summaryrefslogtreecommitdiffstats
path: root/kubernetes
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes')
-rw-r--r--kubernetes/aai/components/aai-babel/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-graphadmin/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-modelloader/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-resources/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-schema-service/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-traversal/values.yaml2
-rw-r--r--kubernetes/common/repositoryGenerator/templates/_repository.tpl9
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml4
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml2
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml2
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml4
-rw-r--r--kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml4
-rw-r--r--kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml4
-rwxr-xr-xkubernetes/helm/plugins/deploy/deploy.sh121
-rw-r--r--kubernetes/onap/Chart.yaml4
-rw-r--r--kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml2
-rw-r--r--kubernetes/onap/resources/overrides/onap-all.yaml2
-rw-r--r--kubernetes/onap/resources/overrides/onap-vfw.yaml2
-rw-r--r--kubernetes/onap/resources/overrides/sm-onap.yaml2
-rwxr-xr-xkubernetes/onap/values.yaml2
-rwxr-xr-xkubernetes/policy/Chart.yaml4
-rw-r--r--kubernetes/policy/components/policy-clamp-fe/resources/config/default.conf31
-rw-r--r--kubernetes/policy/components/policy-clamp-fe/resources/config/log/filebeat/filebeat.yml55
-rw-r--r--kubernetes/policy/components/policy-clamp-fe/templates/NOTES.txt32
-rw-r--r--kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml106
-rw-r--r--kubernetes/policy/components/policy-clamp-fe/templates/ingress.yaml1
-rw-r--r--kubernetes/policy/components/policy-clamp-fe/templates/service.yaml43
-rw-r--r--kubernetes/policy/components/policy-clamp-fe/values.yaml154
-rwxr-xr-xkubernetes/policy/values.yaml2
-rw-r--r--kubernetes/robot/resources/config/eteshare/config/robot_properties.py4
-rw-r--r--kubernetes/strimzi/.helmignore22
-rw-r--r--kubernetes/strimzi/Chart.yaml (renamed from kubernetes/policy/components/policy-clamp-fe/Chart.yaml)15
-rw-r--r--kubernetes/strimzi/Makefile51
-rw-r--r--kubernetes/strimzi/templates/pv-kafka.yaml (renamed from kubernetes/policy/components/policy-clamp-fe/templates/configmap.yaml)19
-rw-r--r--kubernetes/strimzi/templates/pv-zk.yaml (renamed from kubernetes/policy/components/policy-clamp-fe/templates/secrets.yaml)5
-rw-r--r--kubernetes/strimzi/templates/strimzi-kafka.yaml90
-rw-r--r--kubernetes/strimzi/values.yaml52
37 files changed, 351 insertions, 511 deletions
diff --git a/kubernetes/aai/components/aai-babel/values.yaml b/kubernetes/aai/components/aai-babel/values.yaml
index 14f162a486..f6009af391 100644
--- a/kubernetes/aai/components/aai-babel/values.yaml
+++ b/kubernetes/aai/components/aai-babel/values.yaml
@@ -59,7 +59,7 @@ certInitializer:
#################################################################
# application image
-image: onap/babel:1.9.3
+image: onap/babel:1.9.5
flavor: small
flavorOverride: small
diff --git a/kubernetes/aai/components/aai-graphadmin/values.yaml b/kubernetes/aai/components/aai-graphadmin/values.yaml
index a232d53c84..0eb0c75297 100644
--- a/kubernetes/aai/components/aai-graphadmin/values.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/values.yaml
@@ -144,7 +144,7 @@ certInitializer:
chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }}
# application image
-image: onap/aai-graphadmin:1.9.3
+image: onap/aai-graphadmin:1.9.4
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/aai/components/aai-modelloader/values.yaml b/kubernetes/aai/components/aai-modelloader/values.yaml
index 6d1a37e561..3b7d79e4a3 100644
--- a/kubernetes/aai/components/aai-modelloader/values.yaml
+++ b/kubernetes/aai/components/aai-modelloader/values.yaml
@@ -56,7 +56,7 @@ certInitializer:
chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }}
# application image
-image: onap/model-loader:1.9.2
+image: onap/model-loader:1.9.4
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml
index fdb243de0a..544ed28e62 100644
--- a/kubernetes/aai/components/aai-resources/values.yaml
+++ b/kubernetes/aai/components/aai-resources/values.yaml
@@ -157,7 +157,7 @@ certInitializer:
chown -R 1000 {{ .Values.credsPath }}
# application image
-image: onap/aai-resources:1.9.4
+image: onap/aai-resources:1.9.5
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml
index b03032677e..8345a81f06 100644
--- a/kubernetes/aai/components/aai-schema-service/values.yaml
+++ b/kubernetes/aai/components/aai-schema-service/values.yaml
@@ -94,7 +94,7 @@ certInitializer:
chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }}
# application image
-image: onap/aai-schema-service:1.9.4
+image: onap/aai-schema-service:1.9.5
pullPolicy: Always
restartPolicy: Always
flavorOverride: small
diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml
index 921d2dc832..a77ce6a288 100644
--- a/kubernetes/aai/components/aai-traversal/values.yaml
+++ b/kubernetes/aai/components/aai-traversal/values.yaml
@@ -140,7 +140,7 @@ certInitializer:
chown -R 1000 {{ .Values.credsPath }}
# application image
-image: onap/aai-traversal:1.9.4
+image: onap/aai-traversal:1.9.5
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/common/repositoryGenerator/templates/_repository.tpl b/kubernetes/common/repositoryGenerator/templates/_repository.tpl
index f57d390477..1b99285a80 100644
--- a/kubernetes/common/repositoryGenerator/templates/_repository.tpl
+++ b/kubernetes/common/repositoryGenerator/templates/_repository.tpl
@@ -154,6 +154,7 @@
mail: email (optional)
You can also set the same things for dockerHub, elastic and googleK8s if
needed.
