diff options
Diffstat (limited to 'kubernetes')
40 files changed, 769 insertions, 340 deletions
diff --git a/kubernetes/cds/charts/cds-sdc-listener/resources/config/application.yaml b/kubernetes/cds/charts/cds-sdc-listener/resources/config/application.yaml index cc611a129b..b3e95a2a21 100644 --- a/kubernetes/cds/charts/cds-sdc-listener/resources/config/application.yaml +++ b/kubernetes/cds/charts/cds-sdc-listener/resources/config/application.yaml @@ -1,8 +1,8 @@ listenerservice: config: - asdcAddress: sdc-be:8443 #SDC-BE - messageBusAddress: message-router #Message-Router - user: vid #SDC-username + asdcAddress: sdc-be.{{include "common.namespace" .}}:8443 #SDC-BE + messageBusAddress: message-router.{{include "common.namespace" .}} #Message-Router + user: cds #SDC-username password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U #SDC-password pollingInterval: 15 pollingTimeout: 60 diff --git a/kubernetes/common/common/templates/_secret.yaml b/kubernetes/common/common/templates/_secret.yaml index e24a2e4ba7..9f41906c9e 100644 --- a/kubernetes/common/common/templates/_secret.yaml +++ b/kubernetes/common/common/templates/_secret.yaml @@ -22,6 +22,7 @@ The template takes two arguments: - .global: environment (.) - .name: name of the secret + - .annotations: annotations which should be used Example call: {{ include "common.secret._header" (dict "global" . "name" "myFancyName") }} @@ -39,6 +40,9 @@ metadata: chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }} release: {{ include "common.release" $global }} heritage: {{ $global.Release.Service }} +{{- if .annotations }} + annotations: {{- include "common.tplValue" (dict "value" .annotations "context" $global) | nindent 4 }} +{{- end }} type: Opaque {{- end -}} @@ -204,6 +208,8 @@ valueFrom: - name: Overrides default secret name generation and allows to set immutable and globaly unique name + - annotations: + List of annotations to be used while defining a secret To allow sharing a secret between the components and allow to pre-deploy secrets before ONAP deployment it is possible to use already existing secret instead of @@ -239,11 +245,12 @@ valueFrom: {{- range $secret := .Values.secrets }} {{- $uid := tpl (default "" $secret.uid) $global }} {{- $name := include "common.secret.genName" (dict "global" $global "uid" $uid "name" $secret.name) }} + {{- $annotations := default "" $secret.annotations }} {{- $type := default "generic" $secret.type }} {{- $externalSecret := tpl (default "" $secret.externalSecret) $global }} {{- if not $externalSecret }} --- - {{ include "common.secret._header" (dict "global" $global "name" $name) }} + {{ include "common.secret._header" (dict "global" $global "name" $name "annotations" $annotations) }} {{- if eq $type "generic" }} data: diff --git a/kubernetes/common/common/templates/_storage.tpl b/kubernetes/common/common/templates/_storage.tpl index ae9335909d..45c8b7504a 100644 --- a/kubernetes/common/common/templates/_storage.tpl +++ b/kubernetes/common/common/templates/_storage.tpl @@ -15,6 +15,13 @@ */}} {{/* + Give the root folder for ONAP when using host pathes +*/}} +{{- define "common.persistencePath" -}} +{{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} + +{{/* Expand the name of the storage class. The value "common.fullname"-data is used by default, unless either override mechanism is used. @@ -55,6 +62,31 @@ {{- end -}} {{/* + Generate a PV +*/}} +{{- define "common.PV" -}} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if (include "common.needPV" .) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-data + namespace: {{ include "common.namespace" . }} + labels: {{- include "common.labels" . | nindent 4 }} +spec: + capacity: + storage: {{ .Values.persistence.size }} + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-data" + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ include "common.persistencePath" . }} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* Generate N PV for a statefulset */}} {{- define "common.replicaPV" -}} @@ -77,8 +109,30 @@ spec: persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} storageClassName: "{{ include "common.fullname" $global }}-data" hostPath: - path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} + path: {{ include "common.persistencePath" $global }}-{{$i}} +{{- end -}} +{{- end -}} {{- end -}} {{- end -}} + +{{/* + Generate a PVC +*/}} +{{- define "common.PVC" -}} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} + resources: + requests: + storage: {{ .Values.persistence.size }} {{- end -}} {{- end -}} diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json index e5057427e8..a0ec3b4a6d 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== #================================================================================= -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); @@ -34,6 +34,7 @@ { "cert_path": "/opt/app/osaaf", "image": "{{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}", + "component_cert_dir": "/opt/dcae/cacert", "component_ca_cert_path": "/opt/dcae/cacert/cacert.pem", "ca_cert_configmap": "{{ include "common.fullname" . }}-dcae-cacert" } diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml index 7a28812278..a36164d164 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml @@ -53,8 +53,11 @@ spec: - dcae-config-binding-service
- --container-name
- dcae-db
+ - --container-name
+ - dcae-inventory-api
- "-t"
- "15"
+
env:
- name: NAMESPACE
valueFrom:
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml index cfdff5ad72..872d01d6ae 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml @@ -109,7 +109,7 @@ mongo: # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.10.0 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.12.0 default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager @@ -118,8 +118,7 @@ componentImages: holmes_rules: onap/holmes/rule-management:1.2.7 holmes_engine: onap/holmes/engine-management:1.2.6 tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.2.2 - #placeholder until tca-gen2 release image is available - #tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.0.0 + tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.0.0 ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.5.3 snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0 prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.0 diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml index 673b01776e..d2bda88577 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml @@ -46,7 +46,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.cm-container:2.0.2 +image: onap/org.onap.dcaegen2.deployments.cm-container:2.1.0 pullPolicy: Always # name of shared ConfigMap with kubeconfig for multiple clusters diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml index 22076e5c6a..9d38659f61 100644 --- a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -44,7 +44,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.3.0 +image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.3.1 pullPolicy: Always # probe configuration parameters diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml index f056079fe4..6769c00a2d 100644 --- a/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml @@ -52,6 +52,8 @@ spec: fieldPath: metadata.namespace - name: init-tls env: + - name: aaf_locator_fqdn + value: dcae - name: POD_IP valueFrom: fieldRef: @@ -61,7 +63,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {} volumeMounts: - - mountPath: /opt/tls/shared + - mountPath: /opt/app/osaaf name: tls-info containers: - name: {{ include "common.name" . }} diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml index a6e51256b9..51af963343 100644 --- a/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml @@ -25,7 +25,7 @@ global: loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 tlsRepository: nexus3.onap.org:10001 - tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.3 + tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 repositoryCred: user: docker password: docker diff --git a/kubernetes/dcaegen2/values.yaml b/kubernetes/dcaegen2/values.yaml index dfc4dbf949..25ddfc7558 100644 --- a/kubernetes/dcaegen2/values.yaml +++ b/kubernetes/dcaegen2/values.yaml @@ -19,8 +19,7 @@ global: nodePortPrefix: 302 tlsRepository: nexus3.onap.org:10001 -# Have to use locally-define tlsImage until inventory API can use 2.x.y -# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 + tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 consulLoaderRepository: nexus3.onap.org:10001 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 redis: diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index 871a4228a2..84dadaf17b 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -22,7 +22,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-node:2.1.4 +image: onap/dmaap/datarouter-node:2.1.5 pullPolicy: Always # flag to enable debugging - application support required @@ -69,7 +69,7 @@ persistence: #AAF local config aafConfig: - aafDeployFqi: dmaap-dr@dmaap-dr.onap.org + aafDeployFqi: deployer@people.osaaf.org aafDeployPass: demo123456! fqdn: dmaap-dr-node fqi: dmaap-dr-node@dmaap-dr.onap.org diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index 6165568971..461906981f 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -34,7 +34,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-prov:2.1.4 +image: onap/dmaap/datarouter-prov:2.1.5 pullPolicy: Always # flag to enable debugging - application support required @@ -122,7 +122,7 @@ mariadb: #AAF local config aafConfig: - aafDeployFqi: dmaap-dr@dmaap-dr.onap.org + aafDeployFqi: deployer@people.osaaf.org aafDeployPass: demo123456! fqdn: dmaap-dr-prov fqi: dmaap-dr-prov@dmaap-dr.onap.org diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml b/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml index 5dac1c0de7..f02a2db764 100644 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml @@ -6,207 +6,203 @@ you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 - + Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. - ============LICENSE_END========================================================= + ============LICENSE_END========================================================= --> <configuration scan="true" scanPeriod="3 seconds" debug="false"> - <contextName>${module.ajsc.namespace.name}</contextName> - <jmxConfigurator /> - <property name="logDirectory" value="${AJSC_HOME}/log" /> - <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>ERROR</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <encoder> - <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n - </pattern> - </encoder> - </appender> - - <appender name="INFO" - class="ch.qos.logback.core.ConsoleAppender"> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>INFO</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - </appender> - - <appender name="DEBUG" class="ch.qos.logback.core.ConsoleAppender"> - - <encoder> - <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> - </encoder> - </appender> - - <appender name="ERROR" class="ch.qos.logback.core.ConsoleAppender"> - class="ch.qos.logback.core.ConsoleAppender"> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>ERROR</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <encoder> - <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> - </encoder> - </appender> - - - <!-- Msgrtr related loggers --> - <logger name="org.onap.dmaap.dmf.mr.service" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.service.impl" level="INFO" /> - - <logger name="org.onap.dmaap.dmf.mr.resources" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.resources.streamReaders" level="INFO" /> - - <logger name="org.onap.dmaap.dmf.mr.backends" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.backends.kafka" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.backends.memory" level="INFO" /> - - <logger name="org.onap.dmaap.dmf.mr.beans" level="INFO" /> - - <logger name="org.onap.dmaap.dmf.mr.constants" level="INFO" /> - - <logger name="org.onap.dmaap.dmf.mr.exception" level="INFO" /> - - <logger name="org.onap.dmaap.dmf.mr.listener" level="INFO" /> - - <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" /> - - <logger name="org.onap.dmaap.dmf.mr.metrics.publisher" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.metrics.publisher.impl" level="INFO" /> - - - - <logger name="org.onap.dmaap.dmf.mr.security" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.security.impl" level="INFO" /> - - <logger name="org.onap.dmaap.dmf.mr.transaction" level="INFO" /> - <logger name="com.att.dmf.mr.transaction.impl" level="INFO" /> - - <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" /> - - <logger name="org.onap.dmaap.dmf.mr.utils" level="INFO" /> - <logger name="org.onap.dmaap.mr.filter" level="INFO" /> - - <!--<logger name="com.att.nsa.cambria.*" level="INFO" />--> - - <!-- Msgrtr loggers in ajsc --> - <logger name="org.onap.dmaap.service" level="INFO" /> - <logger name="org.onap.dmaap" level="INFO" /> - - - <!