summaryrefslogtreecommitdiffstats
path: root/kubernetes
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes')
-rw-r--r--kubernetes/a1policymanagement/resources/envsubst/daemon.sh30
-rw-r--r--kubernetes/a1policymanagement/resources/envsubst/update_files27
-rw-r--r--kubernetes/a1policymanagement/templates/deployment.yaml32
-rw-r--r--kubernetes/a1policymanagement/templates/envsubst-configmap.yaml23
-rw-r--r--kubernetes/a1policymanagement/values.yaml5
-rw-r--r--kubernetes/clamp/components/clamp-backend/values.yaml2
-rw-r--r--kubernetes/clamp/values.yaml2
-rw-r--r--kubernetes/consul/templates/deployment.yaml37
-rw-r--r--kubernetes/consul/values.yaml7
-rw-r--r--kubernetes/contrib/components/ejbca/templates/deployment.yaml1
-rw-r--r--kubernetes/contrib/components/ejbca/values.yaml22
-rw-r--r--kubernetes/modeling/charts/modeling-etsicatalog/values.yaml2
12 files changed, 148 insertions, 42 deletions
diff --git a/kubernetes/a1policymanagement/resources/envsubst/daemon.sh b/kubernetes/a1policymanagement/resources/envsubst/daemon.sh
new file mode 100644
index 0000000000..6d239f1ec8
--- /dev/null
+++ b/kubernetes/a1policymanagement/resources/envsubst/daemon.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+{{/*
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+terminate() {
+ echo "$(date) | INFO | Terminating child processes"
+ pids="$(jobs -p)"
+ if [ "$pids" != "" ]; then
+ kill -TERM $pids >/dev/null 2>/dev/null
+ fi
+ wait
+}
+
+trap terminate TERM
+echo "$(date) | INFO | Started monitoring /config-input/ directory"
+inotifyd /tmp/scripts/update_files /config-input/ &
+wait
diff --git a/kubernetes/a1policymanagement/resources/envsubst/update_files b/kubernetes/a1policymanagement/resources/envsubst/update_files
new file mode 100644
index 0000000000..754bb55432
--- /dev/null
+++ b/kubernetes/a1policymanagement/resources/envsubst/update_files
@@ -0,0 +1,27 @@
+#!/bin/sh
+{{/*
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+if [ "$1" == "y" ] && [ "$3" == "..data" ]; then
+ echo "$(date) | INFO | Configmap has been reloaded"
+ cd /config-input
+ for file in $(ls -1); do
+ if [ "$file" -nt "/config/$file" ]; then
+ echo "$(date) | INFO | Templating /config/$file"
+ envsubst <$file >/config/$file
+ fi
+ done
+fi
diff --git a/kubernetes/a1policymanagement/templates/deployment.yaml b/kubernetes/a1policymanagement/templates/deployment.yaml
index 6987bd41c5..1a2866b981 100644
--- a/kubernetes/a1policymanagement/templates/deployment.yaml
+++ b/kubernetes/a1policymanagement/templates/deployment.yaml
@@ -1,6 +1,7 @@
{{/*
################################################################################
# Copyright (c) 2020 Nordix Foundation. #
+# Copyright © 2020 Samsung Electronics, Modifications #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); #
# you may not use this file except in compliance with the License. #
@@ -27,14 +28,14 @@ spec:
labels: {{- include "common.labels" . | nindent 8 }}
spec:
initContainers:
- - name: {{ include "common.name" . }}-update-config
+ - name: {{ include "common.name" . }}-bootstrap-config
image: "{{ .Values.global.envsubstImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command:
- sh
args:
- -c
- - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done"
+ - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; chmod o+w /config/${PFILE}; done"
env:
- name: A1CONTROLLER_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "login") | indent 10 }}
@@ -46,6 +47,29 @@ spec:
- mountPath: /config
name: config
containers:
+ - name: {{ include "common.name" . }}-update-config
+ image: "{{ .Values.global.envsubstImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ securityContext:
+ runAsGroup: {{ .Values.groupID }}
+ runAsUser: {{ .Values.userID }}
+ runAsNonRoot: true
+ command:
+ - sh
+ args:
+ - /tmp/scripts/daemon.sh
+ env:
+ - name: A1CONTROLLER_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "login") | indent 10 }}
