - serviceName: {{ .Values.service.name }} - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.fullname" . }} - release: {{ .Release.Name }} - annotations: - pod.alpha.kubernetes.io/initialized: "true" - spec: - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end }} - volumes: - {{- if .Values.externalConfig }} - - name: config - configMap: - name: {{ include "common.fullname" . }}-externalconfig - {{- end}} - - name: localtime - hostPath: - path: /etc/localtime - imagePullSecrets: - - name: {{ include "common.namespace" . }}-docker-registry-key - containers: - - name: {{ include "common.fullname" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy | quote}} - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: MYSQL_USER - value: {{ default "" .Values.config.userName | quote }} - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: user-password - - name: MYSQL_DATABASE - value: {{ default "" .Values.config.mysqlDatabase | quote }} - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: db-root-password - ports: - - containerPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} - - containerPort: {{ .Values.service.sstPort }} - name: {{ .Values.service.sstName }} - - containerPort: {{ .Values.service.replicationPort }} - name: {{ .Values.service.replicationName }} - - containerPort: {{ .Values.service.istPort }} - name: {{ .Values.service.istName }} - readinessProbe: - exec: - command: - - /usr/share/container-scripts/mysql/readiness-probe.sh - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - exec: - command: ["mysqladmin", "ping"] - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - {{- end }} - resources: -{{ include "common.resources" . | indent 12 }} - volumeMounts: - {{- if .Values.externalConfig }} - - mountPath: /etc/config - name: config - {{- end}} - - mountPath: /etc/localtime - name: localtime - readOnly: true -{{- if .Values.persistence.enabled }} - - mountPath: /var/lib/mysql - name: {{ include "common.fullname" . }}-data - subPath: data - initContainers: - - name: mariadb-galera-prepare - image: "{{ include "common.repository" . }}/{{ .Values.imageInit }}" - command: ["sh", "-c", "chown -R 27:27 /var/lib/mysql"] - volumeMounts: - - name: {{ include "common.fullname" . }}-data - mountPath: /var/lib/mysql - volumeClaimTemplates: - - metadata: - name: {{ include "common.fullname" . }}-data - labels: - name: {{ include "common.fullname" . }} - annotations: - {{- if .Values.persistence.storageClass }} - volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass | quote }} - {{- else }} - volume.alpha.kubernetes.io/storage-class: default - {{- end }} - spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} - selector: - matchLabels: - name: {{ include "common.fullname" . }} -{{- end }} diff --git a/kubernetes/vid/charts/vid-mariadb-galera/values.yaml b/kubernetes/vid/charts/vid-mariadb-galera/values.yaml deleted file mode 100644 index e0da745ebe..0000000000 --- a/kubernetes/vid/charts/vid-mariadb-galera/values.yaml +++ /dev/null @@ -1,131 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - persistence: {} - repository: nexus3.onap.org:10001 - - -################################################################# -# Application configuration defaults. -################################################################# - -#repository: mysql -repository: nexus3.onap.org:10001 -image: adfinissygroup/k8s-mariadb-galera-centos:v004 -imageInit: busybox -pullPolicy: IfNotPresent - -# application configuration -config: - mariadbRootPassword: secretpassword -# userName: my-user -# userPassword: my-password -# mysqlDatabase: my-database - userName: vidadmin - userPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U - mysqlDatabase: vid_openecomp_epsdk - - -# default number of instances in the StatefulSet -replicaCount: 2 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 5 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: false - -readiness: - initialDelaySeconds: 15 - periodSeconds: 10 - -## Persist data to a persitent volume -persistence: - enabled: false - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: <storageClass> - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessMode: ReadWriteOnce - size: 2Gi - - -service: - internalPort: 3306 - name: vid-galera - portName: vid-galera - sstPort: 4444 - sstName: sst - replicationPort: 4567 - replicationName: replication - istPort: 4568 - istName: ist - -ingress: - enabled: false - - -## Configure MariaDB-Galera with a custom my.cnf file -## ref: https://mariadb.com/kb/en/mariadb/configuring-mariadb-with-mycnf/#example-of-configuration-file -## -#externalConfig: {} -externalConfig: |- - lower_case_table_names = 1 -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 10m - memory: 1Gi - requests: - cpu: 10m - memory: 500Mi - large: - limits: - cpu: 20m - memory: 2Gi - requests: - cpu: 20m - memory: 1Gi - unlimited: {} -# Name for mariadb-galera cluster - should be unique accross all projects or other clusters -nameOverride: vid-mariadb-galera - -# DNS name for mariadb-galera cluster - should be unique accross all projects other clusters -#dnsnameOverride: mariadb-galera diff --git a/kubernetes/vid/requirements.yaml b/kubernetes/vid/requirements.yaml index 6a748bee0c..6e5fe9dae2 100644 --- a/kubernetes/vid/requirements.yaml +++ b/kubernetes/vid/requirements.yaml @@ -19,3 +19,6 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: mariadb-galera + version: ~5.x-0 + repository: '@local' diff --git a/kubernetes/vid/resources/config/log/vid/logback.xml b/kubernetes/vid/resources/config/log/vid/logback.xml index 49db781b3e..018cca8a43 100644 --- a/kubernetes/vid/resources/config/log/vid/logback.xml +++ b/kubernetes/vid/resources/config/log/vid/logback.xml @@ -1,299 +1,386 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!--
- ================================================================================
- eCOMP Portal SDK
- ================================================================================
- Copyright (C) 2017 AT&T Intellectual Property
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ================================================================================
- -->
-<configuration scan="true" scanPeriod="3 seconds" debug="true">
- <!-- specify the base path of the log directory -->
- <property name="logDir" value="/var/log/onap" />
- <!-- specify the component name -->
- <property name="componentName" value="vid" />
- <!-- The directory where logs are written -->
- <property name="logDirectory" value="${logDir}/${componentName}" />
- <property name="pattern" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
- <!-- log file names -->
- <property name="generalLogName" value="application" />
- <property name="errorLogName" value="error" />
- <property name="metricsLogName" value="metrics" />
- <property name="auditLogName" value="audit" />
- <property name="debugLogName" value="debug" />
- <!-- other constants -->
- <property name="queueSize" value="256" />
- <property name="maxFileSize" value="50MB" />
- <property name="maxHistory" value="30" />
- <property name="totalSizeCap" value="10GB" />
- <!-- Example evaluator filter applied against console appender -->
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <!-- ============================================================================ -->
- <!-- EELF Appenders -->
- <!-- ============================================================================ -->
- <!-- The EELFAppender is used to record events to the general application
- log -->
- <appender name="EELF" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${generalLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- <filter class="org.openecomp.portalapp.util.CustomLoggingFilter" />
- </appender>
- <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>${queueSize}</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="EELF" />
- </appender>
- <!-- EELF Security Appender. This appender is used to record security events
- to the security log file. Security events are separate from other loggers
- in EELF so that security log records can be captured and managed in a secure
- way separate from the other logs. This appender is set to never discard any
- events. -->
- <!--
- <appender name="EELFSecurity"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${securityLogName}.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/${securityLogName}.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>${defaultPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="asyncEELFSecurity" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <discardingThreshold>0</discardingThreshold>
- <appender-ref ref="EELFSecurity" />
- </appender>
- -->
- <!-- EELF Performance Appender. This appender is used to record performance
- records. -->
- <!--
- <appender name="EELFPerformance"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${performanceLogName}.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/${performanceLogName}.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <outputPatternAsHeader>true</outputPatternAsHeader>
- <pattern>${defaultPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncEELFPerformance" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFPerformance" />
- </appender>
- -->
- <!-- EELF Server Appender. This appender is used to record Server related
- logging events. The Server logger and appender are specializations of the
- EELF application root logger and appender. This can be used to segregate Server
- events from other components, or it can be eliminated to record these events
- as part of the application root log. -->
- <!--