-- Spring related loggers --> - <logger name="org.springframework" level="WARN" additivity="false"/> - <logger name="org.springframework.beans" level="WARN" additivity="false"/> - <logger name="org.springframework.web" level="WARN" additivity="false" /> - <logger name="com.blog.spring.jms" level="WARN" additivity="false" /> - - <!-- AJSC Services (bootstrap services) --> - <logger name="ajsc" level="WARN" additivity="false"/> - <logger name="ajsc.RouteMgmtService" level="INFO" additivity="false"/> - <logger name="ajsc.ComputeService" level="INFO" additivity="false" /> - <logger name="ajsc.VandelayService" level="WARN" additivity="false"/> - <logger name="ajsc.FilePersistenceService" level="WARN" additivity="false"/> - <logger name="ajsc.UserDefinedJarService" level="WARN" additivity="false" /> - <logger name="ajsc.UserDefinedBeansDefService" level="WARN" additivity="false" /> - <logger name="ajsc.LoggingConfigurationService" level="WARN" additivity="false" /> - - <!-- AJSC related loggers (DME2 Registration, csi logging, restlet, servlet - logging) --> - <logger name="ajsc.utils" level="WARN" additivity="false"/> - <logger name="ajsc.utils.DME2Helper" level="INFO" additivity="false" /> - <logger name="ajsc.filters" level="DEBUG" additivity="false" /> - <logger name="ajsc.beans.interceptors" level="DEBUG" additivity="false" /> - <logger name="ajsc.restlet" level="DEBUG" additivity="false" /> - <logger name="ajsc.servlet" level="DEBUG" additivity="false" /> - <logger name="com.att" level="WARN" additivity="false" /> - <logger name="com.att.ajsc.csi.logging" level="WARN" additivity="false" /> - <logger name="com.att.ajsc.filemonitor" level="WARN" additivity="false"/> - - <logger name="com.att.nsa.dmaap.util" level="INFO" additivity="false"/> - <logger name="com.att.cadi.filter" level="INFO" additivity="false" /> - - - <!-- Other Loggers that may help troubleshoot --> - <logger name="net.sf" level="WARN" additivity="false" /> - <logger name="org.apache.commons.httpclient" level="WARN" additivity="false"/> - <logger name="org.apache.commons" level="WARN" additivity="false" /> - <logger name="org.apache.coyote" level="WARN" additivity="false"/> - <logger name="org.apache.jasper" level="WARN" additivity="false"/> - - <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging. - May aid in troubleshooting) --> - <logger name="org.apache.camel" level="WARN" additivity="false" /> - <logger name="org.apache.cxf" level="WARN" additivity="false" /> - <logger name="org.apache.camel.processor.interceptor" level="WARN" additivity="false"/> - <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" additivity="false" /> - <logger name="org.apache.cxf.service" level="WARN" additivity="false" /> - <logger name="org.restlet" level="DEBUG" additivity="false" /> - <logger name="org.apache.camel.component.restlet" level="DEBUG" additivity="false" /> - <logger name="org.apache.kafka" level="DEBUG" additivity="false" /> - <logger name="org.apache.zookeeper" level="INFO" additivity="false" /> - <logger name="org.I0Itec.zkclient" level="DEBUG" additivity="false" /> - - <!-- logback internals logging --> - <logger name="ch.qos.logback.classic" level="INFO" additivity="false"/> - <logger name="ch.qos.logback.core" level="INFO" additivity="false" /> - - <!-- logback jms appenders & loggers definition starts here --> - <!-- logback jms appenders & loggers definition starts here --> - <appender name="auditLogs" - class="ch.qos.logback.core.ConsoleAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - </filter> - <encoder> - <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> - </encoder> - </appender> - <appender name="perfLogs" - class="ch.qos.logback.core.ConsoleAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - </filter> - <encoder> - <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> - </encoder> - </appender> - <appender name="ASYNC-audit" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <discardingThreshold>0</discardingThreshold> - <appender-ref ref="Audit-Record-Queue" /> - </appender> - - <logger name="AuditRecord" level="INFO" additivity="FALSE"> - <appender-ref ref="STDOUT" /> - </logger> - <logger name="AuditRecord_DirectCall" level="INFO" additivity="FALSE"> - <appender-ref ref="STDOUT" /> - </logger> - <appender name="ASYNC-perf" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <discardingThreshold>0</discardingThreshold> - <appender-ref ref="Performance-Tracker-Queue" /> - </appender> - <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE"> - <appender-ref ref="ASYNC-perf" /> - <appender-ref ref="perfLogs" /> - </logger> - <!-- logback jms appenders & loggers definition ends here --> - - <root level="DEBUG"> - <appender-ref ref="DEBUG" /> - <appender-ref ref="ERROR" /> - <appender-ref ref="INFO" /> - <appender-ref ref="STDOUT" /> - </root> - -</configuration>
\ No newline at end of file + <contextName>${module.ajsc.namespace.name}</contextName> + <jmxConfigurator /> + <property name="logDirectory" value="${AJSC_HOME}/log" /> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>ERROR</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <encoder> + <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + </pattern> + </encoder> + </appender> + + <appender name="INFO" class="ch.qos.logback.core.ConsoleAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>INFO</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + </appender> + + <appender name="DEBUG" class="ch.qos.logback.core.ConsoleAppender"> + + <encoder> + <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> + </encoder> + </appender> + + <appender name="ERROR" class="ch.qos.logback.core.ConsoleAppender"> class="ch.qos.logback.core.ConsoleAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>ERROR</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <encoder> + <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> + </encoder> + </appender> + + + <!