diff options
Diffstat (limited to 'kubernetes')
269 files changed, 9328 insertions, 1396 deletions
diff --git a/kubernetes/a1policymanagement/templates/pv.yaml b/kubernetes/a1policymanagement/templates/pv.yaml index 904d863b03..0a3cbdeff5 100644 --- a/kubernetes/a1policymanagement/templates/pv.yaml +++ b/kubernetes/a1policymanagement/templates/pv.yaml @@ -16,27 +16,5 @@ ################################################################################ */}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if not .Values.persistence.storageClass -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-data - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - storageClassName: "{{ include "common.fullname" . }}-data" - hostPath: - path: {{ .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}/app -{{- end -}} -{{- end -}} + +{{ include "common.replicaPV" . }} diff --git a/kubernetes/a1policymanagement/templates/deployment.yaml b/kubernetes/a1policymanagement/templates/statefulset.yaml index 0d8399c8b3..54ee1515bc 100644 --- a/kubernetes/a1policymanagement/templates/deployment.yaml +++ b/kubernetes/a1policymanagement/templates/statefulset.yaml @@ -17,17 +17,11 @@ ################################################################################ */}} -kind: Deployment +kind: StatefulSet apiVersion: apps/v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: + serviceName: {{ include "common.servicename" . }} replicas: {{ index .Values.replicaCount }} selector: {{- include "common.selectors" . | nindent 4 }} template: @@ -108,8 +102,8 @@ spec: subPath: application_configuration.json - name: config mountPath: /opt/app/policy-agent/config/application.yaml - subPath: application.yaml - - name: vardata + subPath: application.yaml + - name: {{ include "common.fullname" . }} mountPath: "/var/policy-management-service/database" resources: {{ include "common.resources" . | nindent 10 }} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} @@ -123,6 +117,10 @@ spec: - name: config emptyDir: medium: Memory - - name: vardata - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} +{{- if not .Values.persistence.enabled }} + - name: {{ include "common.fullname" . }} + emptyDir: {} +{{- else }} + volumeClaimTemplates: + - {{include "common.PVCTemplate" . | indent 6 | trim }} +{{- end }} diff --git a/kubernetes/a1policymanagement/values.yaml b/kubernetes/a1policymanagement/values.yaml index 08590d891c..4768349736 100644 --- a/kubernetes/a1policymanagement/values.yaml +++ b/kubernetes/a1policymanagement/values.yaml @@ -20,7 +20,8 @@ global: nodePortPrefix: 302 - + persistence: {} + secrets: - uid: controller-secret type: basicAuth diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat index a5e354053a..84bd723aad 100644 --- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat +++ b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat @@ -45,8 +45,7 @@ ngi@ngi.onap.org|ngi|local|/opt/app/osaaf/local||mailto:|org.onap.ngi|root|30|{' oof@oof.onap.org|oof.api.simpledemo.onap.org|local|/opt/app/osaaf/local||mailto:jflood@att.com|org.onap.oof|root|30|{'cmso-onap', 'cmso.api.simpledemo.onap.org', 'cmso.onap', 'oof-has-api', 'oof-has-api.onap', 'oof-onap', 'oof-opteng', 'oof-opteng.onap', 'oof-osdf', 'oof-osdf.onap', 'oof.api.simpledemo.onap.org', 'oof.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'} oof@oof.onap.org|oof|local|/opt/app/osaaf/local||mailto:jflood@att.com|org.onap.oof|root|30|{'cmso-onap', 'cmso.api.simpledemo.onap.org', 'cmso.onap', 'oof-has-api', 'oof-has-api.onap', 'oof-onap', 'oof-osdf', 'oof-osdf.onap', 'oof.api.simpledemo.onap.org', 'oof.onap'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12', 'script'} oof@oof.onap.org|oof.onap|local|/opt/app/osaaf/local||mailto:jflood@att.com|org.onap.oof|root|30|{'cmso-onap', 'cmso.api.simpledemo.onap.org', 'cmso.onap', 'oof-cmso', 'oof-cmso-optimizer', 'oof-cmso-ticketmgt', 'oof-cmso-topology', 'oof-has-api', 'oof-has-api.onap', 'oof-onap', 'oof-opteng', 'oof-opteng.onap', 'oof-osdf', 'oof-osdf.onap', 'oof.api.simpledemo.onap.org', 'oof.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'} -policy@policy.onap.org|policy|local|/opt/app/osaaf/local||mailto:|org.onap.policy|root|60|{'*.pdp', '*.pdp.onap.svc.cluster.local', 'brmsgw', 'brmsgw.onap', 'drools', 'drools.onap', 'pap', 'pap.onap', 'pdp', 'pdp.onap', 'policy', 'policy-apex-pdp', 'policy-apex-pdp.onap', 'policy-api', 'policy-api.onap', 'policy-distribution', 'policy-distribution.onap', 'policy-pap', 'policy-pap.onap', 'policy-xacml-pdp', 'policy-xacml-pdp.onap', 'policy.api.simpledemo.onap.org'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'} -policy@policy.onap.org|policy_onap|local|/opt/app/osaaf/local||mailto:|org.onap.policy|root|30|{'*.pdp', '*.pdp.onap.svc.cluster.local', 'brmsgw', 'brmsgw.onap', 'drools', 'drools.onap', 'pap', 'pap.onap', 'pdp', 'pdp.onap', 'policy', 'policy-apex-pdp', 'policy-apex-pdp.onap', 'policy-distribution', 'policy-distribution.onap', 'policy.api.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'pkcs12'} +policy@policy.onap.org|policy|local|/opt/app/osaaf/local||mailto:|org.onap.policy|root|60|{'policy-drools-pdp', 'policy-drools-pdp.onap', 'policy', 'policy-apex-pdp', 'policy-apex-pdp.onap', 'policy-api', 'policy-api.onap', 'policy-distribution', 'policy-distribution.onap', 'policy-pap', 'policy-pap.onap', 'policy-xacml-pdp', 'policy-xacml-pdp.onap', 'policy.api.simpledemo.onap.org'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'} pomba@pomba.onap.org|onap.pomba|local|/opt/app/osaaf/local||mailto:|org.onap.pomba|root|30|{'onap.pomba', 'onap_pomba', 'pomba', 'pomba.api.simpledemo.onap.org', 'pomba.onap', 'pomba_onap'}|aaf_admin@osaaf.org|{'jks', 'pkcs12', 'script'} portal@portal.onap.org|portal|local|/opt/app/osaaf/local||mailto:|org.onap.portal|root|30|{'onap.portal', 'onap_portal', 'portal', 'portal-app', 'portal.api.simpledemo.onap.org', 'portal.onap', 'portal_onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'} refrepo@refrepo.onap.org|refrepo|local|/opt/app/osaaf/local||mailto:|org.onap.refrepo|root|30|{'refrepo', 'refrepo.api.simpledemo.onap.org', 'refrepo.onap'}|aaf_admin@osaaf.org|{'file', 'pkcs12'} diff --git a/kubernetes/aai/.helmignore b/kubernetes/aai/.helmignore new file mode 100644 index 0000000000..7ddbad7ef4 --- /dev/null +++ b/kubernetes/aai/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +components/ diff --git a/kubernetes/aai/components/aai-resources/templates/deployment.yaml b/kubernetes/aai/components/aai-resources/templates/deployment.yaml index d630647883..1297809658 100644 --- a/kubernetes/aai/components/aai-resources/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-resources/templates/deployment.yaml @@ -122,7 +122,7 @@ spec: - name: LOCAL_GROUP_ID value: {{ .Values.global.config.groupId | quote }} - name: POST_JAVA_OPTS - value: '-Djavax.net.ssl.trustStore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword={{ .Values.certInitializer.truststorePassword }}' + value: '-Djavax.net.ssl.trustStore={{ .Values.certInitializer.credsPath }}/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword={{ .Values.certInitializer.truststorePassword }}' - name: TRUSTORE_ALL_PASSWORD value: {{ .Values.certInitializer.truststorePassword }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} diff --git a/kubernetes/appc/.helmignore b/kubernetes/appc/.helmignore index f0c1319444..7ddbad7ef4 100644 --- a/kubernetes/appc/.helmignore +++ b/kubernetes/appc/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +components/ diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh index 717ea6679c..68b50e1ad6 100755 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh @@ -83,7 +83,7 @@ then show databases like 'sdnctl'; END ) - if [ "x${sdnc_db_exists}" = "x" ] + if [ "${sdnc_db_exists}" = "" ] then echo "Installing SDNC database" ${SDNC_HOME}/bin/installSdncDb.sh @@ -92,7 +92,7 @@ END show databases like 'appcctl'; END ) - if [ "x${appc_db_exists}" = "x" ] + if [ "${appc_db_exists}" = "" ] then echo "Installing APPC database" ${APPC_HOME}/bin/installAppcDb.sh diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml index 83d00a7545..f59a64f3d2 100644 --- a/kubernetes/appc/values.yaml +++ b/kubernetes/appc/values.yaml @@ -131,6 +131,132 @@ mariadb-galera: nameOverride: *appc-db replicaCount: 1 + mariadbConfiguration: |- + [client] + port=3306 + socket=/opt/bitnami/mariadb/tmp/mysql.sock + plugin_dir=/opt/bitnami/mariadb/plugin + + [mysqld] + lower_case_table_names = 1 + default_storage_engine=InnoDB + basedir=/opt/bitnami/mariadb + datadir=/bitnami/mariadb/data + plugin_dir=/opt/bitnami/mariadb/plugin + tmpdir=/opt/bitnami/mariadb/tmp + socket=/opt/bitnami/mariadb/tmp/mysql.sock + pid_file=/opt/bitnami/mariadb/tmp/mysqld.pid + bind_address=0.0.0.0 + + ## Character set + collation_server=utf8_unicode_ci + init_connect='SET NAMES utf8' + character_set_server=utf8 + + ## MyISAM + key_buffer_size=32M + myisam_recover_options=FORCE,BACKUP + + ## Safety + skip_host_cache + skip_name_resolve + max_allowed_packet=16M + max_connect_errors=1000000 + sql_mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE + sysdate_is_now=1 + + ## Binary Logging + log_bin=mysql-bin + expire_logs_days=14 + # Disabling for performance per http://severalnines.com/blog/9-tips-going-production-galera-cluster-mysql + sync_binlog=0 + # Required for Galera + binlog_format=row + + ## Caches and Limits + tmp_table_size=32M + max_heap_table_size=32M + # Re-enabling as now works with Maria 10.1.2 + query_cache_type=1 + query_cache_limit=4M + query_cache_size=256M + max_connections=500 + thread_cache_size=50 + open_files_limit=65535 + table_definition_cache=4096 + table_open_cache=4096 + + ## InnoDB + innodb=FORCE + innodb_strict_mode=1 + # Mandatory per https://github.com/codership/documentation/issues/25 + innodb_autoinc_lock_mode=2 + # Per https://www.percona.com/blog/2006/08/04/innodb-double-write/ + innodb_doublewrite=1 + innodb_flush_method=O_DIRECT + innodb_log_files_in_group=2 + innodb_log_file_size=128M + innodb_flush_log_at_trx_commit=1 + innodb_file_per_table=1 + # 80% Memory is default reco. + # Need to re-evaluate when DB size grows + innodb_buffer_pool_size=2G + innodb_file_format=Barracuda + + ## Logging + log_error=/opt/bitnami/mariadb/logs/mysqld.log + slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log + log_queries_not_using_indexes=1 + slow_query_log=1 + + ## SSL + ## Use extraVolumes and extraVolumeMounts to mount /certs filesystem + # ssl_ca=/certs/ca.pem + # ssl_cert=/certs/server-cert.pem + # ssl_key=/certs/server-key.pem + + [galera] + wsrep_on=ON + wsrep_provider=/opt/bitnami/mariadb/lib/libgalera_smm.so + wsrep_sst_method=mariabackup + wsrep_slave_threads=4 + wsrep_cluster_address=gcomm:// + wsrep_cluster_name=galera + wsrep_sst_auth="root:" + # Enabled for performance per https://mariadb.com/kb/en/innodb-system-variables/#innodb_flush_log_at_trx_commit + innodb_flush_log_at_trx_commit=2 + # MYISAM REPLICATION SUPPORT # + wsrep_replicate_myisam=ON + binlog_format=row + default_storage_engine=InnoDB + innodb_autoinc_lock_mode=2 + transaction-isolation=READ-COMMITTED + wsrep_causal_reads=1 + wsrep_sync_wait=7 + + [mariadb] + plugin_load_add=auth_pam + + ## Data-at-Rest Encryption + ## Use extraVolumes and extraVolumeMounts to mount /encryption filesystem + # plugin_load_add=file_key_management + # file_key_management_filename=/encryption/keyfile.enc + # file_key_management_filekey=FILE:/encryption/keyfile.key + # file_key_management_encryption_algorithm=AES_CTR + # encrypt_binlog=ON + # encrypt_tmp_files=ON + + ## InnoDB/XtraDB Encryption + # innodb_encrypt_tables=ON + # innodb_encrypt_temporary_tables=ON + # innodb_encrypt_log=ON + # innodb_encryption_threads=4 + # innodb_encryption_rotate_key_age=1 + + ## Aria Encryption + # aria_encrypt_tables=ON + # encrypt_tmp_disk_tables=ON + dgbuilder: nameOverride: appc-dgbuilder certInitializer: @@ -143,7 +269,8 @@ dgbuilder: dbServiceName: *appc-db service: name: appc-dgbuilder - + serviceAccount: + nameOverride: appc-dgbuilder ingress: enabled: false service: diff --git a/kubernetes/cds/.helmignore b/kubernetes/cds/.helmignore index f0c1319444..7ddbad7ef4 100644 --- a/kubernetes/cds/.helmignore +++ b/kubernetes/cds/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +components/ diff --git a/kubernetes/cds/components/cds-blueprints-processor/requirements.yaml b/kubernetes/cds/components/cds-blueprints-processor/requirements.yaml index d0ff6231b9..7a3a920087 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/requirements.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/requirements.yaml @@ -19,3 +19,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml index c2e034204c..fd5265d2ce 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml @@ -190,6 +190,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/cds/components/cds-blueprints-processor/values.yaml b/kubernetes/cds/components/cds-blueprints-processor/values.yaml index fe60b8023c..71f934fbe5 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/values.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/values.yaml @@ -178,3 +178,9 @@ resources: cpu: 2 memory: 4Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: cds-blueprints-processor + roles: + - read diff --git a/kubernetes/cds/components/cds-command-executor/requirements.yaml b/kubernetes/cds/components/cds-command-executor/requirements.yaml index bd647a6c42..96ce828880 100755 --- a/kubernetes/cds/components/cds-command-executor/requirements.yaml +++ b/kubernetes/cds/components/cds-command-executor/requirements.yaml @@ -19,3 +19,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/cds/components/cds-command-executor/templates/deployment.yaml b/kubernetes/cds/components/cds-command-executor/templates/deployment.yaml index 40238c2513..523339ca70 100755 --- a/kubernetes/cds/components/cds-command-executor/templates/deployment.yaml +++ b/kubernetes/cds/components/cds-command-executor/templates/deployment.yaml @@ -86,6 +86,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/cds/components/cds-command-executor/values.yaml b/kubernetes/cds/components/cds-command-executor/values.yaml index f867565915..12a7fe9b40 100755 --- a/kubernetes/cds/components/cds-command-executor/values.yaml +++ b/kubernetes/cds/components/cds-command-executor/values.yaml @@ -91,3 +91,9 @@ resources: cpu: 2 memory: 4Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: cds-command-executor + roles: + - read diff --git a/kubernetes/cds/components/cds-py-executor/requirements.yaml b/kubernetes/cds/components/cds-py-executor/requirements.yaml index 626de2fe33..6b7064caca 100755 --- a/kubernetes/cds/components/cds-py-executor/requirements.yaml +++ b/kubernetes/cds/components/cds-py-executor/requirements.yaml @@ -19,3 +19,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/cds/components/cds-py-executor/templates/deployment.yaml b/kubernetes/cds/components/cds-py-executor/templates/deployment.yaml index d7b2959fcb..754e0d0f50 100755 --- a/kubernetes/cds/components/cds-py-executor/templates/deployment.yaml +++ b/kubernetes/cds/components/cds-py-executor/templates/deployment.yaml @@ -78,6 +78,7 @@ spec: affinity: {{ toYaml .Values.affinity | nindent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/cds/components/cds-py-executor/values.yaml b/kubernetes/cds/components/cds-py-executor/values.yaml index af042c1605..b7338f88aa 100755 --- a/kubernetes/cds/components/cds-py-executor/values.yaml +++ b/kubernetes/cds/components/cds-py-executor/values.yaml @@ -110,3 +110,9 @@ resources: cpu: 2 memory: 4Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: cds-py-executor + roles: + - read diff --git a/kubernetes/cds/components/cds-sdc-listener/requirements.yaml b/kubernetes/cds/components/cds-sdc-listener/requirements.yaml index bd647a6c42..96ce828880 100755 --- a/kubernetes/cds/components/cds-sdc-listener/requirements.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/requirements.yaml @@ -19,3 +19,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml b/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml index 7dca49c761..4ac847005e 100644 --- a/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml @@ -94,6 +94,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: {{ include "common.fullname" . }}-config configMap: diff --git a/kubernetes/cds/components/cds-sdc-listener/values.yaml b/kubernetes/cds/components/cds-sdc-listener/values.yaml index e46539fb35..4a67317298 100644 --- a/kubernetes/cds/components/cds-sdc-listener/values.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/values.yaml @@ -99,3 +99,9 @@ resources: cpu: 2 memory: 4Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: cds-sdc-listener + roles: + - read diff --git a/kubernetes/cds/components/cds-ui/requirements.yaml b/kubernetes/cds/components/cds-ui/requirements.yaml index a4e5fe5603..8f6d158a17 100644 --- a/kubernetes/cds/components/cds-ui/requirements.yaml +++ b/kubernetes/cds/components/cds-ui/requirements.yaml @@ -22,3 +22,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/cds/components/cds-ui/templates/deployment.yaml b/kubernetes/cds/components/cds-ui/templates/deployment.yaml index 359c713ed4..6457ce3736 100644 --- a/kubernetes/cds/components/cds-ui/templates/deployment.yaml +++ b/kubernetes/cds/components/cds-ui/templates/deployment.yaml @@ -99,6 +99,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime hostPath: diff --git a/kubernetes/cds/components/cds-ui/values.yaml b/kubernetes/cds/components/cds-ui/values.yaml index 697602f209..e91e999259 100644 --- a/kubernetes/cds/components/cds-ui/values.yaml +++ b/kubernetes/cds/components/cds-ui/values.yaml @@ -127,3 +127,9 @@ resources: cpu: 200m memory: 200Mi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: cds-ui + roles: + - read diff --git a/kubernetes/cli/values.yaml b/kubernetes/cli/values.yaml index c521fb8c84..4dcee4568c 100644 --- a/kubernetes/cli/values.yaml +++ b/kubernetes/cli/values.yaml @@ -35,33 +35,24 @@ certInitializer: cadi_latitude: "0.0" credsPath: /opt/app/osaaf/local aaf_add_config: | - echo "*** retrieving password for keystore and trustore" - export $(/opt/app/aaf_config/bin/agent.sh local showpass \ - {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c' | xargs -0) - if [ -z "$cadi_keystore_password_p12" ] - then - echo " /!\ certificates retrieval failed" - exit 1 - else - echo "*** transform AAF certs into pem files" - mkdir -p {{ .Values.credsPath }}/certs - keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \ - -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \ - -alias ca_local_0 \ - -storepass $cadi_truststore_password - openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \ - -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \ - -passin pass:$cadi_keystore_password_p12 \ - -passout pass:$cadi_keystore_password_p12 - echo "*** generating needed file" - cat {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \ - {{ .Values.credsPath }}/certs/cert.pem \ - {{ .Values.credsPath }}/certs/cacert.pem \ - > {{ .Values.credsPath }}/certs/fullchain.pem; - cat {{ .Values.credsPath }}/certs/fullchain.pem - echo "*** change ownership of certificates to targeted user" - chown -R 33 {{ .Values.credsPath }} - fi + echo "*** transform AAF certs into pem files" + mkdir -p {{ .Values.credsPath }}/certs + keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \ + -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \ + -alias ca_local_0 \ + -storepass $cadi_truststore_password + openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \ + -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \ + -passin pass:$cadi_keystore_password_p12 \ + -passout pass:$cadi_keystore_password_p12 + echo "*** generating needed file" + cat {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \ + {{ .Values.credsPath }}/certs/cert.pem \ + {{ .Values.credsPath }}/certs/cacert.pem \ + > {{ .Values.credsPath }}/certs/fullchain.pem; + cat {{ .Values.credsPath }}/certs/fullchain.pem + echo "*** change ownership of certificates to targeted user" + chown -R 33 {{ .Values.credsPath }} ################################################################# diff --git a/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh index 5b652228a6..5f23a89867 100644 --- a/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh +++ b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh @@ -1,4 +1,5 @@ #!/bin/bash + set -e # first arg is `-f` or `--some-option` @@ -11,7 +12,7 @@ fi if [ "$1" = 'cassandra' -a "$(id -u)" = '0' ]; then find /var/lib/cassandra /var/log/cassandra "$CASSANDRA_CONFIG" \ \! -user cassandra -exec chown cassandra '{}' + - exec gosu cassandra "$BASH_SOURCE" "$@" + exec gosu cassandra "$0" "$@" fi _ip_address() { @@ -71,7 +72,8 @@ if [ "$1" = 'cassandra' ]; then authenticator \ ; do var="CASSANDRA_${yaml^^}" - val="${!var}" + # eval presents no security issue here because of limited possible values of var + eval val=\$$var if [ "$val" ]; then _sed-in-place "$CASSANDRA_CONFIG/cassandra.yaml" \ -r 's/^(# )?('"$yaml"':).*/\2 '"$val"'/' @@ -80,7 +82,8 @@ if [ "$1" = 'cassandra' ]; then for rackdc in dc rack; do var="CASSANDRA_${rackdc^^}" - val="${!var}" + # eval presents no security issue here because of limited possible values of var + eval val=\$$var if [ "$val" ]; then _sed-in-place "$CASSANDRA_CONFIG/cassandra-rackdc.properties" \ -r 's/^('"$rackdc"'=).*/\1 '"$val"'/' diff --git a/kubernetes/common/cassandra/resources/restore.sh b/kubernetes/common/cassandra/resources/restore.sh index a8105345f7..7f271d262f 100644 --- a/kubernetes/common/cassandra/resources/restore.sh +++ b/kubernetes/common/cassandra/resources/restore.sh @@ -41,7 +41,7 @@ then print_usage fi -while [[ $# -gt 0 ]] +while [ $# -gt 0 ] do key="$1" shift diff --git a/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh index cb4153e778..6df7505e7b 100755 --- a/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh +++ b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh @@ -1,7 +1,7 @@ -#!/bin/bash +#!/bin/sh {{/* -# Copyright © 2020 Bell Canada +# Copyright © 2020-2021 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/common/cmpv2Certificate/templates/_certServiceClient.tpl b/kubernetes/common/cmpv2Certificate/templates/_certServiceClient.tpl deleted file mode 100644 index f80b06b4d3..0000000000 --- a/kubernetes/common/cmpv2Certificate/templates/_certServiceClient.tpl +++ /dev/null @@ -1,189 +0,0 @@ -{{/* -# Copyright © 2021 Nokia -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{/* -In order to use certServiceClient it is needed do define certificates array in target component values.yaml. Each -certificate will be requested from separate init container - -Minimum example of array in target component values.yaml: -certificates: - - mountPath: /var/custom-certs - commonName: common-name - -Full example (other fields are ignored): -certificates: - - mountPath: /var/custom-certs - caName: RA - keystore: - outputType: - - jks - commonName: common-name - dnsNames: - - dns-name-1 - - dns-name-2 - ipAddresses: - - 192.168.0.1 - - 192.168.0.2 - emailAddresses: - - email-1@onap.org - - email-2@onap.org - uris: - - http://uri-1.onap.org - - http://uri-2.onap.org - subject: - organization: Linux-Foundation - country: US - locality: San Francisco - province: California - organizationalUnit: ONAP - -There also need to be some includes used in a target component deployment (indent values may need to be adjusted): - 1. In initContainers section: - {{ include "common.certServiceClient.initContainer" . | indent 6 }} - 2. In volumeMounts section of container using certificates: - {{ include "common.certServiceClient.volumeMounts" . | indent 10 }} - 3. In volumes section: - {{ include "common.certServiceClient.volumes" . | indent 8 }} - -*/}} - -{{- define "common.certServiceClient.initContainer" -}} -{{- $dot := default . .dot -}} -{{- $initRoot := default $dot.Values.cmpv2Certificate.cmpv2Config .initRoot -}} -{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}} -{{- if and $subchartGlobal.cmpv2Enabled (not $subchartGlobal.CMPv2CertManagerIntegration) -}} -{{- range $index, $certificate := $dot.Values.certificates -}} -{{/*# General certifiacate attributes #*/}} -{{- $commonName := (required "'commonName' for Certificate is required." $certificate.commonName) -}} -{{/*# SAN's #*/}} -{{- $dnsNames := default (list) $certificate.dnsNames -}} -{{- $ipAddresses := default (list) $certificate.ipAddresses -}} -{{- $uris := default (list) $certificate.uris -}} -{{- $emailAddresses := default (list) $certificate.emailAddresses -}} -{{- $sansList := concat $dnsNames $ipAddresses $uris $emailAddresses -}} -{{- $sans := join "," $sansList }} -{{/*# Subject #*/}} -{{- $organization := $subchartGlobal.certificate.default.subject.organization -}} -{{- $country := $subchartGlobal.certificate.default.subject.country -}} -{{- $locality := $subchartGlobal.certificate.default.subject.locality -}} -{{- $province := $subchartGlobal.certificate.default.subject.province -}} -{{- $orgUnit := $subchartGlobal.certificate.default.subject.organizationalUnit -}} -{{- if $certificate.subject -}} -{{- $organization := $certificate.subject.organization -}} -{{- $country := $certificate.subject.country -}} -{{- $locality := $certificate.subject.locality -}} -{{- $province := $certificate.subject.province -}} -{{- $orgUnit := $certificate.subject.organizationalUnit -}} -{{- end -}} -{{- $caName := default $subchartGlobal.platform.certServiceClient.envVariables.caName $certificate.caName -}} -{{- $outputType := $subchartGlobal.platform.certServiceClient.envVariables.outputType -}} -{{- if $certificate.keystore -}} -{{- $outputTypeList := (required "'outputType' in 'keystore' section is required." $certificate.keystore.outputType) -}} -{{- $outputType = mustFirst ($outputTypeList) | upper -}} -{{- end -}} -{{- $requestUrl := $subchartGlobal.platform.certServiceClient.envVariables.requestURL -}} -{{- $certPath := $subchartGlobal.platform.certServiceClient.envVariables.certPath -}} -{{- $requestTimeout := $subchartGlobal.platform.certServiceClient.envVariables.requestTimeout -}} -{{- $certificatesSecret:= $subchartGlobal.platform.certServiceClient.clientSecretName -}} -{{- $certificatesSecretMountPath := $subchartGlobal.platform.certServiceClient.certificatesSecretMountPath -}} -{{- $keystorePath := (printf "%s%s" $subchartGlobal.platform.certServiceClient.certificatesSecretMountPath $subchartGlobal.platform.certificates.keystoreKeyRef ) -}} -{{- $keystorePasswordSecret := $subchartGlobal.platform.certificates.keystorePasswordSecretName -}} -{{- $keystorePasswordSecretKey := $subchartGlobal.platform.certificates.keystorePasswordSecretKey -}} -{{- $truststorePath := (printf "%s%s" $subchartGlobal.platform.certServiceClient.certificatesSecretMountPath $subchartGlobal.platform.certificates.truststoreKeyRef ) -}} -{{- $truststorePasswordSecret := $subchartGlobal.platform.certificates.truststorePasswordSecretName -}} -{{- $truststorePasswordSecretKey := $subchartGlobal.platform.certificates.truststorePasswordSecretKey -}} -- name: certs-init-{{ $index }} - image: {{ include "repositoryGenerator.image.certserviceclient" $dot }} - imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }} - env: - - name: REQUEST_URL - value: {{ $requestUrl | quote }} - - name: REQUEST_TIMEOUT - value: {{ $requestTimeout | quote }} - - name: OUTPUT_PATH - value: {{ $certPath | quote }} - - name: OUTPUT_TYPE - value: {{ $outputType | quote }} - - name: CA_NAME - value: {{ $caName | quote }} - - name: COMMON_NAME - value: {{ $commonName | quote }} - - name: SANS - value: {{ $sans | quote }} - - name: ORGANIZATION - value: {{ $organization | quote }} - - name: ORGANIZATION_UNIT - value: {{ $orgUnit | quote }} - - name: LOCATION - value: {{ $locality | quote }} - - name: STATE - value: {{ $province | quote }} - - name: COUNTRY - value: {{ $country | quote }} - - name: KEYSTORE_PATH - value: {{ $keystorePath | quote }} - - name: KEYSTORE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ $keystorePasswordSecret | quote}} - key: {{ $keystorePasswordSecretKey | quote}} - - name: TRUSTSTORE_PATH - value: {{ $truststorePath | quote }} - - name: TRUSTSTORE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ $truststorePasswordSecret | quote}} - key: {{ $truststorePasswordSecretKey | quote}} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: {{ $certPath }} - name: cmpv2-certs-volume-{{ $index }} - - mountPath: {{ $certificatesSecretMountPath }} - name: certservice-tls-volume -{{- end -}} -{{- end -}} -{{- end -}} - -{{- define "common.certServiceClient.volumes" -}} -{{- $dot := default . .dot -}} -{{- $initRoot := default $dot.Values.cmpv2Certificate.cmpv2Config .initRoot -}} -{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}} -{{- if and $subchartGlobal.cmpv2Enabled (not $subchartGlobal.CMPv2CertManagerIntegration) -}} -{{- $certificatesSecretName := $subchartGlobal.platform.certificates.clientSecretName -}} -- name: certservice-tls-volume - secret: - secretName: {{ $certificatesSecretName }} -{{ range $index, $certificate := $dot.Values.certificates -}} -- name: cmpv2-certs-volume-{{ $index }} - emptyDir: - medium: Memory -{{- end -}} -{{- end -}} -{{- end -}} - -{{- define "common.certServiceClient.volumeMounts" -}} -{{- $dot := default . .dot -}} -{{- $initRoot := default $dot.Values.cmpv2Certificate.cmpv2Config .initRoot -}} -{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}} -{{- if and $subchartGlobal.cmpv2Enabled (not $subchartGlobal.CMPv2CertManagerIntegration) -}} -{{- range $index, $certificate := $dot.Values.certificates -}} -{{- $mountPath := $certificate.mountPath -}} -- mountPath: {{ $mountPath }} - name: cmpv2-certs-volume-{{ $index }} -{{ end -}} -{{- end -}} -{{- end -}} diff --git a/kubernetes/common/cmpv2Config/values.yaml b/kubernetes/common/cmpv2Config/values.yaml index 695e40616c..02595b348d 100644 --- a/kubernetes/common/cmpv2Config/values.yaml +++ b/kubernetes/common/cmpv2Config/values.yaml @@ -15,7 +15,6 @@ global: # Enabling CMPv2 cmpv2Enabled: true - CMPv2CertManagerIntegration: false certificate: default: @@ -35,17 +34,6 @@ global: keystorePasswordSecretKey: password truststorePasswordSecretName: oom-cert-service-truststore-password truststorePasswordSecretKey: password - certServiceClient: - image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3 - certificatesSecretMountPath: /etc/onap/oom/certservice/certs/ - envVariables: - certPath: "/var/custom-certs" - # Certificate related - caName: "RA" - # Client configuration related - requestURL: "https://oom-cert-service:8443/v1/certificate/" - requestTimeout: "30000" - outputType: "P12" certPostProcessor: image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.3 diff --git a/kubernetes/common/common/templates/_service.tpl b/kubernetes/common/common/templates/_service.tpl index 9c3010c209..8489cc5021 100644 --- a/kubernetes/common/common/templates/_service.tpl +++ b/kubernetes/common/common/templates/_service.tpl @@ -181,6 +181,8 @@ labels: {{- include "common.labels" (dict "labels" $labels "dot" $dot) | nindent {{- $labels := default (dict) .labels -}} {{- $matchLabels := default (dict) .matchLabels -}} {{- $sessionAffinity := default "None" $dot.Values.service.sessionAffinity -}} +{{- $kubeTargetVersion := default $dot.Capabilities.KubeVersion.Version | trimPrefix "v" -}} +{{- $ipFamilyPolicy := default "PreferDualStack" $dot.Values.service.ipFamilyPolicy -}} apiVersion: v1 kind: Service metadata: {{ include "common.serviceMetadata" (dict "suffix" $suffix "annotations" $annotations "msb_informations" $msb_informations "labels" $labels "dot" $dot) | nindent 2 }} @@ -189,6 +191,9 @@ spec: clusterIP: None {{- end }} ports: {{- include "common.servicePorts" (dict "serviceType" $serviceType "ports" $ports "dot" $dot "add_plain_port" $add_plain_port) | nindent 4 }} + {{- if semverCompare ">=1.20.0" $kubeTargetVersion }} + ipFamilyPolicy: {{ $ipFamilyPolicy }} + {{- end }} {{- if $publishNotReadyAddresses }} publishNotReadyAddresses: true {{- end }} diff --git a/kubernetes/common/dgbuilder/requirements.yaml b/kubernetes/common/dgbuilder/requirements.yaml index 0157b7063e..1bbab11af4 100644 --- a/kubernetes/common/dgbuilder/requirements.yaml +++ b/kubernetes/common/dgbuilder/requirements.yaml @@ -22,3 +22,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: 'file://../repositoryGenerator' + - name: serviceAccount + version: ~8.x-0 + repository: 'file://../serviceAccount' diff --git a/kubernetes/common/dgbuilder/templates/deployment.yaml b/kubernetes/common/dgbuilder/templates/deployment.yaml index ad3e4cf128..6538ad0836 100644 --- a/kubernetes/common/dgbuilder/templates/deployment.yaml +++ b/kubernetes/common/dgbuilder/templates/deployment.yaml @@ -128,6 +128,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml index ae1d85795d..0f91bbd882 100644 --- a/kubernetes/common/dgbuilder/values.yaml +++ b/kubernetes/common/dgbuilder/values.yaml @@ -186,3 +186,8 @@ resources: memory: 4Gi unlimited: {} +#Pods Service Account +serviceAccount: + nameOverride: dgbuilder + roles: + - read diff --git a/kubernetes/common/etcd-init/.helmignore b/kubernetes/common/etcd-init/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/common/etcd-init/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/common/cmpv2Certificate/Chart.yaml b/kubernetes/common/etcd-init/Chart.yaml index 6641ec6954..20f5ac40cc 100644 --- a/kubernetes/common/cmpv2Certificate/Chart.yaml +++ b/kubernetes/common/etcd-init/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2021 Nokia +# Copyright (C) 2021 Wipro Limited. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: Template used to add cmpv2 certificates to components -name: cmpv2Certificate +description: Chart for etcd init job +name: etcd-init version: 8.0.0 diff --git a/kubernetes/common/cmpv2Certificate/requirements.yaml b/kubernetes/common/etcd-init/requirements.yaml index b10896d2ce..008789b822 100644 --- a/kubernetes/common/cmpv2Certificate/requirements.yaml +++ b/kubernetes/common/etcd-init/requirements.yaml @@ -1,4 +1,4 @@ -# Copyright © 2021 Nokia +# Copyright (C) 2021 Wipro Limited. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,6 +19,3 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: 'file://../repositoryGenerator' - - name: cmpv2Config - version: ~8.x-0 - repository: 'file://../cmpv2Config' diff --git a/kubernetes/common/etcd-init/templates/job.yaml b/kubernetes/common/etcd-init/templates/job.yaml new file mode 100644 index 0000000000..69bcfaaf99 --- /dev/null +++ b/kubernetes/common/etcd-init/templates/job.yaml @@ -0,0 +1,104 @@ +{{/* +# Copyright (C) 2021 Wipro Limited. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-job + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + backoffLimit: {{ .Values.backoffLimit }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + name: {{ include "common.name" . }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + command: + - /app/ready.py + args: + - --container-name + - {{ .Values.etcd.containerName }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ include "repositoryGenerator.image.readiness" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /bin/sh + - -ec + - | + # Create users + export ETCDCTL_ENDPOINTS=http://${ETCD_HOST}:${ETCD_PORT} + export ETCDCTL_API=3 + echo "${ROOT_PASSWORD}" | etcdctl user add root --interactive=false + echo "${APP_PASSWORD}" | etcdctl user add ${APP_USER} --interactive=false + + # Create roles + etcdctl role add ${APP_ROLE} + etcdctl role grant-permission ${APP_ROLE} --prefix=true readwrite ${KEY_PREFIX} + + etcdctl user grant-role ${APP_USER} ${APP_ROLE} + etcdctl auth enable + env: + - name: ALLOW_NONE_AUTHENTICATION + value: "yes" + - name: ETCD_HOST + value: "{{ .Values.etcd.serviceName }}.{{ include "common.namespace" . }}" + - name: ETCD_PORT + value: "{{ .Values.etcd.port }}" + - name: ROOT_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "root-password" "key" "password" ) | indent 10 }} + - name: APP_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-creds" "key" "login") | indent 10 }} + - name: APP_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-creds" "key" "password") | indent 10 }} + - name: APP_ROLE + value: "{{ .Values.config.appRole }}" + - name: KEY_PREFIX + value: "{{ .Values.config.keyPrefix }}" + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + resources: {{ include "common.resources" . | nindent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: {{ toYaml .Values.affinity | nindent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + restartPolicy: Never + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/common/cmpv2Certificate/values.yaml b/kubernetes/common/etcd-init/templates/secret.yaml index 504947525d..e874185693 100644 --- a/kubernetes/common/cmpv2Certificate/values.yaml +++ b/kubernetes/common/etcd-init/templates/secret.yaml @@ -1,4 +1,5 @@ -# Copyright © 2021 Nokia +{{/* +# Copyright (C) 2021 Wipro Limited. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,3 +12,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/common/etcd-init/values.yaml b/kubernetes/common/etcd-init/values.yaml new file mode 100644 index 0000000000..c99c9f1e5b --- /dev/null +++ b/kubernetes/common/etcd-init/values.yaml @@ -0,0 +1,74 @@ +# Copyright (C) 2021 Wipro Limited. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: {} + +################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: root-password + type: password + externalSecret: '{{ tpl (default "" .Values.config.userRootSecret) . }}' + password: '{{ .Values.config.userRootPassword }}' + - uid: app-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.appUser }}' + password: '{{ .Values.config.appPassword }}' + +################################################################# +# Application configuration defaults. +################################################################# + +image: bitnami/etcd:3.3.15 +pullPolicy: Always +backoffLimit: 20 + +nodeSelector: {} + +affinity: {} + +etcd: + serviceName: k8s-etcd + port : 2379 + containerName: k8s-etcd + +config: + userRootSecret: root +# userCredentialsExternalSecret: + appUser: user + appRole: role + keyPrefix: key + +flavor: small +resources: + small: + limits: + cpu: 100m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 20m + memory: 20Mi + unlimited: {} diff --git a/kubernetes/common/etcd/templates/statefulset.yaml b/kubernetes/common/etcd/templates/statefulset.yaml index a343d4fce5..48c8b6d0cc 100644 --- a/kubernetes/common/etcd/templates/statefulset.yaml +++ b/kubernetes/common/etcd/templates/statefulset.yaml @@ -49,7 +49,7 @@ spec: {{ toYaml .Values.tolerations | indent 8 }} {{- end }} containers: - - name: {{ include "common.fullname" . }} + - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.googleK8sRepository" . }}/{{ .Values.image }} imagePullPolicy: "{{ .Values.pullPolicy }}" ports: diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index 4c77efc83f..ed9977acd9 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -86,9 +86,10 @@ service: ## type: ClusterIP headless: {} + internalPort: &dbPort 3306 ports: - name: mysql - port: 3306 + port: *dbPort headlessPorts: - name: galera port: 4567 diff --git a/kubernetes/common/mariadb-init/resources/config/db_init.sh b/kubernetes/common/mariadb-init/resources/config/db_init.sh index fa4b007a5a..f130bb5118 100755 --- a/kubernetes/common/mariadb-init/resources/config/db_init.sh +++ b/kubernetes/common/mariadb-init/resources/config/db_init.sh @@ -1,4 +1,5 @@ #!/bin/bash + {{/* # Copyright © 2019 Orange # Copyright © 2020 Samsung Electronics @@ -22,8 +23,15 @@ set -e while read DB ; do USER_VAR="MYSQL_USER_${DB^^}" PASS_VAR="MYSQL_PASSWORD_${DB^^}" - USER=${!USER_VAR} - PASS=`echo -n ${!PASS_VAR} | sed -e "s/'/''/g"` +{{/* + # USER=${!USER_VAR} + # PASS=`echo -n ${!PASS_VAR} | sed -e "s/'/''/g"` + # eval replacement of the bashism equivalents above might present a security issue here + # since it reads content from DB values filled by helm at the end of the script. + # These possible values has to be constrainted and/or limited by helm for a safe use of eval. +*/}} + eval USER=\$$USER_VAR + PASS=$(eval echo -n \$$PASS_VAR | sed -e "s/'/''/g") MYSQL_OPTS=( -h ${DB_HOST} -P ${DB_PORT} -uroot -p${MYSQL_ROOT_PASSWORD} ) echo "Creating database ${DB} and user ${USER}..." diff --git a/kubernetes/common/music/components/music-cassandra/templates/job.yaml b/kubernetes/common/music/components/music-cassandra/templates/job.yaml index 3cf1ae34fd..d3c89d4a59 100644 --- a/kubernetes/common/music/components/music-cassandra/templates/job.yaml +++ b/kubernetes/common/music/components/music-cassandra/templates/job.yaml @@ -39,8 +39,6 @@ spec: command: - /app/ready.py args: - - --timeout - - "{{ .Values.readinessTimeout }}" - --container-name - music-cassandra env: @@ -87,4 +85,3 @@ spec: restartPolicy: Never imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" - diff --git a/kubernetes/common/music/components/music-cassandra/templates/statefulset.yaml b/kubernetes/common/music/components/music-cassandra/templates/statefulset.yaml index 2a1fb4f59e..1aabfb6bcc 100644 --- a/kubernetes/common/music/components/music-cassandra/templates/statefulset.yaml +++ b/kubernetes/common/music/components/music-cassandra/templates/statefulset.yaml @@ -73,6 +73,17 @@ spec: timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} successThreshold: {{ .Values.readiness.successThreshold }} failureThreshold: {{ .Values.readiness.failureThreshold }} + startupProbe: + exec: + command: + - /bin/bash + - -c + - nodetool status | grep $POD_IP | awk '$1!="UN" { exit 1; }' + initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }} + periodSeconds: {{ .Values.startup.periodSeconds }} + timeoutSeconds: {{ .Values.startup.timeoutSeconds }} + successThreshold: {{ .Values.startup.successThreshold }} + failureThreshold: {{ .Values.startup.failureThreshold }} lifecycle: preStop: exec: diff --git a/kubernetes/common/music/components/music-cassandra/values.yaml b/kubernetes/common/music/components/music-cassandra/values.yaml index 8530172269..92ed723989 100644 --- a/kubernetes/common/music/components/music-cassandra/values.yaml +++ b/kubernetes/common/music/components/music-cassandra/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 persistence: {} -replicaCount: 3 +replicaCount: 1 # Cassandra Image - This image is modified from the original on # Docker Hub where the Security has been turned on. @@ -72,8 +72,8 @@ cql: # probe configuration parameters liveness: - initialDelaySeconds: 120 - periodSeconds: 20 + initialDelaySeconds: 1 + periodSeconds: 10 timeoutSeconds: 10 successThreshold: 1 failureThreshold: 3 @@ -81,15 +81,20 @@ liveness: # in debugger so K8s doesn't restart unresponsive container enabled: true -readinessTimeout: 240 - readiness: - initialDelaySeconds: 10 - periodSeconds: 20 + initialDelaySeconds: 1 + periodSeconds: 10 timeoutSeconds: 10 successThreshold: 1 failureThreshold: 3 +startup: + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 90 + podManagementPolicy: OrderedReady updateStrategy: type: OnDelete diff --git a/kubernetes/common/repositoryGenerator/templates/_repository.tpl b/kubernetes/common/repositoryGenerator/templates/_repository.tpl index 91f21ab0c9..211cf1c599 100644 --- a/kubernetes/common/repositoryGenerator/templates/_repository.tpl +++ b/kubernetes/common/repositoryGenerator/templates/_repository.tpl @@ -67,6 +67,15 @@ {{- include "repositoryGenerator._repositoryHelper" (merge (dict "repoName" "googleK8sRepository") .) }} {{- end -}} +{{/* + Resolve the name of the GithubContainer registry + - .Values.global.githubContainerRegistry : default image githubContainerRegistry for all dockerHub images + - .Values.githubContainerRegistryOverride : override global githubContainerRegistry on a per chart basis +*/}} +{{- define "repositoryGenerator.githubContainerRegistry" -}} + {{- include "repositoryGenerator._repositoryHelper" (merge (dict "repoName" "githubContainerRegistry") .) }} +{{- end -}} + {{- define "repositoryGenerator.image._helper" -}} {{- $dot := default . .dot -}} {{- $initRoot := default $dot.Values.repositoryGenerator .initRoot -}} @@ -83,10 +92,6 @@ {{- include "repositoryGenerator.image._helper" (merge (dict "image" "curlImage") .) }} {{- end -}} -{{- define "repositoryGenerator.image.certserviceclient" -}} - {{- include "repositoryGenerator.image._helper" (merge (dict "image" "certServiceClientImage") .) }} -{{- end -}} - {{- define "repositoryGenerator.image.dcaepolicysync" -}} {{- include "repositoryGenerator.image._helper" (merge (dict "image" "dcaePolicySyncImage") .) }} {{- end -}} @@ -143,7 +148,7 @@ {{/* Our version of helm doesn't support deepCopy so we need this nasty trick */}} {{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} {{- $repoCreds := "" }} - {{- if $subchartDot.Values.global.dockerHubRepositoryCred }} + {{- if $subchartDot.Values.global.repositoryCred }} {{- $repo := $subchartDot.Values.global.repository }} {{- $cred := $subchartDot.Values.global.repositoryCred }} {{- $mail := default "@" $cred.mail }} @@ -186,5 +191,17 @@ {{- $repoCreds = printf "%s, %s" $repoCreds $gcrRepoCreds }} {{- end }} {{- end }} + {{- if $subchartDot.Values.global.githubContainerRegistryCred }} + {{- $ghcrRepo := $subchartDot.Values.global.githubContainerRegistry }} + {{- $ghcrCred := $subchartDot.Values.global.githubContainerRegistryCred }} + {{- $ghcrMail := default "@" $ghcrCred.mail }} + {{- $ghcrAuth := printf "%s:%s" $ghcrCred.user $ghcrCred.password | b64enc }} + {{- $ghcrRepoCreds := printf "\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}" $ghcrRepo $ghcrCred.user $ghcrCred.password $ghcrMail $ghcrAuth }} + {{- if eq "" $repoCreds }} + {{- $repoCreds = $ghcrRepoCreds }} + {{- else }} + {{- $repoCreds = printf "%s, %s" $repoCreds $ghcrRepoCreds }} + {{- end }} + {{- end }} {{- printf "{%s}" $repoCreds | b64enc -}} {{- end -}} diff --git a/kubernetes/common/repositoryGenerator/values.yaml b/kubernetes/common/repositoryGenerator/values.yaml index 8a68f6dd9c..2a01112ce6 100644 --- a/kubernetes/common/repositoryGenerator/values.yaml +++ b/kubernetes/common/repositoryGenerator/values.yaml @@ -19,11 +19,11 @@ global: dockerHubRepository: docker.io elasticRepository: docker.elastic.co googleK8sRepository: k8s.gcr.io + githubContainerRegistry: ghcr.io # common global images busyboxImage: busybox:1.32 curlImage: curlimages/curl:7.69.1 - certServiceClientImage: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3 envsubstImage: dibi/envsubst:1 # there's only latest image for htpasswd htpasswdImage: xmartlabs/htpasswd:latest @@ -56,7 +56,6 @@ global: imageRepoMapping: busyboxImage: dockerHubRepository curlImage: dockerHubRepository - certServiceClientImage: repository envsubstImage: dockerHubRepository htpasswdImage: dockerHubRepository jreImage: repository diff --git a/kubernetes/config/prepull_docker.sh b/kubernetes/config/prepull_docker.sh index 040adec23d..590d651f87 100755 --- a/kubernetes/config/prepull_docker.sh +++ b/kubernetes/config/prepull_docker.sh @@ -102,7 +102,7 @@ do for line in `parse_yaml $filename` do #skiping commented line - if [[ ${line:0:1} != '#' ]]; then + if [ "${line:0:1}" != '#' ]; then #find all image subtag inside converted values.yaml file's lines if echo $line | grep -q $IMAGE_TEXT ; then #find imageName inside line diff --git a/kubernetes/consul/.helmignore b/kubernetes/consul/.helmignore new file mode 100644 index 0000000000..7ddbad7ef4 --- /dev/null +++ b/kubernetes/consul/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +components/ diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh index 1a75bd7a85..163877deca 100755 --- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh +++ b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh @@ -1,5 +1,5 @@ #!/bin/bash -e -# + # Copyright 2020 Samsung Electronics Co., Ltd. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -70,7 +70,8 @@ ingress_controller_ip() { deploy() { local ingress_ip=$(ingress_controller_ip) - pushd "$SPATH/bind9dns" > /dev/null + initdir = $(pwd) + cd $SPATH/bind9dns if [ $# -eq 0 ]; then local cl_domain="simpledemo.onap.org" else @@ -82,13 +83,15 @@ deploy() { shift fi helm install . --set dnsconf.wildcard="$cl_domain=$ingress_ip" $@ - popd > /dev/null + cd $initdir target_machine_notice_info } -if [[ $# -eq 1 ]] && [[ $1 = "-h" || $1 = "--help" ]]; then +if [ $# -eq 1 ] && [ "$1" = "-h" ]; then + usage +elif [ $# -eq 1 ] && [ "$1" = "--help" ]; then usage -elif [[ $# -eq 1 ]] && [[ $1 = "--info" ]]; then +elif [ $# -eq 1 ] && [ "$1" = "--info" ]; then target_machine_notice_info else deploy $@ diff --git a/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh b/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh index 44fe79a0c6..bf2bc121a7 100755 --- a/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh +++ b/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh @@ -76,9 +76,11 @@ manual_configuration() { generate_config_map $@ } -if [[ $# -eq 1 ]] && [[ $1 = "-h" || $1 = "--help" ]]; then +if [ $# -eq 1 ] && [ "$1" = "-h" ]; then usage -elif [[ $# -eq 0 ]]; then +if [ $# -eq 1 ] && [ "$1" = "--help" ]; then + usage +elif [ $# -eq 0 ]; then automatic_configuration else manual_configuration $@ diff --git a/kubernetes/contrib/tools/registry-initialize.sh b/kubernetes/contrib/tools/registry-initialize.sh new file mode 100755 index 0000000000..75b36bbc52 --- /dev/null +++ b/kubernetes/contrib/tools/registry-initialize.sh @@ -0,0 +1,118 @@ +#!/bin/sh -x + +# Copyright (c) 2021 AT&T. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Pre-requisite +# 1. Chart packages available under local directory provided as input/argument +# 2. helm client installed with push plugin +# 3. ONAP chartmuseum service deployed + +usage() +{ + echo "Chart Base directory must be provided as input!!" + echo "Usage: registry-initialize.sh -d chartdirectory \ +<-n namespace override> <-r helmrelease override>" + exit 1 +} + +if [ $# -eq 0 ]; then + usage +fi + +# defaults +NAMESPACE=onap +RLS_NAME=onap +LOGIN="" +PASSWORD="" + +while getopts ":d:n:r:" opt; do + case $opt in + d) BASEDIR="$OPTARG" + ;; + n) NAMESPACE="$OPTARG" + ;; + r) RLS_NAME="$OPTARG" + ;; + \?) echo "Invalid option -$OPTARG" >&2 + usage + ;; + esac +done + +if [ -z "$BASEDIR" ]; then + exit "Chart base directory provided $BASEDIR is empty" +fi + +if [ "$(find $BASEDIR -maxdepth 1 -name '*tgz' -print -quit)" ]; then + echo "$BASEDIR valid" +else + exit "No chart package on $BASEDIR provided" +fi + +LOGIN=$(kubectl -n "$NAMESPACE" get secret \ + "${RLS_NAME}-chartmuseum-registrycred" \ + -o jsonpath='{.data.login}' | base64 -d) + +PASSWORD=$(kubectl -n "$NAMESPACE" get secret \ + "${RLS_NAME}-chartmuseum-registrycred" \ + -o jsonpath='{.data.password}' | base64 -d) + +if [ -z "$LOGIN" ] || [ -z "$PASSWORD" ]; then + echo "Login/Password credential for target registry cannot be retrieved" + exit 1 +fi + +# Expose cluster port via port-forwarding +kubectl -n $NAMESPACE port-forward service/chart-museum 27017:80 & +if [ $? -ne 0 ]; then + echo "Error in portforwarding; registry cannot be added!!" + exit 1 +fi + +sleep 5 + +# Add chartmuseum repo as helm repo +# Credentials should match config defined in +# oom\kubernetes\platform\components\chartmuseum\values.yaml +helm repo add k8s-registry http://127.0.0.1:27017 --username "$LOGIN" \ + --password "$PASSWORD" +if [ $? -ne 0 ]; then + echo "registry cannot be added!!" + pkill -f "port-forward service/chart-museum" + exit 1 +fi + +# Initial scope is pushing only dcae charts +# can be expanded to include all onap charts if required +for file in $BASEDIR/dcae*tgz; do + # use helm plugin to push charts + helm push $file k8s-registry + if [ $? -eq 0 ]; then + echo "$file uploaded to registry successfully" + else + echo "registry upload failed!!" + pkill -f "port-forward service/chart-museum" + helm repo remove k8s-registry + exit 1 + fi +done + +echo "All Helm charts successfully uploaded into internal repository" + +# Remove the port-forwarding process +pkill -f "port-forward service/chart-museum" + +# Remove helm registry from local +helm repo remove k8s-registry diff --git a/kubernetes/contrib/tools/rke/rke_setup.sh b/kubernetes/contrib/tools/rke/rke_setup.sh index 7950e0cc88..2ee123b36a 100755 --- a/kubernetes/contrib/tools/rke/rke_setup.sh +++ b/kubernetes/contrib/tools/rke/rke_setup.sh @@ -344,7 +344,7 @@ while getopts ":b:s:e:u:l:k:v" PARAM; do esac done -if [[ -z $BRANCH ]]; then +if [ -z $BRANCH ]; then usage exit 1 fi diff --git a/kubernetes/dcaegen2-services/.helmignore b/kubernetes/dcaegen2-services/.helmignore index 50af031725..301d5b7d9e 100644 --- a/kubernetes/dcaegen2-services/.helmignore +++ b/kubernetes/dcaegen2-services/.helmignore @@ -20,3 +20,4 @@ .idea/ *.tmproj .vscode/ +components/ diff --git a/kubernetes/dcaegen2-services/Makefile b/kubernetes/dcaegen2-services/Makefile index bf267b7720..70bb031af3 100644 --- a/kubernetes/dcaegen2-services/Makefile +++ b/kubernetes/dcaegen2-services/Makefile @@ -1,4 +1,5 @@ # Copyright © 2020 Samsung Electronics +# Copyright (c) 2021 AT&T. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,10 +14,12 @@ # limitations under the License. ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) -OUTPUT_DIR := $(ROOT_DIR)/../../dist +OUTPUT_DIR := $(ROOT_DIR)/../dist PACKAGE_DIR := $(OUTPUT_DIR)/packages SECRET_DIR := $(OUTPUT_DIR)/secrets +HELM_REPO := local + EXCLUDES := HELM_BIN := helm HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) @@ -40,8 +43,8 @@ lint-%: dep-% package-%: lint-% @mkdir -p $(PACKAGE_DIR) - @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi - @$(HELM_BIN) repo index $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) push -f $$PACKAGE_NAME $(HELM_REPO); fi + @sleep 3 clean: @rm -f */requirements.lock diff --git a/kubernetes/dcaegen2-services/common/Makefile b/kubernetes/dcaegen2-services/common/Makefile index bf267b7720..db8704c2ca 100644 --- a/kubernetes/dcaegen2-services/common/Makefile +++ b/kubernetes/dcaegen2-services/common/Makefile @@ -1,4 +1,5 @@ # Copyright © 2020 Samsung Electronics +# Copyright (c) 2021 AT&T. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,13 +18,22 @@ OUTPUT_DIR := $(ROOT_DIR)/../../dist PACKAGE_DIR := $(OUTPUT_DIR)/packages SECRET_DIR := $(OUTPUT_DIR)/secrets +HELM_REPO := local + EXCLUDES := HELM_BIN := helm +# Helm v2 and helm v3 uses different version format so we first try in helm v3 format +# and if it fails then we fallback to helm v2 one +HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}" 2>/dev/null) +ifneq "$(findstring v3,$(HELM_VER))" "v3" + HELM_VER := $(shell $(HELM_BIN) version -c --template "{{.Client.SemVer}}") +endif + HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) .PHONY: $(EXCLUDES) $(HELM_CHARTS) -all: $(HELM_CHARTS) +all: $(HELM_CHARTS) helm-repo-update $(HELM_CHARTS): @echo "\n[$@]" @@ -40,12 +50,18 @@ lint-%: dep-% package-%: lint-% @mkdir -p $(PACKAGE_DIR) - @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi - @$(HELM_BIN) repo index $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) push -f $$PACKAGE_NAME $(HELM_REPO); fi + @sleep 3 clean: @rm -f */requirements.lock @rm -f *tgz */charts/*tgz @rm -rf $(PACKAGE_DIR) + +helm-repo-update: +ifeq "$(findstring v3,$(HELM_VER))" "v3" + @$(HELM_BIN) repo update +endif + %: @: diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl index 10a63ebbcf..328a4c625f 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl @@ -69,6 +69,83 @@ the the literal string "An example value". {{- end }} {{- end -}} {{/* +For internal use only! + +dcaegen2-services-common._externalVolumes: +This template generates a list of volumes associated with the pod, +based on information provided in .Values.externalVolumes. This +template works in conjunction with dcaegen2-services-common._externalVolumeMounts +to give the microservice access to data in volumes created else. +This initial implementation supports ConfigMaps only, as this is the only +external volume mounting required by current microservices. + +.Values.externalValues is a list of objects. Each object has 3 required fields and 1 optional field: + - name: the name of the resource (in the current implementation, it must be a ConfigMap) + that is to be set up as a volume. The value is a case sensitive string. Because the + names of resources are sometimes set at deployment time (for instance, to prefix the Helm + release to the name), the string can be a Helm template fragment that will be expanded at + deployment time. + - type: the type of the resource (in the current implementation, only "ConfigMap" is supported). + The value is a case-INsensitive string. + - mountPoint: the path to the mount point for the volume in the container file system. The + value is a case-sensitive string. + - readOnly: (Optional) Boolean flag. Set to true to mount the volume as read-only. + Defaults to false. + +Here is an example fragment from a values.yaml file for a microservice: + +externalVolumes: + - name: my-example-configmap + type: configmap + mountPath: /opt/app/config + - name: '{{ include "common.release" . }}-another-example' + type: configmap + mountPath: /opt/app/otherconfig +*/}} +{{- define "dcaegen2-services-common._externalVolumes" -}} + {{- $global := . -}} + {{- if .Values.externalVolumes }} + {{- range $vol := .Values.externalVolumes }} + {{- if eq (lower $vol.type) "configmap" }} + {{- $vname := (tpl $vol.name $global) }} +- configMap: + defaultMode: 420 + name: {{ $vname }} + name: {{ $vname }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} +{{/* +For internal use only! + +dcaegen2-services-common._externalVolumeMounts: +This template generates a list of volume mounts for the microservice container, +based on information provided in .Values.externalVolumes. This +template works in conjunction with dcaegen2-services-common._externalVolumes +to give the microservice access to data in volumes created else. +This initial implementation supports ConfigMaps only, as this is the only +external volume mounting required by current microservices. + +See the documentation for dcaegen2-services-common._externalVolumes for +details on how external volumes are specified in the values.yaml file for +the microservice. +*/}} +{{- define "dcaegen2-services-common._externalVolumeMounts" -}} + {{- $global := . -}} + {{- if .Values.externalVolumes }} + {{- range $vol := .Values.externalVolumes }} + {{- if eq (lower $vol.type) "configmap" }} + {{- $vname := (tpl $vol.name $global) -}} + {{- $readOnly := $vol.readOnly | default false }} +- mountPath: {{ $vol.mountPath }} + name: {{ $vname }} + readOnly: {{ $readOnly }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} +{{/* dcaegen2-services-common.microserviceDeployment: This template produces a Kubernetes Deployment for a DCAE microservice. @@ -197,6 +274,10 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }} env: + {{- range $cred := .Values.credentials }} + - name: {{ $cred.name }} + {{- include "common.secret.envFromSecretFast" (dict "global" $ "uid" $cred.uid "key" $cred.key) | indent 10 }} + {{- end }} {{- if $certDir }} - name: DCAE_CA_CERTPATH value: {{ $certDir }}/cacert.pem @@ -240,6 +321,8 @@ spec: volumeMounts: - mountPath: /app-config name: app-config + - mountPath: /app-config-input + name: app-config-input {{- if $logDir }} - mountPath: {{ $logDir}} name: component-log @@ -247,7 +330,7 @@ spec: {{- if $certDir }} - mountPath: {{ $certDir }} name: tls-info - {{- if and .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration -}} + {{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}} {{- include "common.certManager.volumeMountsReadOnly" . | nindent 8 -}} {{- end -}} {{- end }} @@ -255,6 +338,7 @@ spec: - name: policy-shared mountPath: /etc/policies {{- end }} + {{- include "dcaegen2-services-common._externalVolumeMounts" . | nindent 8 }} {{- if $logDir }} - image: {{ include "repositoryGenerator.image.logging" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -344,7 +428,7 @@ spec: {{- if $certDir }} - emptyDir: {} name: tls-info - {{ if and .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration -}} + {{ if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}} {{ include "common.certManager.volumesReadOnly" . | nindent 6 }} {{- end }} {{- end }} @@ -352,6 +436,7 @@ spec: - name: policy-shared emptyDir: {} {{- end }} + {{- include "dcaegen2-services-common._externalVolumes" . | nindent 6 }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" {{ end -}} @@ -364,7 +449,7 @@ spec: */}} {{- define "dcaegen2-services-common._certPostProcessor" -}} {{- $certDir := default "" .Values.certDirectory . -}} - {{- if and $certDir .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration -}} + {{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}} {{- $cmpv2Certificate := (index .Values.certificates 0) -}} {{- $cmpv2CertificateDir := $cmpv2Certificate.mountPath -}} {{- $certType := "pem" -}} @@ -401,3 +486,16 @@ spec: value: {{ $keystoreDestinationPaths | quote }} {{- end }} {{- end -}} + +{{/* + Template returns string "true" if CMPv2 certificates should be used and nothing (so it can be used in with statements) + when they shouldn't. Example use: + {{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}} + +*/}} +{{- define "dcaegen2-services-common.shouldUseCmpv2Certificates" -}} + {{- $certDir := default "" .Values.certDirectory . -}} + {{- if (and $certDir .Values.certificates .Values.global.cmpv2Enabled .Values.useCmpv2Certificates) -}} + true + {{- end -}} +{{- end -}} diff --git a/kubernetes/dcaegen2-services/components/Makefile b/kubernetes/dcaegen2-services/components/Makefile index bf267b7720..98dfb97f8f 100644 --- a/kubernetes/dcaegen2-services/components/Makefile +++ b/kubernetes/dcaegen2-services/components/Makefile @@ -1,4 +1,5 @@ # Copyright © 2020 Samsung Electronics +# Copyright (c) 2021 AT&T. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,6 +18,8 @@ OUTPUT_DIR := $(ROOT_DIR)/../../dist PACKAGE_DIR := $(OUTPUT_DIR)/packages SECRET_DIR := $(OUTPUT_DIR)/secrets +HELM_REPO := local + EXCLUDES := HELM_BIN := helm HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) @@ -40,8 +43,8 @@ lint-%: dep-% package-%: lint-% @mkdir -p $(PACKAGE_DIR) - @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi - @$(HELM_BIN) repo index $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) push -f $$PACKAGE_NAME $(HELM_REPO); fi + @sleep 5 clean: @rm -f */requirements.lock diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/requirements.yaml index 929cdbbc5f..d45745404d 100644 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/requirements.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/requirements.yaml @@ -1,5 +1,6 @@ # Copyright (c) 2021 J. F. Lucas. All rights reserved. # Copyright (c) 2021 Nokia. All rights reserved. +# Copyright (c) 2021 AT&T. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -25,7 +26,7 @@ dependencies: repository: '@local' - name: dcaegen2-services-common version: ~8.x-0 - repository: 'file://../../common/dcaegen2-services-common' + repository: '@local' - name: certManagerCertificate version: ~8.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/certificates.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/certificates.yaml index 0db2138a4f..12a05885ca 100644 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/certificates.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/certificates.yaml @@ -14,6 +14,6 @@ # limitations under the License. */}} -{{ if and .Values.certDirectory .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }} +{{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}} {{ include "certManagerCertificate.certificate" . }} {{ end }} diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml index bb65f37f73..64e4ba9b43 100644 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml @@ -65,8 +65,12 @@ secrets: passwordPolicy: required # CMPv2 certificate -# It is used only when global parameter cmpv2Enabled is true +# It is used only when: +# - certDirectory is set +# - global cmpv2Enabled flag is set to true +# - flag useCmpv2Certificates is set to true # Disabled by default +useCmpv2Certificates: false certificates: - mountPath: /etc/ves-hv/ssl/external commonName: dcae-hv-ves-collector diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/Chart.yaml new file mode 100644 index 0000000000..0ebda2eed5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/Chart.yaml @@ -0,0 +1,23 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (C) 2021 Nordix Foundation. +# Copyright (c) 2021 AT&T. All rights reserved. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE PMSH Service +name: dcae-pmsh +version: 8.0.0 diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/requirements.yaml new file mode 100644 index 0000000000..4dfc837bf8 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/requirements.yaml @@ -0,0 +1,33 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (C) 2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: postgres + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/a1policymanagement/templates/pvc.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/configmap.yaml index 4183edfdbb..b4b8e59b2e 100644 --- a/kubernetes/a1policymanagement/templates/pvc.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/configmap.yaml @@ -16,26 +16,4 @@ ################################################################################ */}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - {{- if .Values.persistence.annotations }} - annotations: -{{ .Values.persistence.annotations | indent 4 }} - {{- end }} -spec: - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} - storageClassName: {{ include "common.fullname" . }}-data -{{- end -}} +{{ include "dcaegen2-services-common.configMap" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/deployment.yaml new file mode 100644 index 0000000000..60fce4a7be --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/deployment.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 Nordix Foundation. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/secret.yaml new file mode 100644 index 0000000000..0f1129cfb4 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/secret.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 Nordix Foundation. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.secretFast" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/service.yaml new file mode 100644 index 0000000000..fedb766524 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/service.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 Nordix Foundation. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.service" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml new file mode 100644 index 0000000000..0e79e5e554 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml @@ -0,0 +1,195 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (C) 2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &aafCredsUID aafcreds + type: basicAuth + login: '{{ .Values.aafCreds.identity }}' + password: '{{ .Values.aafCreds.password }}' + passwordPolicy: required + - uid: &pgUserCredsSecretUid pg-user-creds + name: &pgUserCredsSecretName '{{ include "common.release" . }}-pmsh-pg-user-creds' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "pmsh-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' + login: '{{ .Values.postgres.config.pgUserName }}' + password: '{{ .Values.postgres.config.pgUserPassword }}' + passwordPolicy: generate + +################################################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.services.pmsh:1.3.1 +pullPolicy: Always + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /var/log/ONAP/dcaegen2/services/pmsh + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +certDirectory: /opt/app/pmsh/etc/certs + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true + +# Dependencies +readinessCheck: + wait_for: + - dcae-config-binding-service + - aaf-cm + - &postgresName dcae-pmsh-postgres + +# Probe Configuration +readiness: + initialDelaySeconds: 10 + periodSeconds: 15 + timeoutSeconds: 1 + path: /healthcheck + scheme: HTTPS + port: 8443 + +# Service Configuration +service: + type: ClusterIP + name: dcae-pmsh + ports: + - name: https + port: 8443 + port_protocol: http + +# AAF Credentials +aafCreds: + identity: dcae@dcae.onap.org + password: demo123456! + +credentials: +- name: AAF_IDENTITY + uid: *aafCredsUID + key: login +- name: AAF_PASSWORD + uid: *aafCredsUID + key: password + +# Initial Application Configuration +applicationConfig: + enable_tls: true + aaf_identity: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + key_path: /opt/app/pmsh/etc/certs/key.pem + cert_path: /opt/app/pmsh/etc/certs/cert.pem + ca_cert_path: /opt/app/pmsh/etc/certs/cacert.pem + control_loop_name: pmsh-control-loop + operational_policy_name: pmsh-operational-policy + pmsh_policy: + subscription: + subscriptionName: ExtraPM-All-gNB-R2B + administrativeState: LOCKED + fileBasedGP: 15 + fileLocation: "/pm/pm.xml" + nfFilter: { "nfNames": [ "^pnf.*","^vnf.*" ],"modelInvariantIDs": [ ],"modelVersionIDs": [ ],"modelNames": [ ] } + measurementGroups: [ { "measurementGroup": { "measurementTypes": [ { "measurementType": "countera" },{ "measurementType": "counterb" } ],"managedObjectDNsBasic": [ { "DN": "dna" },{ "DN": "dnb" } ] } },{ "measurementGroup": { "measurementTypes": [ { "measurementType": "counterc" },{ "measurementType": "counterd" } ],"managedObjectDNsBasic": [ { "DN": "dnc" },{ "DN": "dnd" } ] } } ] + streams_publishes: + policy_pm_publisher: + type: message_router + dmaap_info: + topic_url: "https://message-router:3905/events/unauthenticated.DCAE_CL_OUTPUT" + streams_subscribes: + policy_pm_subscriber: + type: message_router + dmaap_info: + topic_url: "https://message-router:3905/events/unauthenticated.PMSH_CL_INPUT" + aai_subscriber: + type: message_router + dmaap_info: + topic_url: "https://message-router:3905/events/AAI-EVENT" + +applicationEnv: + PMSH_PG_URL: &dcaePmshPgPrimary dcae-pmsh-pg-primary + PMSH_PG_USERNAME: + secretUid: *pgUserCredsSecretUid + key: login + PMSH_PG_PASSWORD: + secretUid: *pgUserCredsSecretUid + key: password + +# Resource Limit Flavor -By Default Using Small +flavor: small + +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} + +################################################################# +# Application configuration Overriding Defaults in the Postgres. +################################################################# +postgres: + nameOverride: *postgresName + service: + name: *postgresName + name2: *dcaePmshPgPrimary + name3: dcae-pmsh-pg-replica + container: + name: + primary: dcae-pmsh-pg-primary + replica: dcae-pmsh-pg-replica + persistence: + mountSubPath: pmsh/data + mountInitPath: pmsh + config: + pgUserName: pmsh + pgDatabase: pmsh + pgUserExternalSecret: *pgUserCredsSecretName