- <appender name="EELFServer"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${serverLogName}.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/${serverLogName}.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>${defaultPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncEELFServer" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFServer" />
- </appender>
- -->
- <!-- EELF Policy Appender. This appender is used to record Policy engine
- related logging events. The Policy logger and appender are specializations
- of the EELF application root logger and appender. This can be used to segregate
- Policy engine events from other components, or it can be eliminated to record
- these events as part of the application root log. -->
- <!--
- <appender name="EELFPolicy"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${policyLogName}.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/${policyLogName}.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>${defaultPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncEELFPolicy" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFPolicy" />
- </appender>
- -->
- <!-- EELF Audit Appender. This appender is used to record audit engine
- related logging events. The audit logger and appender are specializations
- of the EELF application root logger and appender. This can be used to segregate
- Policy engine events from other components, or it can be eliminated to record
- these events as part of the application root log. -->
- <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${auditLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFAudit" />
- </appender>
- <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${metricsLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFMetrics" />
- </appender>
- <appender name="EELFError" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${errorLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFError" />
- </appender>
- <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${debugLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFDebug" />
- </appender>
- <!-- ============================================================================ -->
- <!-- EELF loggers -->
- <!-- ============================================================================ -->
- <logger name="com.att.eelf" level="debug" additivity="false">
- <appender-ref ref="asyncEELF" />
- </logger>
- <!--
- <logger name="com.att.eelf.security" level="info" additivity="false">
- <appender-ref ref="asyncEELFSecurity" />
- </logger>
- <logger name="com.att.eelf.perf" level="info" additivity="false">
- <appender-ref ref="asyncEELFPerformance" />
- </logger>
- <logger name="com.att.eelf.server" level="info" additivity="false">
- <appender-ref ref="asyncEELFServer" />
- </logger>
- <logger name="com.att.eelf.policy" level="info" additivity="false">
- <appender-ref ref="asyncEELFPolicy" />
- </logger>
- -->
- <logger name="com.att.eelf.audit" level="info" additivity="false">
- <appender-ref ref="asyncEELFAudit" />
- </logger>
- <logger name="com.att.eelf.metrics" level="info" additivity="false">
- <appender-ref ref="asyncEELFMetrics" />
- </logger>
- <logger name="com.att.eelf.error" level="info" additivity="false">
- <appender-ref ref="asyncEELFError" />
- </logger>
- <logger name="com.att.eelf.debug" level="debug" additivity="false">
- <appender-ref ref="asyncEELFDebug" />
- </logger>
- <root level="INFO">
- <appender-ref ref="asyncEELF" />
- </root>
-</configuration>
+<?xml version="1.0" encoding="UTF-8"?> +<!-- + ================================================================================ + eCOMP Portal SDK + ================================================================================ + Copyright (C) 2017 AT&T Intellectual Property + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + ================================================================================ + --> +<configuration scan="true" scanPeriod="3 seconds" debug="true"> + <!-- specify the component name --> + <property name="componentName" value="vid"/> + <!-- specify the base path of the log directory --> + <property name="logDirPrefix" value="/var/log/onap" /> + <!-- The directory where logs are written --> + <property name="logDirectory" value="${logDirPrefix}/${componentName}" /> + + <!-- log file names --> + <property name="generalLogName" value="application" /> + <property name="errorLogName" value="error" /> + <property name="metricsLogName" value="metrics" /> + <property name="auditLogName" value="audit" /> + <property name="debugLogName" value="debug" /> + <property name="outgoingRequestsLogName" value="outgoingRequests" /> + + <!-- other constants --> + <property name="queueSize" value="256" /> + <property name="maxFileSize" value="50MB" /> + <property name="maxHistory" value="30" /> + <property name="totalSizeCap" value="10GB" /> + + <!