-- Msgrtr related loggers --> + <logger name="org.onap.dmaap.dmf.mr.service" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.service.impl" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.resources" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.resources.streamReaders" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.backends" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.backends.kafka" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.backends.memory" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.beans" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.constants" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.exception" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.listener" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.metrics.publisher" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.metrics.publisher.impl" level="INFO" /> + + + + <logger name="org.onap.dmaap.dmf.mr.security" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.security.impl" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.transaction" level="INFO" /> + <logger name="com.att.dmf.mr.transaction.impl" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.utils" level="INFO" /> + <logger name="org.onap.dmaap.mr.filter" level="INFO" /> + + <!--<logger name="com.att.nsa.cambria.*" level="INFO" />--> + + <!-- Msgrtr loggers in ajsc --> + <logger name="org.onap.dmaap.service" level="INFO" /> + <logger name="org.onap.dmaap" level="INFO" /> + + + <!-- Spring related loggers --> + <logger name="org.springframework" level="WARN" additivity="false"/> + <logger name="org.springframework.beans" level="WARN" additivity="false"/> + <logger name="org.springframework.web" level="WARN" additivity="false" /> + <logger name="com.blog.spring.jms" level="WARN" additivity="false" /> + + <!-- AJSC Services (bootstrap services) --> + <logger name="ajsc" level="WARN" additivity="false"/> + <logger name="ajsc.RouteMgmtService" level="INFO" additivity="false"/> + <logger name="ajsc.ComputeService" level="INFO" additivity="false" /> + <logger name="ajsc.VandelayService" level="WARN" additivity="false"/> + <logger name="ajsc.FilePersistenceService" level="WARN" additivity="false"/> + <logger name="ajsc.UserDefinedJarService" level="WARN" additivity="false" /> + <logger name="ajsc.UserDefinedBeansDefService" level="WARN" additivity="false" /> + <logger name="ajsc.LoggingConfigurationService" level="WARN" additivity="false" /> + + <!-- AJSC related loggers (DME2 Registration, csi logging, restlet, servlet + logging) --> + <logger name="ajsc.utils" level="WARN" additivity="false"/> + <logger name="ajsc.utils.DME2Helper" level="INFO" additivity="false" /> + <logger name="ajsc.filters" level="DEBUG" additivity="false" /> + <logger name="ajsc.beans.interceptors" level="DEBUG" additivity="false" /> + <logger name="ajsc.restlet" level="DEBUG" additivity="false" /> + <logger name="ajsc.servlet" level="DEBUG" additivity="false" /> + <logger name="com.att" level="WARN" additivity="false" /> + <logger name="com.att.ajsc.csi.logging" level="WARN" additivity="false" /> + <logger name="com.att.ajsc.filemonitor" level="WARN" additivity="false"/> + + <logger name="com.att.nsa.dmaap.util" level="INFO" additivity="false"/> + <logger name="com.att.cadi.filter" level="INFO" additivity="false" /> + + + <!-- Other Loggers that may help troubleshoot --> + <logger name="net.sf" level="WARN" additivity="false" /> + <logger name="org.apache.commons.httpclient" level="WARN" additivity="false"/> + <logger name="org.apache.commons" level="WARN" additivity="false" /> + <logger name="org.apache.coyote" level="WARN" additivity="false"/> + <logger name="org.apache.jasper" level="WARN" additivity="false"/> + + <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging. + May aid in troubleshooting) --> + <logger name="org.apache.camel" level="WARN" additivity="false" /> + <logger name="org.apache.cxf" level="WARN" additivity="false" /> + <logger name="org.apache.camel.processor.interceptor" level="WARN" additivity="false"/> + <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" additivity="false" /> + <logger name="org.apache.cxf.service" level="WARN" additivity="false" /> + <logger name="org.restlet" level="DEBUG" additivity="false" /> + <logger name="org.apache.camel.component.restlet" level="DEBUG" additivity="false" /> + <logger name="org.apache.kafka" level="DEBUG" additivity="false" /> + <logger name="org.apache.zookeeper" level="INFO" additivity="false" /> + <logger name="org.I0Itec.zkclient" level="DEBUG" additivity="false" /> + + <!-- logback internals logging --> + <logger name="ch.qos.logback.classic" level="INFO" additivity="false"/> + <logger name="ch.qos.logback.core" level="INFO" additivity="false" /> + + <!-- logback jms appenders & loggers definition starts here --> + <!-- logback jms appenders & loggers definition starts here --> + <appender name="auditLogs" class="ch.qos.logback.core.ConsoleAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + </filter> + <encoder> + <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> + </encoder> + </appender> + <appender name="perfLogs" class="ch.qos.logback.core.ConsoleAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + </filter> + <encoder> + <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> + </encoder> + </appender> + <appender name="ASYNC-audit" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>1000</queueSize> + <discardingThreshold>0</discardingThreshold> + <appender-ref ref="Audit-Record-Queue" /> + </appender> + + <logger name="AuditRecord" level="INFO" additivity="FALSE"> + <appender-ref ref="STDOUT" /> + </logger> + <logger name="AuditRecord_DirectCall" level="INFO" additivity="FALSE"> + <appender-ref ref="STDOUT" /> + </logger> + <appender name="ASYNC-perf" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>1000</queueSize> + <discardingThreshold>0</discardingThreshold> + <appender-ref ref="Performance-Tracker-Queue" /> + </appender> + <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE"> + <appender-ref ref="ASYNC-perf" /> + <appender-ref ref="perfLogs" /> + </logger> + <!-- logback jms appenders & loggers definition ends here --> + + <root level="DEBUG"> + <appender-ref ref="DEBUG" /> + <appender-ref ref="ERROR" /> + <appender-ref ref="INFO" /> + <appender-ref ref="STDOUT" /> + </root> + +</configuration> diff --git a/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json b/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json index 7ae77cd8a8..ff1a5732e2 100644 --- a/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json +++ b/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json @@ -1,7 +1,7 @@ { "topicName": "mirrormakeragent", "topicDescription": "the topic used to provision the MM agent whitelist", - "replicationCase": "REPLICATION_NONE", + "replicationCase": "REPLICATION_NONE", "owner": "dmaap", "txenabled": false, "partitionCount": "1", @@ -10,33 +10,28 @@ "dcaeLocationName": "san-francisco", "clientIdentity": "dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org", "action": [ - "pub", + "pub", "sub", - "view" + "view" ] - }, - { + { "dcaeLocationName": "san-francisco", "clientIdentity": "dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org", "action": [ - "pub", + "pub", "sub", - "view" + "view" ] - }, - { + { "dcaeLocationName": "san-francisco", "clientIdentity": "demo@people.osaaf.org", "action": [ - "pub", + "pub", "sub", - "view" + "view" ] - } - ] -} - +}