+ if not needed, set global.repositoryCred.user to empty value.
*/}}
{{- define "repositoryGenerator.secret" -}}
{{- $dot := default . .dot -}}
@@ -164,9 +165,11 @@
{{- if $subchartDot.Values.global.repositoryCred }}
{{- $repo := $subchartDot.Values.global.repository }}
{{- $cred := $subchartDot.Values.global.repositoryCred }}
- {{- $mail := default "@" $cred.mail }}
- {{- $auth := printf "%s:%s" $cred.user $cred.password | b64enc }}
- {{- $repoCreds = printf "\"%s\": {\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}" $repo $cred.user $cred.password $mail $auth }}
+ {{- if $cred.user }}
+ {{- $mail := default "@" $cred.mail }}
+ {{- $auth := printf "%s:%s" $cred.user $cred.password | b64enc }}
+ {{- $repoCreds = printf "\"%s\": {\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}" $repo $cred.user $cred.password $mail $auth }}
+ {{- end }}
{{- end }}
{{- if $subchartDot.Values.global.dockerHubRepositoryCred }}
{{- $dhRepo := $subchartDot.Values.global.dockerHubRepository }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml
index d2062700f3..6099d0cf85 100644
--- a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml
@@ -90,8 +90,8 @@ readiness:
periodSeconds: 15
timeoutSeconds: 1
path: /healthcheck
- scheme: HTTPS
- port: 8443
+ scheme: HTTP
+ port: 8081
# Service Configuration
service:
diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
index abf0371412..4cd47dccb5 100644
--- a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
@@ -40,7 +40,7 @@ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
# Application configuration defaults.
#################################################################
# application image
-image: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.3.1
+image: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.3.2
pullPolicy: Always
# log directory where logging sidecar should look for log files
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml
index b53e61690b..714a875612 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml
@@ -40,7 +40,7 @@ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
# Application Configuration Defaults.
#################################################################
# Application Image
-image: onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor:1.3.3
+image: onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor:1.4.0
pullPolicy: Always
# Log directory where logging sidecar should look for log files
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml
index 873579ee97..a09437eba2 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml
@@ -1,6 +1,6 @@
#============LICENSE_START========================================================
#=================================================================================
-# Copyright (c) 2021 Nokia. All rights reserved.