+ - name: A1CONTROLLER_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "password") | indent 10 }}
+ volumeMounts:
+ - mountPath: /tmp/scripts
+ name: {{ include "common.fullname" . }}-envsubst-scripts
+ - mountPath: /config-input
+ name: {{ include "common.fullname" . }}-policy-conf-input
+ - mountPath: /config
+ name: config
- name: {{ include "common.name" . }}
image: {{ include "common.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
@@ -70,6 +94,10 @@ spec:
- name: {{ include "common.fullname" . }}-policy-conf-input
configMap:
name: {{ include "common.fullname" . }}-policy-conf
+ defaultMode: 0555
+ - name: {{ include "common.fullname" . }}-envsubst-scripts
+ configMap:
+ name: {{ include "common.fullname" . }}-envsubst-scripts
- name: config
emptyDir:
medium: Memory
diff --git a/kubernetes/a1policymanagement/templates/envsubst-configmap.yaml b/kubernetes/a1policymanagement/templates/envsubst-configmap.yaml
new file mode 100644
index 0000000000..99449638f4
--- /dev/null
+++ b/kubernetes/a1policymanagement/templates/envsubst-configmap.yaml
@@ -0,0 +1,23 @@
+{{/*
+################################################################################
+# Copyright © 2020 Samsung Electronics #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+*/}}
+apiVersion: v1
+kind: ConfigMap
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+ name: {{ include "common.fullname" . }}-envsubst-scripts
+data:
+{{ tpl (.Files.Glob "resources/envsubst/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/a1policymanagement/values.yaml b/kubernetes/a1policymanagement/values.yaml
index 21a86a0fe1..2f45e41648 100644
--- a/kubernetes/a1policymanagement/values.yaml
+++ b/kubernetes/a1policymanagement/values.yaml
@@ -1,5 +1,6 @@
################################################################################
# Copyright (c) 2020 Nordix Foundation. #
+# Copyright © 2020 Samsung Electronics, Modifications #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); #
# you may not use this file except in compliance with the License. #
@@ -19,7 +20,7 @@
global:
nodePortPrefix: 300
- envsubstImage: dibi/envsubst
+ envsubstImage: dibi/envsubst:1
secrets:
- uid: controller-secret
@@ -31,6 +32,8 @@ secrets:
repository: nexus3.onap.org:10001
image: onap/ccsdk-oran-a1policymanagementservice:1.0.1
+userID: 1000 #Should match with image-defined user ID
+groupID: 999 #Should match with image-defined group ID
pullPolicy: IfNotPresent
replicaCount: 1
diff --git a/kubernetes/clamp/components/clamp-backend/values.yaml b/kubernetes/clamp/components/clamp-backend/values.yaml
index 6478809cbc..5e3102e2b3 100644
--- a/kubernetes/clamp/components/clamp-backend/values.yaml
+++ b/kubernetes/clamp/components/clamp-backend/values.yaml
@@ -66,7 +66,7 @@ flavor: small
# application image
repository: nexus3.onap.org:10001
-image: onap/clamp-backend:5.1.4
+image: onap/clamp-backend:5.1.5
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml
index 9dcad58839..34ab79f73a 100644
--- a/kubernetes/clamp/values.yaml
+++ b/kubernetes/clamp/values.yaml
@@ -93,7 +93,7 @@ flavor: small
# application image
repository: nexus3.onap.org:10001
-image: onap/clamp-frontend:5.1.4
+image: onap/clamp-frontend:5.1.5
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/consul/templates/deployment.yaml b/kubernetes/consul/templates/deployment.yaml
index 6f1c57967f..51c6eb72d5 100644
--- a/kubernetes/consul/templates/deployment.yaml
+++ b/kubernetes/consul/templates/deployment.yaml
@@ -39,34 +39,15 @@ spec:
spec:
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
- initContainers:
- - name: {{ include "common.name" . }}-chown
- image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }}
- command:
- - sh
- args:
- - -c
- - |
- cp -r -L /tmp/consul/config/* /consul/config/
- chown -R {{ .Values.consulUID }}:{{ .Values.consulGID }} /consul/config
- ls -la /consul/config
- volumeMounts:
- - mountPath: /tmp/consul/config