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/requirements.yaml index 639fc2c740..80e79fe28e 100644 --- a/kubernetes/dcaegen2-services/components/dcae-prh/requirements.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-prh/requirements.yaml @@ -1,4 +1,5 @@ # Copyright (c) 2021 J. F. Lucas. All rights reserved. +# Copyright (c) 2021 AT&T. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -24,4 +25,4 @@ dependencies: repository: '@local' - name: dcaegen2-services-common version: ~8.x-0 - repository: 'file://../../common/dcaegen2-services-common' + repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml new file mode 100644 index 0000000000..64b0d0f96a --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml @@ -0,0 +1,23 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE SliceAnalysis MS charts +name: dcae-slice-analysis-ms +version: 8.0.0 + diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/requirements.yaml new file mode 100644 index 0000000000..9cab8e92e6 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/requirements.yaml @@ -0,0 +1,34 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: postgres + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local' + diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/configmap.yaml new file mode 100644 index 0000000000..26be310888 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/configmap.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "dcaegen2-services-common.configMap" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/deployment.yaml new file mode 100644 index 0000000000..02b5df8135 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/deployment.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/secret.yaml new file mode 100644 index 0000000000..c4596e5b21 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/secret.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/service.yaml new file mode 100644 index 0000000000..ba0283dda5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/service.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.service" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml new file mode 100644 index 0000000000..6790541bd9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml @@ -0,0 +1,212 @@ +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &aafCredsUID aafcreds + type: basicAuth + login: '{{ .Values.aafCreds.identity }}' + password: '{{ .Values.aafCreds.password }}' + passwordPolicy: required + - uid: &pgUserCredsSecretUid pg-user-creds + name: &pgUserCredsSecretName '{{ include "common.release" . }}-sliceanalysisms-pg-user-creds' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "sliceanalysisms-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' + login: '{{ .Values.postgres.config.pgUserName }}' + password: '{{ .Values.postgres.config.pgUserPassword }}' + passwordPolicy: generate + +################################aafcreds################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.0.4 + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /var/log/ONAP/dcaegen2/services/sliceanalysisms + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +certDirectory: /opt/app/sliceanalysisms/etc/cert/ + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true + +# Dependencies +readinessCheck: + wait_for: + - dcae-config-binding-service + - aaf-cm + - &postgresName dcae-sliceanalysisms-postgres + +# Probe Configuration +readiness: + initialDelaySeconds: 60 + periodSeconds: 15 + timeoutSeconds: 1 + path: /healthcheck + scheme: HTTP + port: 8080 + +# Service Configuration +service: + type: ClusterIP + name: dcae-slice-analysis-ms + ports: + - name: https + port: 8080 + port_protocol: http + +# AAF Credentials +aafCreds: + identity: dcae@dcae.onap.org + password: demo123456! + +credentials: +- name: AAF_IDENTITY + uid: *aafCredsUID + key: login +- name: AAF_PASSWORD + uid: *aafCredsUID + key: password +- name: PG_USERNAME + uid: *pgUserCredsSecretUid + key: login +- name: PG_PASSWORD + uid: *pgUserCredsSecretUid + key: password + +# Initial Application Configuration +applicationConfig: + aafUsername: ${AAF_IDENTITY} + aafPassword: ${AAF_PASSWORD} + postgres.host: dcae-sliceanalysisms-pg-primary + postgres.port: 5432 + postgres.username: ${PG_USERNAME} + postgres.password: ${PG_PASSWORD} + trust_store_path: /opt/app/sliceanalysisms/etc/cert/trust.jks + trust_store_pass_path: /opt/app/sliceanalysisms/etc/cert/trust.pass + sliceanalysisms.pollingInterval: 20 + sliceanalysisms.pollingTimeout: 60 + cbsPollingInterval: 60 + sliceanalysisms.namespace: onap + sliceanalysisms.dmaap.server: ["message-router"] + sliceanalysisms.bufferTime: 60 + sliceanalysisms.cg: sliceanalysisms-cg + sliceanalysisms.cid: sliceanalysisms-cid + sliceanalysisms.configDb.service: http://config-db:8080 + sliceanalysisms.configDbEnabled: true + sliceanalysisms.aai.url: https://aai.onap.svc.cluster.local:8443/aai/v21 + sliceanalysisms.cps.url: https://cps:8088 + sliceanalysisms.samples: 3 + sliceanalysisms.minPercentageChange: 5 + sliceanalysisms.initialDelaySeconds: 120000 + streams_publishes: + CL_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router.onap.svc.cluster.local:3905/events/unauthenticated.DCAE_CL_OUTPUT + streams_subscribes: + performance_management_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router.onap.svc.cluster.local:3905/events/org.onap.dmaap.mr.PERFORMANCE_MEASUREMENTS + intelligent_slicing_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router.onap.svc.cluster.local:3905/events/unauthenticated.ML_RESPONSE_TOPIC + dcae_cl_response_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router.onap.svc.cluster.local:3905/events/DCAE_CL_RSP + +applicationEnv: + STANDALONE: 'false' + +# Resource Limit Flavor -By Default Using Small +flavor: small +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} + +################################################################# +# Application configuration Overriding Defaults in the Postgres. +################################################################# +postgres: + nameOverride: *postgresName + service: + name: *postgresName + name2: dcae-sliceanalysisms-pg-primary + name3: dcae-sliceanalysisms-pg-replica + container: + name: + primary: dcae-sliceanalysisms-pg-primary + replica: dcae-sliceanalysisms-pg-replica + persistence: + mountSubPath: sliceanalysisms/data + mountInitPath: sliceanalysisms + config: + pgUserName: sliceanalysisms + pgDatabase: sliceanalysisms + pgUserExternalSecret: *pgUserCredsSecretName diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml new file mode 100644 index 0000000000..f57b63ac86 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml @@ -0,0 +1,22 @@ +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE Son-handler helm chart +name: dcae-son-handler +version: 8.0.0 diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/requirements.yaml new file mode 100644 index 0000000000..3f52d6fce8 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/requirements.yaml @@ -0,0 +1,33 @@ +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: postgres + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/configmap.yaml new file mode 100644 index 0000000000..48a203963e --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/configmap.yaml @@ -0,0 +1,20 @@ +{{/* +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== +*/}} + +{{ include "dcaegen2-services-common.configMap" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/deployment.yaml new file mode 100644 index 0000000000..c8cd4d40e5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/deployment.yaml @@ -0,0 +1,20 @@ +{{/* +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/secret.yaml new file mode 100644 index 0000000000..26b7b5dbdd --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/secret.yaml @@ -0,0 +1,20 @@ +{{/* +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/service.yaml new file mode 100644 index 0000000000..41133e5abc --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/service.yaml @@ -0,0 +1,20 @@ +{{/* +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== +*/}} + +{{ include "common.service" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml new file mode 100644 index 0000000000..78c6144979 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml @@ -0,0 +1,244 @@ +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &aafCredsUID aafcreds + type: basicAuth + login: '{{ .Values.aafCreds.identity }}' + password: '{{ .Values.aafCreds.password }}' + passwordPolicy: required + - uid: &pgUserCredsSecretUid pg-user-creds + name: &pgUserCredsSecretName '{{ include "common.release" . }}-sonhms-pg-user-creds' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "sonhms-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' + login: '{{ .Values.postgres.config.pgUserName }}' + password: '{{ .Values.postgres.config.pgUserPassword }}' + passwordPolicy: generate + +################################################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.services.son-handler:2.1.3 +pullPolicy: Always + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /var/log/ONAP/dcaegen2/services/sonhms + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +certDirectory: /opt/app/sonhms/etc/certs + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true + +# Policy configuraiton properties +# if present, policy-sync side car will be deployed +dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 +policies: + policyID: | + '["com.Config_PCIMS_CONFIG_POLICY"]' + +# Dependencies +readinessCheck: + wait_for: + - dcae-config-binding-service + - aaf-cm + - &postgresName dcae-sonhms-postgres + +# Probe Configuration +readiness: + initialDelaySeconds: 10 + periodSeconds: 15 + timeoutSeconds: 1 + path: /healthcheck + scheme: HTTPS + port: 8080 + +# Service Configuration +service: + type: ClusterIP + name: dcae-son-handler + ports: + - name: https + port: 8080 + port_protocol: http + +# AAF Credentials +aafCreds: + identity: dcae@dcae.onap.org + password: demo123456! + +credentials: +- name: AAF_IDENTITY + uid: *aafCredsUID + key: login +- name: AAF_PASSWORD + uid: *aafCredsUID + key: password +- name: PG_USERNAME + uid: *pgUserCredsSecretUid + key: login +- name: PG_PASSWORD + uid: *pgUserCredsSecretUid + key: password + + +# Initial Application Configuration +applicationConfig: + postgres.host: &dcaeSonhmsPgPrimary dcae-sonhms-pg-primary + postgres.port: 5432 + postgres.username: ${PG_USERNAME} + postgres.password: ${PG_PASSWORD} + sonhandler.pollingInterval: 20 + sonhandler.pollingTimeout: 60 + cbsPollingInterval: 60 + sonhandler.numSolutions: 5 + sonhandler.minCollision: 5 + sonhandler.minConfusion: 5 + sonhandler.maximumClusters: 5 + sonhandler.badThreshold: 50 + sonhandler.poorThreshold: 70 + sonhandler.namespace: onap + sonhandler.sourceId: SONHMS + sonhandler.dmaap.server: ["message-router"] + sonhandler.bufferTime: 60 + sonhandler.cg: sonhms-cg + sonhandler.cid: sonhms-cid + sonhandler.configDb.service: http://configdb:8080 + sonhandler.oof.service: https://oof-osdf:8698 + sonhandler.oof.endpoint: /api/oof/v1/pci + sonhandler.pciOptimizer: pci + sonhandler.pciAnrOptimizer: pci_anr + sonhandler.poorCountThreshold: 3 + sonhandler.badCountThreshold: 3 + sonhandler.oofTriggerCountTimer: 30 + sonhandler.oofTriggerCountThreshold: 5 + sonhandler.policyRespTimer: 10 + sonhandler.policyNegativeAckThreshold: 3 + sonhandler.policyFixedPciTimeInterval: 30000 + sonhandler.nfNamingCode: RansimAgent + streams_publishes: + CL_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router:3905/events/unauthenticated.DCAE_CL_OUTPUT + streams_subscribes: + performance_management_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router:3905/events/unauthenticated.VES_MEASUREMENT_OUTPUT + fault_management_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router:3905/events/unauthenticated.SEC_FAULT_OUTPUT + nbr_list_change_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router:3905/events/PCI-NOTIF-TOPIC-NGHBR-LIST-CHANGE-INFO + dcae_cl_response_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router:3905/events/DCAE_CL_RSP + service_calls: + sdnr-getpnfname: [] + sdnr-getpci: [] + sdnr-getnbrlist: [] + sdnr-getcelllist: [] + oof-req: [] + policy-req: [] + +applicationEnv: + STANDALONE: 'false' + +# Resource Limit Flavor -By Default Using Small +flavor: small + +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} + +################################################################# +# Application configuration Overriding Defaults in the Postgres. +################################################################# +postgres: + nameOverride: *postgresName + service: + name: *postgresName + name2: *dcaeSonhmsPgPrimary + name3: dcae-sonhms-pg-replica + container: + name: + primary: dcae-sonhms-pg-primary + replica: dcae-sonhms-pg-replica + persistence: + mountSubPath: sonhms/data + mountInitPath: sonhms + config: + pgUserName: sonhms + pgDatabase: sonhms + pgUserExternalSecret: *pgUserCredsSecretName diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/requirements.yaml index 021c357f35..02a2a674c3 100644 --- a/kubernetes/dcaegen2-services/components/dcae-tcagen2/requirements.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/requirements.yaml @@ -1,4 +1,5 @@ # Copyright (c) 2020 J. F. Lucas. All rights reserved. +# Copyright (c) 2021 AT&T. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -24,4 +25,4 @@ dependencies: repository: '@local' - name: dcaegen2-services-common version: ~8.x-0 - repository: 'file://../../common/dcaegen2-services-common' + repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml index 89cf13447a..a26c66366b 100644 --- a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml @@ -41,7 +41,7 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1. # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.2.1 +image: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.3.0 pullPolicy: Always # log directory where logging sidecar should look for log files @@ -87,8 +87,7 @@ service: name: http # Policy configuraiton properties -# if present, policy-sync side car will be deployed - +# if enabled, policy-sync side car will be deployed #dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 #policies: # duration: 300 diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/requirements.yaml index 929cdbbc5f..d45745404d 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/requirements.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/requirements.yaml @@ -1,5 +1,6 @@ # Copyright (c) 2021 J. F. Lucas. All rights reserved. # Copyright (c) 2021 Nokia. All rights reserved. +# Copyright (c) 2021 AT&T. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -25,7 +26,7 @@ dependencies: repository: '@local' - name: dcaegen2-services-common version: ~8.x-0 - repository: 'file://../../common/dcaegen2-services-common' + repository: '@local' - name: certManagerCertificate version: ~8.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/certificates.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/certificates.yaml index 0db2138a4f..12a05885ca 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/certificates.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/certificates.yaml @@ -14,6 +14,6 @@ # limitations under the License. */}} -{{ if and .Values.certDirectory .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }} +{{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}} {{ include "certManagerCertificate.certificate" . }} {{ end }} diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml index 081bcdcc1a..982d770595 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml @@ -41,7 +41,7 @@ certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice- # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.8.0 +image: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.9.2 pullPolicy: Always # log directory where logging sidecar should look for log files @@ -58,8 +58,12 @@ certDirectory: /opt/app/dcae-certificate tlsServer: true # CMPv2 certificate -# It is used only when global parameter cmpv2Enabled is true +# It is used only when: +# - certDirectory is set +# - global cmpv2Enabled flag is set to true +# - flag useCmpv2Certificates is set to true # Disabled by default +useCmpv2Certificates: false certificates: - mountPath: /opt/app/dcae-certificate/external commonName: dcae-ves-collector diff --git a/kubernetes/dcaegen2-services/requirements.yaml b/kubernetes/dcaegen2-services/requirements.yaml index a673a9783b..2bbeb9869c 100644 --- a/kubernetes/dcaegen2-services/requirements.yaml +++ b/kubernetes/dcaegen2-services/requirements.yaml @@ -1,4 +1,5 @@ # Copyright (c) 2021 J. F. Lucas. All rights reserved. +# Copyright (c) 2021 AT&T. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,21 +19,40 @@ dependencies: repository: '@local' - name: dcae-ms-healthcheck version: ~8.x-0 - repository: 'file://components/dcae-ms-healthcheck' + repository: '@local' + #repository: 'file://components/dcae-ms-healthcheck' condition: dcae-ms-healthcheck.enabled + - name: dcae-pmsh + version: ~8.x-0 + repository: '@local' + #repository: 'file://components/dcae-pmsh' + condition: dcae-pmsh.enabled - name: dcae-prh version: ~8.x-0 - repository: 'file://components/dcae-prh' + repository: '@local' + #repository: 'file://components/dcae-prh' condition: dcae-bootstrap.enabled - name: dcae-tcagen2 version: ~8.x-0 - repository: 'file://components/dcae-tcagen2' + repository: '@local' + #repository: 'file://components/dcae-tcagen2' condition: dcae-tcagen2.enabled - name: dcae-ves-collector version: ~8.x-0 - repository: 'file://components/dcae-ves-collector' + repository: '@local' + #repository: 'file://components/dcae-ves-collector' condition: dcae-ves-collector.enabled - name: dcae-hv-ves-collector version: ~8.x-0 - repository: 'file://components/dcae-hv-ves-collector' + repository: '@local' + #repository: 'file://components/dcae-hv-ves-collector' condition: dcae-hv-ves-collector.enabled + - name: dcae-slice-analysis-ms + version: ~8.x-0 + repository: '@local' + #repository: 'file://components/dcae-slice-analysis-ms' + condition: dcae-slice-analysis-ms.enabled + - name: dcae-son-handler + version: ~8.x-0 + repository: '@local' + condition: dcae-son-handler.enabled diff --git a/kubernetes/dcaegen2-services/resources/external/map/schema-map.json b/kubernetes/dcaegen2-services/resources/external/map/schema-map.json new file mode 100644 index 0000000000..498521cfee --- /dev/null +++ b/kubernetes/dcaegen2-services/resources/external/map/schema-map.json @@ -0,0 +1,18 @@ +[ + { + "publicURL": "https://forge.3gpp.org/rep/sa5/MnS/blob/Rel-16-SA-91/OpenAPI/faultMnS.yaml", + "localURL": "3gpp/rep/sa5/MnS/blob/Rel-16-SA-91/OpenAPI/faultMnS.yaml" + }, + { + "publicURL": "https://forge.3gpp.org/rep/sa5/MnS/blob/Rel-16-SA-91/OpenAPI/FileDataReportingMnS.yaml", + "localURL": "3gpp/rep/sa5/MnS/blob/Rel-16-SA-91/OpenAPI/FileDataReportingMnS.yaml" + }, + { + "publicURL": "https://forge.3gpp.org/rep/sa5/MnS/blob/Rel-16-SA-91/OpenAPI/heartbeatNtf.yaml", + "localURL": "3gpp/rep/sa5/MnS/blob/Rel-16-SA-91/OpenAPI/heartbeatNtf.yaml" + }, + { + "publicURL": "https://forge.3gpp.org/rep/sa5/MnS/blob/Rel-16-SA-91/OpenAPI/provMnS.yaml", + "localURL": "3gpp/rep/sa5/MnS/blob/Rel-16-SA-91/OpenAPI/provMnS.yaml" + } +]
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/5gcNrm.yaml b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/5gcNrm.yaml new file mode 100644 index 0000000000..eb40832285 --- /dev/null +++ b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/5gcNrm.yaml @@ -0,0 +1,1980 @@ +openapi: 3.0.1 +info: + title: 3GPP 5GC NRM + version: 16.6.0 + description: >- + OAS 3.0.1 specification of the 5GC NRM + © 2020, 3GPP Organizational Partners (ARIB, ATIS, CCSA, ETSI, TSDSI, TTA, TTC). + All rights reserved. +externalDocs: + description: 3GPP TS 28.541 V16.6.0; 5G NRM, 5GC NRM + url: http://www.3gpp.org/ftp/Specs/archive/28_series/28.541/ +paths: {} +components: + schemas: + +#-------- Definition of types----------------------------------------------------- + + AmfIdentifier: + type: object + description: 'AmfIdentifier comprise of amfRegionId, amfSetId and amfPointer' + properties: + amfRegionId: + $ref: '#/components/schemas/AmfRegionId' + amfSetId: + $ref: '#/components/schemas/AmfSetId' + amfPointer: + $ref: '#/components/schemas/AmfPointer' + AmfRegionId: + type: integer + description: AmfRegionId is defined in TS 23.003 + maximum: 255 + AmfSetId: + type: string + description: AmfSetId is defined in TS 23.003 + maximum: 1023 + AmfPointer: + type: integer + description: AmfPointer is defined in TS 23.003 + maximum: 63 + IpEndPoint: + type: object + properties: + ipv4Address: + $ref: 'genericNrm.yaml#/components/schemas/Ipv4Addr' + ipv6Address: + $ref: 'genericNrm.yaml#/components/schemas/Ipv6Addr' + ipv6Prefix: + $ref: 'genericNrm.yaml#/components/schemas/Ipv6Prefix' + transport: + $ref: 'genericNrm.yaml#/components/schemas/TransportProtocol' + port: + type: integer + NFProfileList: + type: array + description: List of NF profile + items: + $ref: '#/components/schemas/NFProfile' + NFProfile: + type: object + description: 'NF profile stored in NRF, defined in TS 29.510' + properties: + nFInstanceId: + type: string + description: uuid of NF instance + nFType: + $ref: 'genericNrm.yaml#/components/schemas/NFType' + nFStatus: + $ref: '#/components/schemas/NFStatus' + plmn: + $ref: 'nrNrm.yaml#/components/schemas/PlmnId' + sNssais: + $ref: 'nrNrm.yaml#/components/schemas/Snssai' + fqdn: + $ref: 'genericNrm.yaml#/components/schemas/Fqdn' + interPlmnFqdn: + $ref: 'genericNrm.yaml#/components/schemas/Fqdn' + nfServices: + type: array + items: + $ref: '#/components/schemas/NFService' + NFService: + type: object + description: NF Service is defined in TS 29.510 + properties: + serviceInstanceId: + type: string + serviceName: + type: string + version: + type: string + schema: + type: string + fqdn: + $ref: 'genericNrm.yaml#/components/schemas/Fqdn' + interPlmnFqdn: + $ref: 'genericNrm.yaml#/components/schemas/Fqdn' + ipEndPoints: + type: array + items: + $ref: '#/components/schemas/IpEndPoint' + apiPrfix: + type: string + allowedPlmns: + $ref: 'nrNrm.yaml#/components/schemas/PlmnId' + allowedNfTypes: + type: array + items: + $ref: 'genericNrm.yaml#/components/schemas/NFType' + allowedNssais: + type: array + items: + $ref: 'nrNrm.yaml#/components/schemas/Snssai' + NFStatus: + type: string + description: any of enumrated value + enum: + - REGISTERED + - SUSPENDED + CNSIIdList: + type: array + items: + $ref: '#/components/schemas/CNSIId' + CNSIId: + type: string + description: CNSI Id is defined in TS 29.531, only for Core Network + TACList: + type: array + items: + $ref: 'nrNrm.yaml#/components/schemas/NrTac' + WeightFactor: + type: integer + UdmInfo: + type: object + properties: + nFSrvGroupId: + type: string + AusfInfo: + type: object + properties: + nFSrvGroupId: + type: string + UpfInfo: + type: object + properties: + smfServingAreas: + type: string + AmfInfo: + type: object + properties: + priority: + type: integer + SupportedDataSetId: + type: string + description: any of enumrated value + enum: + - SUBSCRIPTION + - POLICY + - EXPOSURE + - APPLICATION + Udrinfo: + type: object + properties: + supportedDataSetIds: + type: array + items: + $ref: '#/components/schemas/SupportedDataSetId' + nFSrvGroupId: + type: string + NFInfo: + oneOf: + - $ref: '#/components/schemas/UdmInfo' + - $ref: '#/components/schemas/AusfInfo' + - $ref: '#/components/schemas/UpfInfo' + - $ref: '#/components/schemas/AmfInfo' + - $ref: '#/components/schemas/Udrinfo' + ManagedNFProfile: + type: object + properties: + nfInstanceID: + type: string + nfType: + $ref: 'genericNrm.yaml#/components/schemas/NFType' + authzInfo: + type: string + hostAddr: + $ref: 'genericNrm.yaml#/components/schemas/HostAddr' + locality: + type: string + nFInfo: + $ref: '#/components/schemas/NFInfo' + capacity: + type: integer + SEPPType: + type: string + description: any of enumrated value + enum: + - CSEPP + - PSEPP + SupportedFunc: + type: object + properties: + function: + type: string + policy: + type: string + SupportedFuncList: + type: array + items: + $ref: '#/components/schemas/SupportedFunc' + CommModelType: + type: string + description: any of enumrated value + enum: + - DIRECT_COMMUNICATION_WO_NRF + - DIRECT_COMMUNICATION_WITH_NRF + - INDIRECT_COMMUNICATION_WO_DEDICATED_DISCOVERY + - INDIRECT_COMMUNICATION_WITH_DEDICATED_DISCOVERY + CommModel: + type: object + properties: + groupId: + type: integer + commModelType: + $ref: '#/components/schemas/CommModelType' + targetNFServiceList: + $ref: 'comDefs.yaml#/components/schemas/DnList' + commModelConfiguration: + type: string + CommModelList: + type: array + items: + $ref: '#/components/schemas/CommModel' + CapabilityList: + type: array + items: + type: string + FiveQiDscpMapping: + type: object + properties: + fiveQIValues: + type: array + items: + type: integer + dscp: + type: integer + + PacketErrorRate: + type: object + properties: + scalar: + type: integer + exponent: + type: integer + FiveQICharacteristics: + type: object + properties: + fiveQIValue: + type: integer + resourceType: + type: string + enum: + - GBR + - NonGBR + priorityLevel: + type: integer + packetDelayBudget: + type: integer + packetErrorRate: + $ref: '#/components/schemas/PacketErrorRate' + averagingWindow: + type: integer + maximumDataBurstVolume: + type: integer + + + GtpUPathDelayThresholdsType: + type: object + properties: + n3AveragePacketDelayThreshold: + type: integer + n3MinPacketDelayThreshold: + type: integer + n3MaxPacketDelayThreshold: + type: integer + n9AveragePacketDelayThreshold: + type: integer + n9MinPacketDelayThreshold: + type: integer + n9MaxPacketDelayThreshold: + type: integer + QFPacketDelayThresholdsType: + type: object + properties: + thresholdDl: + type: integer + thresholdUl: + type: integer + thresholdRtt: + type: integer + + QosData: + type: object + properties: + qosId: + type: string + fiveQIValue: + type: integer + maxbrUl: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29571_CommonData.yaml#/components/schemas/BitRateRm' + maxbrDl: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29571_CommonData.yaml#/components/schemas/BitRateRm' + gbrUl: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29571_CommonData.yaml#/components/schemas/BitRateRm' + gbrDl: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29571_CommonData.yaml#/components/schemas/BitRateRm' + arp: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29571_CommonData.yaml#/components/schemas/Arp' + qosNotificationControl: + type: boolean + reflectiveQos: + type: boolean + sharingKeyDl: + type: string + sharingKeyUl: + type: string + maxPacketLossRateDl: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29571_CommonData.yaml#/components/schemas/PacketLossRateRm' + maxPacketLossRateUl: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29571_CommonData.yaml#/components/schemas/PacketLossRateRm' + extMaxDataBurstVol: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29571_CommonData.yaml#/components/schemas/ExtMaxDataBurstVolRm' + + QosDataList: + type: array + items: + $ref: '#/components/schemas/QosData' + + SteeringMode: + type: object + properties: + steerModeValue: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29512_Npcf_SMPolicyControl.yaml#/components/schemas/SteerModeValue' + active: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29571_CommonData.yaml#/components/schemas/AccessType' + standby: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29571_CommonData.yaml#/components/schemas/AccessTypeRm' + threeGLoad: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29571_CommonData.yaml#/components/schemas/Uinteger' + prioAcc: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29571_CommonData.yaml#/components/schemas/AccessType' + + TrafficControlData: + type: object + properties: + tcId: + type: string + flowStatus: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29514_Npcf_PolicyAuthorization.yaml#/components/schemas/FlowStatus' + redirectInfo: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29512_Npcf_SMPolicyControl.yaml#/components/schemas/RedirectInformation' + addRedirectInfo: + type: array + items: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29512_Npcf_SMPolicyControl.yaml#/components/schemas/RedirectInformation' + minItems: 1 + muteNotif: + type: boolean + trafficSteeringPolIdDl: + type: string + nullable: true + trafficSteeringPolIdUl: + type: string + nullable: true + routeToLocs: + type: array + items: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29571_CommonData.yaml#/components/schemas/RouteToLocation' + traffCorreInd: + type: boolean + upPathChgEvent: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29512_Npcf_SMPolicyControl.yaml#/components/schemas/UpPathChgEvent' + steerFun: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29512_Npcf_SMPolicyControl.yaml#/components/schemas/SteeringFunctionality' + steerModeDl: + $ref: '#/components/schemas/SteeringMode' + steerModeUl: + $ref: '#/components/schemas/SteeringMode' + mulAccCtrl: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29512_Npcf_SMPolicyControl.yaml#/components/schemas/MulticastAccessControl' + + TrafficControlDataList: + type: array + items: + $ref: '#/components/schemas/TrafficControlData' + + PccRule: + type: object + properties: + pccRuleId: + type: string + description: Univocally identifies the PCC rule within a PDU session. + flowInfoList: + type: array + items: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29512_Npcf_SMPolicyControl.yaml#/components/schemas/FlowInformation' + applicationId: + type: string + appDescriptor: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29512_Npcf_SMPolicyControl.yaml#/components/schemas/ApplicationDescriptor' + contentVersion: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29514_Npcf_PolicyAuthorization.yaml#/components/schemas/ContentVersion' + precedence: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29571_CommonData.yaml#/components/schemas/Uinteger' + afSigProtocol: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29512_Npcf_SMPolicyControl.yaml#/components/schemas/AfSigProtocol' + isAppRelocatable: + type: boolean + isUeAddrPreserved: + type: boolean + qosData: + type: array + items: + $ref: '#/components/schemas/QosDataList' + altQosParams: + type: array + items: + $ref: '#/components/schemas/QosDataList' + trafficControlData: + type: array + items: + $ref: '#/components/schemas/TrafficControlDataList' + conditionData: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29512_Npcf_SMPolicyControl.yaml#/components/schemas/ConditionData' + tscaiInputDl: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29514_Npcf_PolicyAuthorization.yaml#/components/schemas/TscaiInputContainer' + tscaiInputUl: + $ref: 'https://forge.3gpp.org/rep/all/5G_APIs/raw/REL-16/TS29514_Npcf_PolicyAuthorization.yaml#/components/schemas/TscaiInputContainer' + + +#-------- Definition of concrete IOCs -------------------------------------------- + + SubNetwork-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/SubNetwork-Attr' + - $ref: 'genericNrm.yaml#/components/schemas/SubNetwork-ncO' + - type: object + properties: + SubNetwork: + $ref: '#/components/schemas/SubNetwork-Multiple' + ManagedElement: + $ref: '#/components/schemas/ManagedElement-Multiple' + ExternalAmfFunction: + $ref: '#/components/schemas/ExternalAmfFunction-Multiple' + ExternalNrfFunction: + $ref: '#/components/schemas/ExternalNrfFunction-Multiple' + ExternalNssfFunction: + $ref: '#/components/schemas/ExternalNssfFunction-Multiple' + AmfSet: + $ref: '#/components/schemas/AmfSet-Multiple' + AmfRegion: + $ref: '#/components/schemas/AmfRegion-Multiple' + Configurable5QISet: + $ref: '#/components/schemas/Configurable5QISet-Multiple' + Dynamic5QISet: + $ref: '#/components/schemas/Dynamic5QISet-Multiple' + + ManagedElement-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedElement-Attr' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedElement-ncO' + - type: object + properties: + AmfFunction: + $ref: '#/components/schemas/AmfFunction-Multiple' + SmfFunction: + $ref: '#/components/schemas/SmfFunction-Multiple' + UpfFunction: + $ref: '#/components/schemas/UpfFunction-Multiple' + N3iwfFunction: + $ref: '#/components/schemas/N3iwfFunction-Multiple' + PcfFunction: + $ref: '#/components/schemas/PcfFunction-Multiple' + AusfFunction: + $ref: '#/components/schemas/AusfFunction-Multiple' + UdmFunction: + $ref: '#/components/schemas/UdmFunction-Multiple' + UdrFunction: + $ref: '#/components/schemas/UdrFunction-Multiple' + UdsfFunction: + $ref: '#/components/schemas/UdsfFunction-Multiple' + NrfFunction: + $ref: '#/components/schemas/NrfFunction-Multiple' + NssfFunction: + $ref: '#/components/schemas/NssfFunction-Multiple' + SmsfFunction: + $ref: '#/components/schemas/SmsfFunction-Multiple' + LmfFunction: + $ref: '#/components/schemas/LmfFunction-Multiple' + NgeirFunction: + $ref: '#/components/schemas/NgeirFunction-Multiple' + SeppFunction: + $ref: '#/components/schemas/SeppFunction-Multiple' + NwdafFunction: + $ref: '#/components/schemas/NwdafFunction-Multiple' + ScpFunction: + $ref: '#/components/schemas/ScpFunction-Multiple' + NefFunction: + $ref: '#/components/schemas/NefFunction-Multiple' + Configurable5QISet: + $ref: '#/components/schemas/Configurable5QISet-Multiple' + Dynamic5QISet: + $ref: '#/components/schemas/Dynamic5QISet-Multiple' + + AmfFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + amfIdentifier: + $ref: '#/components/schemas/AmfIdentifier' + sBIFqdn: + type: string + weightFactor: + $ref: '#/components/schemas/WeightFactor' + snssaiList: + $ref: 'nrNrm.yaml#/components/schemas/SnssaiList' + amfSet: + $ref: 'comDefs.yaml#/components/schemas/Dn' + managedNFProfile: + $ref: '#/components/schemas/ManagedNFProfile' + commModelList: + $ref: '#/components/schemas/CommModelList' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + EP_N2: + $ref: '#/components/schemas/EP_N2-Multiple' + EP_N8: + $ref: '#/components/schemas/EP_N8-Multiple' + EP_N11: + $ref: '#/components/schemas/EP_N11-Multiple' + EP_N12: + $ref: '#/components/schemas/EP_N12-Multiple' + EP_N14: + $ref: '#/components/schemas/EP_N14-Multiple' + EP_N15: + $ref: '#/components/schemas/EP_N15-Multiple' + EP_N17: + $ref: '#/components/schemas/EP_N17-Multiple' + EP_N20: + $ref: '#/components/schemas/EP_N20-Multiple' + EP_N22: + $ref: '#/components/schemas/EP_N22-Multiple' + EP_N26: + $ref: '#/components/schemas/EP_N26-Multiple' + EP_NLS: + $ref: '#/components/schemas/EP_NLS-Multiple' + EP_NLG: + $ref: '#/components/schemas/EP_NLG-Multiple' + AmfSet-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + nRTACList: + $ref: '#/components/schemas/TACList' + amfSetId: + $ref: '#/components/schemas/AmfSetId' + snssaiList: + $ref: 'nrNrm.yaml#/components/schemas/SnssaiList' + AmfRegion-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + nRTACList: + $ref: '#/components/schemas/TACList' + amfRegionId: + $ref: '#/components/schemas/AmfRegionId' + snssaiList: + $ref: 'nrNrm.yaml#/components/schemas/SnssaiList' + SmfFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + nRTACList: + $ref: '#/components/schemas/TACList' + sBIFqdn: + type: string + snssaiList: + $ref: 'nrNrm.yaml#/components/schemas/SnssaiList' + managedNFProfile: + $ref: '#/components/schemas/ManagedNFProfile' + commModelList: + $ref: '#/components/schemas/CommModelList' + configurable5QISetRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + dynamic5QISetRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + EP_N4: + $ref: '#/components/schemas/EP_N4-Multiple' + EP_N7: + $ref: '#/components/schemas/EP_N7-Multiple' + EP_N10: + $ref: '#/components/schemas/EP_N10-Multiple' + EP_N11: + $ref: '#/components/schemas/EP_N11-Multiple' + EP_N16: + $ref: '#/components/schemas/EP_N16-Multiple' + EP_S5C: + $ref: '#/components/schemas/EP_S5C-Multiple' + FiveQiDscpMappingSet: + $ref: '#/components/schemas/FiveQiDscpMappingSet-Single' + GtpUPathQoSMonitoringControl: + $ref: '#/components/schemas/GtpUPathQoSMonitoringControl-Single' + QFQoSMonitoringControl: + $ref: '#/components/schemas/QFQoSMonitoringControl-Single' + PredefinedPccRuleSet: + $ref: '#/components/schemas/PredefinedPccRuleSet-Single' + + UpfFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + nRTACList: + $ref: '#/components/schemas/TACList' + snssaiList: + $ref: 'nrNrm.yaml#/components/schemas/SnssaiList' + managedNFProfile: + $ref: '#/components/schemas/ManagedNFProfile' + commModelList: + $ref: '#/components/schemas/CommModelList' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + EP_N3: + $ref: '#/components/schemas/EP_N3-Multiple' + EP_N4: + $ref: '#/components/schemas/EP_N4-Multiple' + EP_N6: + $ref: '#/components/schemas/EP_N6-Multiple' + EP_N9: + $ref: '#/components/schemas/EP_N9-Multiple' + EP_S5U: + $ref: '#/components/schemas/EP_S5U-Multiple' + N3iwfFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + commModelList: + $ref: '#/components/schemas/CommModelList' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + EP_N3: + $ref: '#/components/schemas/EP_N3-Multiple' + EP_N4: + $ref: '#/components/schemas/EP_N4-Multiple' + PcfFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + sBIFqdn: + type: string + snssaiList: + $ref: 'nrNrm.yaml#/components/schemas/SnssaiList' + managedNFProfile: + $ref: '#/components/schemas/ManagedNFProfile' + commModelList: + $ref: '#/components/schemas/CommModelList' + configurable5QISetRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + dynamic5QISetRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + EP_N5: + $ref: '#/components/schemas/EP_N5-Multiple' + EP_N7: + $ref: '#/components/schemas/EP_N7-Multiple' + EP_N15: + $ref: '#/components/schemas/EP_N15-Multiple' + EP_N16: + $ref: '#/components/schemas/EP_N16-Multiple' + EP_Rx: + $ref: '#/components/schemas/EP_Rx-Multiple' + PredefinedPccRuleSet: + $ref: '#/components/schemas/PredefinedPccRuleSet-Single' + + AusfFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + sBIFqdn: + type: string + snssaiList: + $ref: 'nrNrm.yaml#/components/schemas/SnssaiList' + managedNFProfile: + $ref: '#/components/schemas/ManagedNFProfile' + commModelList: + $ref: '#/components/schemas/CommModelList' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + EP_N12: + $ref: '#/components/schemas/EP_N12-Multiple' + EP_N13: + $ref: '#/components/schemas/EP_N13-Multiple' + UdmFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + sBIFqdn: + type: string + snssaiList: + $ref: 'nrNrm.yaml#/components/schemas/SnssaiList' + managedNFProfile: + $ref: '#/components/schemas/ManagedNFProfile' + commModelList: + $ref: '#/components/schemas/CommModelList' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + EP_N8: + $ref: '#/components/schemas/EP_N8-Multiple' + EP_N10: + $ref: '#/components/schemas/EP_N10-Multiple' + EP_N13: + $ref: '#/components/schemas/EP_N13-Multiple' + UdrFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + sBIFqdn: + type: string + snssaiList: + $ref: 'nrNrm.yaml#/components/schemas/SnssaiList' + managedNFProfile: + $ref: '#/components/schemas/ManagedNFProfile' + UdsfFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + sBIFqdn: + type: string + snssaiList: + $ref: 'nrNrm.yaml#/components/schemas/SnssaiList' + managedNFProfile: + $ref: '#/components/schemas/ManagedNFProfile' + NrfFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + sBIFqdn: + type: string + cNSIIdList: + $ref: '#/components/schemas/CNSIIdList' + nFProfileList: + $ref: '#/components/schemas/NFProfileList' + snssaiList: + $ref: 'nrNrm.yaml#/components/schemas/SnssaiList' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + EP_N27: + $ref: '#/components/schemas/EP_N27-Multiple' + NssfFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + sBIFqdn: + type: string + cNSIIdList: + $ref: '#/components/schemas/CNSIIdList' + nFProfileList: + $ref: '#/components/schemas/NFProfileList' + snssaiList: + $ref: 'nrNrm.yaml#/components/schemas/SnssaiList' + commModelList: + $ref: '#/components/schemas/CommModelList' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + EP_N22: + $ref: '#/components/schemas/EP_N22-Multiple' + EP_N31: + $ref: '#/components/schemas/EP_N31-Multiple' + SmsfFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + sBIFqdn: + type: string + managedNFProfile: + $ref: '#/components/schemas/ManagedNFProfile' + commModelList: + $ref: '#/components/schemas/CommModelList' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + EP_N20: + $ref: '#/components/schemas/EP_N20-Multiple' + EP_N21: + $ref: '#/components/schemas/EP_N21-Multiple' + EP_MAP_SMSC: + $ref: '#/components/schemas/EP_MAP_SMSC-Multiple' + LmfFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + managedNFProfile: + $ref: '#/components/schemas/ManagedNFProfile' + commModelList: + $ref: '#/components/schemas/CommModelList' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + EP_NLS: + $ref: '#/components/schemas/EP_NLS-Multiple' + NgeirFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + sBIFqdn: + type: string + snssaiList: + $ref: 'nrNrm.yaml#/components/schemas/SnssaiList' + managedNFProfile: + $ref: '#/components/schemas/ManagedNFProfile' + commModelList: + $ref: '#/components/schemas/CommModelList' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + EP_N17: + $ref: '#/components/schemas/EP_N17-Multiple' + SeppFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnId: + $ref: 'nrNrm.yaml#/components/schemas/PlmnId' + sEPPType: + $ref: '#/components/schemas/SEPPType' + sEPPId: + type: integer + fqdn: + $ref: 'genericNrm.yaml#/components/schemas/Fqdn' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + EP_N32: + $ref: '#/components/schemas/EP_N32-Multiple' + NwdafFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + sBIFqdn: + type: string + snssaiList: + $ref: 'nrNrm.yaml#/components/schemas/SnssaiList' + managedNFProfile: + $ref: '#/components/schemas/ManagedNFProfile' + commModelList: + $ref: '#/components/schemas/CommModelList' + ScpFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + supportedFuncList: + $ref: '#/components/schemas/SupportedFuncList' + address: + $ref: 'genericNrm.yaml#/components/schemas/HostAddr' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + NefFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + sBIFqdn: + type: string + snssaiList: + $ref: 'nrNrm.yaml#/components/schemas/SnssaiList' + managedNFProfile: + $ref: '#/components/schemas/ManagedNFProfile' + capabilityList: + $ref: '#/components/schemas/CapabilityList' + isINEF: + type: boolean + isCAPIFSup: + type: boolean + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + + ExternalAmfFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + amfIdentifier: + $ref: '#/components/schemas/AmfIdentifier' + ExternalNrfFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + ExternalNssfFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnIdList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnIdList' + ExternalSeppFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + plmnId: + $ref: 'nrNrm.yaml#/components/schemas/PlmnId' + sEPPId: + type: integer + fqdn: + $ref: 'genericNrm.yaml#/components/schemas/Fqdn' + + + EP_N2-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_N3-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + epTransportRefs: + $ref: 'comDefs.yaml#/components/schemas/DnList' + EP_N4-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_N5-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_N6-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_N7-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_N8-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_N9-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_N10-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_N11-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_N12-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_N13-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_N14-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_N15-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_N16-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_N17-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + + EP_N20-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + + EP_N21-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_N22-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + + EP_N26-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_N27-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + + + EP_N31-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_N32-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + remotePlmnId: + $ref: 'nrNrm.yaml#/components/schemas/PlmnId' + remoteSeppAddress: + $ref: 'genericNrm.yaml#/components/schemas/HostAddr' + remoteSeppId: + type: integer + n32cParas: + type: string + n32fPolicy: + type: string + withIPX: + type: boolean + + EP_S5C-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_S5U-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_Rx-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_MAP_SMSC-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_NLS-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + EP_NLG-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: 'nrNrm.yaml#/components/schemas/LocalAddress' + remoteAddress: + $ref: 'nrNrm.yaml#/components/schemas/RemoteAddress' + + FiveQiDscpMappingSet-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - type: object + properties: + FiveQiDscpMappingList: + type: array + items: + $ref: '#/components/schemas/FiveQiDscpMapping' + + Configurable5QISet-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - type: object + properties: + configurable5QIs: + type: array + items: + $ref: '#/components/schemas/FiveQICharacteristics' + + Dynamic5QISet-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - type: object + properties: + dynamic5QIs: + type: array + items: + $ref: '#/components/schemas/FiveQICharacteristics' + + GtpUPathQoSMonitoringControl-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - type: object + properties: + gtpUPathQoSMonitoringState: + type: string + enum: + - ENABLED + - DISABLED + gtpUPathMonitoredSNSSAIs: + type: array + items: + $ref: 'nrNrm.yaml#/components/schemas/Snssai' + monitoredDSCPs: + type: array + items: + type: integer + minimum: 0 + maximum: 255 + isEventTriggeredGtpUPathMonitoringSupported: + type: boolean + isPeriodicGtpUMonitoringSupported: + type: boolean + isImmediateGtpUMonitoringSupported: + type: boolean + gtpUPathDelayThresholds: + $ref: '#/components/schemas/GtpUPathDelayThresholdsType' + gtpUPathMinimumWaitTime: + type: integer + gtpUPathMeasurementPeriod: + type: integer + + QFQoSMonitoringControl-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - type: object + properties: + qFQoSMonitoringState: + type: string + enum: + - ENABLED + - DISABLED + qFMonitoredSNSSAIs: + type: array + items: + $ref: 'nrNrm.yaml#/components/schemas/Snssai' + qFMonitored5QIs: + type: array + items: + type: integer + minimum: 0 + maximum: 255 + isEventTriggeredQFMonitoringSupported: + type: boolean + isPeriodicQFMonitoringSupported: + type: boolean + isSessionReleasedQFMonitoringSupported: + type: boolean + qFPacketDelayThresholds: + $ref: '#/components/schemas/QFPacketDelayThresholdsType' + qFMinimumWaitTime: + type: integer + qFMeasurementPeriod: + type: integer + + PredefinedPccRuleSet-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - type: object + properties: + predefinedPccRules: + type: array + items: + $ref: '#/components/schemas/PccRule' + +#-------- Definition of JSON arrays for name-contained IOCs ---------------------- + + SubNetwork-Multiple: + type: array + items: + $ref: '#/components/schemas/SubNetwork-Single' + ManagedElement-Multiple: + type: array + items: + $ref: '#/components/schemas/ManagedElement-Single' + AmfFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/AmfFunction-Single' + SmfFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/SmfFunction-Single' + UpfFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/UpfFunction-Single' + N3iwfFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/N3iwfFunction-Single' + PcfFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/PcfFunction-Single' + AusfFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/AusfFunction-Single' + UdmFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/UdmFunction-Single' + UdrFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/UdrFunction-Single' + UdsfFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/UdsfFunction-Single' + NrfFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/NrfFunction-Single' + NssfFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/NssfFunction-Single' + SmsfFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/SmsfFunction-Single' + LmfFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/LmfFunction-Single' + NgeirFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/NgeirFunction-Single' + SeppFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/SeppFunction-Single' + NwdafFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/NwdafFunction-Single' + ScpFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/ScpFunction-Single' + NefFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/NefFunction-Single' + + ExternalAmfFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/ExternalAmfFunction-Single' + ExternalNrfFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/ExternalNrfFunction-Single' + ExternalNssfFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/ExternalNssfFunction-Single' + ExternalSeppFunction-Nultiple: + type: array + items: + $ref: '#/components/schemas/ExternalSeppFunction-Single' + + AmfSet-Multiple: + type: array + items: + $ref: '#/components/schemas/AmfSet-Single' + AmfRegion-Multiple: + type: array + items: + $ref: '#/components/schemas/AmfRegion-Single' + + EP_N2-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N2-Single' + EP_N3-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N3-Single' + EP_N4-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N4-Single' + EP_N5-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N5-Single' + EP_N6-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N6-Single' + EP_N7-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N7-Single' + EP_N8-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N8-Single' + EP_N9-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N9-Single' + EP_N10-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N10-Single' + EP_N11-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N11-Single' + EP_N12-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N12-Single' + EP_N13-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N13-Single' + EP_N14-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N14-Single' + EP_N15-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N15-Single' + EP_N16-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N16-Single' + EP_N17-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N17-Single' + + EP_N20-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N20-Single' + EP_N21-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N21-Single' + EP_N22-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N22-Single' + + EP_N26-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N26-Single' + EP_N27-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N27-Single' + + EP_N31-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N31-Single' + EP_N32-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_N32-Single' + + EP_S5C-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_S5C-Single' + EP_S5U-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_S5U-Single' + EP_Rx-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_Rx-Single' + EP_MAP_SMSC-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_MAP_SMSC-Single' + EP_NLS-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_NLS-Single' + EP_NLG-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_NLG-Single' + Configurable5QISet-Multiple: + type: array + items: + $ref: '#/components/schemas/Configurable5QISet-Single' + Dynamic5QISet-Multiple: + type: array + items: + $ref: '#/components/schemas/Dynamic5QISet-Single' + + + +#------------ Definitions in TS 28.541 for TS 28.532 ----------------------------- + + resources-5gcNrm: + oneOf: + - $ref: '#/components/schemas/SubNetwork-Single' + - $ref: '#/components/schemas/ManagedElement-Single' + - $ref: '#/components/schemas/AmfFunction-Single' + - $ref: '#/components/schemas/SmfFunction-Single' + - $ref: '#/components/schemas/UpfFunction-Single' + - $ref: '#/components/schemas/N3iwfFunction-Single' + - $ref: '#/components/schemas/PcfFunction-Single' + - $ref: '#/components/schemas/AusfFunction-Single' + - $ref: '#/components/schemas/UdmFunction-Single' + - $ref: '#/components/schemas/UdrFunction-Single' + - $ref: '#/components/schemas/UdsfFunction-Single' + - $ref: '#/components/schemas/NrfFunction-Single' + - $ref: '#/components/schemas/NssfFunction-Single' + - $ref: '#/components/schemas/SmsfFunction-Single' + - $ref: '#/components/schemas/LmfFunction-Single' + - $ref: '#/components/schemas/NgeirFunction-Single' + - $ref: '#/components/schemas/SeppFunction-Single' + - $ref: '#/components/schemas/NwdafFunction-Single' + - $ref: '#/components/schemas/ScpFunction-Single' + - $ref: '#/components/schemas/NefFunction-Single' + + - $ref: '#/components/schemas/ExternalAmfFunction-Single' + - $ref: '#/components/schemas/ExternalNrfFunction-Single' + - $ref: '#/components/schemas/ExternalNssfFunction-Single' + - $ref: '#/components/schemas/ExternalSeppFunction-Single' + + - $ref: '#/components/schemas/AmfSet-Single' + - $ref: '#/components/schemas/AmfRegion-Single' + - $ref: '#/components/schemas/QFQoSMonitoringControl-Single' + - $ref: '#/components/schemas/GtpUPathQoSMonitoringControl-Single' + + - $ref: '#/components/schemas/EP_N2-Single' + - $ref: '#/components/schemas/EP_N3-Single' + - $ref: '#/components/schemas/EP_N4-Single' + - $ref: '#/components/schemas/EP_N5-Single' + - $ref: '#/components/schemas/EP_N6-Single' + - $ref: '#/components/schemas/EP_N7-Single' + - $ref: '#/components/schemas/EP_N8-Single' + - $ref: '#/components/schemas/EP_N9-Single' + - $ref: '#/components/schemas/EP_N10-Single' + - $ref: '#/components/schemas/EP_N11-Single' + - $ref: '#/components/schemas/EP_N12-Single' + - $ref: '#/components/schemas/EP_N13-Single' + - $ref: '#/components/schemas/EP_N14-Single' + - $ref: '#/components/schemas/EP_N15-Single' + - $ref: '#/components/schemas/EP_N16-Single' + - $ref: '#/components/schemas/EP_N17-Single' + + - $ref: '#/components/schemas/EP_N20-Single' + - $ref: '#/components/schemas/EP_N21-Single' + - $ref: '#/components/schemas/EP_N22-Single' + + - $ref: '#/components/schemas/EP_N26-Single' + - $ref: '#/components/schemas/EP_N27-Single' + + - $ref: '#/components/schemas/EP_N31-Single' + - $ref: '#/components/schemas/EP_N31-Single' + + - $ref: '#/components/schemas/EP_S5C-Single' + - $ref: '#/components/schemas/EP_S5U-Single' + - $ref: '#/components/schemas/EP_Rx-Single' + - $ref: '#/components/schemas/EP_MAP_SMSC-Single' + - $ref: '#/components/schemas/EP_NLS-Single' + - $ref: '#/components/schemas/EP_NLG-Single' + - $ref: '#/components/schemas/Configurable5QISet-Single' + - $ref: '#/components/schemas/FiveQiDscpMappingSet-Single' + - $ref: '#/components/schemas/PredefinedPccRuleSet-Single' + - $ref: '#/components/schemas/Dynamic5QISet-Single' diff --git a/kubernetes/dcaegen2/resources/external/schema/rel16/PerDataFileReportMnS.yaml b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/FileDataReportingMnS.yaml index dfacc14f8c..2d1a4fb16d 100644 --- a/kubernetes/dcaegen2/resources/external/schema/rel16/PerDataFileReportMnS.yaml +++ b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/FileDataReportingMnS.yaml @@ -1,41 +1,47 @@ openapi: 3.0.1 info: - title: TS 28.532 Performance data file reporting Service - version: 16.4.0 + title: TS 28.532 File data reporting Service + version: 16.6.0 description: >- - OAS 3.0.1 specification of the Performance data file reporting Management Service © 2020, + OAS 3.0.1 specification of the File data reporting Management Service © 2020, 3GPP Organizational Partners (ARIB, ATIS, CCSA, ETSI, TSDSI, TTA, TTC). All rights reserved. externalDocs: - description: 3GPP TS 28.532 V16.4.0; Generic management services + description: 3GPP TS 28.532 V16.5.0; Generic management services url: 'http://www.3gpp.org/ftp/Specs/archive/28_series/28.532/' servers: - - url: '{MnSRoot}/PerfDataFileReportMnS/v1640' + - url: '{MnSRoot}/FileDataReportingMnS/{MnSversion}' variables: MnSRoot: description: See subclause 4.4 of TS 32.158 - default: http://example.com/3GPPManagement + default: http://example.com/3GPPManagement + version: + description: Indicates the current version of the specification + default: 16.5.0 paths: /Files: get: summary: Read resources of information of available files - description: 'With HTTP GET, resources of information of available files are read. The resources to be read are identified with the path component (base resource) and the query component (managementDataType, beginTime and endTime) of the URI. The fields query component allows to select the resource properties to be returned.' + description: With HTTP GET, resources of information of available files are read. The resources to be read are identified with the path component (base resource) and the query component (fileaType, beginTime and endTime) of the URI. The fields query component allows to select the resource properties to be returned. parameters: - - name: managementDataType + - name: fileType in: query description: This parameter identifies the type of management data that the file contains to select the resources from the collection resources identified with the path component of the URI. required: true - $ref: '#/components/schemas/managementDataType-Type' + schema: + $ref: '#/components/schemas/fileType-Type' - name: beginTime in: query description: This parameter identifies the time stamp no later than which the file became available to select the resources from the collection resources identified with the path component of the URI. required: true - $ref: '#/components/schemas/dateTime-Type' + schema: + $ref: '#/components/schemas/dateTime-Type' - name: endTime in: query description: This parameter identifies the time stamp no earlier than which the file became available to select the resources from the collection resources identified with the path component of the URI. required: true - $ref: '#/components/schemas/dateTime-Type' + schema: + $ref: '#/components/schemas/dateTime-Type' responses: '200': description: 'Success case ("200 OK"). The resources identified in the request for retrieval are returned in the response message body. In case the fields query parameter is used, the selected resources are returned.' @@ -184,6 +190,8 @@ components: type: string fileFormat: type: string + fileType: + $ref: '#/components/schemas/fileType-Type' error-ResponseType: type: object properties: @@ -192,10 +200,13 @@ components: properties: errorInfo: type: string - managementDataType-Type: + fileType-Type: type: string enum: - - PM + - PERFORMANCE + - TRACE + - ANALYTICS + - PROPRIETARY header-Type: description: Header used in notifications as notification header type: object diff --git a/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/comDefs.yaml b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/comDefs.yaml new file mode 100644 index 0000000000..fb6d7f4db9 --- /dev/null +++ b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/comDefs.yaml @@ -0,0 +1,152 @@ +openapi: 3.0.1 +info: + title: Common Type Definitions + version: 16.6.0 + description: >- + OAS 3.0.1 specification of common type definitions in the Generic NRM + © 2020, 3GPP Organizational Partners (ARIB, ATIS, CCSA, ETSI, TSDSI, TTA, TTC). + All rights reserved. +externalDocs: + description: 3GPP TS 28.623; Generic NRM; Common type definitions + url: http://www.3gpp.org/ftp/Specs/archive/28_series/28.623/ +paths: {} +components: + schemas: + + Float: + type: number + format: float + DateTime: + type: string + format: date-Time + + Dn: + type: string + DnList: + type: array + items: + $ref: '#/components/schemas/Dn' + + Mcc: + type: string + pattern: '^[0-9]{3}$' + Mnc: + type: string + pattern: '^[0-9]{2,3}$' + PlmnId: + type: object + properties: + mcc: + $ref: '#/components/schemas/Mcc' + mnc: + $ref: '#/components/schemas/Mnc' + required: + - mcc + - mnc + + Fqdn: + type: string + Uri: + type: string + + Ipv4Addr: + type: string + pattern: '^(([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])$' + example: '198.51.100.1' + Ipv6Addr: + type: string + allOf: + - pattern: '^((:|(0?|([1-9a-f][0-9a-f]{0,3}))):)((0?|([1-9a-f][0-9a-f]{0,3})):){0,6}(:|(0?|([1-9a-f][0-9a-f]{0,3})))$' + - pattern: '^((([^:]+:){7}([^:]+))|((([^:]+:)*[^:]+)?::(([^:]+:)*[^:]+)?))$' + example: '2001:db8:85a3::8a2e:370:7334' + Ipv6Prefix: + type: string + allOf: + - pattern: '^((:|(0?|([1-9a-f][0-9a-f]{0,3}))):)((0?|([1-9a-f][0-9a-f]{0,3})):){0,6}(:|(0?|([1-9a-f][0-9a-f]{0,3})))(\/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8])))$' + - pattern: '^((([^:]+:){7}([^:]+))|((([^:]+:)*[^:]+)?::(([^:]+:)*[^:]+)?))(\/.