+# Copyright (c) 2021-2022 Nokia. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -18,7 +18,7 @@
# Global values
global:
pullPolicy: Always
-image: onap/org.onap.dcaegen2.platform.ves-openapi-manager:1.0.1
+image: onap/org.onap.dcaegen2.platform.ves-openapi-manager:1.1.0
containerPort: &svc_port 8080
service:
diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml
index be0de969c1..c998e9ec67 100644
--- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml
+++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml
@@ -60,7 +60,7 @@ pullPolicy: Always
zookeeper:
name: message-router-zookeeper
port: 2181
- replicaCount: 3
+ replicaCount: 1
kafka:
heapOptions: -Xmx5G -Xms1G
@@ -129,7 +129,7 @@ secrets:
debugEnabled: false
# default number of instances
-replicaCount: 3
+replicaCount: 1
# To access Kafka outside cluster, this value must be set to hard and the number of nodes in K8S cluster must be equal or greater then replica count
diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml
index fae361a4c8..79ced4dde2 100644
--- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml
+++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml
@@ -32,9 +32,9 @@ debugEnabled: false
# default number of instances
-replicaCount: 3
+replicaCount: 1
-zookeeperServers: 3
+zookeeperServers: 1
nodeSelector: {}
diff --git a/kubernetes/helm/plugins/deploy/deploy.sh b/kubernetes/helm/plugins/deploy/deploy.sh
index 13b0ed86e2..51438ad7ea 100755
--- a/kubernetes/helm/plugins/deploy/deploy.sh
+++ b/kubernetes/helm/plugins/deploy/deploy.sh
@@ -87,6 +87,54 @@ resolve_deploy_flags() {
echo "$DEPLOY_FLAGS"
}
+
+check_for_dep() {
+ try=0
+ retries=30
+ until (kubectl get deployment -n $RELEASE | grep -P "\b$1\b") &>/dev/null; do
+ (( ++try > retries )) && exit 1
+ echo "$1 not found. Retry $try/$retries"
+ sleep 5
+ done
+ echo "$1 found. Waiting for pod intialisation"
+ sleep 15
+}
+
+deploy_strimzi() {
+ #Deploy the srtimzi-kafka chart in advance. Dependent charts require the entity-operator
+ #for management of the strimzi crds
+ deploy_subchart
+ echo "waiting for ${RELEASE}-strimzi-entity-operator to be deployed"
+ check_for_dep ${RELEASE}-strimzi-entity-operator
+}
+
+deploy_subchart() {
+ if [ -z "$SUBCHART_RELEASE" ] || [ "$SUBCHART_RELEASE" = "$subchart" ]; then
+ LOG_FILE=$LOG_DIR/"${RELEASE}-${subchart}".log
+ :> $LOG_FILE
+
+ helm upgrade -i "${RELEASE}-${subchart}" $CACHE_SUBCHART_DIR/$subchart \
+ $DEPLOY_FLAGS -f $GLOBAL_OVERRIDES -f $SUBCHART_OVERRIDES \
+ > $LOG_FILE 2>&1
+
+ if [ "$VERBOSE" = "true" ]; then
+ cat $LOG_FILE
+ else
+ echo "release \"${RELEASE}-${subchart}\" deployed"
+ fi
+ # Add annotation last-applied-configuration if set-last-applied flag is set
+ if [ "$SET_LAST_APPLIED" = "true" ]; then
+ helm get manifest "${RELEASE}-${subchart}" \
+ | kubectl apply set-last-applied --create-annotation -n onap -f - \
+ > $LOG_FILE.log 2>&1
+ fi
+ fi
+ if [ "$DELAY" = "true" ]; then
+ echo sleep 3m
+ sleep 180
+ fi
+}
+
deploy() {
# validate params
if [ -z "$1" ] || [ -z "$2" ]; then
@@ -219,47 +267,50 @@ deploy() {
#“helm ls” is an expensive command in that it can take a long time to execute.
#So cache the results to prevent repeated execution.
ALL_HELM_RELEASES=$(helm ls -q)
- for subchart in * ; do
- SUBCHART_OVERRIDES=$CACHE_SUBCHART_DIR/$subchart/subchart-overrides.yaml
- SUBCHART_ENABLED=0
- if [ -f $SUBCHART_OVERRIDES ]; then
- SUBCHART_ENABLED=$(cat $SUBCHART_OVERRIDES | grep -c "^enabled: true")
- fi
+ for subchart in strimzi cassandra mariadb-galera postgres ; do
+ SUBCHART_OVERRIDES=$CACHE_SUBCHART_DIR/$subchart/subchart-overrides.yaml
- if [ $SUBCHART_ENABLED -eq 1 ]; then
- if [ -z "$SUBCHART_RELEASE" ] || [ "$SUBCHART_RELEASE" = "$subchart" ]; then
- LOG_FILE=$LOG_DIR/"${RELEASE}-${subchart}".log
- :> $LOG_FILE
+ SUBCHART_ENABLED=0
+ if [ -f $SUBCHART_OVERRIDES ]; then
+ SUBCHART_ENABLED=$(cat $SUBCHART_OVERRIDES | grep -c "^enabled: true")
+ fi
+ if [ "${subchart}" = "strimzi" ] && [ $SUBCHART_ENABLED -eq 1 ]; then