-- ONAP Application Logging Specification v1.2 (Casablanca) + https://wiki.onap.org/pages/viewpage.action?pageId=28378955 --> + + <property name="auditLoggerPattern" + value="%X{EntryTimestamp}|%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX,UTC}|%X{RequestID}|%X{ServiceInstanceId}|%thread||%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level||%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{ClientIPAddress}|%X{ClassName}|||%marker|%mdc|||%msg%n"/> + + <property name="metricsLoggerPattern" + value="%X{InvokeTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|0|%X{ServerIPAddress}|%replace(%X{ElapsedTime}){' ms',''}|%X{ServerFQDN}|%X{ClientIPAddress}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVisualEntity}|%marker|%mdc|%X{CustomField3}|%X{CustomField4}| %msg%nopexception%n" /> + + <property name="errorLoggerPattern" + value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestID}|%thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%.-5level|%X{ErrorCode:-900}|%replace(%msg){'[\r\n]+', '\\\\n'}|%nopexception%replace(%xThrowable){'[\r\n]+', '\\\\n'}%n" /> + + <property name="debugLoggerPattern" value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestID}|%msg %nopexception%replace(%xThrowable){'[\r\n]+', '\\\\n'}|^%n" /> + + <!-- use %class so library logging calls yield their class name --> + <property name="applicationLoggerPattern" + value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestID}|%thread|%.-5level|%class{36}| %msg%n" /> + + + + <!-- Example evaluator filter applied against console appender --> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${debugLoggerPattern}</pattern> + </encoder> + </appender> + + <!-- ============================================================================ --> + <!-- EELF Appenders --> + <!-- ============================================================================ --> + + <!-- The EELFAppender is used to record events to the general application log --> + <appender name="EELF" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${generalLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${applicationLoggerPattern}</pattern> + </encoder> + <filter class="org.onap.portalapp.util.CustomLoggingFilter" /> + </appender> + + <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>${queueSize}</queueSize> + <includeCallerData>true</includeCallerData> + <appender-ref ref="EELF" /> + </appender> + + <!-- EELF Security Appender. This appender is used to record security events + to the security log file. Security events are separate from other loggers + in EELF so that security log records can be captured and managed in a secure + way separate from the other logs. This appender is set to never discard any + events. --> + <!-- + <appender name="EELFSecurity" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${securityLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${securityLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFSecurity" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <discardingThreshold>0</discardingThreshold> + <appender-ref ref="EELFSecurity" /> + </appender> + --> + <!-- EELF Performance Appender. This appender is used to record performance + records. --> + <!-- + <appender name="EELFPerformance" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${performanceLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${performanceLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <outputPatternAsHeader>true</outputPatternAsHeader> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFPerformance" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFPerformance" /> + </appender> + --> + <!-- EELF Server Appender. This appender is used to record Server related + logging events. The Server logger and appender are specializations of the + EELF application root logger and appender. This can be used to segregate Server + events from other components, or it can be eliminated to record these events + as part of the application root log. --> + <!-- + <appender name="EELFServer" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${serverLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${serverLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFServer" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFServer" /> + </appender> + --> + <!-- EELF Policy Appender. This appender is used to record Policy engine + related logging events. The Policy logger and appender are specializations + of the EELF application root logger and appender. This can be used to segregate + Policy engine events from other components, or it can be eliminated to record + these events as part of the application root log. --> + <!-- + <appender name="EELFPolicy" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${policyLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${policyLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFPolicy" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFPolicy" /> + </appender> + --> + <!