- name: consul-agent-config
- - mountPath: /consul/config
- name: consul-agent-config-dir
containers:
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
command:
- - sh
- args:
- - /usr/local/bin/docker-entrypoint.sh
- - agent
- - -client
- - 0.0.0.0
- - -enable-script-checks
- - -retry-join
- - {{ .Values.consulServer.nameOverride }}
+ - /bin/sh
+ - "-c"
+ - |
+ apk update && apk add jq
+ cp /tmp/consul/config/* /consul/config
+ /usr/local/bin/docker-entrypoint.sh agent -client 0.0.0.0 -enable-script-checks -retry-join {{ .Values.consulServer.nameOverride }}
name: {{ include "common.name" . }}
env:
- name: SDNC_ODL_COUNT
@@ -74,16 +55,14 @@ spec:
- name: SDNC_IS_PRIMARY_CLUSTER
value: "{{ .Values.sdnc.config.isPrimaryCluster }}"
volumeMounts:
- - mountPath: /consul/config
- name: consul-agent-config-dir
+ - mountPath: /tmp/consul/config
+ name: consul-agent-config
- mountPath: /consul/scripts
name: consul-agent-scripts-config
- mountPath: /consul/certs
name: consul-agent-certs-config
resources: {{ include "common.resources" . | nindent 10 }}
volumes:
- - name: consul-agent-config-dir
- emptyDir: {}
- configMap:
name: {{ include "common.fullname" . }}-configmap
name: consul-agent-config
diff --git a/kubernetes/consul/values.yaml b/kubernetes/consul/values.yaml
index 8f17dc637f..512c4c3dac 100644
--- a/kubernetes/consul/values.yaml
+++ b/kubernetes/consul/values.yaml
@@ -20,24 +20,19 @@ global:
readinessImage: onap/oom/readiness:3.0.1
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
- busyboxRepository: registry.hub.docker.com
- busyboxImage: library/busybox:latest
#################################################################
# Application configuration defaults.
#################################################################
# application image
repository: docker.io
-image: oomk8s/consul:2.0.0
+image: oomk8s/consul:1.0.0
pullPolicy: Always
#subchart name
consulServer:
nameOverride: consul-server
-consulUID: 100
-consulGID: 1000
-
# flag to enable debugging - application support required
debugEnabled: false
diff --git a/kubernetes/contrib/components/ejbca/templates/deployment.yaml b/kubernetes/contrib/components/ejbca/templates/deployment.yaml
index 3034366b1a..55de54febf 100644
--- a/kubernetes/contrib/components/ejbca/templates/deployment.yaml
+++ b/kubernetes/contrib/components/ejbca/templates/deployment.yaml
@@ -89,6 +89,7 @@ spec:
{{- if .Values.affinity }}
affinity: {{ toYaml .Values.affinity | nindent 10 }}
{{- end }}
+ resources: {{ include "common.resources" . | nindent 10 }}
volumes:
- configMap:
name: "{{ include "common.fullname" . }}-config-script"
diff --git a/kubernetes/contrib/components/ejbca/values.yaml b/kubernetes/contrib/components/ejbca/values.yaml
index 1a9a34bcd1..35160e4b13 100644
--- a/kubernetes/contrib/components/ejbca/values.yaml
+++ b/kubernetes/contrib/components/ejbca/values.yaml
@@ -13,7 +13,7 @@
# limitations under the License.
global:
readinessImage: onap/oom/readiness:3.0.1
- mariadbGalera: &mariadbGalera
+ mariadbGalera: &mariadbGalera
#This flag allows EJBCA to instantiate its own mariadb-galera cluster
localCluster: false
service: mariadb-galera
@@ -104,3 +104,23 @@ service:
port: 8443
plain_port: 8080
port_protocol: http
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 1500m
+ memory: 1536Mi
+ requests:
+ cpu: 10m
+ memory: 750Mi
+ large:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 20m
+ memory: 1Gi
+ unlimited: {}
diff --git a/kubernetes/modeling/charts/modeling-etsicatalog/values.yaml b/kubernetes/modeling/charts/modeling-etsicatalog/values.yaml
index 9c910badfa..388c1abb88 100644
--- a/kubernetes/modeling/charts/modeling-etsicatalog/values.yaml
+++ b/kubernetes/modeling/charts/modeling-etsicatalog/values.yaml
@@ -101,7 +101,7 @@ config:
flavor: small
repository: nexus3.onap.org:10001
-image: onap/modeling/etsicatalog:1.0.8
+image: onap/modeling/etsicatalog:1.0.9
initImage: busybox:latest
pullPolicy: Always