+ deploy_strimzi
+ fi
+ # Deploy them at first
+ if [ $SUBCHART_ENABLED -eq 1 ]; then
+ deploy_subchart
+ else
+ array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}"))
+ n=${#array[*]}
+ for i in $(seq $(($n-1)) -1 0); do
+ helm del "${array[i]}"
+ done
+ fi
+ done
- helm upgrade -i "${RELEASE}-${subchart}" $CACHE_SUBCHART_DIR/$subchart \
- $DEPLOY_FLAGS -f $GLOBAL_OVERRIDES -f $SUBCHART_OVERRIDES \
- > $LOG_FILE 2>&1
+ for subchart in * ; do
+ SUBCHART_OVERRIDES=$CACHE_SUBCHART_DIR/$subchart/subchart-overrides.yaml
- if [ "$VERBOSE" = "true" ]; then
- cat $LOG_FILE
- else
- echo "release \"${RELEASE}-${subchart}\" deployed"
- fi
- # Add annotation last-applied-configuration if set-last-applied flag is set
- if [ "$SET_LAST_APPLIED" = "true" ]; then
- helm get manifest "${RELEASE}-${subchart}" \
- | kubectl apply set-last-applied --create-annotation -n onap -f - \
- > $LOG_FILE.log 2>&1
- fi
+ SUBCHART_ENABLED=0
+ if [ -f $SUBCHART_OVERRIDES ]; then
+ SUBCHART_ENABLED=$(cat $SUBCHART_OVERRIDES | grep -c "^enabled: true")
fi
- if [ "$DELAY" = "true" ]; then
- echo sleep 3m
- sleep 180
+ if [ "${subchart}" = "strimzi" ] || [ "${subchart}" = "cassandra" ] || [ "${subchart}" = "mariadb-galera" ] || [ "${subchart}" = "postgres" ]; then
+ SUBCHART_ENABLED=0
fi
- else
- array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}"))
- n=${#array[*]}
- for i in $(seq $(($n-1)) -1 0); do
- helm del "${array[i]}"
- done
- fi
- done
+ # Deploy the others
+ if [ $SUBCHART_ENABLED -eq 1 ]; then
+ deploy_subchart
+ else
+ array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}"))
+ n=${#array[*]}
+ for i in $(seq $(($n-1)) -1 0); do
+ helm del "${array[i]}"
+ done
+ fi
+ done
# report on success/failures of installs/upgrades
helm ls --all-namespaces | grep -i FAILED | grep $RELEASE
diff --git a/kubernetes/onap/Chart.yaml b/kubernetes/onap/Chart.yaml
index 4754f9fd2f..371bc7167e 100644
--- a/kubernetes/onap/Chart.yaml
+++ b/kubernetes/onap/Chart.yaml
@@ -143,6 +143,10 @@ dependencies:
version: ~10.x-0
repository: '@local'
condition: so.enabled
+ - name: strimzi
+ version: ~10.x-0
+ repository: '@local'
+ condition: strimzi.enabled
- name: uui
version: ~10.x-0
repository: '@local'
diff --git a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml
index 528cd2c687..a56126a093 100644
--- a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml
+++ b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml
@@ -74,6 +74,8 @@ so:
so-vnfm-adapter:
ingress:
enabled: true
+strimzi:
+ enabled: true
uui:
enabled: true
vfc:
diff --git a/kubernetes/onap/resources/overrides/onap-all.yaml b/kubernetes/onap/resources/overrides/onap-all.yaml
index 9306985d33..6d08d01139 100644
--- a/kubernetes/onap/resources/overrides/onap-all.yaml
+++ b/kubernetes/onap/resources/overrides/onap-all.yaml
@@ -82,6 +82,8 @@ sdnc:
enabled: true
so:
enabled: true
+strimzi:
+ enabled: true
uui:
enabled: true
vfc:
diff --git a/kubernetes/onap/resources/overrides/onap-vfw.yaml b/kubernetes/onap/resources/overrides/onap-vfw.yaml
index 181a1d18e4..f9da136043 100644
--- a/kubernetes/onap/resources/overrides/onap-vfw.yaml
+++ b/kubernetes/onap/resources/overrides/onap-vfw.yaml
@@ -57,5 +57,7 @@ sdnc:
enabled: true
so:
enabled: true
+strimzi:
+ enabled: true
vid:
enabled: true
diff --git a/kubernetes/onap/resources/overrides/sm-onap.yaml b/kubernetes/onap/resources/overrides/sm-onap.yaml
index b07b6d3aa2..37080b8290 100644
--- a/kubernetes/onap/resources/overrides/sm-onap.yaml
+++ b/kubernetes/onap/resources/overrides/sm-onap.yaml
@@ -134,6 +134,8 @@ so:
openStackKeyStoneUrl: "$OPENSTACK_KEYSTONE_URL"
openStackServiceTenantName: "$OPENSTACK_TENANT_NAME"
openStackEncryptedPasswordHere: "$OPENSTACK_ENCRYPTED_PASSWORD"
+strimzi:
+ enabled: false
uui:
enabled: false
vid:
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index f5b5c8ed7d..0e8dd21994 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -372,6 +372,8 @@ so:
# server:
# monitoring:
# password: demo123456!
+strimzi:
+ enabled: false
uui:
enabled: false
vfc:
diff --git a/kubernetes/policy/Chart.yaml b/kubernetes/policy/Chart.yaml
index 52c1b86f06..fb16e824fb 100755
--- a/kubernetes/policy/Chart.yaml
+++ b/kubernetes/policy/Chart.yaml
@@ -59,10 +59,6 @@ dependencies:
version: ~10.x-0
repository: 'file://components/policy-clamp-be'
condition: policy-clamp-be.enabled
- - name: policy-clamp-fe
- version: ~10.x-0
- repository: 'file://components/policy-clamp-fe'
- condition: policy-clamp-fe.enabled
- name: policy-clamp-cl-k8s-ppnt
version: ~10.x-0
repository: 'file://components/policy-clamp-cl-k8s-ppnt'
diff --git a/kubernetes/policy/components/policy-clamp-fe/resources/config/default.conf b/kubernetes/policy/components/policy-clamp-fe/resources/config/default.conf
deleted file mode 100644
index 4cab734074..0000000000
--- a/kubernetes/policy/components/policy-clamp-fe/resources/config/default.conf
+++ /dev/null
@@ -1,31 +0,0 @@
-server {
-
- listen 2443 default ssl;
- ssl_protocols TLSv1.2;
- {{ if .Values.global.aafEnabled }}
- ssl_certificate {{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.clamp_pem}};
- ssl_certificate_key {{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.clamp_key}};
- {{ else }}
- ssl_certificate /etc/ssl/clamp.pem;
- ssl_certificate_key /etc/ssl/clamp.key;
- {{ end }}
-
- ssl_verify_client optional_no_ca;
- location /restservices/clds/ {
- proxy_pass https://policy-clamp-be:8443;
- proxy_set_header X-SSL-Cert $ssl_client_escaped_cert;
- }
-
- location / {
- root /usr/share/nginx/html;
- index index.html index.htm;
- try_files $uri $uri/ /index.html;
- }
-
- error_page 500 502 503 504 /50x.html;
-
- location = /50x.html {
- root /usr/share/nginx/html;
- }
-
-}
diff --git a/kubernetes/policy/components/policy-clamp-fe/resources/config/log/filebeat/filebeat.yml b/kubernetes/policy/components/policy-clamp-fe/resources/config/log/filebeat/filebeat.yml
deleted file mode 100644
index 8717e6f33a..0000000000
--- a/kubernetes/policy/components/policy-clamp-fe/resources/config/log/filebeat/filebeat.yml
+++ /dev/null
@@ -1,55 +0,0 @@
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-filebeat.prospectors:
-#it is mandatory, in our case it's log
-- input_type: log
- #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
- paths:
- - /var/log/onap/*/*/*/*.log
- - /var/log/onap/*/*/*.log
- - /var/log/onap/*/*.log
- #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
- ignore_older: 48h
- # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
- clean_inactive: 96h
-
-# Name of the registry file. If a relative path is used, it is considered relative to the
-# data path. Else full qualified file name.
-#filebeat.registry_file: ${path.data}/registry
-
-
-output.logstash:
- #List of logstash server ip addresses with port number.
- #But, in our case, this will be the loadbalancer IP address.
- #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
- hosts: ["{{.Values.config.log.logstashServiceName}}:{{.Values.config.log.logstashPort}}"]
- #If enable will do load balancing among availabe Logstash, automatically.
- loadbalance: true
-
- #The list of root certificates for server verifications.
- #If certificate_authorities is empty or not set, the trusted
- #certificate authorities of the host system are used.
- #ssl.certificate_authorities: $ssl.certificate_authorities
-
- #The path to the certificate for SSL client authentication. If the certificate is not specified,
- #client authentication is not available.
- #ssl.certificate: $ssl.certificate
-
- #The client certificate key used for client authentication.