-- EELF Audit Appender. This appender is used to record audit engine + related logging events. The audit logger and appender are specializations + of the EELF application root logger and appender. This can be used to segregate + Policy engine events from other components, or it can be eliminated to record + these events as part of the application root log. --> + <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${auditLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${auditLoggerPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="EELFAudit" /> + <includeCallerData>true</includeCallerData> + </appender> + + <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>INVOKE</marker> + <marker>INVOKE-RETURN</marker> + </evaluator> + <onMismatch>DENY</onMismatch> + <onMatch>ACCEPT</onMatch> + </filter> + <file>${logDirectory}/${metricsLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${metricsLoggerPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="EELFMetrics" /> + <includeCallerData>true</includeCallerData> + </appender> + + <appender name="EELFError" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>ERROR</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>NEUTRAL</onMismatch> + </filter> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>WARN</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <file>${logDirectory}/${errorLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${errorLoggerPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="EELFError" /> + <includeCallerData>true</includeCallerData> + </appender> + + <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${debugLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${debugLoggerPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="EELFDebug" /> + <includeCallerData>true</includeCallerData> + </appender> + + <appender name="OutgoingRequests" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${outgoingRequestsLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${outgoingRequestsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${debugLoggerPattern}</pattern> + </encoder> + </appender> + <appender name="asyncOutgoingRequests" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="OutgoingRequests" /> + <includeCallerData>true</includeCallerData> + </appender> + + + <!-- ============================================================================ --> + <!-- EELF loggers --> + <!-- ============================================================================ --> + <logger name="com.att.eelf" level="debug" additivity="false"> + <appender-ref ref="asyncEELF" /> + </logger> + + <!-- + <logger name="com.att.eelf.security" level="info" additivity="false"> + <appender-ref ref="asyncEELFSecurity" /> + </logger> + <logger name="com.att.eelf.perf" level="info" additivity="false"> + <appender-ref ref="asyncEELFPerformance" /> + </logger> + <logger name="com.att.eelf.server" level="info" additivity="false"> + <appender-ref ref="asyncEELFServer" /> + </logger> + <logger name="com.att.eelf.policy" level="info" additivity="false"> + <appender-ref ref="asyncEELFPolicy" /> + </logger> + --> + + <logger name="org.onap.logging.filter.base.AbstractAuditLogFilter" level="info" additivity="false"> + <appender-ref ref="asyncEELFAudit" /> + </logger> + + <logger name="org.onap.logging.filter.base.AbstractMetricLogFilter" level="info" additivity="false"> + <appender-ref ref="asyncEELFMetrics" /> + </logger> + + <logger name="com.att.eelf.error" level="info" additivity="false"> + <appender-ref ref="asyncEELFError" /> + <appender-ref ref="asyncEELFDebug" /> + </logger> + + <logger name="com.att.eelf.debug" level="debug" additivity="false"> + <appender-ref ref="asyncEELFDebug" /> + </logger> + + <logger name="http.requests.outgoing" level="DEBUG" additivity="false"> + <appender-ref ref="asyncOutgoingRequests"/> + </logger> + + <root level="INFO"> + <appender-ref ref="asyncEELF" /> + <appender-ref ref="asyncEELFError" /> + </root> + +</configuration> diff --git a/kubernetes/vid/templates/deployment.yaml b/kubernetes/vid/templates/deployment.yaml index 9221af7dcf..3c52b9d03f 100644 --- a/kubernetes/vid/templates/deployment.yaml +++ b/kubernetes/vid/templates/deployment.yaml @@ -96,20 +96,21 @@ spec: value: "{{ .Values.config.vidcontactuslink }}" - name: VID_KEYSTORE_PASSWORD value: {{ .Values.config.vidkeystorepassword | quote }} - - name: CATALINA_OPTS - value: "-Dvid.keystore.password=$(VID_KEYSTORE_PASSWORD) -Dvid.keyalias=vid@vid.onap.org -Dvid.keystore.filename=/opt/app/vid/etc/org.onap.vid.jks -Dcom.att.eelf.logging.file=logback.xml -Dcom.att.eelf.logging.path=/tmp" - name: VID_UEB_URL_LIST value: message-router.