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/templates/service.yaml b/kubernetes/dmaap/components/message-router/templates/service.yaml index 16fae2a704..2b0b44e246 100644 --- a/kubernetes/dmaap/components/message-router/templates/service.yaml +++ b/kubernetes/dmaap/components/message-router/templates/service.yaml @@ -13,43 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: - msb.onap.org/service-info: '[ - { - "serviceName": "{{ include "common.servicename" . }}", - "version": "v1", - "url": "/", - "protocol": "REST", - "port": "{{.Values.service.internalPort}}", - "visualRange":"1" - } - ]' - -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }}-{{ .Values.service.externalPort }} - - port: {{ .Values.service.externalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName }}-{{ .Values.service.externalPort2 }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} +{{ include "common.service" . }} diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index 35cc5e7405..c17fda1108 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -12,23 +12,16 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: apps/v1beta1 + +apiVersion: apps/v1 kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: + selector: {{- include "common.selectors" . | nindent 4 }} + serviceName: {{ include "common.servicename" . }} replicas: {{ .Values.replicaCount }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - command: @@ -51,20 +44,18 @@ spec: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.externalPort }} - - containerPort: {{ .Values.service.externalPort2 }} + ports: {{ include "common.containerPorts" . | nindent 10 }} {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.externalPort }} + port: {{ .Values.liveness.port }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.service.externalPort }} + port: {{ .Values.readiness.port }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} @@ -87,8 +78,7 @@ spec: - mountPath: /appl/dmaapMR1/etc/keyfile subPath: mykey name: mykey - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 12 }} volumes: - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index 935c090751..b14c35f183 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -58,21 +58,31 @@ liveness: timeoutSeconds: 1 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container + port: api enabled: true readiness: initialDelaySeconds: 70 periodSeconds: 10 timeoutSeconds: 1 + port: api service: type: NodePort name: message-router - portName: message-router - externalPort: 3904 - nodePort: 27 - externalPort2: 3905 - nodePort2: 26 + both_tls_and_plain: true + msb: + port: api + url: "/" + version: "v1" + protocol: "REST" + visualRange: "1" + ports: + - name: api + port: 3905 + plain_port: 3904 + port_protocol: http + nodePort: 26 ingress: enabled: false diff --git a/kubernetes/esr/charts/esr-server/values.yaml b/kubernetes/esr/charts/esr-server/values.yaml index 354e8e3624..f3f4f88ebf 100644 --- a/kubernetes/esr/charts/esr-server/values.yaml +++ b/kubernetes/esr/charts/esr-server/values.yaml @@ -27,7 +27,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/aai/esr-server:1.5.1 +image: onap/aai/esr-server:1.5.2 pullPolicy: Always msbaddr: msb-iag.{{ include "common.namespace" . }}:443 diff --git a/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml b/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml new file mode 100644 index 0000000000..545359efea --- /dev/null +++ b/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml @@ -0,0 +1,172 @@ +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration overrides. +# +# These overrides will affect all helm charts (ie. applications) +# that are listed below and are 'enabled'. +################################################################# +global: + # Change to an unused port prefix range to prevent port conflicts + # with other instances running within the same k8s cluster + nodePortPrefix: 302 + nodePortPrefixExt: 304 + + # ONAP Repository + # Uncomment the following to enable the use of a single docker + # repository but ONLY if your repository mirrors all ONAP + # docker images. This includes all images from dockerhub and + # any other repository that hosts images for ONAP components. + #repository: nexus3.onap.org:10001 + repositoryCred: + user: docker + password: docker + + # readiness check - temporary repo until images migrated to nexus3 + readinessRepository: oomk8s + # logging agent - temporary repo until images migrated to nexus3 + loggingRepository: docker.elastic.co + + # image pull policy + pullPolicy: IfNotPresent + + # default mount path root directory referenced + # by persistent volumes and log files + persistence: + mountPath: /dockerdata-nfs + enableDefaultStorageclass: false + parameters: {} + storageclassProvisioner: kubernetes.io/no-provisioner + volumeReclaimPolicy: Retain + + # override default resource limit flavor for all charts + flavor: small + + # flag to enable debugging - application support required + debugEnabled: false + + #Global ingress configuration + ingress: + enabled: false + virtualhost: + enabled: true + baseurl: "simpledemo.onap.org" +################################################################# +# Enable/disable and configure helm charts (ie. applications) +# to customize the ONAP deployment. +################################################################# +aaf: + enabled: true +aai: + enabled: true +appc: + enabled: false + config: + openStackType: OpenStackProvider + openStackName: OpenStack + openStackKeyStoneUrl: http://localhost:8181/apidoc/explorer/index.html + openStackServiceTenantName: default + openStackDomain: default + openStackUserName: admin + openStackEncryptedPassword: admin +cassandra: + enabled: true +cds: + enabled: true +clamp: + enabled: false +cli: + enabled: false +consul: + enabled: false +contrib: + enabled: false +dcaegen2: + enabled: false +pnda: + enabled: false +dmaap: + enabled: true +esr: + enabled: true +log: + enabled: true +sniro-emulator: + enabled: false +oof: + enabled: true +mariadb-galera: + enabled: true +msb: + enabled: true +multicloud: + enabled: false +nbi: + enabled: false + config: + # openstack configuration + openStackRegion: "Yolo" + openStackVNFTenantId: "1234" +policy: + enabled: true +pomba: + enabled: false +portal: + enabled: true +robot: + enabled: false + config: + # openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment + openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" +sdc: + enabled: true +sdnc: + enabled: false + + replicaCount: 1 + + mysql: + replicaCount: 1 +so: + enabled: true + + replicaCount: 1 + + liveness: + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: false + + # so server configuration + config: + # message router configuration + dmaapTopic: "AUTO" + # openstack configuration + openStackUserName: "vnf_user" + openStackRegion: "RegionOne" + openStackKeyStoneUrl: "http://1.2.3.4:5000" + openStackServiceTenantName: "service" + openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" + +uui: + enabled: true +vfc: + enabled: false +vid: + enabled: false +vnfsdk: + enabled: false +modeling: + enabled: false diff --git a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml index a714ba9328..02947c6643 100755 --- a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml @@ -289,6 +289,15 @@ sdnc: si: svc: types: PORT-MIRROR,PPROBE + dmaap: + host: http://message-router.{{ include "common.namespace" . }}:3904 + timeout: 30000 + lcm: + path: '/restconf/operations/LCM:' + actionTimeout: 300000 + dmapp: + readTopic: SDNC-LCM-WRITE + writeTopic: SDNC-LCM-READ appc: client: topic: diff --git a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml index a20d2178ba..6235bd2c88 100755 --- a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml @@ -151,6 +151,7 @@ org: sdncurl7: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/L3UCPE-API:' sdncurl8: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NBNC-API:' sdncurl9: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NORTHBOUND-API:service-topology-operation' + sdncurl20: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/LCM:' service: infra: service-topology-infra-activate-operation: POST|90000|sdncurl9|sdnc-request-header|com:att:sdnctl:northbound-api:v1 @@ -160,6 +161,12 @@ org: vfmodule: '': query: GET|60000|sdncurl12| + lcm: + download-n-e-sw: POST|1800000|sdncurl20|common-header|org:onap:ccsdk:sli:northbound:lcm + activate-n-e-sw: POST|300000|sdncurl20|common-header|org:onap:ccsdk:sli:northbound:lcm + upgrade-pre-check: POST|180000|sdncurl20|common-header|org:onap:ccsdk:sli:northbound:lcm + upgrade-post-check: POST|180000|sdncurl20|common-header|org:onap:ccsdk:sli:northbound:lcm + default: POST|180000|sdncurl20|common-header|org:onap:ccsdk:sli:northbound:lcm network: encryptionKey: {{ index .Values.org.onap.so.adapters.sdnc.network.encryptionKey }} spring: diff --git a/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml index 8e5d097e40..b5246d1d92 100644 --- a/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml +++ b/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml @@ -37,7 +37,7 @@ spec: - /root/ready.py args: - --container-name - - vfc-mariadb + - {{ .Values.config.mariadbService }} env: - name: NAMESPACE valueFrom: @@ -49,6 +49,11 @@ spec: name: {{ include "common.name" . }}-readiness containers: - name: {{ include "common.name" . }} + command: + - sh + args: + - -c + - 'MYSQL_AUTH=root:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh' image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: @@ -75,9 +80,11 @@ spec: - name: MSB_ADDR value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - name: MYSQL_ADDR - value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}" - - name: MYSQL_AUTH - value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}" + value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}" + - name: MYSQL_ROOT_USER + value: "{{ .Values.global.config.mariadb_admin }}" + - name: MYSQL_ROOT_PASSWORD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 14}} - name: REDIS_ADDR value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" volumeMounts: diff --git a/kubernetes/vfc/charts/vfc-catalog/templates/secrets.yaml b/kubernetes/vfc/charts/vfc-catalog/templates/secrets.yaml new file mode 100644 index 0000000000..d053c484be --- /dev/null +++ b/kubernetes/vfc/charts/vfc-catalog/templates/secrets.yaml @@ -0,0 +1,15 @@ +# Copyright (c) 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{ include "common.secret" . }} diff --git a/kubernetes/vfc/charts/vfc-catalog/values.yaml b/kubernetes/vfc/charts/vfc-catalog/values.yaml index 611464db30..3411c44799 100644 --- a/kubernetes/vfc/charts/vfc-catalog/values.yaml +++ b/kubernetes/vfc/charts/vfc-catalog/values.yaml @@ -23,6 +23,16 @@ global: loggingImage: beats/filebeat:5.5.0 ################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: "db-root-pass" + externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}' + type: password + password: '{{ .Values.config.mariadbRootPassword }}' + policy: required + +################################################################# # Application configuration defaults. ################################################################# # application image @@ -39,7 +49,11 @@ istioSidecar: true debugEnabled: false # application configuration -config: {} +config: + mariadbService: vfc-mariadb + mariadbPort: 3306 + # mariadbRootPassword: secretpassword + # mariadbRootPasswordExternalSecret: some secret # default number of instances replicaCount: 1 @@ -108,4 +122,4 @@ resources: requests: cpu: 200m memory: 500Mi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/vfc/charts/vfc-nslcm/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-nslcm/templates/deployment.yaml index fc6c736fbd..395eedcb84 100644 --- a/kubernetes/vfc/charts/vfc-nslcm/templates/deployment.yaml +++ b/kubernetes/vfc/charts/vfc-nslcm/templates/deployment.yaml @@ -37,7 +37,7 @@ spec: - /root/ready.py args: - --container-name - - vfc-mariadb + - {{ .Values.config.mariadbService }} env: - name: NAMESPACE valueFrom: @@ -49,6 +49,11 @@ spec: name: {{ include "common.name" . }}-readiness containers: - name: {{ include "common.name" . }} + command: + - sh + args: + - -c + - 'MYSQL_AUTH=${MYSQL_ROOT_USER}:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh' image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: @@ -75,9 +80,11 @@ spec: - name: MSB_ADDR value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - name: MYSQL_ADDR - value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}" - - name: MYSQL_AUTH - value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}" + value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}" + - name: MYSQL_ROOT_USER + value: "{{ .Values.global.config.mariadb_admin }}" + - name: MYSQL_ROOT_PASSWORD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 14}} - name: REDIS_ADDR value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" - name: REG_TO_MSB_WHEN_START diff --git a/kubernetes/vfc/charts/vfc-nslcm/templates/secrets.yaml b/kubernetes/vfc/charts/vfc-nslcm/templates/secrets.yaml new file mode 100644 index 0000000000..d053c484be --- /dev/null +++ b/kubernetes/vfc/charts/vfc-nslcm/templates/secrets.yaml @@ -0,0 +1,15 @@ +# Copyright (c) 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{ include "common.secret" . }} diff --git a/kubernetes/vfc/charts/vfc-nslcm/values.yaml b/kubernetes/vfc/charts/vfc-nslcm/values.yaml index deef838c94..30bcc7bde0 100644 --- a/kubernetes/vfc/charts/vfc-nslcm/values.yaml +++ b/kubernetes/vfc/charts/vfc-nslcm/values.yaml @@ -23,6 +23,16 @@ global: loggingImage: beats/filebeat:5.5.0 ################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: "db-root-pass" + externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}' + type: password + password: '{{ .Values.config.mariadbRootPassword }}' + policy: required + +################################################################# # Application configuration defaults. ################################################################# # application image @@ -39,7 +49,12 @@ istioSidecar: true debugEnabled: false # application configuration -config: {} +config: + mariadbService: vfc-mariadb + mariadbPort: 3306 + # mariadbRootPassword: secretpassword + # mariadbRootPasswordExternalSecret: some secret + # default number of instances replicaCount: 1 @@ -88,4 +103,4 @@ resources: requests: cpu: 200m memory: 500Mi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/vfc/charts/vfc-vnflcm/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-vnflcm/templates/deployment.yaml index e99f4d1120..465f4cf115 100644 --- a/kubernetes/vfc/charts/vfc-vnflcm/templates/deployment.yaml +++ b/kubernetes/vfc/charts/vfc-vnflcm/templates/deployment.yaml @@ -37,7 +37,7 @@ spec: - /root/ready.py args: - --container-name - - vfc-mariadb + - {{ .Values.config.mariadbService }} env: - name: NAMESPACE valueFrom: @@ -49,6 +49,11 @@ spec: name: {{ include "common.name" . }}-readiness containers: - name: {{ include "common.name" . }} + command: + - sh + args: + - -c + - 'MYSQL_AUTH=root:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh' image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: @@ -75,9 +80,11 @@ spec: - name: MSB_ADDR value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - name: MYSQL_ADDR - value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}" - - name: MYSQL_AUTH - value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}" + value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}" + - name: MYSQL_ROOT_USER + value: "{{ .Values.global.config.mariadb_admin }}" + - name: MYSQL_ROOT_PASSWORD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 14}} - name: REDIS_ADDR value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" volumeMounts: diff --git a/kubernetes/vfc/charts/vfc-vnflcm/templates/secrets.yaml b/kubernetes/vfc/charts/vfc-vnflcm/templates/secrets.yaml new file mode 100644 index 0000000000..d053c484be --- /dev/null +++ b/kubernetes/vfc/charts/vfc-vnflcm/templates/secrets.yaml @@ -0,0 +1,15 @@ +# Copyright (c) 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{ include "common.secret" . }} diff --git a/kubernetes/vfc/charts/vfc-vnflcm/values.yaml b/kubernetes/vfc/charts/vfc-vnflcm/values.yaml index bfb8ae6d5e..60a6abcb7b 100644 --- a/kubernetes/vfc/charts/vfc-vnflcm/values.yaml +++ b/kubernetes/vfc/charts/vfc-vnflcm/values.yaml @@ -23,6 +23,16 @@ global: loggingImage: beats/filebeat:5.5.0 ################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: "db-root-pass" + externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}' + type: password + password: '{{ .Values.config.mariadbRootPassword }}' + policy: required + +################################################################# # Application configuration defaults. ################################################################# # application image @@ -39,7 +49,12 @@ istioSidecar: true debugEnabled: false # application configuration -config: {} +config: + mariadbService: vfc-mariadb + mariadbPort: 3306 + # mariadbRootPassword: secretpassword + # mariadbRootPasswordExternalSecret: some secret + # default number of instances replicaCount: 1 @@ -88,4 +103,4 @@ resources: requests: cpu: 200m memory: 500Mi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/vfc/charts/vfc-vnfmgr/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-vnfmgr/templates/deployment.yaml index 66db39ec36..c4c070d583 100644 --- a/kubernetes/vfc/charts/vfc-vnfmgr/templates/deployment.yaml +++ b/kubernetes/vfc/charts/vfc-vnfmgr/templates/deployment.yaml @@ -37,7 +37,7 @@ spec: - /root/ready.py args: - --container-name - - vfc-mariadb + - {{ .Values.config.mariadbService }} env: - name: NAMESPACE valueFrom: @@ -49,6 +49,11 @@ spec: name: {{ include "common.name" . }}-readiness containers: - name: {{ include "common.name" . }} + command: + - sh + args: + - -c + - 'MYSQL_AUTH=root:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh' image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: @@ -75,11 +80,13 @@ spec: - name: MSB_ADDR value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - name: MYSQL_ADDR - value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}" + value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}" - name: REDIS_ADDR value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" - - name: MYSQL_AUTH - value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}" + - name: MYSQL_ROOT_USER + value: "{{ .Values.global.config.mariadb_admin }}" + - name: MYSQL_ROOT_PASSWORD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 14}} volumeMounts: - name: {{ include "common.fullname" . }}-localtime diff --git a/kubernetes/vfc/charts/vfc-vnfmgr/templates/secrets.yaml b/kubernetes/vfc/charts/vfc-vnfmgr/templates/secrets.yaml new file mode 100644 index 0000000000..d053c484be --- /dev/null +++ b/kubernetes/vfc/charts/vfc-vnfmgr/templates/secrets.yaml @@ -0,0 +1,15 @@ +# Copyright (c) 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{ include "common.secret" . }} diff --git a/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml b/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml index 40d3ca1aec..20af3bb5ef 100644 --- a/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml +++ b/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml @@ -23,6 +23,16 @@ global: loggingImage: beats/filebeat:5.5.0 ################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: "db-root-pass" + externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}' + type: password + password: '{{ .Values.config.mariadbRootPassword }}' + policy: required + +################################################################# # Application configuration defaults. ################################################################# # application image @@ -39,7 +49,11 @@ istioSidecar: true debugEnabled: false # application configuration -config: {} +config: + mariadbService: vfc-mariadb + mariadbPort: 3306 + # mariadbRootPassword: secretpassword + # mariadbRootPasswordExternalSecret: some secret # default number of instances replicaCount: 1 @@ -87,4 +101,4 @@ resources: requests: cpu: 200m memory: 500Mi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/vfc/charts/vfc-vnfres/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-vnfres/templates/deployment.yaml index f5fc28466a..e70bf0e655 100644 --- a/kubernetes/vfc/charts/vfc-vnfres/templates/deployment.yaml +++ b/kubernetes/vfc/charts/vfc-vnfres/templates/deployment.yaml @@ -37,7 +37,7 @@ spec: - /root/ready.py args: - --container-name - - vfc-mariadb + - {{ .Values.config.mariadbService }} env: - name: NAMESPACE valueFrom: @@ -49,6 +49,11 @@ spec: name: {{ include "common.name" . }}-readiness containers: - name: {{ include "common.name" . }} + command: + - sh + args: + - -c + - 'MYSQL_AUTH=root:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh' image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: @@ -75,11 +80,14 @@ spec: - name: MSB_ADDR value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - name: MYSQL_ADDR - value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}" + value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}" - name: REDIS_ADDR value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" - - name: MYSQL_AUTH - value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}" + - name: MYSQL_ROOT_USER + value: "{{ .Values.global.config.mariadb_admin }}" + - name: MYSQL_ROOT_PASSWORD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 14}} + volumeMounts: - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime diff --git a/kubernetes/vfc/charts/vfc-vnfres/templates/secrets.yaml b/kubernetes/vfc/charts/vfc-vnfres/templates/secrets.yaml new file mode 100644 index 0000000000..d053c484be --- /dev/null +++ b/kubernetes/vfc/charts/vfc-vnfres/templates/secrets.yaml @@ -0,0 +1,15 @@ +# Copyright (c) 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{ include "common.secret" . }} diff --git a/kubernetes/vfc/charts/vfc-vnfres/values.yaml b/kubernetes/vfc/charts/vfc-vnfres/values.yaml index 2b73da5dac..078554d5d6 100644 --- a/kubernetes/vfc/charts/vfc-vnfres/values.yaml +++ b/kubernetes/vfc/charts/vfc-vnfres/values.yaml @@ -23,6 +23,16 @@ global: loggingImage: beats/filebeat:5.5.0 ################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: "db-root-pass" + externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}' + type: password + password: '{{ .Values.config.mariadbRootPassword }}' + policy: required + +################################################################# # Application configuration defaults. ################################################################# # application image @@ -39,7 +49,12 @@ istioSidecar: true debugEnabled: false # application configuration -config: {} +config: + mariadbService: vfc-mariadb + mariadbPort: 3306 + # mariadbRootPassword: secretpassword + # mariadbRootPasswordExternalSecret: some secret + # default number of instances replicaCount: 1 @@ -88,4 +103,4 @@ resources: requests: cpu: 200m memory: 500Mi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/vfc/templates/secrets.yaml b/kubernetes/vfc/templates/secrets.yaml new file mode 100644 index 0000000000..d053c484be --- /dev/null +++ b/kubernetes/vfc/templates/secrets.yaml @@ -0,0 +1,15 @@ +# Copyright (c) 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{ include "common.secret" . }} diff --git a/kubernetes/vfc/values.yaml b/kubernetes/vfc/values.yaml index eb6638b18b..88275aea83 100644 --- a/kubernetes/vfc/values.yaml +++ b/kubernetes/vfc/values.yaml @@ -18,40 +18,65 @@ global: msbprotocol: https msbServiceName: msb-iag msbPort: 443 - dbServiceName: vfc-db - dbPort: 3306 - dbUser: root - mariadbRootPassword: secretpassword redisServiceName: vfc-redis redisPort: 6379 reg_to_msb_when_start: False + mariadb_admin: root persistence: mountPath: /dockerdata-nfs +################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: "db-root-pass" + name: &dbRootPassSecret '{{ include "common.release" . }}-vfc-db-root-pass' + type: password + password: '{{ .Values.config.mariadbRootPassword }}' + # application configuration config: logstashServiceName: log-ls logstashPort: 5044 mariadb-galera: + config: + mariadbRootPasswordExternalSecret: *dbRootPassSecret nameOverride: vfc-mariadb service: - name: vfc-db - portName: vfc-db + name: vfc-mariadb + portName: vfc-mariadb nfsprovisionerPrefix: vfc persistence: mountSubPath: vfc/data enabled: true disableNfsProvisioner: true -catalog: +db: &dbConfig + mariadbService: vfc-mariadb + mariadbPort: 3306 + mariadbRootPasswordExternalSecret: *dbRootPassSecret + +vfc-catalog: config: - dbPodName: vfc-db - dbServiceName: vfc-db -nslcm: + << : *dbConfig + +vfc-nslcm: + config: + << : *dbConfig + +vfc-vnflcm: config: - dbPodName: vfc-db - dbServiceName: vfc-db + << : *dbConfig + +vfc-vnfmgr: + config: + << : *dbConfig + +vfc-vnfres: + config: + << : *dbConfig + # sub-chart configuration vfc-workflow: service: diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml index ab6bae3d5f..9529e558a2 100644 --- a/kubernetes/vnfsdk/values.yaml +++ b/kubernetes/vnfsdk/values.yaml @@ -98,7 +98,7 @@ service: name: refrepo portName: refrepo nodePort: 97 - internalPort: 8702 + internalPort: 8703 ingress: enabled: false |