- #ssl.key: $ssl.key
-
- #The passphrase used to decrypt an encrypted key stored in the configured key file
- #ssl.key_passphrase: $ssl.key_passphrase
diff --git a/kubernetes/policy/components/policy-clamp-fe/templates/NOTES.txt b/kubernetes/policy/components/policy-clamp-fe/templates/NOTES.txt
deleted file mode 100644
index e36d6a5bfb..0000000000
--- a/kubernetes/policy/components/policy-clamp-fe/templates/NOTES.txt
+++ /dev/null
@@ -1,32 +0,0 @@
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit https://127.0.0.1:8443 to use your application"
- kubectl port-forward $POD_NAME 8443:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml
deleted file mode 100644
index 1349558651..0000000000
--- a/kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml
+++ /dev/null
@@ -1,106 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- initContainers:
- - command:
- - /app/ready.py
- args:
- - --container-name
- - policy-clamp-be
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
-{{ include "common.certInitializer.initContainer" . | nindent 6 }}
- containers:
- # side car containers
- {{ if .Values.global.centralizedLoggingEnabled }}{{ include "common.log.sidecar" . | nindent 8 }}{{ end }}
- # main container
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- - name: logs
- mountPath: {{ .Values.log.path }}
- - mountPath: /etc/nginx/conf.d/default.conf
- name: {{ include "common.fullname" . }}-config
- subPath: default.conf
- resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- - name: {{ include "common.fullname" . }}-config
- configMap:
- name: {{ include "common.fullname" . }}
- items:
- - key: default.conf
- path: default.conf
- - name: logs
- emptyDir: {}
- {{ if .Values.global.centralizedLoggingEnabled }}{{ include "common.log.volumes" . | nindent 8 }}{{ end }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/policy/components/policy-clamp-fe/templates/ingress.yaml b/kubernetes/policy/components/policy-clamp-fe/templates/ingress.yaml
deleted file mode 100644
index 8f87c68f1e..0000000000
--- a/kubernetes/policy/components/policy-clamp-fe/templates/ingress.yaml
+++ /dev/null
@@ -1 +0,0 @@
-{{ include "common.ingress" . }}
diff --git a/kubernetes/policy/components/policy-clamp-fe/templates/service.yaml b/kubernetes/policy/components/policy-clamp-fe/templates/service.yaml
deleted file mode 100644
index b4549ba099..0000000000
--- a/kubernetes/policy/components/policy-clamp-fe/templates/service.yaml
+++ /dev/null
@@ -1,43 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.service.name }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
----
diff --git a/kubernetes/policy/components/policy-clamp-fe/values.yaml b/kubernetes/policy/components/policy-clamp-fe/values.yaml
deleted file mode 100644
index 80f40995d2..0000000000
--- a/kubernetes/policy/components/policy-clamp-fe/values.yaml
+++ /dev/null
@@ -1,154 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018-2021 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global: # global defaults
- nodePortPrefix: 302
- centralizedLoggingEnabled: true
- #AAF service
- aafEnabled: true
-
-#################################################################
-# AAF part
-#################################################################
-certInitializer:
- permission_user: 1000
- permission_group: 999
- addconfig: true
- keystoreFile: "org.onap.clamp.p12"
- truststoreFile: "org.onap.clamp.trust.jks"
- keyFile: "org.onap.clamp.keyfile"
- truststoreFileONAP: "truststoreONAPall.jks"
- clamp_key: "clamp.key"
- clamp_pem: "clamp.pem"
- clamp_ca_certs_pem: "clamp-ca-certs.pem"
- nameOverride: clamp-cert-initializer
- aafDeployFqi: deployer@people.osaaf.org
- aafDeployPass: demo123456!
- # aafDeployCredsExternalSecret: some secret
- fqdn: clamp
- fqi: clamp@clamp.onap.org
- public_fqdn: clamp.onap.org
- cadi_longitude: "0.0"
- cadi_latitude: "0.0"
- app_ns: org.osaaf.aaf
- credsPath: /opt/app/osaaf/local
- aaf_add_config: >
- cd {{ .Values.credsPath }};
- openssl pkcs12 -in {{ .Values.keystoreFile }} -nocerts -nodes -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_key }};
- openssl pkcs12 -in {{ .Values.keystoreFile }} -clcerts -nokeys -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_pem }};
- openssl pkcs12 -in {{ .Values.keystoreFile }} -cacerts -nokeys -chain -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_ca_certs_pem }};
- chmod a+rx *;
-
-subChartsOnly:
- enabled: true
-
-flavor: small
-
-# application image
-image: onap/policy-clamp-frontend:6.2.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# log configuration
-log:
- path: /var/log/nginx/
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-config:
- log:
- logstashServiceName: log-ls
- logstashPort: 5044
- dataRootDir: /dockerdata-nfs
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 120
- periodSeconds: 10
- timeoutSeconds: 3
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
- timeoutSeconds: 3
-
-service:
- type: NodePort
- name: policy-clamp-fe
- portName: policy-clamp-fe
- internalPort: 2443
- nodePort: 58
-
- # as of 20180904 port 58 is reserved for clamp from log/logdemonode
- # see https://wiki.onap.org/display/DW/OOM+NodePort+List
-
-ingress:
- enabled: false
- service:
- - baseaddr: "clamp.api"
- name: "clamp"
- port: 2443
- config:
- ssl: "redirect"
-
-#resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- #
- # Example:
- # Configure resource requests and limits
- # ref: http://kubernetes.io/docs/user-guide/compute-resources/
- # Minimum memory for development is 2 CPU cores and 4GB memory
- # Minimum memory for production is 4 CPU cores and 8GB memory
-resources:
- small:
- limits:
- cpu: 1
- memory: 200Mi
- requests:
- cpu: 1m
- memory: 50Mi
- large:
- limits:
- cpu: 1
- memory: 500Mi
- requests:
- cpu: 10m
- memory: 50Mi
- unlimited: {}
-
-#Pods Service Account
-serviceAccount:
- nameOverride: policy-clamp-fe
- roles:
- - read
diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml
index c544467b53..77d3c3f83e 100755
--- a/kubernetes/policy/values.yaml
+++ b/kubernetes/policy/values.yaml
@@ -98,8 +98,6 @@ policy-clamp-be:
db: *dbSecretsHook
config:
appUserExternalSecret: *policyAppCredsSecret
-policy-clamp-fe:
- enabled: true
policy-clamp-cl-k8s-ppnt:
enabled: true
policy-clamp-cl-pf-ppnt:
diff --git a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
index c2d1c48fe8..700b17a970 100644
--- a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
+++ b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
@@ -20,7 +20,7 @@ GLOBAL_INJECTED_APPC_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" .