{{ include "common.namespace" . }} - name: VID_MYSQL_HOST - value: "{{ .Values.config.vidmysqlhost }}" + value: {{ index .Values "mariadb-galera" "service" "name" }} - name: VID_MYSQL_PORT - value: "{{ .Values.config.vidmysqlport }}" + value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}" - name: VID_MYSQL_DBNAME - value: "{{ .Values.config.vidmysqldbname }}" + value: {{ index .Values "mariadb-galera" "config" "mysqlDatabase" }} - name: VID_MYSQL_USER - value: "{{ .Values.config.vidmysqluser }}" + value: {{ index .Values "mariadb-galera" "config" "userName" }} - name: VID_MYSQL_PASS - value: "{{ .Values.config.vidmysqlpassword }}" + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-db + key: db-user-password #valueFrom: # secretKeyRef: {name: {{ include "common.fullname" . }}, key: vid-password} - name: VID_MYSQL_MAXCONNECTIONS @@ -166,4 +167,3 @@ spec: name: {{ include "common.fullname" . }}-log-configmap imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" - diff --git a/kubernetes/vid/templates/ingress.yaml b/kubernetes/vid/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/vid/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/vid/templates/job.yaml b/kubernetes/vid/templates/job.yaml index 5214e71130..c2a1858d0c 100644 --- a/kubernetes/vid/templates/job.yaml +++ b/kubernetes/vid/templates/job.yaml @@ -34,11 +34,8 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - /root/ready.py -{{- $fullname := include "common.fullname" . -}} -{{- range $i,$t := until (int .Values.vid_mariadb_galera.replicaCount)}} - --container-name - - {{ $fullname }}-mariadb-galera-{{$i}} -{{- end }} + - {{ index .Values "mariadb-galera" "service" "name" }} env: - name: NAMESPACE valueFrom: @@ -63,13 +60,16 @@ spec: - /dbcmd-config/db_cmd.sh env: - name: MYSQL_PASSWORD - value: "{{ .Values.config.vidmysqlpassword }}" + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-db + key: db-user-password - name: MYSQL_HOST - value: "{{ .Values.config.vidmysqlhost }}" + value: {{ index .Values "mariadb-galera" "service" "name" }} - name: MYSQL_USER - value: "{{ .Values.config.vidmysqluser }}" + value: {{ index .Values "mariadb-galera" "config" "userName" }} - name: MYSQL_PORT - value: "{{ .Values.config.vidmysqlport }}" + value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}" restartPolicy: Never volumes: - name: {{ include "common.fullname" . }}-config @@ -80,4 +80,3 @@ spec: path: db_cmd.sh - key: vid-pre-init.sql path: vid-pre-init.sql - diff --git a/kubernetes/vid/templates/secrets.yaml b/kubernetes/vid/templates/secrets.yaml index 222a3d582a..e0c1992d93 100644 --- a/kubernetes/vid/templates/secrets.yaml +++ b/kubernetes/vid/templates/secrets.yaml @@ -39,3 +39,18 @@ metadata: type: Opaque data: {{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-db + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +type: Opaque +data: + db-user-password: {{ index .Values "mariadb-galera" "config" "userPassword" | b64enc | quote }} + db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }} diff --git a/kubernetes/vid/values.yaml b/kubernetes/vid/values.yaml index 61002778fd..805e337f57 100644 --- a/kubernetes/vid/values.yaml +++ b/kubernetes/vid/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.1 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -27,7 +27,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/vid:5.0.3 +image: onap/vid:6.0.2 pullPolicy: Always # mariadb image for initializing @@ -47,19 +47,29 @@ config: vidmsopass: OBF:1ih71i271vny1yf41ymf1ylz1yf21vn41hzj1icz msodme2serverurl: http://localhost:8081 vidcontactuslink: https://todo_contact_us_link.com - vidmysqlhost: vid-galera - vidmysqlport: "3306" - vidmysqldbname: vid_openecomp_epsdk - vidmysqluser: vidadmin vidmysqlmaxconnections: "5" logstashServiceName: log-ls logstashPort: 5044 roleaccesscentralized: remote -# subchart configuration -vid_mariadb_galera: -# nameOverride: vid-mariadb-galera - replicaCount: 1 +mariadb-galera: + config: + userName: vidadmin + userPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + mariadbRootPassword: kjgsdhjqhawxvnbpoiawsfgjsqhsgjhjhdqihhjqdvcbxkjchizpw + mysqlDatabase: vid_openecomp_epsdk + nameOverride: vid-galera + service: + name: vid-galera + portName: mysql-vid + internalPort: "3306" + replicaCount: 3 + persistence: + enabled: true + mountSubPath: vid/maria/data + externalConfig: |- + [mysqld] + lower_case_table_names = 1 # default number of instances replicaCount: 1 @@ -92,6 +102,12 @@ service: ingress: enabled: false + service: + - baseaddr: "vid" + name: "vid-http" + port: 8080 + config: + ssl: "none" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/vnfsdk/templates/ingress.yaml b/kubernetes/vnfsdk/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/vnfsdk/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml index 2b6fd99b2e..55f81acc24 100644 --- a/kubernetes/vnfsdk/values.yaml +++ b/kubernetes/vnfsdk/values.yaml @@ -113,3 +113,9 @@ service: ingress: enabled: false + service: + - baseaddr: "refrepo" + name: "refrepo" + port: 97 + config: + ssl: "none" |