GLOBAL_INJECTED_APPC_CDT_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "appc-cdt") }}'
GLOBAL_INJECTED_ARTIFACTS_VERSION = '{{.Values.demoArtifactsVersion}}'
GLOBAL_INJECTED_ARTIFACTS_REPO_URL = "{{ .Values.demoArtifactsRepoUrl }}"
-GLOBAL_INJECTED_CLAMP_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "policy-clamp-fe") }}'
+GLOBAL_INJECTED_CLAMP_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "policy-gui") }}'
GLOBAL_INJECTED_CLI_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "cli") }}'
GLOBAL_INJECTED_CLOUD_ENV = 'openstack'
GLOBAL_INJECTED_DCAE_COLLECTOR_IP = "{{ .Values.dcaeCollectorIp }}"
@@ -153,7 +153,7 @@ GLOBAL_SDC_PASSWORD = '{{ .Values.sdcPassword }}'
GLOBAL_SDC_AUTHENTICATION = [GLOBAL_SDC_USERNAME, GLOBAL_SDC_PASSWORD]
# clamp info - everything is from the private oam network (also called onap private network)
GLOBAL_CLAMP_SERVER_PROTOCOL = "https"
-GLOBAL_CLAMP_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "policy-clamp-fe" "port" 2443) }}'
+GLOBAL_CLAMP_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "policy-gui" "port" 2443) }}'
# nbi info - everything is from the private oam network (also called onap private network)
GLOBAL_NBI_SERVER_PROTOCOL = "https"
GLOBAL_NBI_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "nbi" "port" 8443) }}'
diff --git a/kubernetes/strimzi/.helmignore b/kubernetes/strimzi/.helmignore
new file mode 100644
index 0000000000..0f976e9ff3
--- /dev/null
+++ b/kubernetes/strimzi/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+Chart.lock
diff --git a/kubernetes/policy/components/policy-clamp-fe/Chart.yaml b/kubernetes/strimzi/Chart.yaml
index f703987a44..6ce866bdeb 100644
--- a/kubernetes/policy/components/policy-clamp-fe/Chart.yaml
+++ b/kubernetes/strimzi/Chart.yaml
@@ -1,7 +1,4 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
+# Copyright © 2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -16,13 +13,16 @@
# limitations under the License.
apiVersion: v2
-description: ONAP Policy Clamp Frontend
-name: policy-clamp-fe
+description: ONAP Strimzi kafka
+name: strimzi
version: 10.0.0
dependencies:
- - name: certInitializer
+ - name: common
version: ~10.x-0
+ # local reference to common chart, as it is
+ # a part of this chart's package and will not
+ # be published independently to a repo (at this point)
repository: '@local'
- name: repositoryGenerator
version: ~10.x-0
@@ -30,3 +30,4 @@ dependencies:
- name: serviceAccount
version: ~10.x-0
repository: '@local'
+
diff --git a/kubernetes/strimzi/Makefile b/kubernetes/strimzi/Makefile
new file mode 100644
index 0000000000..51d7de122c
--- /dev/null
+++ b/kubernetes/strimzi/Makefile
@@ -0,0 +1,51 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES := dist resources templates charts docker
+HELM_BIN := helm
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
+ @$(HELM_BIN) repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */Chart.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
diff --git a/kubernetes/policy/components/policy-clamp-fe/templates/configmap.yaml b/kubernetes/strimzi/templates/pv-kafka.yaml
index 1a5b0ce06a..616f03e788 100644
--- a/kubernetes/policy/components/policy-clamp-fe/templates/configmap.yaml
+++ b/kubernetes/strimzi/templates/pv-kafka.yaml
@@ -1,6 +1,5 @@
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Copyright © 2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -14,18 +13,4 @@
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
-
-{{ include "common.log.configMap" . }}
+{{ include "common.replicaPV" (dict "dot" . "suffix" "kafka" "persistenceInfos" .Values.persistenceKafka) }}
diff --git a/kubernetes/policy/components/policy-clamp-fe/templates/secrets.yaml b/kubernetes/strimzi/templates/pv-zk.yaml
index 4cf8155f6c..60f4ca6e79 100644
--- a/kubernetes/policy/components/policy-clamp-fe/templates/secrets.yaml
+++ b/kubernetes/strimzi/templates/pv-zk.yaml
@@ -1,6 +1,5 @@
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Copyright © 2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -15,4 +14,4 @@
# limitations under the License.
*/}}
-{{ include "common.secretFast" . }}
+{{ include "common.replicaPV" (dict "dot" . "suffix" "zk" "persistenceInfos" .Values.persistenceZk) }}
diff --git a/kubernetes/strimzi/templates/strimzi-kafka.yaml b/kubernetes/strimzi/templates/strimzi-kafka.yaml
new file mode 100644
index 0000000000..cfd2ef13cc
--- /dev/null
+++ b/kubernetes/strimzi/templates/strimzi-kafka.yaml
@@ -0,0 +1,90 @@
+{{/*
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+apiVersion: kafka.strimzi.io/v1beta2
+kind: Kafka
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ kafka:
+ version: {{ .Values.version }}
+ replicas: {{ .Values.replicaCount }}
+ listeners:
+ - name: plain
+ port: {{ .Values.kafkaInternalPort }}
+ type: internal
+ tls: false
+ authentication:
+ type: {{ .Values.saslMechanism }}
+ - name: tls
+ port: 9093
+ type: internal
+ tls: true
+ authentication:
+ type: tls
+ - name: external
+ port: 9094
+ type: nodeport
+ tls: true
+ authentication:
+ type: tls
+ authorization:
+ type: simple
+ superUsers:
+ - {{ include "common.release" . }}-{{ .Values.kafkaStrimziAdminUser }}
+ template:
+ pod:
+ securityContext:
+ runAsUser: 0
+ fsGroup: 0
+ config:
+ offsets.topic.replication.factor: {{ .Values.replicaCount }}
+ transaction.state.log.replication.factor: {{ .Values.replicaCount }}
+ transaction.state.log.min.isr: 2
+ log.message.format.version: "3.0"
+ inter.broker.protocol.version: "3.0"
+ storage:
+ type: jbod
+ class: {{ include "common.storageClass" (dict "dot" . "suffix" "kafka" "persistenceInfos" .Values.persistenceKafka) }}
+ volumes:
+ - id: 0
+ type: persistent-claim
+ size: {{ .Values.persistenceKafka.size }}
+ deleteClaim: true
+ class: {{ include "common.storageClass" (dict "dot" . "suffix" "kafka" "persistenceInfos" .Values.persistenceKafka) }}
+ zookeeper:
+ template:
+ pod:
+ securityContext:
+ runAsUser: 0
+ fsGroup: 0
+ replicas: {{ .Values.replicaCount }}
+ config:
+ ssl.hostnameVerification: false
+ storage:
+ type: persistent-claim
+ size: {{ .Values.persistenceZk.size }}
+ deleteClaim: true
+ class: {{ include "common.storageClass" (dict "dot" . "suffix" "zk" "persistenceInfos" .Values.persistenceZk) }}
+ entityOperator:
+ topicOperator: {}
+ userOperator: {}
+
diff --git a/kubernetes/strimzi/values.yaml b/kubernetes/strimzi/values.yaml
new file mode 100644
index 0000000000..e8db803f94
--- /dev/null
+++ b/kubernetes/strimzi/values.yaml
@@ -0,0 +1,52 @@
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ persistence:
+ mountPath: /dockerdata-nfs
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+replicaCount: 2
+kafkaInternalPort: 9092
+saslMechanism: scram-sha-512
+version: 3.0.0
+kafkaStrimziAdminUser: strimzi-kafka-admin
+persistence: {}
+
+persistenceKafka:
+ enabled: true
+ size: 2Gi
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteOnce
+ mountPath: /dockerdata-nfs
+ mountSubPath: strimzi-kafka/kafka
+persistenceZk:
+ enabled: true
+ size: 2Gi
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteOnce
+ mountPath: /dockerdata-nfs
+ mountSubPath: strimzi-kafka/zk
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: strimzi-kafka
+ roles:
+ - read