+)$' + example: '2001:db8:abcd:12::0/64' + + AdministrativeState: + type: string + enum: + - LOCKED + - UNLOCKED + OperationalState: + type: string + enum: + - ENABLED + - DISABLED + UsageState: + type: string + enum: + - IDEL + - ACTIVE + - BUSY + + AttributeNameValuePairSet: + description: >- + The key of this map is the attribute name, and the value the attribute value. + type: object + minProperties: 1 + additionalProperties: + nullable: true + AttributeValueChangeSet: + description: >- + The first array item contains the attribute name value pairs with the new values, + and the second array item the attribute name value pairs with the optional old values. + type: array + items: + $ref: '#/components/schemas/AttributeNameValuePairSet' + minItems: 1 + maxItems: 2 + + Filter: + type: string + SystemDN: + type: string + + NotificationId: + type: integer + NotificationType: + oneOf: + - $ref: 'faultMnS.yaml#/components/schemas/AlarmNotificationTypes' + - $ref: 'provMnS.yaml#/components/schemas/CmNotificationTypes' + - $ref: 'perfMnS.yaml#/components/schemas/PerfNotificationTypes' + - $ref: 'heartbeatNtf.yaml#/components/schemas/HeartbeatNotificationTypes' + # The enum below will be replaced by a reference once notification + # types are defined in "FileDataReportingMnS.yaml" + - type: string + enum: + - notifyFileReady + - notifyFilePreparationError + NotificationHeader: + type: object + properties: + href: + $ref: '#/components/schemas/Uri' + notificationId: + $ref: '#/components/schemas/NotificationId' + notificationType: + $ref: '#/components/schemas/NotificationType' + eventTime: + $ref: '#/components/schemas/DateTime' + systemDN: + $ref: '#/components/schemas/SystemDN' + required: + - href + - notificationId + - notificationType + - eventTime + - systemDN + + ErrorResponse: + description: >- + Default schema for the response message body in case the request + is not successful. + type: object + properties: + error: + type: object + properties: + errorInfo: + type: string diff --git a/kubernetes/dcaegen2/resources/external/schema/rel16/faultMnS.yaml b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/faultMnS.yaml index 499123b903..7ccf280316 100644 --- a/kubernetes/dcaegen2/resources/external/schema/rel16/faultMnS.yaml +++ b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/faultMnS.yaml @@ -1,22 +1,22 @@ openapi: 3.0.1 info: title: Fault Supervision MnS - version: 16.4.0 + version: 16.6.0 description: >- OAS 3.0.1 definition of the Fault Supervision MnS © 2020, 3GPP Organizational Partners (ARIB, ATIS, CCSA, ETSI, TSDSI, TTA, TTC). All rights reserved. externalDocs: - description: 3GPP TS 28.532 V16.4.0; Generic management services + description: 3GPP TS 28.532; Generic management services url: http://www.3gpp.org/ftp/Specs/archive/28_series/28.532/ servers: - - url: '{MnSRoot}/FaultSupervisionMnS/{version}' + - url: '{MnSRoot}/FaultSupervisionMnS/{MnSversion}' variables: MnSRoot: description: See subclause 4.4.3 of TS 32.158 default: http://example.com/3GPPManagement - version: - description: Versi on number of the OpenAPI definition + MnSversion: + description: Version number of the OpenAPI definition default: XXX paths: /alarms: @@ -35,12 +35,12 @@ paths: in: query required: false schema: - $ref: '#/components/schemas/Dn' + $ref: 'comDefs.yaml#/components/schemas/Dn' - name: filter in: query required: false schema: - $ref: '#/components/schemas/Filter' + $ref: 'comDefs.yaml#/components/schemas/Filter' responses: '200': description: >- @@ -57,7 +57,7 @@ paths: - type: object properties: lastNotificationHeader: - $ref: '#/components/schemas/NotificationHeader' + $ref: 'comDefs.yaml#/components/schemas/NotificationHeader' - $ref: '#/components/schemas/AlarmRecord' - type: object properties: @@ -68,7 +68,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ErrorResponse' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' patch: summary: 'Clear, acknowledge or unacknowledge multiple alarms' description: >- @@ -130,7 +130,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ErrorResponse' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' /alarms/{alarmId}: patch: summary: 'Clear, acknowledge or unacknowledge a single alarm' @@ -163,7 +163,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ErrorResponse' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' /alarms/{alarmId}/comments: post: summary: Add a comment to a single alarm @@ -203,7 +203,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ErrorResponse' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' /subscriptions: post: @@ -238,7 +238,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ErrorResponse' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' callbacks: notifyNewAlarm: '{request.body#/consumerReference}': @@ -262,7 +262,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ErrorResponse' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' notifyClearedAlarm: '{request.body#/consumerReference}': post: @@ -283,7 +283,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ErrorResponse' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' notifyChangedAlarm: '{request.body#/consumerReference}': post: @@ -304,7 +304,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ErrorResponse' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' notifyChangedAlarmGeneral: '{request.body#/consumerReference}': post: @@ -327,7 +327,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ErrorResponse' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' notifyCorrelatedNotificationChanged: '{request.body#/consumerReference}': post: @@ -348,7 +348,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ErrorResponse' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' notifyAckStateChanged: '{request.body#/consumerReference}': post: @@ -369,7 +369,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ErrorResponse' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' notifyComments: '{request.body#/consumerReference}': post: @@ -390,7 +390,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ErrorResponse' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' notifyPotentialFaultyAlarmList: '{request.body#/consumerReference}': post: @@ -411,7 +411,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ErrorResponse' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' notifyAlarmListRebuilt: '{request.body#/consumerReference}': post: @@ -432,7 +432,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ErrorResponse' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' /subscriptions/{subscriptionId}: delete: summary: Delete a subscription @@ -458,91 +458,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ErrorResponse' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' components: schemas: - - #---- Definitions to be moved to comDefs.yaml --------------------------------------# - - Long: - type: string - format: long - Float: - type: string - format: float - DateTime: - type: string - format: date-Time - - Dn: - type: string - Uri: - type: string - - AttributeNameValuePairSet: - type: object - minProperties: 1 - AttributeValueChangeSet: - description: >- - The key in this map is the attribute name. The value of each key is an array. - When only one item is present in the array, it carries the new attribute - value. If two items are present, then the first item carries the old value - and the second item the new value. The items can be of any type including null. - type: object - additionalProperties: - type: array - minItems: 1 - maxItems: 2 - items: - nullable: true - - Filter: - type: string - SystemDN: - type: string - - NotificationId: - type: integer - NotificationHeader: - description: >- - Header used for all notification types - type: object - required: - - href - - notificationId - - notificationType - - eventTime - - systemDN - properties: - uri: - $ref: '#/components/schemas/Uri' - notificationId: - $ref: '#/components/schemas/NotificationId' - notificationType: - oneOf: - - $ref: '#/components/schemas/AlarmNotificationTypes' - #- $ref: 'faultMnS.yaml#/components/schemas/AlarmNotificationTypes' - #- $ref: 'provMnS.yaml#/components/schemas/CmNotificationTypes' - # more to be added - eventTime: - $ref: '#/components/schemas/DateTime' - systemDN: - $ref: '#/components/schemas/SystemDN' - - ErrorResponse: - description: >- - Default schema for the response message body in case the request is not - successful. - type: object - properties: - error: - type: object - properties: - errorInfo: - type: string - - #---- End of definitions to be moved to comDefs.yaml -------------------------------# #---- Definition of AlarmRecord ----------------------------------------------------# @@ -608,46 +527,47 @@ components: high: oneOf: - type: integer - - $ref: '#/components/schemas/Float' + - $ref: 'comDefs.yaml#/components/schemas/Float' low: - $ref: '#/components/schemas/Float' + $ref: 'comDefs.yaml#/components/schemas/Float' ThresholdLevelInd: - type: object - required: - - up - properties: - up: - $ref: '#/components/schemas/ThresholdHysteresis' - low: - $ref: '#/components/schemas/ThresholdHysteresis' + oneOf: + - type: object + properties: + up: + $ref: '#/components/schemas/ThresholdHysteresis' + - type: object + properties: + down: + $ref: '#/components/schemas/ThresholdHysteresis' ThresholdInfo: type: object - required: - - observedMeasurement - - observedValue properties: observedMeasurement: type: string observedValue: oneOf: - type: integer - - $ref: '#/components/schemas/Float' - thresholdLevelInd: + - $ref: 'comDefs.yaml#/components/schemas/Float' + thresholdLevel: $ref: '#/components/schemas/ThresholdLevelInd' armTime: - $ref: '#/components/schemas/DateTime' + $ref: 'comDefs.yaml#/components/schemas/DateTime' + required: + - observedMeasurement + - observedValue CorrelatedNotification: type: object - required: - - source - - notificationId properties: sourceObjectInstance: - $ref: '#/components/schemas/Dn' + $ref: 'comDefs.yaml#/components/schemas/Dn' notificationIds: type: array items: - $ref: '#/components/schemas/NotificationId' + $ref: 'comDefs.yaml#/components/schemas/NotificationId' + required: + - sourceObjectInstance + - notificationIds CorrelatedNotifications: type: array items: @@ -667,15 +587,15 @@ components: # alarmId: # $ref: '#/components/schemas/AlarmId' objectInstance: - $ref: '#/components/schemas/Dn' + $ref: 'comDefs.yaml#/components/schemas/Dn' notificationId: - $ref: '#/components/schemas/NotificationId' + $ref: 'comDefs.yaml#/components/schemas/NotificationId' alarmRaisedTime: - $ref: '#/components/schemas/DateTime' + $ref: 'comDefs.yaml#/components/schemas/DateTime' alarmChangedTime: - $ref: '#/components/schemas/DateTime' + $ref: 'comDefs.yaml#/components/schemas/DateTime' alarmClearedTime: - $ref: '#/components/schemas/DateTime' + $ref: 'comDefs.yaml#/components/schemas/DateTime' alarmType: $ref: '#/components/schemas/AlarmType' probableCause: @@ -687,7 +607,7 @@ components: backedUpStatus: type: boolean backUpObject: - $ref: '#/components/schemas/Dn' + $ref: 'comDefs.yaml#/components/schemas/Dn' trendIndication: $ref: '#/components/schemas/TrendIndication' thresholdinfo: @@ -695,21 +615,21 @@ components: correlatedNotifications: $ref: '#/components/schemas/CorrelatedNotifications' stateChangeDefinition: - $ref: '#/components/schemas/AttributeValueChangeSet' + $ref: 'comDefs.yaml#/components/schemas/AttributeValueChangeSet' monitoredAttributes: - $ref: '#/components/schemas/AttributeNameValuePairSet' + $ref: 'comDefs.yaml#/components/schemas/AttributeNameValuePairSet' proposedRepairActions: type: string additionalText: type: string additionalInformation: - $ref: '#/components/schemas/AttributeNameValuePairSet' + $ref: 'comDefs.yaml#/components/schemas/AttributeNameValuePairSet' rootCauseIndicator: type: boolean ackTime: - $ref: '#/components/schemas/DateTime' + $ref: 'comDefs.yaml#/components/schemas/DateTime' ackUserId: type: string ackSystemId: @@ -750,7 +670,7 @@ components: NotifyNewAlarm: allOf: - - $ref: '#/components/schemas/NotificationHeader' + - $ref: 'comDefs.yaml#/components/schemas/NotificationHeader' - type: object required: - alarmId @@ -771,7 +691,7 @@ components: backedUpStatus: type: boolean backUpObject: - $ref: '#/components/schemas/Dn' + $ref: 'comDefs.yaml#/components/schemas/Dn' trendIndication: $ref: '#/components/schemas/TrendIndication' thresholdInfo: @@ -779,20 +699,20 @@ components: correlatedNotifications: $ref: '#/components/schemas/CorrelatedNotifications' stateChangeDefinition: - $ref: '#/components/schemas/AttributeValueChangeSet' + $ref: 'comDefs.yaml#/components/schemas/AttributeValueChangeSet' monitoredAttributes: - $ref: '#/components/schemas/AttributeNameValuePairSet' + $ref: 'comDefs.yaml#/components/schemas/AttributeNameValuePairSet' proposedRepairActions: type: string additionalText: type: string additionalInformation: - $ref: '#/components/schemas/AttributeNameValuePairSet' + $ref: 'comDefs.yaml#/components/schemas/AttributeNameValuePairSet' rootCauseIndicator: type: boolean NotifyNewSecAlarm: allOf: - - $ref: '#/components/schemas/NotificationHeader' + - $ref: 'comDefs.yaml#/components/schemas/NotificationHeader' - type: object required: - alarmId @@ -816,7 +736,7 @@ components: additionalText: type: string additionalInformation: - $ref: '#/components/schemas/AttributeNameValuePairSet' + $ref: 'comDefs.yaml#/components/schemas/AttributeNameValuePairSet' rootCauseIndicator: type: boolean serviceUser: @@ -827,7 +747,7 @@ components: type: string NotifyClearedAlarm: allOf: - - $ref: '#/components/schemas/NotificationHeader' + - $ref: 'comDefs.yaml#/components/schemas/NotificationHeader' - type: object required: - alarmId @@ -851,7 +771,7 @@ components: type: string NotifyChangedAlarm: allOf: - - $ref: '#/components/schemas/NotificationHeader' + - $ref: 'comDefs.yaml#/components/schemas/NotificationHeader' - type: object required: - alarmId @@ -869,14 +789,11 @@ components: $ref: '#/components/schemas/PerceivedSeverity' NotifyChangedAlarmGeneral: allOf: - - $ref: '#/components/schemas/NotificationHeader' + - $ref: 'comDefs.yaml#/components/schemas/NotificationHeader' - type: object required: - alarmId - alarmType - - probableCause - - perceivedSeverity - - changedAlarmAttributes properties: alarmId: $ref: '#/components/schemas/AlarmId' @@ -893,38 +810,35 @@ components: backedUpStatus: type: boolean backUpObject: - $ref: '#/components/schemas/Dn' + $ref: 'comDefs.yaml#/components/schemas/Dn' trendIndication: $ref: '#/components/schemas/TrendIndication' thresholdInfo: $ref: '#/components/schemas/ThresholdInfo' stateChangeDefinition: - $ref: '#/components/schemas/AttributeValueChangeSet' + $ref: 'comDefs.yaml#/components/schemas/AttributeValueChangeSet' monitoredAttributes: - $ref: '#/components/schemas/AttributeNameValuePairSet' + $ref: 'comDefs.yaml#/components/schemas/AttributeNameValuePairSet' proposedRepairActions: type: string additionalText: type: string additionalInformation: - $ref: '#/components/schemas/AttributeNameValuePairSet' + $ref: 'comDefs.yaml#/components/schemas/AttributeNameValuePairSet' rootCauseIndicator: type: boolean changedAlarmAttributes: - $ref: '#/components/schemas/AttributeNameValuePairSet' + $ref: 'comDefs.yaml#/components/schemas/AttributeNameValuePairSet' NotifyChangedSecAlarmGeneral: allOf: - - $ref: '#/components/schemas/NotificationHeader' + - $ref: 'comDefs.yaml#/components/schemas/NotificationHeader' - type: object required: - alarmId - alarmType - - probableCause - - perceivedSeverity - serviceUser - serviceProvider - securityAlarmDetector - - changedAlarmAttributes properties: alarmId: $ref: '#/components/schemas/AlarmId' @@ -939,7 +853,7 @@ components: additionalText: type: string additionalInformation: - $ref: '#/components/schemas/AttributeNameValuePairSet' + $ref: 'comDefs.yaml#/components/schemas/AttributeNameValuePairSet' rootCauseIndicator: type: boolean serviceUser: @@ -949,10 +863,10 @@ components: securityAlarmDetector: type: string changedAlarmAttributes: - $ref: '#/components/schemas/AttributeNameValuePairSet' + $ref: 'comDefs.yaml#/components/schemas/AttributeNameValuePairSet' NotifyCorrelatedNotificationChanged: allOf: - - $ref: '#/components/schemas/NotificationHeader' + - $ref: 'comDefs.yaml#/components/schemas/NotificationHeader' - type: object required: - alarmId @@ -966,7 +880,7 @@ components: type: boolean NotifyAckStateChanged: allOf: - - $ref: '#/components/schemas/NotificationHeader' + - $ref: 'comDefs.yaml#/components/schemas/NotificationHeader' - type: object required: - alarmId @@ -992,7 +906,7 @@ components: type: string NotifyComments: allOf: - - $ref: '#/components/schemas/NotificationHeader' + - $ref: 'comDefs.yaml#/components/schemas/NotificationHeader' - type: object required: - alarmId @@ -1013,7 +927,7 @@ components: $ref: '#/components/schemas/Comments' NotifyPotentialFaultyAlarmList: allOf: - - $ref: '#/components/schemas/NotificationHeader' + - $ref: 'comDefs.yaml#/components/schemas/NotificationHeader' - type: object required: - reason @@ -1022,7 +936,7 @@ components: type: string NotifyAlarmListRebuilt: allOf: - - $ref: '#/components/schemas/NotificationHeader' + - $ref: 'comDefs.yaml#/components/schemas/NotificationHeader' - type: object required: - reason @@ -1119,7 +1033,7 @@ components: type: object properties: commentTime: - $ref: '#/components/schemas/DateTime' + $ref: 'comDefs.yaml#/components/schemas/DateTime' commentUserId: type: string commentSystemId: @@ -1137,8 +1051,8 @@ components: type: object properties: consumerReference: - $ref: '#/components/schemas/Uri' + $ref: 'comDefs.yaml#/components/schemas/Uri' timeTick: - $ref: '#/components/schemas/Long' + type: integer filter: - $ref: '#/components/schemas/Filter' + $ref: 'comDefs.yaml#/components/schemas/Filter' diff --git a/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/genericNrm.yaml b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/genericNrm.yaml new file mode 100644 index 0000000000..aedf3c4fb8 --- /dev/null +++ b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/genericNrm.yaml @@ -0,0 +1,1516 @@ +openapi: 3.0.1 +info: + title: Generic NRM + version: 16.6.0 + description: >- + OAS 3.0.1 definition of the Generic NRM + © 2020, 3GPP Organizational Partners (ARIB, ATIS, CCSA, ETSI, TSDSI, TTA, TTC). + All rights reserved. +externalDocs: + description: 3GPP TS 28.623 V16.5.0; Generic NRM + url: http://www.3gpp.org/ftp/Specs/archive/28_series/28.623/ +paths: {} +components: + schemas: + +#-------- Definition of types----------------------------------------------------- + + RegistrationState: + type: string + enum: + - REGISTERED + - DEREGISTERED + VnfParameter: + type: object + properties: + vnfInstanceId: + type: string + vnfdId: + type: string + flavourId: + type: string + autoScalable: + type: boolean + SiteLatitude: + type: number + format: float + minimum: -90 + maximum: 90 + SiteLongitude: + type: number + format: float + minimum: -180 + maximum: 180 + PeeParameter: + type: object + properties: + siteIdentification: + type: string + siteDescription: + type: string + siteLatitude: + $ref: '#/components/schemas/SiteLatitude' + siteLongitude: + $ref: '#/components/schemas/SiteLongitude' + equipmentType: + type: string + environmentType: + type: string + powerInterface: + type: string + ThresholdInfo: + type: object + properties: + thresholdDirection: + type: string + enum: + - UP + - DOWN + - UP_AND_DOWN + thresholdValue: + oneOf: + - type: integer + - $ref: 'comDefs.yaml#/components/schemas/Float' + hysteresis: + oneOf: + - type: integer + minimum: 0 + - type: number + format: float + minimum: 0 + Operation: + type: object + properties: + name: + type: string + allowedNFTypes: + $ref: '#/components/schemas/NFType' + operationSemantics: + $ref: '#/components/schemas/OperationSemantics' + NFType: + type: string + description: ' NF name defined in TS 23.501' + enum: + - NRF + - UDM + - AMF + - SMF + - AUSF + - NEF + - PCF + - SMSF + - NSSF + - UDR + - LMF + - GMLC + - 5G_EIR + - SEPP + - UPF + - N3IWF + - AF + - UDSF + - DN + Fqdn: + type: string + OperationSemantics: + type: string + enum: + - REQUEST_RESPONSE + - SUBSCRIBE_NOTIFY + SAP: + type: object + properties: + host: + $ref: '#/components/schemas/HostAddr' + port: + type: integer + NFServiceType: + type: string + enum: + - Namf_Communication + - Namf_EventExposure + - Namf_MT + - Namf_Location + - Nsmf_PDUSession + - Nsmf_EventExposure + - Others + HostAddr: + oneOf: + - $ref: '#/components/schemas/Ipv4Addr' + - $ref: '#/components/schemas/Ipv6Addr' + - $ref: '#/components/schemas/Fqdn' + Ipv4Addr: + type: string + pattern: '^(([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])$' + example: '198.51.100.1' + Ipv6Addr: + type: string + allOf: + - pattern: '^((:|(0?|([1-9a-f][0-9a-f]{0,3}))):)((0?|([1-9a-f][0-9a-f]{0,3})):){0,6}(:|(0?|([1-9a-f][0-9a-f]{0,3})))$' + - pattern: '^((([^:]+:){7}([^:]+))|((([^:]+:)*[^:]+)?::(([^:]+:)*[^:]+)?))$' + example: '2001:db8:85a3::8a2e:370:7334' + Ipv6Prefix: + type: string + allOf: + - pattern: '^((:|(0?|([1-9a-f][0-9a-f]{0,3}))):)((0?|([1-9a-f][0-9a-f]{0,3})):){0,6}(:|(0?|([1-9a-f][0-9a-f]{0,3})))(\/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8])))$' + - pattern: '^((([^:]+:){7}([^:]+))|((([^:]+:)*[^:]+)?::(([^:]+:)*[^:]+)?))(\/.+)$' + example: '2001:db8:abcd:12::0/64' + TransportProtocol: + anyOf: + - type: string + enum: + - TCP + - type: string + SupportedPerfMetricGroup: + type: object + properties: + performanceMetrics: + type: array + items: + type: string + granularityPeriods: + type: array + items: + type: integer + minimum: 1 + reportingMethods: + type: array + items: + type: string + enum: + - FILE_BASED_LOC_SET_BY_PRODUCER + - FILE_BASED_LOC_SET_BY_CONSUMER + - STREAM_BASED + monitorGranularityPeriods: + type: array + items: + type: integer + minimum: 1 + ReportingCtrl: + oneOf: + - type: object + properties: + fileReportingPeriod: + type: integer + - type: object + properties: + fileReportingPeriod: + type: integer + fileLocation: + $ref: 'comDefs.yaml#/components/schemas/Uri' + - type: object + properties: + streamTarget: + $ref: 'comDefs.yaml#/components/schemas/Uri' + Scope: + type: object + properties: + scopeType: + type: string + enum: + - BASE_ONLY + - BASE_ALL + - BASE_NTH_LEVEL + - BASE_SUBTREE + scopeLevel: + type: integer + +#-------- Definition of types used in Trace control NRM fragment------------------ + + tjJobType-Type: + type: string + description: Specifies whether the TraceJob represents only MDT, Logged MBSFN MDT, Trace or a combined Trace and MDT job. Applicable for Trace, MDT, RCEF and RLF reporting. See 3GPP TS 32.422 clause 5.9a for additional details. + enum: + - IMMEDIATE_MDT_ONLY + - LOGGED_MDT_ONLY + - TRACE_ONLY + - IMMEDIATE_MDT AND TRACE + - RLF_REPORT_ONLY + - RCEF_REPORT_ONLY + - LOGGED_MBSFN_MDT + + tjListOfInterfaces-Type: + description: The interfaces to be recorded in the Network Element. See 3GPP TS 32.422 clause 5.5 for additional details. + type: object + properties: + MSCServerInterfaces: + type: array + items: + type: string + enum: + - A + - Iu-CS + - Mc + - MAP-G + - MAP-B + - MAP-E + - MAP-F + - MAP-D + - MAP-C + - CAP + MGWInterfaces: + type: array + items: + type: string + enum: + - Mc + - Nb-UP + - Iu-UP + RNCInterfaces: + type: array + items: + type: string + enum: + - Iu-CS + - Iu-PS + - Iur + - Iub + - Uu + SGSNInterfaces: + type: array + items: + type: string + enum: + - Gb + - Iu-PS + - Gn + - MAP-Gr + - MAP-Gd + - MAP-Gf + - Ge + - Gs + - S6d + - S4 + - S3 + - S13 + GGSNInterfaces: + type: array + items: + type: string + enum: + - Gn + - Gi + - Gmb + S-CSCFInterfaces: + type: array + items: + type: string + enum: + - Mw + - Mg + - Mr + - Mi + P-CSCFInterfaces: + type: array + items: + type: string + enum: + - Gm + - Mw + I-CSCFInterfaces: + type: array + items: + type: string + enum: + - Cx + - Dx + - Mg + - Mw + MRFCInterfaces: + type: array + items: + type: string + enum: + - Mp + - Mr + MGCFInterfaces: + type: array + items: + type: string + enum: + - Mg + - Mj + - Mn + IBCFInterfaces: + type: array + items: + type: string + enum: + - Ix + - Mx + E-CSCFInterfaces: + type: array + items: + type: string + enum: + - Mw + - Ml + - Mm + - Mi/Mg + BGCFInterfaces: + type: array + items: + type: string + enum: + - Mi + - Mj + - Mk + ASInterfaces: + type: array + items: + type: string + enum: + - Dh + - Sh + - ISC + - Ut + HSSInterfaces: + type: array + items: + type: string + enum: + - MAP-C + - MAP-D + - Gc + - Gr + - Cx + - S6d + - S6a + - Sh + EIRInterfaces: + type: array + items: + type: string + enum: + - MAP-F + - S13 + - MAP-Gf + BM-SCInterfaces: + type: array + items: + type: string + enum: + - Gmb + MMEInterfaces: + type: array + items: + type: string + enum: + - S1-MME + - S3 + - S6a + - S10 + - S11 + - S13 + SGWInterfaces: + type: array + items: + type: string + enum: + - S4 + - S5 + - S8 + - S11 + - Gxc + PDN_GWInterfaces: + type: array + items: + type: string + enum: + - S2a + - S2b + - S2c + - S5 + - S6b + - Gx + - S8 + - SGi + eNBInterfaces: + type: array + items: + type: string + enum: + - S1-MME + - X2 + en-gNBInterfaces: + type: array + items: + type: string + enum: + - S1-MME + - X2 + - Uu + - F1-C + - E1 + AMFInterfaces: + type: array + items: + type: string + enum: + - N1 + - N2 + - N8 + - N11 + - N12 + - N14 + - N15 + - N20 + - N22 + - N26 + AUSFInterfaces: + type: array + items: + type: string + enum: + - N12 + - N13 + NEFInterfaces: + type: array + items: + type: string + enum: + - N29 + - N30 + - N33 + NRFInterfaces: + type: array + items: + type: string + enum: + - N27 + NSSFInterfaces: + type: array + items: + type: string + enum: + - N22 + - N31 + PCFInterfaces: + type: array + items: + type: string + enum: + - N5 + - N7 + - N15 + SMFInterfaces: + type: array + items: + type: string + enum: + - N4 + - N7 + - N10 + - N11 + - S5-C + SMSFInterfaces: + type: array + items: + type: string + enum: + - N20 + - N21 + UDMInterfaces: + type: array + items: + type: string + enum: + - N8 + - N10 + - N13 + - N21 + UPFInterfaces: + type: array + items: + type: string + enum: + - N4 + ng-eNBInterfaces: + type: array + items: + type: string + enum: + - NG-C + - Xn-C + - Uu + gNB-CU-CPInterfaces: + type: array + items: + type: string + enum: + - NG-C + - Xn-C + - Uu + - F1-C + - E1 + - X2-C + gNB-CU-UPInterfaces: + type: array + items: + type: string + enum: + - E1 + gNB-DUInterfaces: + type: array + items: + type: string + enum: + - F1-C + + tjListOfNeTypes-Type: + description: The Network Element types where Trace Session activation is needed. See 3GPP TS 32.422 clause 5.4 for additional details. + type: array + items: + type: string + enum: + - MSC_SERVER + - SGSN + - MGW + - GGSN + - RNC + - BM_SC + - MME + - SGW + - PGW + - ENB + - EN_GNB + - GNB_CU_CP + - GNB_CU_UP + - GNB_DU + + tjPLMNTaget-Type: + type: object + description: The PLMN for which sessions shall be selected in the Trace Session in case of management based activation when several PLMNs are supported in the RAN (this means that shared cells and not shared cells are allowed for the specified PLMN. Note that the PLMN Target might differ from the PLMN specified in the Trace Reference, as that specifies the PLMN that is containing the management system requesting the Trace Session from the NE. See 3GPP TS 32.422 clause 5.9b for additional details. + properties: + mcc: + $ref: 'comDefs.yaml#/components/schemas/Mcc' + mnc: + $ref: 'comDefs.yaml#/components/schemas/Mnc' + required: + - mcc + - mnc + + tjStreamingTraceConsumerURI-Type: + type: string + description: The URI of the Trace Reporting MnS consumer (see 3GPP TS 28.532) to which the Trace records shall be sent. See 3GPP TS 32.422 clause 5.9 for additional details. + format: uri + + tjTraceCollectionEntityAddress-Type: + description: The IP address to which the Trace records shall be transferred. See 3GPP TS 32.422 clause 5.9 for additional details. + oneOf: + - $ref: '#/components/schemas/Ipv4Addr' + - $ref: '#/components/schemas/Ipv6Addr' + + tjTraceDepth-Type: + description: Specifies how detailed information should be recorded in the Network Element. The Trace Depth is a paremeter for Trace Session level, i.e., the Trace Depth is the same for all of the NEs to be traced in the same Trace Session. See 3GPP TS 32.422 clause 5.3 for additional details. + type: string + enum: + - MINIMUM + - MEDIUM + - MAXIMUM + - VENDORMINIMUM + - VENDORMEDIUM + - VENDORMAXIMUM + + tjTraceReference-Type: + type: object + description: The Trace Reference parameter shall be globally unique, therefore the Trace Reference shall compose as follows - MCC+MNC+Trace ID, where the MCC and MNC are coming with the Trace activation request from the management system to identify one PLMN containing the management system, and Trace ID is a 3 byte Octet String. See 3GPP TS 32.422 clause 5.6 for additional details. + properties: + mcc: + $ref: 'comDefs.yaml#/components/schemas/Mcc' + mnc: + $ref: 'comDefs.yaml#/components/schemas/Mnc' + traceId: + type: integer + required: + - mcc + - mnc + - traceId + + tjTraceReportingFormat-Type: + type: string + description: Specifies whether file-based or streaming reporting shall be used for this Trace Session. See 3GPP TS 32.422 clause 5.11 for additional details. + enum: + - FILE-BASED + - STREAMING + + tjTraceTarget-Type: + type: object + description: Trace target conveying both the type and value of the target ID. For additional details see 3GPP TS 32.422 + properties: + TargetIdType: + type: string + enum: + - IMSI + - IMEI + - IMEISV + - PUBLIC_ID + - UTRAN_CELL + - E-UTRAN_CELL + - NG-RAN_CELL + - eNB + - RNC + - gNB + - SUPI + TargetIdValue: + type: string + required: + - TargetIdType + - TargetIdValue + + tjTriggeringEvent-Type: + type: object + description: Specifies when to start a Trace Recording Session and which message shall be recorded first, when to stop a Trace Recording Session and which message shall be recorded last respectively. See 3GPP TS 32.422 clause 5.1 for additional detials. + properties: + NetworkElement: + type: string + enum: + - MSC_SERVER + - SGSN + - MGW + - GGSN + - BM_SC + - MME + - SGW + - PGW + - AMF + - SMF + - PCF + - UPF + EventBitmap: + type: integer + required: + - NetworkElement + - EventBitmap + + tjMDTAnonymizationOfData-Type: + description: Specifies level of MDT anonymization. For additional details see 3GPP TS 32.422 clause 5.10.12. + type: string + enum: + - NO_IDENTITY + - TAC_OF_IMEI + + tjMDTAreaConfigurationForNeighCell-Type: + description: Used for logged NR MDT and defines the area for which UE is requested to perform measurement logging for neighbour cells which have list of frequencies. For additional details see 3GPP TS 32.422 clause 5.10.26. + type: array + items: + type: object + properties: + frequency: + type: string + cell: + type: string + + tjMDTAreaScope-Type: + description: defines the area in terms or Cells or Tracking Area/Routing Area/Location Area where the MDT data collection shall take place. For additional details see 3GPP TS 32.422 clause 5.10.2. + allOf: + - $ref: 'comDefs.yaml#/components/schemas/DnList' + + tjMDTCollectionPeriodRrmLte-Type: + description: See details in 3GPP TS 32.422 clause 5.10.20. + type: string + enum: + - 250ms + - 500ms + - 1000ms + - 2000ms + - 3000ms + - 4000ms + - 6000ms + - 8000ms + - 12000ms + - 16000ms + - 20000ms + - 24000ms + - 28000ms + - 32000ms + - 64000ms + + tjMDTCollectionPeriodRrmUmts-Type: + description: See details in 3GPP TS 32.422 clause 5.10.21. + type: string + enum: + - 1024ms + - 1280ms + - 2048ms + - 2560ms + - 5120ms + - 10240ms + - 1min + + tjMDTCollectionPeriodRrmNR-Type: + description: See details in 3GPP TS 32.422 clause 5.10.30. + type: string + enum: + - 1024ms + - 1280ms + - 2048ms + - 5120ms + - 10240ms + - 60000ms + + tjMDTEventListForTriggeredMeasurement-Type: + description: See details in 3GPP TS 32.422 clause 5.10.28. + type: string + enum: + - OUT_OF_COVERAGE + - A2_EVENT + + tjMDTEventThreshold-Type: + description: See details in 3GPP TS 32.422 clause 5.10.7, 5.10.7a, 5.10.13 and 5.10.14. + type: object + properties: + EventThresholdRSRP: + type: integer + minimum: 0 + maximum: 97 + EventThresholdRSRQ: + type: integer + minimum: 0 + maximum: 34 + EventThreshold1F: + type: object + properties: + CPICH_RSCP: + type: integer + minimum: -120 + maximum: 25 + CPICH_EcNo: + type: integer + minimum: -24 + maximum: 0 + PathLoss: + type: integer + minimum: 30 + maximum: 165 + EventThreshold1I: + type: integer + minimum: -120 + maximum: 25 + + tjMDTListOfMeasurements-Type: + description: See details in 3GPP TS 32.422 clause 5.10.3 for details. + type: object + properties: + UMTS: + type: array + items: + type: string + enum: + - M1 + - M2 + - M3 + - M4 + - M5 + - M6_DL + - M6_UL + - M7_DL + - M7_UL + LTE: + type: array + items: + type: string + enum: + - M1 + - M2 + - M3 + - M4 + - M5 + - M1_EVENT_TRIGGERED + - M6 + - M7 + - M8 + - M9 + NR: + type: array + items: + type: string + enum: + - M1 + - M2 + - M3 + - M4 + - M5 + - M6 + - M7 + - M8 + - M9 + + tjMDTLoggingDuration-Type: + description: See details in 3GPP TS 32.422 clause 5.10.9. + type: string + enum: + - 600s + - 1200s + - 2400s + - 3600s + - 5400s + - 7200s + + tjMDTLoggingInterval-Type: + description: See details in 3GPP TS 32.422 clause 5.10.8. + type: string + enum: + - 1.28s + - 2.56s + - 5.12s + - 10.24s + - 20.48s + - 30.72s + - 40.96s + - 61.44s + + tjMDTMBSFNAreaList-Type: + description: See details in 3GPP TS 32.422 clause 5.10.25. + type: array + items: + type: object + properties: + mbsfnAreaId: + type: integer + minimum: 1 + earfcn: + type: integer + minimum: 1 + required: + - mbsfnAreaId + - earfcn + + tjMDTMeasurementPeriodLTE-Type: + description: See details in 3GPP TS 32.422 clause 5.10.23. + type: string + enum: + - 1024ms + - 1280ms + - 2048ms + - 2560ms + - 5120ms + - 10240ms + - 1min + + tjMDTMeasurementPeriodUMTS-Type: + description: See details in 3GPP TS 32.422 clause 5.10.22. + type: string + enum: + - 250ms + - 500ms + - 1000ms + - 2000ms + - 3000ms + - 4000ms + - 6000ms + - 8000ms + - 12000ms + - 16000ms + - 20000ms + - 24000ms + - 28000ms + - 32000ms + - 64000ms + + tjMDTMeasurementQuantity-Type: + description: See details in 3GPP TS 32.422 clause 5.10.15. + type: string + enum: + - CPICH_EcNo + - CPICH_RSCP + - PathLoss + + tjMDTPLMList-Type: + description: See details in 3GPP TS 32.422 clause 5.10.24. + type: array + items: + type: object + properties: + mcc: + $ref: 'comDefs.yaml#/components/schemas/Mcc' + mnc: + $ref: 'comDefs.yaml#/components/schemas/Mnc' + required: + - mcc + - mnc + maxItems: 16 + + tjMDTPositioningMethod-Type: + description: See details in 3GPP TS 32.422 clause 5.10.19. + type: string + enum: + - GNSS + - E-CELL_ID + + tjMDTReportAmount-Type: + description: See details in 3GPP TS 32.422 clause 5.10.6. + type: string + enum: + - 1 + - 2 + - 4 + - 8 + - 16 + - 32 + - 64 + - INFINITY + + tjMDTReportingTrigger-Type: + description: See details in 3GPP TS 32.422 clause 5.10.4. + type: array + items: + type: string + enum: + - PERIODICAL + - A2_FOR_LTE + - 1F_FOR_UMTS + - 1I_FOR_UMTS_MCPS_TDD + - A2_TRIGGERED_PERIODIC_FOR_LTE + - ALL_CONFIGURED_RRM_FOR_LTE + - ALL_CONFIGURED_RRM_FOR_UMTS + + tjMDTReportInterval-Type: + description: See details in 3GPP TS 32.422 clause 5.10.5. + type: string + enum: + - 250ms + - 500ms + - 1000ms + - 2000ms + - 3000ms + - 4000ms + - 6000ms + - 8000ms + - 12000ms + - 16000ms + - 20000ms + - 24000ms + - 28000ms + - 32000ms + - 64000ms + - 120ms + - 240ms + - 480ms + - 640ms + - 1024ms + - 2048ms + - 5120ms + - 10240ms + - 60000ms + - 360000ms + - 720000ms + - 1800000ms + - 3600000ms + + tjMDTReportType-Type: + description: Report type for logged NR MDT. See details in 3GPP TS 32.422 clause 5.10.27. + type: string + enum: + - PERIODICAL + - EVENT_TRIGGERED + + tjMDTSensorInformation-Type: + description: See details in 3GPP TS 32.422 clause 5.10.29. + type: array + items: + type: string + enum: + - BAROMETRIC_PRESSURE + - UE_SPEED + - UE_ORIENTATION + + tjMDTTraceCollectionEntityID-Type: + description: See details in 3GPP TS 32.422 clause 5.10.11. Only tceID value may be sent over the air to the UE being configured for Logged MDT. + type: object + properties: + tceID: + type: integer + tcePLMN: + type: object + properties: + mcc: + $ref: 'comDefs.yaml#/components/schemas/Mcc' + mnc: + $ref: 'comDefs.yaml#/components/schemas/Mnc' + required: + - mcc + - mnc + tceAddress: + oneOf: + - $ref: '#/components/schemas/tjTraceCollectionEntityAddress-Type' + - $ref: '#/components/schemas/tjStreamingTraceConsumerURI-Type' + required: + - tceID + - tcePLMN + - tceAddress + + +#-------- end of Definition of types used in Trace control NRM fragment ---------- + + +#-------- Definition of abstract IOC Top ----------------------------------------- + + Top-Attr: + # This definition will be deprecated, when all occurances of Top-Attr + # are replaced by Top. + type: object + properties: + id: + type: string + VsDataContainer: + $ref: '#/components/schemas/VsDataContainer-Multiple' + Top: + type: object + properties: + id: + type: string + VsDataContainer: + $ref: '#/components/schemas/VsDataContainer-Multiple' + +#-------- Definition of IOCs with new name-containments defined in other TS ------ + + SubNetwork-Attr: + type: object + properties: + dnPrefix: + type: string + userLabel: + type: string + userDefinedNetworkType: + type: string + setOfMcc: + type: array + items: + $ref: 'comDefs.yaml#/components/schemas/Mcc' + priorityLabel: + type: integer + supportedPerfMetricGroups: + type: array + items: + $ref: '#/components/schemas/SupportedPerfMetricGroup' + ManagedElement-Attr: + type: object + properties: + dnPrefix: + type: string + managedElementTypeList: + type: array + items: + type: string + userLabel: + type: string + locationName: + type: string + managedBy: + $ref: 'comDefs.yaml#/components/schemas/DnList' + vendorName: + type: string + userDefinedState: + type: string + swVersion: + type: string + priorityLabel: + type: integer + supportedPerfMetricGroups: + type: array + items: + $ref: '#/components/schemas/SupportedPerfMetricGroup' + + SubNetwork-ncO: + type: object + properties: + ManagementNode: + $ref: '#/components/schemas/ManagementNode-Multiple' + MeContext: + $ref: '#/components/schemas/MeContext-Multiple' + PerfMetricJob: + $ref: '#/components/schemas/PerfMetricJob-Multiple' + ThresholdMonitor: + $ref: '#/components/schemas/ThresholdMonitor-Multiple' + NtfSubscriptionControl: + $ref: '#/components/schemas/NtfSubscriptionControl-Multiple' + TraceJob: + $ref: '#/components/schemas/TraceJob-Multiple' + AlarmList: + $ref: '#/components/schemas/AlarmList-Single' + ManagedElement-ncO: + type: object + properties: + PerfMetricJob: + $ref: '#/components/schemas/PerfMetricJob-Multiple' + ThresholdMonitor: + $ref: '#/components/schemas/ThresholdMonitor-Multiple' + NtfSubscriptionControl: + $ref: '#/components/schemas/NtfSubscriptionControl-Multiple' + TraceJob: + $ref: '#/components/schemas/TraceJob-Multiple' + AlarmList: + $ref: '#/components/schemas/AlarmList-Single' + +#-------- Definition of abstract IOCs -------------------------------------------- + + ManagedFunction-Attr: + type: object + properties: + userLabel: + type: string + vnfParametersList: + type: array + items: + $ref: '#/components/schemas/VnfParameter' + peeParametersList: + type: array + items: + $ref: '#/components/schemas/PeeParameter' + priorityLabel: + type: integer + supportedPerfMetricGroups: + type: array + items: + $ref: '#/components/schemas/SupportedPerfMetricGroup' + EP_RP-Attr: + type: object + properties: + userLabel: + type: string + farEndEntity: + type: string + supportedPerfMetricGroups: + type: array + items: + $ref: '#/components/schemas/SupportedPerfMetricGroup' + + TraceJob-Attr: + type: object + description: abstract class used as a container of all TraceJob attributes + properties: + tjJobType: + $ref: '#/components/schemas/tjJobType-Type' + tjListOfInterfaces: + $ref: '#/components/schemas/tjListOfInterfaces-Type' + tjListOfNeTypes: + $ref: '#/components/schemas/tjListOfNeTypes-Type' + tjPLMNTarget: + $ref: '#/components/schemas/tjPLMNTaget-Type' + tjTraceConsumer: + oneOf: + - $ref: '#/components/schemas/tjStreamingTraceConsumerURI-Type' + - $ref: '#/components/schemas/tjTraceCollectionEntityAddress-Type' + tjTraceDepth: + $ref: '#/components/schemas/tjTraceDepth-Type' + tjTraceReference: + $ref: '#/components/schemas/tjTraceReference-Type' + tjTraceReportingFormat: + $ref: '#/components/schemas/tjTraceReportingFormat-Type' + tjTraceTarget: + $ref: '#/components/schemas/tjTraceTarget-Type' + tjTriggeringEvent: + $ref: '#/components/schemas/tjTriggeringEvent-Type' + tjMDTAnonymizationOfData: + $ref: '#/components/schemas/tjMDTAnonymizationOfData-Type' + tjMDTAreaConfigurationForNeighCell: + $ref: '#/components/schemas/tjMDTAreaConfigurationForNeighCell-Type' + tjMDTAreaScope: + $ref: '#/components/schemas/tjMDTAreaScope-Type' + tjMDTCollectionPeriodRrmLte: + $ref: '#/components/schemas/tjMDTCollectionPeriodRrmLte-Type' + tjMDTCollectionPeriodRrmUmts: + $ref: '#/components/schemas/tjMDTCollectionPeriodRrmUmts-Type' + tjMDTCollectionPeriodRrmNR: + $ref: '#/components/schemas/tjMDTCollectionPeriodRrmNR-Type' + tjMDTEventListForTriggeredMeasurement: + $ref: '#/components/schemas/tjMDTEventListForTriggeredMeasurement-Type' + tjMDTEventThreshold: + $ref: '#/components/schemas/tjMDTEventThreshold-Type' + tjMDTListOfMeasurements: + $ref: '#/components/schemas/tjMDTListOfMeasurements-Type' + tjMDTLoggingDuration: + $ref: '#/components/schemas/tjMDTLoggingDuration-Type' + tjMDTLoggingInterval: + $ref: '#/components/schemas/tjMDTLoggingInterval-Type' + tjMDTMBSFNAreaList: + $ref: '#/components/schemas/tjMDTMBSFNAreaList-Type' + tjMDTMeasurementPeriodLTE: + $ref: '#/components/schemas/tjMDTMeasurementPeriodLTE-Type' + tjMDTMeasurementPeriodUMTS: + $ref: '#/components/schemas/tjMDTMeasurementPeriodUMTS-Type' + tjMDTMeasurementQuantity: + $ref: '#/components/schemas/tjMDTMeasurementQuantity-Type' + tjMDTPLMList: + $ref: '#/components/schemas/tjMDTPLMList-Type' + tjMDTPositioningMethod: + $ref: '#/components/schemas/tjMDTPositioningMethod-Type' + tjMDTReportAmount: + $ref: '#/components/schemas/tjMDTReportAmount-Type' + tjMDTReportingTrigger: + $ref: '#/components/schemas/tjMDTReportingTrigger-Type' + tjMDTReportInterval: + $ref: '#/components/schemas/tjMDTReportInterval-Type' + tjMDTReportType: + $ref: '#/components/schemas/tjMDTReportType-Type' + tjMDTSensorInformation: + $ref: '#/components/schemas/tjMDTSensorInformation-Type' + tjMDTTraceCollectionEntityID: + $ref: '#/components/schemas/tjMDTTraceCollectionEntityID-Type' + required: + - tjJobType + - tjTraceReference + - tjTraceConsumer + - tjTraceReportingFormat + - tjTraceTarget + + ManagedFunction-ncO: + type: object + properties: + PerfMetricJob: + $ref: '#/components/schemas/PerfMetricJob-Multiple' + ThresholdMonitor: + $ref: '#/components/schemas/ThresholdMonitor-Multiple' + ManagedNFService: + $ref: '#/components/schemas/ManagedNFService-Multiple' + TraceJob: + $ref: '#/components/schemas/TraceJob-Multiple' + +#-------- Definition of concrete IOCs -------------------------------------------- + + VsDataContainer-Single: + type: object + properties: + id: + type: string + attributes: + type: object + properties: + vsDataType: + type: string + vsDataFormatVersion: + type: string + vsData: + nullable: true + VsDataContainer: + $ref: '#/components/schemas/VsDataContainer-Multiple' + ManagedNFService-Single: + allOf: + - $ref: '#/components/schemas/Top' + - type: object + properties: + attributes: + type: object + properties: + userLabel: + type: string + nFServiceType: + $ref: '#/components/schemas/NFServiceType' + sAP: + $ref: '#/components/schemas/SAP' + operations: + type: array + items: + $ref: '#/components/schemas/Operation' + administrativeState: + $ref: 'comDefs.yaml#/components/schemas/AdministrativeState' + operationalState: + $ref: 'comDefs.yaml#/components/schemas/OperationalState' + usageState: + $ref: 'comDefs.yaml#/components/schemas/UsageState' + registrationState: + $ref: '#/components/schemas/RegistrationState' + ManagementNode-Single: + allOf: + - $ref: '#/components/schemas/Top' + - type: object + properties: + attributes: + type: object + properties: + userLabel: + type: string + managedElements: + $ref: 'comDefs.yaml#/components/schemas/DnList' + vendorName: + type: string + userDefinedState: + type: string + locationName: + type: string + swVersion: + type: string + MeContext-Single: + allOf: + - $ref: '#/components/schemas/Top' + - type: object + properties: + attributes: + type: object + properties: + dnPrefix: + type: string + PerfMetricJob-Single: + allOf: + - $ref: '#/components/schemas/Top' + - type: object + properties: + attributes: + type: object + properties: + administrativeState: + $ref: 'comDefs.yaml#/components/schemas/AdministrativeState' + operationalState: + $ref: 'comDefs.yaml#/components/schemas/OperationalState' + jobId: + type: string + performanceMetrics: + type: array + items: + type: string + granularityPeriod: + type: integer + minimum: 1 + objectInstances: + $ref: 'comDefs.yaml#/components/schemas/DnList' + rootObjectInstances: + $ref: 'comDefs.yaml#/components/schemas/DnList' + reportingCtrl: + $ref: '#/components/schemas/ReportingCtrl' + ThresholdMonitor-Single: + allOf: + - $ref: '#/components/schemas/Top' + - type: object + properties: + attributes: + type: object + properties: + administrativeState: + $ref: 'comDefs.yaml#/components/schemas/AdministrativeState' + operationalState: + $ref: 'comDefs.yaml#/components/schemas/OperationalState' + performanceMetrics: + type: array + items: + type: string + thresholdInfoList: + type: array + items: + $ref: '#/components/schemas/ThresholdInfo' + monitorGranularityPeriod: + type: integer + minimum: 1 + objectInstances: + $ref: 'comDefs.yaml#/components/schemas/DnList' + rootObjectInstances: + $ref: 'comDefs.yaml#/components/schemas/DnList' + NtfSubscriptionControl-Single: + allOf: + - $ref: '#/components/schemas/Top' + - type: object + properties: + attributes: + type: object + properties: + notificationRecipientAddress: + $ref: 'comDefs.yaml#/components/schemas/Uri' + notificationTypes: + type: array + items: + $ref: 'comDefs.yaml#/components/schemas/NotificationType' + scope: + $ref: '#/components/schemas/Scope' + notificationFilter: + type: string + HeartbeatControl: + $ref: '#/components/schemas/HeartbeatControl-Single' + HeartbeatControl-Single: + allOf: + - $ref: '#/components/schemas/Top' + - type: object + properties: + attributes: + type: object + properties: + heartbeatNtfPeriod: + type: integer + triggerHeartbeatNtf: + type: boolean + TraceJob-Single: + allOf: + - $ref: '#/components/schemas/Top' + - type: object + properties: + attributes: + $ref: '#/components/schemas/TraceJob-Attr' + + AlarmList-Single: + allOf: + - $ref: '#/components/schemas/Top' + - type: object + properties: + attributes: + type: object + properties: + administrativeState: + $ref: 'comDefs.yaml#/components/schemas/AdministrativeState' + operationalState: + $ref: 'comDefs.yaml#/components/schemas/OperationalState' + numOfAlarmRecords: + type: integer + lastModification: + $ref: 'comDefs.yaml#/components/schemas/DateTime' + alarmRecords: + description: >- + This resource represents a map of alarm records. + The alarmIds are used as keys in the map. + type: object + additionalProperties: + $ref: 'faultMnS.yaml#/components/schemas/AlarmRecord' + +#-------- Definition of YAML arrays for name-contained IOCs ---------------------- + + VsDataContainer-Multiple: + type: array + items: + $ref: '#/components/schemas/VsDataContainer-Single' + ManagedNFService-Multiple: + type: array + items: + $ref: '#/components/schemas/ManagedNFService-Single' + ManagementNode-Multiple: + type: array + items: + $ref: '#/components/schemas/ManagementNode-Single' + MeContext-Multiple: + type: array + items: + $ref: '#/components/schemas/MeContext-Single' + PerfMetricJob-Multiple: + type: array + items: + $ref: '#/components/schemas/PerfMetricJob-Single' + ThresholdMonitor-Multiple: + type: array + items: + $ref: '#/components/schemas/ThresholdMonitor-Single' + TraceJob-Multiple: + type: array + items: + $ref: '#/components/schemas/TraceJob-Single' + NtfSubscriptionControl-Multiple: + type: array + items: + $ref: '#/components/schemas/NtfSubscriptionControl-Single' + +#-------- Definitions in TS 28.623 for TS 28.532 --------------------------------- + + resources-genericNrm: + oneOf: + + - $ref: '#/components/schemas/VsDataContainer-Single' + + - $ref: '#/components/schemas/ManagementNode-Single' + - $ref: '#/components/schemas/MeContext-Single' + + - $ref: '#/components/schemas/ManagedNFService-Single' + + - $ref: '#/components/schemas/PerfMetricJob-Single' + - $ref: '#/components/schemas/ThresholdMonitor-Single' + - $ref: '#/components/schemas/TraceJob-Single' + + - $ref: '#/components/schemas/NtfSubscriptionControl-Single' + - $ref: '#/components/schemas/HeartbeatControl-Single' + + - $ref: '#/components/schemas/AlarmList-Single' diff --git a/kubernetes/dcaegen2/resources/external/schema/rel16/heartbeatNtf.yaml b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/heartbeatNtf.yaml index afde5066dd..efa3185bdb 100644 --- a/kubernetes/dcaegen2/resources/external/schema/rel16/heartbeatNtf.yaml +++ b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/heartbeatNtf.yaml @@ -1,23 +1,25 @@ openapi: 3.0.1 info: title: Heartbeat notification - version: 16.3.0 + version: 16.6.0 description: >- - OAS 3.0.1 specification of the heartbeat notification + OAS 3.0.1 definition of the heartbeat notification © 2020, 3GPP Organizational Partners (ARIB, ATIS, CCSA, ETSI, TSDSI, TTA, TTC). All rights reserved. externalDocs: - description: 3GPP TS 28.532 V16.3.0; Heartbeat notification + description: 3GPP TS 28.532 V16.6.0; Generic management services url: http://www.3gpp.org/ftp/Specs/archive/28_series/28.6532/ paths: {} components: schemas: - hearbeatNtfPeriod-Type: - type: integer - notifyHeartbeat-NotifType: + HeartbeatNotificationTypes: + type: string + enum: + - notifyHeartbeat + NotifyHeartbeat: allOf: - - $ref: 'provMnS.yaml#/components/schemas/header-Type' + - $ref: 'comDefs.yaml#/components/schemas/NotificationHeader' - type: object properties: heartbeatNtfPeriod: - $ref: '#/components/schemas/hearbeatNtfPeriod-Type' + type: integer diff --git a/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/nrNrm.yaml b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/nrNrm.yaml new file mode 100644 index 0000000000..3de2c63a6c --- /dev/null +++ b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/nrNrm.yaml @@ -0,0 +1,1868 @@ +openapi: 3.0.1 +info: + title: NR NRM + version: 16.6.0 + description: >- + OAS 3.0.1 specification of the NR NRM + © 2020, 3GPP Organizational Partners (ARIB, ATIS, CCSA, ETSI, TSDSI, TTA, TTC). + All rights reserved. +externalDocs: + description: 3GPP TS 28.541 V16.6.0; 5G NRM, NR NRM + url: http://www.3gpp.org/ftp/Specs/archive/28_series/28.541/ +paths: {} +components: + schemas: + +#-------- Definition of types----------------------------------------------------- + + GnbId: + type: string + GnbIdLength: + type: integer + minimum: 22 + maximum: 32 + GnbName: + type: string + maxLength: 150 + GnbDuId: + type: number + minimum: 0 + maximum: 68719476735 + GnbCuUpId: + type: number + minimum: 0 + maximum: 68719476735 + + Sst: + type: integer + maximum: 255 + Snssai: + type: object + properties: + sst: + $ref: '#/components/schemas/Sst' + sd: + type: string + SnssaiList: + type: array + items: + $ref: '#/components/schemas/Snssai' + + Mnc: + type: string + pattern: '[0-9]{3}|[0-9]{2}' + PlmnId: + type: object + properties: + mcc: + $ref: 'comDefs.yaml#/components/schemas/Mcc' + mnc: + $ref: '#/components/schemas/Mnc' + PlmnIdList: + type: array + items: + $ref: '#/components/schemas/PlmnId' + PlmnInfo: + type: object + properties: + plmnId": + $ref: '#/components/schemas/PlmnId' + snssai: + $ref: '#/components/schemas/Snssai' + PlmnInfoList: + type: array + items: + $ref: '#/components/schemas/PlmnInfo' + GGnbId: + type: string + pattern: '^[0-9]{3}[0-9]{2,3}-(22|23|24|25|26|27|28|29|30|31|32)-[0-9]{1,10}' + GEnbId: + type: string + pattern: '^[0-9]{3}[0-9]{2,3}-(18|20|21|22)-[0-9]{1,7}' + + GGnbIdList: + type: array + items: + $ref: '#/components/schemas/GGnbId' + + GEnbIdList: + type: array + items: + $ref: '#/components/schemas/GEnbId' + + NrPci: + type: integer + maximum: 503 + NrTac: + type: integer + maximum: 16777215 + Tai: + type: object + properties: + plmnId: + $ref: '#/components/schemas/PlmnId' + nrTac: + $ref: '#/components/schemas/NrTac' + + BackhaulAddress: + type: object + properties: + gnbId: + $ref: '#/components/schemas/GnbId' + tai: + $ref: "#/components/schemas/Tai" + MappingSetIDBackhaulAddress: + type: object + properties: + setID: + type: integer + backhaulAddress: + $ref: '#/components/schemas/BackhaulAddress' + IntraRatEsActivationOriginalCellLoadParameters: + type: object + properties: + loadThreshold: + type: integer + timeDuration: + type: integer + IntraRatEsActivationCandidateCellsLoadParameters: + type: object + properties: + loadThreshold: + type: integer + timeDuration: + type: integer + IntraRatEsDeactivationCandidateCellsLoadParameters: + type: object + properties: + loadThreshold: + type: integer + timeDuration: + type: integer + EsNotAllowedTimePeriod: + type: object + properties: + startTimeandendTime: + type: string + periodOfDay: + type: string + daysOfWeekList: + type: string + listoftimeperiods: + type: string + InterRatEsActivationOriginalCellParameters: + type: object + properties: + loadThreshold: + type: integer + timeDuration: + type: integer + InterRatEsActivationCandidateCellParameters: + type: object + properties: + loadThreshold: + type: integer + timeDuration: + type: integer + InterRatEsDeactivationCandidateCellParameters: + type: object + properties: + loadThreshold: + type: integer + timeDuration: + type: integer + + UeAccProbilityDist: + type: object + properties: + targetProbability: + type: integer + numberofpreamblessent: + type: integer + + UeAccDelayProbilityDist: + type: object + properties: + targetProbability: + type: integer + accessdelay: + type: integer + + NRPciList: + type: object + properties: + NRPci: + type: integer + + CSonPciList: + type: object + properties: + NRPci: + type: integer + + MaximumDeviationHoTrigger: + type: integer + minimum: -20 + maximum: 20 + + MinimumTimeBetweenHoTriggerChange: + type: integer + minimum: 0 + maximum: 604800 + + TstoreUEcntxt: + type: integer + minimum: 0 + maximum: 1023 + + CellState: + type: string + enum: + - IDLE + - INACTIVE + - ACTIVE + CyclicPrefix: + type: string + enum: + - '15' + - '30' + - '60' + - '120' + TxDirection: + type: string + enum: + - DL + - UL + - DL and UL + BwpContext: + type: string + enum: + - DL + - UL + - SUL + IsInitialBwp: + type: string + enum: + - INITIAL + - OTHER + - SUL + QuotaType: + type: string + enum: + - STRICT + - FLOAT + IsESCoveredBy: + type: string + enum: + - NO + - PARTIAL + - FULL + RrmPolicyMember: + type: object + properties: + plmnId: + $ref: '#/components/schemas/PlmnId' + snssai: + $ref: '#/components/schemas/Snssai' + RrmPolicyMemberList: + type: array + items: + $ref: '#/components/schemas/RrmPolicyMember' + AddressWithVlan: + type: object + properties: + ipv4Address: + $ref: 'genericNrm.yaml#/components/schemas/Ipv4Addr' + ipv6Address: + $ref: 'genericNrm.yaml#/components/schemas/Ipv6Addr' + vlanId: + type: integer + minimum: 0 + maximum: 4096 + LocalAddress: + type: object + properties: + addressWithVlan: + $ref: '#/components/schemas/AddressWithVlan' + port: + type: integer + minimum: 0 + maximum: 65535 + RemoteAddress: + type: object + properties: + ipv4Address: + $ref: 'genericNrm.yaml#/components/schemas/Ipv4Addr' + ipv6Address: + $ref: 'genericNrm.yaml#/components/schemas/Ipv6Addr' + + CellIndividualOffset: + type: object + properties: + rsrpOffsetSSB: + type: integer + rsrqOffsetSSB: + type: integer + sinrOffsetSSB: + type: integer + rsrpOffsetCSI-RS: + type: integer + rsrqOffsetCSI-RS: + type: integer + sinrOffsetCSI-RS: + type: integer + QOffsetRange: + type: integer + enum: + - -24 + - -22 + - -20 + - -18 + - -16 + - -14 + - -12 + - -10 + - -8 + - -6 + - -5 + - -4 + - -3 + - -2 + - -1 + - 0 + - 24 + - 22 + - 20 + - 18 + - 16 + - 14 + - 12 + - 10 + - 8 + - 6 + - 5 + - 4 + - 3 + - 2 + - 1 + QOffsetRangeList: + type: object + properties: + rsrpOffsetSSB: + $ref: '#/components/schemas/QOffsetRange' + rsrqOffsetSSB: + $ref: '#/components/schemas/QOffsetRange' + sinrOffsetSSB: + $ref: '#/components/schemas/QOffsetRange' + rsrpOffsetCSI-RS: + $ref: '#/components/schemas/QOffsetRange' + rsrqOffsetCSI-RS: + $ref: '#/components/schemas/QOffsetRange' + sinrOffsetCSI-RS: + $ref: '#/components/schemas/QOffsetRange' + QOffsetFreq: + type: number + TReselectionNRSf: + type: integer + enum: + - 25 + - 50 + - 75 + - 100 + SsbPeriodicity: + type: integer + enum: + - 5 + - 10 + - 20 + - 40 + - 80 + - 160 + SsbDuration: + type: integer + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + SsbSubCarrierSpacing: + type: integer + enum: + - 15 + - 30 + - 120 + - 240 + CoverageShape: + type: integer + maximum: 65535 + DigitalTilt: + type: integer + minimum: -900 + maximum: 900 + DigitalAzimuth: + type: integer + minimum: -1800 + maximum: 1800 + + RSSetId: + type: integer + maximum: 4194303 + + RSSetType: + type: string + enum: + - RS1 + - RS2 + + FrequencyDomainPara: + type: object + properties: + rimRSSubcarrierSpacing: + type: integer + rIMRSBandwidth: + type: integer + nrofGlobalRIMRSFrequencyCandidates: + type: integer + rimRSCommonCarrierReferencePoint: + type: integer + rimRSStartingFrequencyOffsetIdList: + type: array + items: + type: integer + + SequenceDomainPara: + type: object + properties: + nrofRIMRSSequenceCandidatesofRS1: + type: integer + rimRSScrambleIdListofRS1: + type: array + items: + type: integer + nrofRIMRSSequenceCandidatesofRS2: + type: integer + rimRSScrambleIdListofRS2: + type: array + items: + type: integer + enableEnoughNotEnoughIndication: + type: string + enum: + - ENABLE + - DISABLE + RIMRSScrambleTimerMultiplier: + type: integer + RIMRSScrambleTimerOffset: + type: integer + + TimeDomainPara: + type: object + properties: + dlULSwitchingPeriod1: + type: string + enum: + - MS0P5 + - MS0P625 + - MS1 + - MS1P25 + - MS2 + - MS2P5 + - MS3 + - MS4 + - MS5 + - MS10 + - MS20 + symbolOffsetOfReferencePoint1: + type: integer + dlULSwitchingPeriod2: + type: string + enum: + - MS0P5 + - MS0P625 + - MS1 + - MS1P25 + - MS2 + - MS2P5 + - MS3 + - MS4 + - MS5 + - MS10 + - MS20 + symbolOffsetOfReferencePoint2: + type: integer + totalnrofSetIdofRS1: + type: integer + totalnrofSetIdofRS2: + type: integer + nrofConsecutiveRIMRS1: + type: integer + nrofConsecutiveRIMRS2: + type: integer + consecutiveRIMRS1List: + type: array + items: + type: integer + consecutiveRIMRS2List: + type: array + items: + type: integer + enablenearfarIndicationRS1: + type: string + enum: + - ENABLE + - DISABLE + enablenearfarIndicationRS2: + type: string + enum: + - ENABLE + - DISABLE + + RimRSReportInfo: + type: object + properties: + detectedSetID: + type: integer + propagationDelay: + type: integer + functionalityOfRIMRS: + type: string + enum: + - RS1 + - RS2 + - RS1forEnoughMitigation + - RS1forNotEnoughMitigation + + RimRSReportConf: + type: object + properties: + reportIndicator: + type: string + enum: + - ENABLE + - DISABLE + reportInterval: + type: integer + nrofRIMRSReportInfo: + type: integer + maxPropagationDelay: + type: integer + rimRSReportInfoList: + type: array + items: + $ref: '#/components/schemas/RimRSReportInfo' + TceMappingInfo: + type: object + properties: + TceIPAddress: + oneOf: + - $ref: 'genericNrm.yaml#/components/schemas/Ipv4Addr' + - $ref: 'genericNrm.yaml#/components/schemas/Ipv6Addr' + TceID: + type: integer + PlmnTarget: + $ref: '#/components/schemas/PlmnId' + TceMappingInfoList: + type: array + items: + $ref: '#/components/schemas/TceMappingInfo' + + +#-------- Definition of abstract IOCs -------------------------------------------- + + RrmPolicy_-Attr: + type: object + properties: + resourceType: + type: string + rRMPolicyMemberList: + $ref: '#/components/schemas/RrmPolicyMemberList' + + +#-------- Definition of concrete IOCs -------------------------------------------- + + SubNetwork-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + $ref: 'genericNrm.yaml#/components/schemas/SubNetwork-Attr' + - $ref: 'genericNrm.yaml#/components/schemas/SubNetwork-ncO' + - type: object + properties: + SubNetwork: + $ref: '#/components/schemas/SubNetwork-Multiple' + ManagedElement: + $ref: '#/components/schemas/ManagedElement-Multiple' + NRFrequency: + $ref: '#/components/schemas/NRFrequency-Multiple' + ExternalGnbCuCpFunction: + $ref: '#/components/schemas/ExternalGnbCuCpFunction-Multiple' + ExternalENBFunction: + $ref: '#/components/schemas/ExternalENBFunction-Multiple' + EUtranFrequency: + $ref: '#/components/schemas/EUtranFrequency-Multiple' + DESManagementFunction: + $ref: '#/components/schemas/DESManagementFunction-Single' + DRACHOptimizationFunction: + $ref: '#/components/schemas/DRACHOptimizationFunction-Single' + DMROFunction: + $ref: '#/components/schemas/DMROFunction-Single' + DPCIConfigurationFunction: + $ref: '#/components/schemas/DPCIConfigurationFunction-Single' + CPCIConfigurationFunction: + $ref: '#/components/schemas/CPCIConfigurationFunction-Single' + CESManagementFunction: + $ref: '#/components/schemas/CESManagementFunction-Single' + Configurable5QISet: + $ref: '5gcNrm.yaml#/components/schemas/Configurable5QISet-Multiple' + RimRSGlobal: + $ref: '#/components/schemas/RimRSGlobal-Single' + Dynamic5QISet: + $ref: '5gcNrm.yaml#/components/schemas/Dynamic5QISet-Multiple' + + ManagedElement-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + $ref: 'genericNrm.yaml#/components/schemas/ManagedElement-Attr' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedElement-ncO' + - type: object + properties: + GnbDuFunction: + $ref: '#/components/schemas/GnbDuFunction-Multiple' + GnbCuUpFunction: + $ref: '#/components/schemas/GnbCuUpFunction-Multiple' + GnbCuCpFunction: + $ref: '#/components/schemas/GnbCuCpFunction-Multiple' + DESManagementFunction: + $ref: '#/components/schemas/DESManagementFunction-Single' + DRACHOptimizationFunction: + $ref: '#/components/schemas/DRACHOptimizationFunction-Single' + DMROFunction: + $ref: '#/components/schemas/DMROFunction-Single' + DPCIConfigurationFunction: + $ref: '#/components/schemas/DPCIConfigurationFunction-Single' + CPCIConfigurationFunction: + $ref: '#/components/schemas/CPCIConfigurationFunction-Single' + CESManagementFunction: + $ref: '#/components/schemas/CESManagementFunction-Single' + Configurable5QISet: + $ref: '5gcNrm.yaml#/components/schemas/Configurable5QISet-Multiple' + Dynamic5QISet: + $ref: '5gcNrm.yaml#/components/schemas/Dynamic5QISet-Multiple' + + GnbDuFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + gnbDuId: + $ref: '#/components/schemas/GnbDuId' + gnbDuName: + $ref: '#/components/schemas/GnbName' + gnbId: + $ref: '#/components/schemas/GnbId' + gnbIdLength: + $ref: '#/components/schemas/GnbIdLength' + rimRSReportConf: + $ref: '#/components/schemas/RimRSReportConf' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + RRMPolicyRatio: + $ref: '#/components/schemas/RRMPolicyRatio-Multiple' + NrCellDu: + $ref: '#/components/schemas/NrCellDu-Multiple' + Bwp-Multiple: + $ref: '#/components/schemas/Bwp-Multiple' + NrSectorCarrier-Multiple: + $ref: '#/components/schemas/NrSectorCarrier-Multiple' + EP_F1C: + $ref: '#/components/schemas/EP_F1C-Single' + EP_F1U: + $ref: '#/components/schemas/EP_F1U-Multiple' + DRACHOptimizationFunction: + $ref: '#/components/schemas/DRACHOptimizationFunction-Single' + GnbCuUpFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + gnbId: + $ref: '#/components/schemas/GnbId' + gnbIdLength: + $ref: '#/components/schemas/GnbIdLength' + gnbCuUpId: + $ref: '#/components/schemas/GnbCuUpId' + plmnInfoList: + $ref: '#/components/schemas/PlmnInfoList' + configurable5QISetRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + dynamic5QISetRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + RRMPolicyRatio: + $ref: '#/components/schemas/RRMPolicyRatio-Multiple' + EP_E1: + $ref: '#/components/schemas/EP_E1-Single' + EP_XnU: + $ref: '#/components/schemas/EP_XnU-Multiple' + EP_F1U: + $ref: '#/components/schemas/EP_F1U-Multiple' + EP_NgU: + $ref: '#/components/schemas/EP_NgU-Multiple' + EP_X2U: + $ref: '#/components/schemas/EP_X2U-Multiple' + EP_S1U: + $ref: '#/components/schemas/EP_S1U-Multiple' + GnbCuCpFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + gnbId: + $ref: '#/components/schemas/GnbId' + gnbIdLength: + $ref: '#/components/schemas/GnbIdLength' + gnbCuName: + $ref: '#/components/schemas/GnbName' + plmnId: + $ref: '#/components/schemas/PlmnId' + x2BlackList: + $ref: '#/components/schemas/GGnbIdList' + xnBlackList: + $ref: '#/components/schemas/GGnbIdList' + x2WhiteList: + $ref: '#/components/schemas/GGnbIdList' + xnWhiteList: + $ref: '#/components/schemas/GGnbIdList' + x2XnHOBlackList: + $ref: '#/components/schemas/GEnbIdList' + mappingSetIDBackhaulAddress: + $ref: '#/components/schemas/MappingSetIDBackhaulAddress' + tceMappingInfoList: + $ref: '#/components/schemas/TceMappingInfoList' + configurable5QISetRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + dynamic5QISetRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + RRMPolicyRatio: + $ref: '#/components/schemas/RRMPolicyRatio-Multiple' + NrCellCu: + $ref: '#/components/schemas/NrCellCu-Multiple' + EP_XnC: + $ref: '#/components/schemas/EP_XnC-Multiple' + EP_E1: + $ref: '#/components/schemas/EP_E1-Multiple' + EP_F1C: + $ref: '#/components/schemas/EP_F1C-Multiple' + EP_NgC: + $ref: '#/components/schemas/EP_NgC-Multiple' + EP_X2C: + $ref: '#/components/schemas/EP_X2C-Multiple' + DANRManagementFunction: + $ref: '#/components/schemas/DANRManagementFunction-Single' + DESManagementFunction: + $ref: '#/components/schemas/DESManagementFunction-Single' + DMROFunction: + $ref: '#/components/schemas/DMROFunction-Single' + + NrCellCu-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + cellLocalId: + type: integer + plmnInfoList: + $ref: '#/components/schemas/PlmnInfoList' + nRFrequencyRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + RRMPolicyRatio: + $ref: '#/components/schemas/RRMPolicyRatio-Multiple' + NRCellRelation: + $ref: '#/components/schemas/NRCellRelation-Multiple' + EUtranCellRelation: + $ref: '#/components/schemas/EUtranCellRelation-Multiple' + NRFreqRelation: + $ref: '#/components/schemas/NRFreqRelation-Multiple' + EUtranFreqRelation: + $ref: '#/components/schemas/EUtranFreqRelation-Multiple' + DESManagementFunction: + $ref: '#/components/schemas/DESManagementFunction-Single' + DMROFunction: + $ref: '#/components/schemas/DMROFunction-Single' + CESManagementFunction: + $ref: '#/components/schemas/CESManagementFunction-Single' + DPCIConfigurationFunction: + $ref: '#/components/schemas/DPCIConfigurationFunction-Single' + + NrCellDu-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + administrativeState: + $ref: 'comDefs.yaml#/components/schemas/AdministrativeState' + operationalState: + $ref: 'comDefs.yaml#/components/schemas/OperationalState' + cellLocalId: + type: integer + cellState: + $ref: '#/components/schemas/CellState' + plmnInfoList: + $ref: '#/components/schemas/PlmnInfoList' + nrPci: + $ref: '#/components/schemas/NrPci' + nrTac: + $ref: '#/components/schemas/NrTac' + arfcnDL: + type: integer + arfcnUL: + type: integer + arfcnSUL: + type: integer + bSChannelBwDL: + type: integer + bSChannelBwUL: + type: integer + bSChannelBwSUL: + type: integer + ssbFrequency: + type: integer + minimum: 0 + maximum: 3279165 + ssbPeriodicity: + $ref: '#/components/schemas/SsbPeriodicity' + ssbSubCarrierSpacing: + $ref: '#/components/schemas/SsbSubCarrierSpacing' + ssbOffset: + type: integer + minimum: 0 + maximum: 159 + ssbDuration: + $ref: '#/components/schemas/SsbDuration' + nrSectorCarrierRef: + type: array + items: + $ref: 'comDefs.yaml#/components/schemas/Dn' + bwpRef: + type: array + items: + $ref: 'comDefs.yaml#/components/schemas/Dn' + nRFrequencyRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + victimSetRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + aggressorSetRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + RRMPolicyRatio: + $ref: '#/components/schemas/RRMPolicyRatio-Multiple' + CPCIConfigurationFunction: + $ref: '#/components/schemas/CPCIConfigurationFunction-Single' + DRACHOptimizationFunction: + $ref: '#/components/schemas/DRACHOptimizationFunction-Single' + + NRFrequency-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + type: object + properties: + absoluteFrequencySSB: + type: integer + minimum: 0 + maximum: 3279165 + ssbSubCarrierSpacing: + $ref: '#/components/schemas/SsbSubCarrierSpacing' + multiFrequencyBandListNR: + type: integer + minimum: 1 + maximum: 256 + EUtranFrequency-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + type: object + properties: + earfcnDL: + type: integer + minimum: 0 + maximum: 262143 + multiBandInfoListEutra: + type: integer + minimum: 1 + maximum: 256 + + NrSectorCarrier-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + txDirection: + $ref: '#/components/schemas/TxDirection' + configuredMaxTxPower: + type: integer + arfcnDL: + type: integer + arfcnUL: + type: integer + bSChannelBwDL: + type: integer + bSChannelBwUL: + type: integer + sectorEquipmentFunctionRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + CommonBeamformingFunction: + $ref: '#/components/schemas/CommonBeamformingFunction-Single' + Bwp-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + bwpContext: + $ref: '#/components/schemas/BwpContext' + isInitialBwp: + $ref: '#/components/schemas/IsInitialBwp' + subCarrierSpacing: + type: integer + cyclicPrefix: + $ref: '#/components/schemas/CyclicPrefix' + startRB: + type: integer + numberOfRBs: + type: integer + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + CommonBeamformingFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - type: object + properties: + coverageShape: + $ref: '#/components/schemas/CoverageShape' + digitalAzimuth: + $ref: '#/components/schemas/DigitalAzimuth' + digitalTilt: + $ref: '#/components/schemas/DigitalTilt' + - type: object + properties: + Beam: + $ref: '#/components/schemas/Beam-Multiple' + Beam-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - type: object + properties: + beamIndex: + type: integer + beamType: + type: string + enum: + - SSB-BEAM + beamAzimuth: + type: integer + minimum: -1800 + maximum: 1800 + beamTilt: + type: integer + minimum: -900 + maximum: 900 + beamHorizWidth: + type: integer + minimum: 0 + maximum: 3599 + beamVertWidth: + type: integer + minimum: 0 + maximum: 1800 + RRMPolicyRatio-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: '#/components/schemas/RrmPolicy_-Attr' + - type: object + properties: + rRMPolicyMaxRatio: + type: integer + rRMPolicyMinRatio: + type: integer + rRMPolicyDedicatedRatio: + type: integer + + NRCellRelation-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + type: object + properties: + nRTCI: + type: integer + cellIndividualOffset: + $ref: '#/components/schemas/CellIndividualOffset' + adjacentNRCellRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + nRFrequencyRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + isRemoveAllowed: + type: boolean + isHOAllowed: + type: boolean + isESCoveredBy: + $ref: '#/components/schemas/IsESCoveredBy' + isENDCAllowed: + type: boolean + EUtranCellRelation-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + adjacentEUtranCellRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + NRFreqRelation-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + type: object + properties: + offsetMO: + $ref: '#/components/schemas/QOffsetRangeList' + blackListEntry: + type: array + items: + type: integer + minimum: 0 + maximum: 1007 + blackListEntryIdleMode: + type: integer + cellReselectionPriority: + type: integer + cellReselectionSubPriority: + type: number + minimum: 0.2 + maximum: 0.8 + multipleOf: 0.2 + pMax: + type: integer + minimum: -30 + maximum: 33 + qOffsetFreq: + $ref: '#/components/schemas/QOffsetFreq' + qQualMin: + type: number + qRxLevMin: + type: integer + minimum: -140 + maximum: -44 + threshXHighP: + type: integer + minimum: 0 + maximum: 62 + threshXHighQ: + type: integer + minimum: 0 + maximum: 31 + threshXLowP: + type: integer + minimum: 0 + maximum: 62 + threshXLowQ: + type: integer + minimum: 0 + maximum: 31 + tReselectionNr: + type: integer + minimum: 0 + maximum: 7 + tReselectionNRSfHigh: + $ref: '#/components/schemas/TReselectionNRSf' + tReselectionNRSfMedium: + $ref: '#/components/schemas/TReselectionNRSf' + nRFrequencyRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + EUtranFreqRelation-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + type: object + properties: + cellIndividualOffset: + $ref: '#/components/schemas/CellIndividualOffset' + blackListEntry: + type: array + items: + type: integer + minimum: 0 + maximum: 1007 + blackListEntryIdleMode: + type: integer + cellReselectionPriority: + type: integer + cellReselectionSubPriority: + type: number + minimum: 0.2 + maximum: 0.8 + multipleOf: 0.2 + pMax: + type: integer + minimum: -30 + maximum: 33 + qOffsetFreq: + $ref: '#/components/schemas/QOffsetFreq' + qQualMin: + type: number + qRxLevMin: + type: integer + minimum: -140 + maximum: -44 + threshXHighP: + type: integer + minimum: 0 + maximum: 62 + threshXHighQ: + type: integer + minimum: 0 + maximum: 31 + threshXLowP: + type: integer + minimum: 0 + maximum: 62 + threshXLowQ: + type: integer + minimum: 0 + maximum: 31 + tReselectionEutran: + type: integer + minimum: 0 + maximum: 7 + tReselectionNRSfHigh: + $ref: '#/components/schemas/TReselectionNRSf' + tReselectionNRSfMedium: + $ref: '#/components/schemas/TReselectionNRSf' + eUTranFrequencyRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + DANRManagementFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + type: object + properties: + intrasystemANRManagementSwitch: + type: boolean + intersystemANRManagementSwitch: + type: boolean + + DESManagementFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + type: object + properties: + desSwitch: + type: boolean + intraRatEsActivationOriginalCellLoadParameters: + $ref: "#/components/schemas/IntraRatEsActivationOriginalCellLoadParameters" + intraRatEsActivationCandidateCellsLoadParameters: + $ref: "#/components/schemas/IntraRatEsActivationCandidateCellsLoadParameters" + intraRatEsDeactivationCandidateCellsLoadParameters: + $ref: "#/components/schemas/IntraRatEsDeactivationCandidateCellsLoadParameters" + esNotAllowedTimePeriod: + $ref: "#/components/schemas/EsNotAllowedTimePeriod" + interRatEsActivationOriginalCellParameters: + $ref: "#/components/schemas/IntraRatEsActivationOriginalCellLoadParameters" + interRatEsActivationCandidateCellParameters: + $ref: "#/components/schemas/IntraRatEsActivationOriginalCellLoadParameters" + interRatEsDeactivationCandidateCellParameters: + $ref: "#/components/schemas/IntraRatEsActivationOriginalCellLoadParameters" + isProbingCapable: + type: string + enum: + - yes + - no + energySavingState: + type: string + enum: + - isNotEnergySaving + - isEnergySaving + + DRACHOptimizationFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + type: object + properties: + drachOptimizationControl: + type: boolean + ueAccProbilityDist: + $ref: "#/components/schemas/UeAccProbilityDist" + ueAccDelayProbilityDist: + $ref: "#/components/schemas/UeAccDelayProbilityDist" + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + + DMROFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + type: object + properties: + dmroControl: + type: boolean + maximumDeviationHoTrigger: + $ref: '#/components/schemas/MaximumDeviationHoTrigger' + minimumTimeBetweenHoTriggerChange: + $ref: '#/components/schemas/MinimumTimeBetweenHoTriggerChange' + tstoreUEcntxt: + $ref: '#/components/schemas/TstoreUEcntxt' + + DPCIConfigurationFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + type: object + properties: + dPciConfigurationControl: + type: boolean + nRPciList: + $ref: "#/components/schemas/NRPciList" + + CPCIConfigurationFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + type: object + properties: + cPciConfigurationControl: + type: boolean + cSonPciList: + $ref: "#/components/schemas/CSonPciList" + + CESManagementFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + type: object + properties: + cesSwitch: + type: boolean + energySavingControl: + type: string + enum: + - toBeEnergySaving + - toBeNotEnergySaving + energySavingState: + type: string + enum: + - isNotEnergySaving + - isEnergySaving + + RimRSGlobal-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + type: object + properties: + frequencyDomainPara: + $ref: '#/components/schemas/FrequencyDomainPara' + sequenceDomainPara: + $ref: '#/components/schemas/SequenceDomainPara' + timeDomainPara: + $ref: '#/components/schemas/TimeDomainPara' + RimRSSet: + $ref: '#/components/schemas/RimRSSet-Multiple' + + RimRSSet-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + type: object + properties: + setId: + $ref: '#/components/schemas/RSSetId' + setType: + $ref: '#/components/schemas/RSSetType' + rimRSMonitoringStartTime: + type: string + rimRSMonitoringStopTime: + type: string + rimRSMonitoringWindowDuration: + type: integer + rimRSMonitoringWindowStartingOffset: + type: integer + rimRSMonitoringWindowPeriodicity: + type: integer + rimRSMonitoringOccasionInterval: + type: integer + rimRSMonitoringOccasionStartingOffset: + type: integer + nRCellDURefs: + $ref: 'comDefs.yaml#/components/schemas/DnList' + + ExternalGnbDuFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + gnbId: + $ref: '#/components/schemas/GnbId' + gnbIdLength: + $ref: '#/components/schemas/GnbIdLength' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + EP_F1C: + $ref: '#/components/schemas/EP_F1C-Multiple' + EP_F1U: + $ref: '#/components/schemas/EP_F1U-Multiple' + ExternalGnbCuUpFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + gnbId: + $ref: '#/components/schemas/GnbId' + gnbIdLength: + $ref: '#/components/schemas/GnbIdLength' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + EP_E1: + $ref: '#/components/schemas/EP_E1-Multiple' + EP_F1U: + $ref: '#/components/schemas/EP_F1U-Multiple' + EP_XnU: + $ref: '#/components/schemas/EP_XnU-Multiple' + ExternalGnbCuCpFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: >- + genericNrm.yaml#/components/schemas/ManagedFunction-Attr + - type: object + properties: + gnbId: + $ref: '#/components/schemas/GnbId' + gnbIdLength: + $ref: '#/components/schemas/GnbIdLength' + plmnId: + $ref: '#/components/schemas/PlmnId' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + ExternalNrCellCu: + $ref: '#/components/schemas/ExternalNrCellCu-Multiple' + EP_XnC: + $ref: '#/components/schemas/EP_XnC-Multiple' + EP_E1: + $ref: '#/components/schemas/EP_E1-Multiple' + EP_F1C: + $ref: '#/components/schemas/EP_F1C-Multiple' + ExternalNrCellCu-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + cellLocalId: + type: integer + nrPci: + $ref: '#/components/schemas/NrPci' + plmnIdList: + $ref: '#/components/schemas/PlmnIdList' + nRFrequencyRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + ExternalENBFunction-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + eNBId: + type: integer + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + - type: object + properties: + ExternalEUTranCell: + $ref: '#/components/schemas/ExternalEUTranCell-Multiple' + ExternalEUTranCell-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-Attr' + - type: object + properties: + EUtranFrequencyRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + - $ref: 'genericNrm.yaml#/components/schemas/ManagedFunction-ncO' + + EP_XnC-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: '#/components/schemas/LocalAddress' + remoteAddress: + $ref: '#/components/schemas/RemoteAddress' + EP_E1-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: '#/components/schemas/LocalAddress' + remoteAddress: + $ref: '#/components/schemas/RemoteAddress' + EP_F1C-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: '#/components/schemas/LocalAddress' + remoteAddress: + $ref: '#/components/schemas/RemoteAddress' + EP_NgC-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: '#/components/schemas/LocalAddress' + remoteAddress: + $ref: '#/components/schemas/RemoteAddress' + EP_X2C-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: '#/components/schemas/LocalAddress' + remoteAddress: + $ref: '#/components/schemas/RemoteAddress' + EP_XnU-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: '#/components/schemas/LocalAddress' + remoteAddress: + $ref: '#/components/schemas/RemoteAddress' + EP_F1U-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: '#/components/schemas/LocalAddress' + remoteAddress: + $ref: '#/components/schemas/RemoteAddress' + EP_NgU-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: '#/components/schemas/LocalAddress' + remoteAddress: + $ref: '#/components/schemas/RemoteAddress' + epTransportRefs: + $ref: 'comDefs.yaml#/components/schemas/DnList' + + EP_X2U-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: '#/components/schemas/LocalAddress' + remoteAddress: + $ref: '#/components/schemas/RemoteAddress' + EP_S1U-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/EP_RP-Attr' + - type: object + properties: + localAddress: + $ref: '#/components/schemas/LocalAddress' + remoteAddress: + $ref: '#/components/schemas/RemoteAddress' + +#-------- Definition of JSON arrays for name-contained IOCs ---------------------- + + SubNetwork-Multiple: + type: array + items: + $ref: '#/components/schemas/SubNetwork-Single' + ManagedElement-Multiple: + type: array + items: + $ref: '#/components/schemas/ManagedElement-Single' + GnbDuFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/GnbDuFunction-Single' + GnbCuUpFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/GnbCuUpFunction-Single' + GnbCuCpFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/GnbCuCpFunction-Single' + + NrCellDu-Multiple: + type: array + items: + $ref: '#/components/schemas/NrCellDu-Single' + NrCellCu-Multiple: + type: array + items: + $ref: '#/components/schemas/NrCellCu-Single' + + NRFrequency-Multiple: + type: array + minItems: 1 + items: + $ref: '#/components/schemas/NRFrequency-Single' + EUtranFrequency-Multiple: + type: array + minItems: 1 + items: + $ref: '#/components/schemas/EUtranFrequency-Single' + + NrSectorCarrier-Multiple: + type: array + items: + $ref: '#/components/schemas/NrSectorCarrier-Single' + Bwp-Multiple: + type: array + items: + $ref: '#/components/schemas/Bwp-Single' + Beam-Multiple: + type: array + items: + $ref: '#/components/schemas/Beam-Single' + RRMPolicyRatio-Multiple: + type: array + items: + $ref: '#/components/schemas/RRMPolicyRatio-Single' + + NRCellRelation-Multiple: + type: array + items: + $ref: '#/components/schemas/NRCellRelation-Single' + EUtranCellRelation-Multiple: + type: array + items: + $ref: '#/components/schemas/EUtranCellRelation-Single' + NRFreqRelation-Multiple: + type: array + items: + $ref: '#/components/schemas/NRFreqRelation-Single' + EUtranFreqRelation-Multiple: + type: array + items: + $ref: '#/components/schemas/EUtranFreqRelation-Single' + + RimRSSet-Multiple: + type: array + items: + $ref: '#/components/schemas/RimRSSet-Single' + + ExternalGnbDuFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/ExternalGnbDuFunction-Single' + ExternalGnbCuUpFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/ExternalGnbCuUpFunction-Single' + ExternalGnbCuCpFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/ExternalGnbCuCpFunction-Single' + ExternalNrCellCu-Multiple: + type: array + items: + $ref: '#/components/schemas/ExternalNrCellCu-Single' + + ExternalENBFunction-Multiple: + type: array + items: + $ref: '#/components/schemas/ExternalENBFunction-Single' + ExternalEUTranCell-Multiple: + type: array + items: + $ref: '#/components/schemas/ExternalEUTranCell-Single' + + EP_E1-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_E1-Single' + EP_XnC-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_XnC-Single' + EP_F1C-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_F1C-Single' + EP_NgC-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_NgC-Single' + EP_X2C-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_X2C-Single' + EP_XnU-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_XnU-Single' + EP_F1U-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_F1U-Single' + EP_NgU-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_NgU-Single' + EP_X2U-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_X2U-Single' + EP_S1U-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_S1U-Single' + +#-------- Definitions in TS 28.541 for TS 28.532 --------------------------------- + + resources-nrNrm: + oneOf: + - $ref: '#/components/schemas/SubNetwork-Single' + - $ref: '#/components/schemas/ManagedElement-Single' + + - $ref: '#/components/schemas/GnbDuFunction-Single' + - $ref: '#/components/schemas/GnbCuUpFunction-Single' + - $ref: '#/components/schemas/GnbCuCpFunction-Single' + + - $ref: '#/components/schemas/NrCellCu-Single' + - $ref: '#/components/schemas/NrCellDu-Single' + + - $ref: '#/components/schemas/NRFrequency-Single' + - $ref: '#/components/schemas/EUtranFrequency-Single' + + - $ref: '#/components/schemas/NrSectorCarrier-Single' + - $ref: '#/components/schemas/Bwp-Single' + - $ref: '#/components/schemas/CommonBeamformingFunction-Single' + - $ref: '#/components/schemas/Beam-Single' + - $ref: '#/components/schemas/RRMPolicyRatio-Single' + + - $ref: '#/components/schemas/NRCellRelation-Single' + - $ref: '#/components/schemas/EUtranCellRelation-Single' + - $ref: '#/components/schemas/NRFreqRelation-Single' + - $ref: '#/components/schemas/EUtranFreqRelation-Single' + + - $ref: '#/components/schemas/DANRManagementFunction-Single' + - $ref: '#/components/schemas/DESManagementFunction-Single' + - $ref: '#/components/schemas/DRACHOptimizationFunction-Single' + - $ref: '#/components/schemas/DMROFunction-Single' + - $ref: '#/components/schemas/DPCIConfigurationFunction-Single' + - $ref: '#/components/schemas/CPCIConfigurationFunction-Single' + - $ref: '#/components/schemas/CESManagementFunction-Single' + + - $ref: '#/components/schemas/RimRSGlobal-Single' + - $ref: '#/components/schemas/RimRSSet-Single' + + - $ref: '#/components/schemas/ExternalGnbDuFunction-Single' + - $ref: '#/components/schemas/ExternalGnbCuUpFunction-Single' + - $ref: '#/components/schemas/ExternalGnbCuCpFunction-Single' + - $ref: '#/components/schemas/ExternalNrCellCu-Single' + - $ref: '#/components/schemas/ExternalENBFunction-Single' + - $ref: '#/components/schemas/ExternalEUTranCell-Single' + + - $ref: '#/components/schemas/EP_XnC-Single' + - $ref: '#/components/schemas/EP_E1-Single' + - $ref: '#/components/schemas/EP_F1C-Single' + - $ref: '#/components/schemas/EP_NgC-Single' + - $ref: '#/components/schemas/EP_X2C-Single' + - $ref: '#/components/schemas/EP_XnU-Single' + - $ref: '#/components/schemas/EP_F1U-Single' + - $ref: '#/components/schemas/EP_NgU-Single' + - $ref: '#/components/schemas/EP_X2U-Single' + - $ref: '#/components/schemas/EP_S1U-Single' + diff --git a/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/perfMnS.yaml b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/perfMnS.yaml new file mode 100644 index 0000000000..1fd64a7d22 --- /dev/null +++ b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/perfMnS.yaml @@ -0,0 +1,76 @@ +openapi: 3.0.1 +info: + title: TS 28.532 Performance Threshold Monitoring MnS + version: 16.6.0 + description: >- + OAS 3.0.1 definition of the Performance Threshold Monitoring MnS + © 2020, 3GPP Organizational Partners (ARIB, ATIS, CCSA, ETSI, TSDSI, TTA, TTC). + All rights reserved. +externalDocs: + description: 3GPP TS 28.532 V16.6.0; Generic management services + url: http://www.3gpp.org/ftp/Specs/archive/28_series/28.532/ +servers: + - url: '{root}' + variables: + root: + description: >- + The open API server of the performance threshold monitoring service is + located in the consumer side, see monitoringNotifTarget attribute of + the IOC ThresholdMonitor defined in 3GPP TS 28.622 [11]. + default: http://example.com/3GPPManagement +paths: + /notificationSink: + post: + summary: Send notifications about performance threshold crossing + description: To send a notifyThresholdCrossing notification + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/NotifyThresholdCrossing' + responses: + '204': + description: >- + Success case ("204 No Content"). The notification is successfully + delivered. The response message body is absent. + default: + description: Error case. + content: + application/json: + schema: + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' +components: + schemas: + PerfNotificationTypes: + type: string + enum: + - notifyThresholdCrossing + PerfMetricValue: + oneOf: + - type: integer + - $ref: 'comDefs.yaml#/components/schemas/Float' + PerfMetricDirection: + type: string + enum: + - UP + - DOWN + NotifyThresholdCrossing: + allOf: + - $ref: 'comDefs.yaml#/components/schemas/NotificationHeader' + - type: object + properties: + observedPerfMetricName: + type: string + observedPerfMetricValue: + $ref: '#/components/schemas/PerfMetricValue' + observedPerfMetricDirection: + $ref: '#/components/schemas/PerfMetricDirection' + thresholdValue: + $ref: '#/components/schemas/PerfMetricValue' + hysteresis: + $ref: '#/components/schemas/PerfMetricValue' + monitorGranularityPeriod: + type: integer + additionalText: + type: string diff --git a/kubernetes/dcaegen2/resources/external/schema/rel16/provMnS.yaml b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/provMnS.yaml index b2f84a4d2a..1dd467e16a 100644 --- a/kubernetes/dcaegen2/resources/external/schema/rel16/provMnS.yaml +++ b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/provMnS.yaml @@ -1,25 +1,25 @@ openapi: 3.0.1 info: title: Provisioning MnS - version: 16.4.0 + version: 16.5.0 description: >- OAS 3.0.1 definition of the Provisioning MnS © 2020, 3GPP Organizational Partners (ARIB, ATIS, CCSA, ETSI, TSDSI, TTA, TTC). All rights reserved. externalDocs: - description: 3GPP TS 28.532 V16.4.0; Generic management services + description: 3GPP TS 28.532; Generic management services url: http://www.3gpp.org/ftp/Specs/archive/28_series/28.532/ servers: - - url: 'http://{URI-DN-prefix}/{root}/ProvMnS/v1640/{LDN-first-part}' + - url: '{MnSRoot}/ProvMnS/{MnSVersion}/{URI-LDN-first-part}' variables: - URI-DN-prefix: - description: See subclause 4.4 of TS 32.158 - default: example.com - root: - description: See subclause 4.4 of TS 32.158 - default: 3GPPManagement - LDN-first-part: - description: See subclause 4.4 of TS 32.158 + MnSRoot: + description: See clause 4.4.2 of TS 32.158 + default: http://example.com/3GPPManagement + MnSVersion: + description: Version number of the OpenAPI definition + default: XXX + URI-LDN-first-part: + description: See clause 4.4.2 of TS 32.158 default: '' paths: '/{className}={id}': @@ -28,12 +28,12 @@ paths: in: path required: true schema: - $ref: '#/components/schemas/className-PathType' + type: string - name: id in: path required: true schema: - $ref: '#/components/schemas/id-PathType' + type: string put: summary: Replaces a complete single resource or creates it if it does not exist description: >- @@ -44,7 +44,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/resourcePut-RequestType' + $ref: '#/components/schemas/Resource' responses: '200': description: >- @@ -60,7 +60,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/resourceUpdate-ResponseType' + $ref: '#/components/schemas/Resource' '201': description: >- Success case ("201 Created"). @@ -70,7 +70,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/resourceCreation-ResponseType' + $ref: '#/components/schemas/Resource' '204': description: >- Success case ("204 No Content"). @@ -82,7 +82,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/error-ResponseType' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' callbacks: notifyMOICreation: '{request.body#/notificationRecipientAddress}': @@ -92,7 +92,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/notifyMOICreation-NotifType' + $ref: '#/components/schemas/NotifyMoiCreation' responses: '204': description: >- @@ -104,7 +104,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/error-ResponseType' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' notifyMOIDeletion: '{request.body#/notificationRecipientAddress}': post: @@ -113,7 +113,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/notifyMOIDeletion-NotifType' + $ref: '#/components/schemas/NotifyMoiDeletion' responses: '204': description: >- @@ -125,8 +125,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/error-ResponseType' - notifyMOIAttributeValueChange: + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' + notifyMOIAttributeValueChanges: '{request.body#/notificationRecipientAddress}': post: requestBody: @@ -134,7 +134,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/notifyMOIAttributeValueChange-NotifType' + $ref: '#/components/schemas/NotifyMoiAttributeValueChanges' responses: '204': description: >- @@ -146,7 +146,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/error-ResponseType' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' notifyMOIChanges: '{request.body#/notificationRecipientAddress}': post: @@ -155,7 +155,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/notifyMOIChanges-NotifType' + $ref: '#/components/schemas/NotifyMoiChanges' responses: '204': description: >- @@ -167,7 +167,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/error-ResponseType' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' get: summary: Reads one or multiple resources description: >- @@ -183,7 +183,7 @@ paths: mechanism is specified in the present document. required: false schema: - $ref: '#/components/schemas/scope-QueryType' + $ref: '#/components/schemas/Scope' style: form explode: true - name: filter @@ -196,7 +196,7 @@ paths: document. required: false schema: - $ref: '#/components/schemas/filter-QueryType' + $ref: 'comDefs.yaml#/components/schemas/Filter' - name: attributes in: query description: >- @@ -204,7 +204,9 @@ paths: are returned. required: true schema: - $ref: '#/components/schemas/attributes-QueryType' + type: array + items: + type: string style: form explode: false - name: fields @@ -214,7 +216,9 @@ paths: that are returned. required: false schema: - $ref: '#/components/schemas/fields-QueryType' + type: array + items: + type: string style: form explode: false responses: @@ -229,13 +233,13 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/resourceRetrieval-ResponseType' + $ref: '#/components/schemas/Resource' default: description: Error case. content: application/json: schema: - $ref: '#/components/schemas/error-ResponseType' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' patch: summary: Patches one or multiple resources description: >- @@ -254,16 +258,20 @@ paths: content: application/merge-patch+json: schema: - $ref: '#/components/schemas/jsonMergePatch-RequestType' + $ref: '#/components/schemas/Resource' application/3gpp-merge-patch+json: schema: - $ref: '#/components/schemas/3gppJsonMergePatch-RequestType' + $ref: '#/components/schemas/Resource' application/json-patch+json: schema: - $ref: '#/components/schemas/jsonPatch-RequestType' + type: array + items: + type: object application/3gpp-json-patch+json: schema: - $ref: '#/components/schemas/3gppJsonPatch-RequestType' + type: array + items: + type: object responses: '200': description: >- @@ -276,7 +284,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/resourceUpdate-ResponseType' + $ref: '#/components/schemas/Resource' '204': description: >- Success case ("204 No Content"). @@ -288,7 +296,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/error-ResponseType' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' delete: summary: Deletes one or multiple resources description: >- @@ -303,7 +311,9 @@ paths: mechanism is specified in the present document. required: false schema: - $ref: '#/components/schemas/scope-QueryType' + $ref: '#/components/schemas/Scope' + style: form + explode: true - name: filter in: query description: >- @@ -314,7 +324,7 @@ paths: document. required: false schema: - $ref: '#/components/schemas/filter-QueryType' + $ref: 'comDefs.yaml#/components/schemas/Filter' responses: '200': description: >- @@ -331,136 +341,66 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/resourceDeletion-ResponseType' + type: array + items: + $ref: 'comDefs.yaml#/components/schemas/Uri' default: description: Error case. content: application/json: schema: - $ref: '#/components/schemas/error-ResponseType' + $ref: 'comDefs.yaml#/components/schemas/ErrorResponse' components: schemas: - dateTime-Type: - type: string - format: date-time - long-Type: - type: integer - format: int64 - uri-Type: - type: string - correlatedNotification-Type: + CorrelatedNotification: type: object properties: source: - $ref: '#/components/schemas/uri-Type' + $ref: 'comDefs.yaml#/components/schemas/Dn' notificationIds: type: array items: - $ref: '#/components/schemas/notificationId-Type' - notificationId-Type: - $ref: '#/components/schemas/long-Type' - notificationType-Type: + $ref: 'comDefs.yaml#/components/schemas/NotificationId' + required: + - source + - notificationIds + CmNotificationTypes: type: string enum: - notifyMOICreation - notifyMOIDeletion - - notifyMOIAttributeValueChange - systemDN-Type: + - notifyMOIAttributeValueChanges + - notifyMOIChanges + SourceIndicator: type: string - additionalText-Type: - type: string - sourceIndicator-Type: + enum: + - RESOURCE_OPERATION + - MANAGEMENT_OPERATION + - SON_OPERATION + - UNKNOWN + Operation: type: string enum: - - resourceOperation - - mangementOperation - - sONOperation - - unknown - header-Type: - type: object - properties: - href: - $ref: '#/components/schemas/uri-Type' - notificationId: - $ref: '#/components/schemas/notificationId-Type' - notificationType: - $ref: '#/components/schemas/notificationType-Type' - eventTime: - $ref: '#/components/schemas/dateTime-Type' - systemDN: - $ref: '#/components/schemas/systemDN-Type' - required: - - href - - notificationId - - notificationType - - eventTime - - systemDN - scopeType-Type: + - CREATE + - DELETE + - REPLACE + ScopeType: type: string enum: - BASE_ONLY - BASE_NTH_LEVEL - BASE_SUBTREE - BASE_ALL - scopeLevel-Type: - type: integer - className-PathType: - type: string - id-PathType: - type: string - attributes-QueryType: - type: array - items: - type: string - fields-QueryType: - type: array - items: - type: string - filter-QueryType: - type: string - scope-QueryType: + Scope: type: object properties: scopeType: - $ref: '#/components/schemas/scopeType-Type' + $ref: '#/components/schemas/ScopeType' scopeLevel: - $ref: '#/components/schemas/scopeLevel-Type' + type: integer - resourcePut-RequestType: - $ref: '#/components/schemas/resourceRepresentation-Type' - jsonMergePatch-RequestType: - $ref: '#/components/schemas/resourceRepresentation-Type' - 3gppJsonMergePatch-RequestType: - $ref: '#/components/schemas/resourceRepresentation-Type' - jsonPatch-RequestType: - type: array - items: - type: object - 3gppJsonPatch-RequestType: - type: array - items: - type: object - error-ResponseType: - type: object - properties: - error: - type: object - properties: - errorInfo: - type: string - resourceRetrieval-ResponseType: - $ref: '#/components/schemas/resourceRepresentation-Type' - resourceCreation-ResponseType: - $ref: '#/components/schemas/resourceRepresentation-Type' - resourceUpdate-ResponseType: - $ref: '#/components/schemas/resourceRepresentation-Type' - resourceDeletion-ResponseType: - type: array - items: - $ref: '#/components/schemas/uri-Type' - - resourceRepresentation-Type: + Resource: oneOf: - type: object properties: @@ -478,102 +418,83 @@ components: - $ref: '5gcNrm.yaml#/components/schemas/resources-5gcNrm' - $ref: 'sliceNrm.yaml#/components/schemas/resources-sliceNrm' - mOIChange-Type: + MoiChange: type: object properties: notificationId: - $ref: '#/components/schemas/notificationId-Type' + $ref: 'comDefs.yaml#/components/schemas/NotificationId' correlatedNotifications: type: array items: - $ref: '#/components/schemas/correlatedNotification-Type' + $ref: '#/components/schemas/CorrelatedNotification' additionalText: - $ref: '#/components/schemas/additionalText-Type' + type: string sourceIndicator: - $ref: '#/components/schemas/sourceIndicator-Type' + $ref: '#/components/schemas/SourceIndicator' path: - $ref: '#/components/schemas/uri-Type' + $ref: 'comDefs.yaml#/components/schemas/Uri' operation: - type: string - enum: - - CREATE - - DELETE - - REPLACE + $ref: '#/components/schemas/Operation' value: oneOf: - - type: object - additionalProperties: - nullable: true - - type: array - items: - type: object - minItems: 1 - maxItems: 2 + - $ref: 'comDefs.yaml#/components/schemas/AttributeNameValuePairSet' + - $ref: 'comDefs.yaml#/components/schemas/AttributeValueChangeSet' - notifyMOICreation-NotifType: + NotifyMoiCreation: allOf: - - $ref: '#/components/schemas/header-Type' + - $ref: 'comDefs.yaml#/components/schemas/NotificationHeader' - type: object properties: correlatedNotifications: type: array items: - $ref: '#/components/schemas/correlatedNotification-Type' + $ref: '#/components/schemas/CorrelatedNotification' additionalText: - $ref: '#/components/schemas/additionalText-Type' + type: string sourceIndicator: - $ref: '#/components/schemas/sourceIndicator-Type' + $ref: '#/components/schemas/SourceIndicator' attributeList: - type: object - additionalProperties: - nullable: true - notifyMOIDeletion-NotifType: + $ref: 'comDefs.yaml#/components/schemas/AttributeNameValuePairSet' + NotifyMoiDeletion: allOf: - - $ref: '#/components/schemas/header-Type' + - $ref: 'comDefs.yaml#/components/schemas/NotificationHeader' - type: object properties: correlatedNotifications: type: array items: - $ref: '#/components/schemas/correlatedNotification-Type' + $ref: '#/components/schemas/CorrelatedNotification' additionalText: - $ref: '#/components/schemas/additionalText-Type' + type: string sourceIndicator: - $ref: '#/components/schemas/sourceIndicator-Type' + $ref: '#/components/schemas/SourceIndicator' attributeList: - type: object - additionalProperties: true - notifyMOIAttributeValueChange-NotifType: + $ref: 'comDefs.yaml#/components/schemas/AttributeNameValuePairSet' + NotifyMoiAttributeValueChanges: allOf: - - $ref: '#/components/schemas/header-Type' + - $ref: 'comDefs.yaml#/components/schemas/NotificationHeader' - type: object properties: correlatedNotifications: type: array items: - $ref: '#/components/schemas/correlatedNotification-Type' + $ref: '#/components/schemas/CorrelatedNotification' additionalText: - $ref: '#/components/schemas/additionalText-Type' + type: string sourceIndicator: - $ref: '#/components/schemas/sourceIndicator-Type' - attributeValueChange: - type: object - additionalProperties: - type: array - minItems: 1 - maxItems: 2 - items: - nullable: true + $ref: '#/components/schemas/SourceIndicator' + attributeListValueChanges: + $ref: 'comDefs.yaml#/components/schemas/AttributeValueChangeSet' required: - - attributeValueChange - notifyMOIChanges-NotifType: + - attributeListValueChanges + NotifyMoiChanges: allOf: - - $ref: '#/components/schemas/header-Type' + - $ref: 'comDefs.yaml#/components/schemas/NotificationHeader' - type: object properties: - mOIChanges: + moiChanges: type: array items: - $ref: '#/components/schemas/mOIChange-Type' + $ref: '#/components/schemas/MoiChange' required: - - mOIChanges + - moiChanges diff --git a/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/sliceNrm.yaml b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/sliceNrm.yaml new file mode 100644 index 0000000000..1fa8d70ff3 --- /dev/null +++ b/kubernetes/dcaegen2-services/resources/external/schemas/sa91-rel16/sliceNrm.yaml @@ -0,0 +1,418 @@ +openapi: 3.0.1 +info: + title: Slice NRM + version: 16.8.0 + description: >- + OAS 3.0.1 specification of the Slice NRM + @ 2020, 3GPP Organizational Partners (ARIB, ATIS, CCSA, ETSI, TSDSI, TTA, TTC). + All rights reserved. +externalDocs: + description: 3GPP TS 28.541 V16.4.0; 5G NRM, Slice NRM + url: http://www.3gpp.org/ftp/Specs/archive/28_series/28.541/ +paths: {} +components: + schemas: + +#------------ Type definitions --------------------------------------------------- + + Float: + type: number + format: float + MobilityLevel: + type: string + enum: + - STATIONARY + - NOMADIC + - RESTRICTED MOBILITY + - FULLY MOBILITY + SharingLevel: + type: string + enum: + - SHARED + - NON-SHARED + NetworkSliceSharingIndicator: + type: string + enum: + - SHARED + - NON-SHARED + PerfReqEmbb: + type: object + properties: + expDataRateDL: + type: number + expDataRateUL: + type: number + areaTrafficCapDL: + type: number + areaTrafficCapUL: + type: number + userDensity: + type: number + activityFactor: + type: number + PerfReqEmbbList: + type: array + items: + $ref: '#/components/schemas/PerfReqEmbb' + PerfReqUrllc: + type: object + properties: + cSAvailabilityTarget: + type: number + cSReliabilityMeanTime: + type: string + expDataRate: + type: number + msgSizeByte: + type: string + transferIntervalTarget: + type: string + survivalTime: + type: string + PerfReqUrllcList: + type: array + items: + $ref: '#/components/schemas/PerfReqUrllc' + PerfReq: + oneOf: + - $ref: '#/components/schemas/PerfReqEmbbList' + - $ref: '#/components/schemas/PerfReqUrllcList' + Category: + type: string + enum: + - CHARACTER + - SCALABILITY + Tagging: + type: array + items: + type: string + enum: + - PERFORMANCE + - FUNCTION + - OPERATION + + + Exposure: + type: string + enum: + - API + - KPI + ServAttrCom: + type: object + properties: + category: + $ref: '#/components/schemas/Category' + tagging: + $ref: '#/components/schemas/Tagging' + exposure: + $ref: '#/components/schemas/Exposure' + Support: + type: string + enum: + - NOT SUPPORTED + - SUPPORTED + DelayTolerance: + type: object + properties: + servAttrCom: + $ref: '#/components/schemas/ServAttrCom' + support: + $ref: '#/components/schemas/Support' + DeterministicComm: + type: object + properties: + servAttrCom: + $ref: '#/components/schemas/ServAttrCom' + availability: + $ref: '#/components/schemas/Support' + periodicityList: + type: string + DLThptPerSlice: + type: object + properties: + servAttrCom: + $ref: '#/components/schemas/ServAttrCom' + guaThpt: + $ref: '#/components/schemas/Float' + maxThpt: + $ref: '#/components/schemas/Float' + DLThptPerUE: + type: object + properties: + servAttrCom: + $ref: '#/components/schemas/ServAttrCom' + guaThpt: + $ref: '#/components/schemas/Float' + maxThpt: + $ref: '#/components/schemas/Float' + ULThptPerSlice: + type: object + properties: + servAttrCom: + $ref: '#/components/schemas/ServAttrCom' + guaThpt: + $ref: '#/components/schemas/Float' + maxThpt: + $ref: '#/components/schemas/Float' + ULThptPerUE: + type: object + properties: + servAttrCom: + $ref: '#/components/schemas/ServAttrCom' + guaThpt: + $ref: '#/components/schemas/Float' + maxThpt: + $ref: '#/components/schemas/Float' + MaxPktSize: + type: object + properties: + servAttrCom: + $ref: '#/components/schemas/ServAttrCom' + maxsize: + type: integer + MaxNumberofConns: + type: object + properties: + servAttrCom: + $ref: '#/components/schemas/ServAttrCom' + nOofConn: + type: integer + KPIMonitoring: + type: object + properties: + servAttrCom: + $ref: '#/components/schemas/ServAttrCom' + kPIList: + type: string + UserMgmtOpen: + type: object + properties: + servAttrCom: + $ref: '#/components/schemas/ServAttrCom' + support: + $ref: '#/components/schemas/Support' + V2XCommModels: + type: object + properties: + servAttrCom: + $ref: '#/components/schemas/ServAttrCom' + v2XMode: + $ref: '#/components/schemas/Support' + TermDensity: + type: object + properties: + servAttrCom: + $ref: '#/components/schemas/ServAttrCom' + density: + type: integer + NsInfo: + type: object + properties: + nsInstanceId: + type: string + nsName: + type: string + ServiceProfile: + type: object + properties: + serviceProfileId: + type: string + plmnInfoList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnInfoList' + maxNumberofUEs: + type: number + latency: + type: number + uEMobilityLevel: + $ref: '#/components/schemas/MobilityLevel' + sst: + $ref: 'nrNrm.yaml#/components/schemas/Sst' + networkSliceSharingIndicator: + $ref: '#/components/schemas/NetworkSliceSharingIndicator' + availability: + type: number + delayTolerance: + $ref: '#/components/schemas/DelayTolerance' + deterministicComm: + $ref: '#/components/schemas/DeterministicComm' + dLThptPerSlice: + $ref: '#/components/schemas/DLThptPerSlice' + dLThptPerUE: + $ref: '#/components/schemas/DLThptPerUE' + uLThptPerSlice: + $ref: '#/components/schemas/ULThptPerSlice' + uLThptPerUE: + $ref: '#/components/schemas/ULThptPerUE' + maxPktSize: + $ref: '#/components/schemas/MaxPktSize' + maxNumberofConns: + $ref: '#/components/schemas/MaxNumberofConns' + kPIMonitoring: + $ref: '#/components/schemas/KPIMonitoring' + userMgmtOpen: + $ref: '#/components/schemas/UserMgmtOpen' + v2XModels: + $ref: '#/components/schemas/V2XCommModels' + coverageArea: + type: string + termDensity: + $ref: '#/components/schemas/TermDensity' + activityFactor: + $ref: '#/components/schemas/Float' + uESpeed: + type: integer + jitter: + type: integer + survivalTime: + type: string + reliability: + type: string + SliceProfile: + type: object + properties: + sliceProfileId: + type: string + + plmnInfoList: + $ref: 'nrNrm.yaml#/components/schemas/PlmnInfoList' + perfReq: + $ref: '#/components/schemas/PerfReq' + maxNumberofUEs: + type: number + coverageAreaTAList: + $ref: '5gcNrm.yaml#/components/schemas/TACList' + latency: + type: number + uEMobilityLevel: + $ref: '#/components/schemas/MobilityLevel' + resourceSharingLevel: + $ref: '#/components/schemas/SharingLevel' + + IpAddress: + oneOf: + - $ref: 'genericNrm.yaml#/components/schemas/Ipv4Addr' + - $ref: 'genericNrm.yaml#/components/schemas/Ipv6Addr' + ServiceProfileList: + type: array + items: + $ref: '#/components/schemas/ServiceProfile' + + SliceProfileList: + type: array + items: + $ref: '#/components/schemas/SliceProfile' + +#------------ Definition of concrete IOCs ---------------------------------------- + + SubNetwork-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/SubNetwork-Attr' + - $ref: 'genericNrm.yaml#/components/schemas/SubNetwork-ncO' + - type: object + properties: + SubNetwork: + $ref: '#/components/schemas/SubNetwork-Multiple' + NetworkSlice: + $ref: '#/components/schemas/NetworkSlice-Multiple' + NetworkSliceSubnet: + $ref: '#/components/schemas/NetworkSliceSubnet-Multiple' + EP_Transport: + $ref: '#/components/schemas/EP_Transport-Multiple' + + NetworkSlice-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/SubNetwork-Attr' + - type: object + properties: + networkSliceSubnetRef: + $ref: 'comDefs.yaml#/components/schemas/Dn' + operationalState: + $ref: 'comDefs.yaml#/components/schemas/OperationalState' + administrativeState: + $ref: 'comDefs.yaml#/components/schemas/AdministrativeState' + serviceProfileList: + $ref: '#/components/schemas/ServiceProfileList' + + NetworkSliceSubnet-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/SubNetwork-Attr' + - type: object + properties: + managedFunctionRefList: + $ref: 'comDefs.yaml#/components/schemas/DnList' + networkSliceSubnetRefList: + $ref: 'comDefs.yaml#/components/schemas/DnList' + operationalState: + $ref: 'comDefs.yaml#/components/schemas/OperationalState' + administrativeState: + $ref: 'comDefs.yaml#/components/schemas/AdministrativeState' + nsInfo: + $ref: '#/components/schemas/NsInfo' + sliceProfileList: + $ref: '#/components/schemas/SliceProfileList' + epTransportRefList: + $ref: 'comDefs.yaml#/components/schemas/DnList' + + EP_Transport-Single: + allOf: + - $ref: 'genericNrm.yaml#/components/schemas/Top-Attr' + - type: object + properties: + attributes: + type: object + properties: + ipAddress: + $ref: '#/components/schemas/IpAddress' + logicInterfaceId: + type: string + nextHopInfo: + type: string + qosProfile: + type: string + epApplicationRefs: + $ref: 'comDefs.yaml#/components/schemas/DnList' + +#-------- Definition of JSON arrays for name-contained IOCs ---------------------- + SubNetwork-Multiple: + type: array + items: + $ref: '#/components/schemas/SubNetwork-Single' + + NetworkSlice-Multiple: + type: array + items: + $ref: '#/components/schemas/NetworkSlice-Single' + + NetworkSliceSubnet-Multiple: + type: array + items: + $ref: '#/components/schemas/NetworkSliceSubnet-Single' + + EP_Transport-Multiple: + type: array + items: + $ref: '#/components/schemas/EP_Transport-Single' + +#------------ Definitions in TS 28.541 for TS 28.532 ----------------------------- + + resources-sliceNrm: + oneOf: + - $ref: '#/components/schemas/SubNetwork-Single' + - $ref: '#/components/schemas/NetworkSlice-Single' + - $ref: '#/components/schemas/NetworkSliceSubnet-Single' + - $ref: '#/components/schemas/EP_Transport-Single' diff --git a/kubernetes/dcaegen2-services/templates/configmap.yaml b/kubernetes/dcaegen2-services/templates/configmap.yaml index a2c7c56965..92662a251e 100644 --- a/kubernetes/dcaegen2-services/templates/configmap.yaml +++ b/kubernetes/dcaegen2-services/templates/configmap.yaml @@ -24,4 +24,20 @@ metadata: name: {{ include "common.release" . }}-dcae-expected-microservices namespace: {{ include "common.namespace" . }} data: -{{ tpl (.Files.Glob "resources/*").AsConfig . | indent 2 }}
\ No newline at end of file +{{ tpl (.Files.Glob "resources/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-dcae-external-repo-configmap-schema-map + namespace: {{ include "common.namespace" . }} +data: +{{ (.Files.Glob "resources/external/map/*").AsConfig | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-dcae-external-repo-configmap-sa91-rel16 + namespace: {{ include "common.namespace" . }} +data: +{{ (.Files.Glob "resources/external/schemas/sa91-rel16/*").AsConfig | indent 2 }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/values.yaml b/kubernetes/dcaegen2-services/values.yaml index 25df24de0a..687c9b2bab 100644 --- a/kubernetes/dcaegen2-services/values.yaml +++ b/kubernetes/dcaegen2-services/values.yaml @@ -17,9 +17,15 @@ dcae-ms-healthcheck: enabled: true dcae-hv-ves-collector: enabled: true +dcae-pmsh: + enabled: false dcae-prh: enabled: true dcae-tcagen2: enabled: true dcae-ves-collector: enabled: true +dcae-slice-analysis-ms: + enabled: false +dcae-son-handler: + enabled: false diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml index ae86c4311a..82e8229408 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml @@ -104,14 +104,14 @@ mongo: disableNfsProvisioner: true # application image -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:3.0.4 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:3.2.0 default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager # Use to override default setting in blueprints componentImages: - tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.2.1 - ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.8.0 + tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.3.0 + ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.9.2 prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.6 hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.8.0 diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/plugins/k8s-plugin.json b/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/plugins/k8s-plugin.json index 3c769fca5f..fb1a40edfd 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/plugins/k8s-plugin.json +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/plugins/k8s-plugin.json @@ -41,9 +41,6 @@ "ca_cert_configmap": "{{ include "common.fullname" . }}-dcae-cacert" }, "external_cert": { - "image_tag": "{{ include "repositoryGenerator.repository" . }}/{{ .Values.cmpv2Config.global.platform.certServiceClient.image }}", - "request_url": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.requestURL }}", - "timeout": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.requestTimeout }}", "country": "{{ .Values.cmpv2Config.global.certificate.default.subject.country }}", "organization": "{{ .Values.cmpv2Config.global.certificate.default.subject.organization }}", "state": "{{ .Values.cmpv2Config.global.certificate.default.subject.province }}", @@ -61,7 +58,7 @@ "image_tag": "{{ include "repositoryGenerator.repository" . }}/{{ .Values.cmpv2Config.global.platform.certPostProcessor.image }}" }, "cmpv2_issuer": { - "enabled": "{{ .Values.global.CMPv2CertManagerIntegration }}", + "enabled": "true", "name": "{{ .Values.cmpv2issuer.name }}" } } diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml index fcc8f6d4b0..10fb4430ea 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml @@ -28,8 +28,6 @@ global: repositoryCred: user: docker password: docker - # Enabling CMPv2 with CertManager - CMPv2CertManagerIntegration: false cmpv2issuer: name: cmpv2-issuer-onap @@ -55,7 +53,7 @@ config: # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.dcaegen2.deployments.cm-container:4.5.0 +image: onap/org.onap.dcaegen2.deployments.cm-container:4.6.0 pullPolicy: Always # name of shared ConfigMap with kubeconfig for multiple clusters diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml index 4c1c22f766..83914d423c 100644 --- a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2019-2021 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -53,7 +53,7 @@ config: # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.4.2 +image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.4.3 pullPolicy: Always # probe configuration parameters @@ -103,10 +103,10 @@ flavor: small resources: small: limits: - cpu: 2 - memory: 2Gi + cpu: 4000m + memory: 4Gi requests: - cpu: 1 + cpu: 1500m memory: 1Gi large: limits: diff --git a/kubernetes/dcaegen2/components/dcae-ves-openapi-manager/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-ves-openapi-manager/templates/deployment.yaml index 929b380962..f2826a77a0 100644 --- a/kubernetes/dcaegen2/components/dcae-ves-openapi-manager/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-ves-openapi-manager/templates/deployment.yaml @@ -55,7 +55,7 @@ spec: volumes: - name: schema-map configMap: - name: dcae-external-repo-configmap-schema-map + name: {{ include "common.release" . }}-dcae-external-repo-configmap-schema-map defaultMode: 0755 items: - key: {{ .Values.schemaMap.filename }} diff --git a/kubernetes/dcaegen2/resources/external/map/schema-map.json b/kubernetes/dcaegen2/resources/external/map/schema-map.json deleted file mode 100644 index a70c597bff..0000000000 --- a/kubernetes/dcaegen2/resources/external/map/schema-map.json +++ /dev/null @@ -1,18 +0,0 @@ -[ - { - "publicURL": "https://forge.3gpp.org/rep/sa5/MnS/blob/SA88-Rel16/OpenAPI/faultMnS.yaml", - "localURL": "3gpp/rep/sa5/MnS/blob/SA88-Rel16/OpenAPI/faultMnS.yaml" - }, - { - "publicURL": "https://forge.3gpp.org/rep/sa5/MnS/blob/SA88-Rel16/OpenAPI/heartbeatNtf.yaml", - "localURL": "3gpp/rep/sa5/MnS/blob/SA88-Rel16/OpenAPI/heartbeatNtf.yaml" - }, - { - "publicURL": "https://forge.3gpp.org/rep/sa5/MnS/blob/SA88-Rel16/OpenAPI/PerDataFileReportMnS.yaml", - "localURL": "3gpp/rep/sa5/MnS/blob/SA88-Rel16/OpenAPI/PerDataFileReportMnS.yaml" - }, - { - "publicURL": "https://forge.3gpp.org/rep/sa5/MnS/blob/SA88-Rel16/OpenAPI/provMnS.yaml", - "localURL": "3gpp/rep/sa5/MnS/blob/SA88-Rel16/OpenAPI/provMnS.yaml" - } -]
\ No newline at end of file diff --git a/kubernetes/dcaegen2/templates/configmap.yaml b/kubernetes/dcaegen2/templates/configmap.yaml index a9917a55ce..8a389ed408 100644 --- a/kubernetes/dcaegen2/templates/configmap.yaml +++ b/kubernetes/dcaegen2/templates/configmap.yaml @@ -24,19 +24,3 @@ metadata: namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: dcae-external-repo-configmap-schema-map - namespace: {{ include "common.namespace" . }} -data: -{{ (.Files.Glob "resources/external/map/*").AsConfig | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: dcae-external-repo-configmap-sa88-rel16 - namespace: {{ include "common.namespace" . }} -data: -{{ (.Files.Glob "resources/external/schema/rel16/*").AsConfig | indent 2 }} diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml index 521fac06a2..90bc0989d0 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml @@ -36,7 +36,7 @@ config: importK8S: plugin:k8splugin?version=>=3.5.1,<4.0.0 importPostgres: plugin:pgaas?version=1.3.0 importClamp: plugin:clamppolicyplugin?version=1.1.0 - importDMaaP: plugin:dmaap?version=1.5.0 + importDMaaP: plugin:dmaap?version=>=1.5.1,<2.0.0 useDmaapPlugin: false bpResourcesCpuLimit: 250m bpResourcesMemoryLimit: 128Mi diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json index 8f4cf8bd64..34197b948e 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json +++ b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json @@ -2,7 +2,7 @@ "topicName": "PNF_READY", "topicDescription": "This topic will be used to publish the PNF_READY events generated by the PNF REgistration Handler service in the DCAE platform.", "owner": "PNFRegistrationHandler", - "txenabled": false, + "tnxEnabled": false, "clients": [ { "dcaeLocationName": "san-francisco", diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json index f0dd2c7829..e7325794a1 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json +++ b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json @@ -2,7 +2,7 @@ "topicName": "PNF_REGISTRATION", "topicDescription": "the VES collector will be publishing pnfRegistration events in this topic", "owner": "VEScollector", - "txenabled": false, + "tnxEnabled": false, "clients": [ { "dcaeLocationName": "san-francisco", diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json b/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json index ff1a5732e2..fb2c54ed4b 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json +++ b/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json @@ -3,7 +3,7 @@ "topicDescription": "the topic used to provision the MM agent whitelist", "replicationCase": "REPLICATION_NONE", "owner": "dmaap", - "txenabled": false, + "tnxEnabled": false, "partitionCount": "1", "clients": [ { diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml index bfd0f1ebd3..65242b4a4f 100644 --- a/kubernetes/dmaap/components/dmaap-bc/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -40,7 +40,7 @@ secrets: pullPolicy: Always # application images -image: onap/dmaap/dmaap-bc:2.0.5 +image: onap/dmaap/dmaap-bc:2.0.6 # application configuration diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index df0e270db5..a82eef85d4 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -105,7 +105,7 @@ config: mariadb: name: *dmaap-dr-db nameOverride: *dmaap-dr-db - replicaCount: 3 + replicaCount: 1 db: externalSecret: *dbSecretName name: datarouter diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml index c16500e787..48a2eb197e 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml @@ -230,11 +230,6 @@ spec: - name: docker-socket hostPath: path: /var/run/docker.sock - {{- if .Values.global.aafEnabled }} - - name: cadi - configMap: - name: {{ include "common.fullname" . }}-cadi-prop-configmap - {{ end }} - name: jaas configMap: name: {{ include "common.fullname" . }}-jaas-configmap diff --git a/kubernetes/esr/.helmignore b/kubernetes/esr/.helmignore index f0c1319444..7ddbad7ef4 100644 --- a/kubernetes/esr/.helmignore +++ b/kubernetes/esr/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +components/ diff --git a/kubernetes/helm/plugins/deploy/deploy.sh b/kubernetes/helm/plugins/deploy/deploy.sh index 0d434ad877..4fec3984db 100755 --- a/kubernetes/helm/plugins/deploy/deploy.sh +++ b/kubernetes/helm/plugins/deploy/deploy.sh @@ -49,14 +49,14 @@ generate_overrides() { for index in "${!SUBCHART_NAMES[@]}"; do START=${SUBCHART_NAMES[index]} END=${SUBCHART_NAMES[index+1]} - if [[ $START = "global:" ]]; then + if [ "$START" = "global:" ]; then echo "global:" > $GLOBAL_OVERRIDES cat $COMPUTED_OVERRIDES | sed '/common:/,/consul:/d' \ | sed -n '/^'"$START"'/,/'log:'/p' | sed '1d;$d' >> $GLOBAL_OVERRIDES else SUBCHART_DIR="$CACHE_SUBCHART_DIR/$(echo "$START" |cut -d':' -f1)" - if [[ -d "$SUBCHART_DIR" ]]; then - if [[ -z "$END" ]]; then + if [ -d "$SUBCHART_DIR" ]; then + if [ -z "$END" ]; then cat $COMPUTED_OVERRIDES | sed -n '/^'"$START"'/,/'"$END"'/p' \ | sed '1d;$d' | cut -c3- > $SUBCHART_DIR/subchart-overrides.yaml else @@ -72,11 +72,11 @@ resolve_deploy_flags() { n=${#flags[*]} i=0 ; while [ "$i" -lt "$n" ]; do PARAM=${flags[i]} - if [[ $PARAM = "-f" || \ - $PARAM = "--values" || \ - $PARAM = "--set" || \ - $PARAM = "--set-string" || \ - $PARAM = "--version" ]]; then + if [ "$PARAM" = "-f" ] || \ + [ "$PARAM" = "--values" ] || \ + [ "$PARAM" = "--set" ] || \ + [ "$PARAM" = "--set-string" ] || \ + [ "$PARAM" = "--version" ]; then # skip param and its value i=$((i + 1)) else @@ -89,7 +89,7 @@ resolve_deploy_flags() { deploy() { # validate params - if [[ -z "$1" || -z "$2" ]]; then + if [ -z "$1" ] || [Â -z "$2" ]; then usage exit 0 fi @@ -99,7 +99,7 @@ deploy() { FLAGS=${@:3} CHART_REPO="$(echo "$CHART_URL" |cut -d'/' -f1)" CHART_NAME="$(echo "$CHART_URL" |cut -d'/' -f2)" - if [[ $HELM_VER = "v3."* ]]; then + if expr "$HELM_VER" : "v3\..*" ; then CACHE_DIR=~/.local/share/helm/plugins/deploy/cache else CACHE_DIR=~/.helm/plugins/deploy/cache @@ -111,23 +111,23 @@ deploy() { # determine if verbose output is enabled VERBOSE="false" - if [[ $FLAGS = *"--verbose"* ]]; then + if expr "$FLAGS" : ".*--verbose.*" ; then FLAGS="$(echo $FLAGS| sed -n 's/--verbose//p')" VERBOSE="true" fi # determine if delay for deployment is enabled DELAY="false" - if [[ $FLAGS = *"--delay"* ]]; then + if expr "$FLAGS" : ".*--delay.*" ; then FLAGS="$(echo $FLAGS| sed -n 's/--delay//p')" DELAY="true" fi # determine if set-last-applied flag is enabled SET_LAST_APPLIED="false" - if [[ $FLAGS = *"--set-last-applied"* ]]; then + if expr"$FLAGS" : ".*--set-last-applied.*" ; then FLAGS="$(echo $FLAGS| sed -n 's/--set-last-applied//p')" SET_LAST_APPLIED="true" fi - if [[ $FLAGS = *"--dry-run"* ]]; then + if expr "$FLAGS" : ".*--dry-run.*" ; then VERBOSE="true" FLAGS="$FLAGS --debug" fi @@ -150,7 +150,7 @@ deploy() { SUBCHART_RELEASE="$(echo "$RELEASE" |cut -d'-' -f2)" # update specified subchart without parent RELEASE="$(echo "$RELEASE" |cut -d'-' -f1)" - if [[ $SUBCHART_RELEASE = $RELEASE ]]; then + if [ "$SUBCHART_RELEASE" = "$RELEASE" ]; then SUBCHART_RELEASE= fi @@ -158,7 +158,7 @@ deploy() { rm -rf $CACHE_DIR # fetch umbrella chart (parent chart containing subcharts) - if [[ -d "$CHART_URL" ]]; then + if [ -d "$CHART_URL" ]; then mkdir -p $CHART_DIR cp -R $CHART_URL/* $CHART_DIR/ @@ -195,20 +195,20 @@ deploy() { generate_overrides $COMPUTED_OVERRIDES $GLOBAL_OVERRIDES # upgrade/install parent chart first - if [[ -z "$SUBCHART_RELEASE" ]]; then + if [ -z "$SUBCHART_RELEASE" ]; then LOG_FILE=$LOG_DIR/${RELEASE}.log :> $LOG_FILE helm upgrade -i $RELEASE $CHART_DIR $DEPLOY_FLAGS -f $COMPUTED_OVERRIDES \ > $LOG_FILE.log 2>&1 - if [[ $VERBOSE = "true" ]]; then + if [ "$VERBOSE" = "true" ]; then cat $LOG_FILE else echo "release \"$RELEASE\" deployed" fi # Add annotation last-applied-configuration if set-last-applied flag is set - if [[ $SET_LAST_APPLIED = "true" ]]; then + if [ "$SET_LAST_APPLIED" = "true" ]; then helm get manifest ${RELEASE} \ | kubectl apply set-last-applied --create-annotation -n onap -f - \ > $LOG_FILE.log 2>&1 @@ -224,12 +224,12 @@ deploy() { SUBCHART_OVERRIDES=$CACHE_SUBCHART_DIR/$subchart/subchart-overrides.yaml SUBCHART_ENABLED=0 - if [[ -f $SUBCHART_OVERRIDES ]]; then + if [ -f $SUBCHART_OVERRIDES ]; then SUBCHART_ENABLED=$(cat $SUBCHART_OVERRIDES | grep -c "^enabled: true") fi - if [[ $SUBCHART_ENABLED -eq 1 ]]; then - if [[ -z "$SUBCHART_RELEASE" || $SUBCHART_RELEASE = "$subchart" ]]; then + if [ $SUBCHART_ENABLED -eq 1 ]; then + if [ -z "$SUBCHART_RELEASE" ] || [ "$SUBCHART_RELEASE" = "$subchart" ]; then LOG_FILE=$LOG_DIR/"${RELEASE}-${subchart}".log :> $LOG_FILE @@ -237,27 +237,27 @@ deploy() { $DEPLOY_FLAGS -f $GLOBAL_OVERRIDES -f $SUBCHART_OVERRIDES \ > $LOG_FILE 2>&1 - if [[ $VERBOSE = "true" ]]; then + if [ "$VERBOSE" = "true" ]; then cat $LOG_FILE else echo "release \"${RELEASE}-${subchart}\" deployed" fi # Add annotation last-applied-configuration if set-last-applied flag is set - if [[ $SET_LAST_APPLIED = "true" ]]; then + if [ "$SET_LAST_APPLIED" = "true" ]; then helm get manifest "${RELEASE}-${subchart}" \ | kubectl apply set-last-applied --create-annotation -n onap -f - \ > $LOG_FILE.log 2>&1 fi fi - if [[ $DELAY = "true" ]]; then + if [ "$DELAY" = "true" ]; then echo sleep 3m - sleep 3m + sleep 180 fi else array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}")) n=${#array[*]} for i in $(seq $(($n-1)) -1 0); do - if [[ $HELM_VER = "v3."* ]]; then + if expr "$HELM_VER" : "v3\..*" ; then helm del "${array[i]}" else helm del "${array[i]}" --purge @@ -267,7 +267,7 @@ deploy() { done # report on success/failures of installs/upgrades - if [[ $HELM_VER = "v3."* ]]; then + if expr "$HELM_VER" : "v3\..*" ; then helm ls --all-namespaces | grep -i FAILED | grep $RELEASE else helm ls | grep FAILED | grep $RELEASE diff --git a/kubernetes/helm/plugins/undeploy/undeploy.sh b/kubernetes/helm/plugins/undeploy/undeploy.sh index 1689bf1b48..35fc4ca251 100755 --- a/kubernetes/helm/plugins/undeploy/undeploy.sh +++ b/kubernetes/helm/plugins/undeploy/undeploy.sh @@ -29,7 +29,7 @@ undeploy() { done } -if [[ $# < 1 ]]; then +if [ $# < 1 ]; then echo "Error: command 'undeploy' requires a release name" exit 0 fi @@ -49,4 +49,4 @@ case "${1:-"help"}" in ;; esac -exit 0
\ No newline at end of file +exit 0 diff --git a/kubernetes/log/.helmignore b/kubernetes/log/.helmignore index f0c1319444..7ddbad7ef4 100644 --- a/kubernetes/log/.helmignore +++ b/kubernetes/log/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +components/ diff --git a/kubernetes/modeling/.helmignore b/kubernetes/modeling/.helmignore new file mode 100644 index 0000000000..7ddbad7ef4 --- /dev/null +++ b/kubernetes/modeling/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +components/ diff --git a/kubernetes/msb/.helmignore b/kubernetes/msb/.helmignore index f0c1319444..7ddbad7ef4 100644 --- a/kubernetes/msb/.helmignore +++ b/kubernetes/msb/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +components/ diff --git a/kubernetes/multicloud/.helmignore b/kubernetes/multicloud/.helmignore index f0c1319444..7ddbad7ef4 100644 --- a/kubernetes/multicloud/.helmignore +++ b/kubernetes/multicloud/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +components/ diff --git a/kubernetes/multicloud/components/multicloud-k8s/values.yaml b/kubernetes/multicloud/components/multicloud-k8s/values.yaml index 44560e3351..307524c4fa 100644 --- a/kubernetes/multicloud/components/multicloud-k8s/values.yaml +++ b/kubernetes/multicloud/components/multicloud-k8s/values.yaml @@ -24,7 +24,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/multicloud/k8s:0.8.1 +image: onap/multicloud/k8s:0.8.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml index ea286b09c1..f3358d007d 100644 --- a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml +++ b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml @@ -25,7 +25,7 @@ aaf: aai: enabled: true appc: - enabled: true + enabled: false cds: enabled: true clamp: diff --git a/kubernetes/onap/resources/overrides/onap-all.yaml b/kubernetes/onap/resources/overrides/onap-all.yaml index d6c447240d..ad002cc385 100644 --- a/kubernetes/onap/resources/overrides/onap-all.yaml +++ b/kubernetes/onap/resources/overrides/onap-all.yaml @@ -20,7 +20,6 @@ global: addTestingComponents: &testing true centralizedLoggingEnabled: ¢ralizedLogging false - CMPv2CertManagerIntegration: false cassandra: enabled: true mariadb-galera: @@ -30,7 +29,7 @@ aaf: aai: enabled: true appc: - enabled: true + enabled: false cds: enabled: true clamp: diff --git a/kubernetes/onap/resources/overrides/oom-cert-service-environment.yaml b/kubernetes/onap/resources/overrides/oom-cert-service-environment.yaml index 643d3065c1..7b3603c041 100644 --- a/kubernetes/onap/resources/overrides/oom-cert-service-environment.yaml +++ b/kubernetes/onap/resources/overrides/oom-cert-service-environment.yaml @@ -1,5 +1,5 @@ # Copyright © 2020 Nordix Foundation -# Modifications Copyright © 2020 Nokia +# Modifications Copyright © 2020-2021 Nokia # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -35,15 +35,17 @@ ################################################################# global: cmpv2Enabled: true - CMPv2CertManagerIntegration: true - platform: - certServiceClient: - envVariables: - # Certificate related - cmpv2Organization: "Linux-Foundation" - cmpv2OrganizationalUnit: "ONAP" - cmpv2Location: "San-Francisco" - cmpv2State: "California" - cmpv2Country: "US" - # Client configuration related - caName: "RA" + certificate: + default: + renewBefore: 720h #30 days + duration: 8760h #365 days + subject: + organization: "Linux-Foundation" + country: "US" + locality: "San-Francisco" + province: "California" + organizationalUnit: "ONAP" + issuer: + group: certmanager.onap.org + kind: CMPv2Issuer + name: cmpv2-issuer-onap diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index d91284a6c3..028b43aef2 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -47,7 +47,7 @@ global: dockerHubRepository: &dockerHubRepository docker.io elasticRepository: &elasticRepository docker.elastic.co googleK8sRepository: k8s.gcr.io - + githubContainerRegistry: ghcr.io #/!\ DEPRECATED /!\ # Legacy repositories which will be removed at the end of migration. @@ -194,7 +194,6 @@ global: # Enabling CMPv2 cmpv2Enabled: true - CMPv2CertManagerIntegration: false platform: certificates: clientSecretName: oom-cert-service-client-tls-secret @@ -204,17 +203,6 @@ global: keystorePasswordSecretKey: password truststorePasswordSecretName: oom-cert-service-certificates-password truststorePasswordSecretKey: password - certServiceClient: - image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3 - certificatesSecretMountPath: /etc/onap/oom/certservice/certs/ - envVariables: - certPath: "/var/custom-certs" - # Certificate related - caName: "RA" - # Client configuration related - requestURL: "https://oom-cert-service:8443/v1/certificate/" - requestTimeout: "30000" - outputType: "P12" # Indicates offline deployment build # Set to true if you are rendering helm charts for offline deployment diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml index 08af62d844..2050fe676c 100644 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml @@ -41,7 +41,7 @@ spec: - /app/ready.py args: - --container-name - - {{ .Values.config.db.container }} + - {{ include "common.mariadbService" . }} env: - name: NAMESPACE valueFrom: @@ -77,9 +77,9 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: DB_HOST - value: {{ .Values.config.db.host }}.{{.Release.Namespace}} + value: {{ include "common.mariadbService" . }}.{{.Release.Namespace}} - name: DB_PORT - value: {{ .Values.config.db.port | quote}} + value: {{ include "common.mariadbPort" . | quote}} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}} - name: DB_SCHEMA @@ -99,9 +99,9 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: DB_HOST - value: {{ .Values.config.db.host }}.{{.Release.Namespace}} + value: {{ include "common.mariadbService" . }}.{{.Release.Namespace}} - name: DB_PORT - value: {{ .Values.config.db.port | quote}} + value: {{ include "common.mariadbPort" . | quote}} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}} - name: DB_SCHEMA diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml index c9de6546c2..3bee34aaa7 100644 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml +++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml @@ -19,6 +19,7 @@ global: # global defaults nodePortPrefix: 302 readinessImage: onap/oom/readiness:3.0.1 + mariadbGalera: {} subChartsOnly: enabled: true @@ -85,6 +86,7 @@ service: # as of 20181022 port 23 is reserved for cmso # see https://wiki.onap.org/display/DW/OOM+NodePort+List +mariadb-galera: {} config: aaf: @@ -92,7 +94,6 @@ config: password: pass # userCredentialsExternalSecret: some-secret db: - port: 3306 # rootPassword: pass # rootPasswordExternalSecret: some secret user: cmso-admin diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml index 3fd0112928..d82040b17b 100644 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml @@ -41,7 +41,7 @@ spec: - /app/ready.py args: - --container-name - - {{ .Values.config.db.container }} + - {{ include "common.mariadbService" . }} env: - name: NAMESPACE valueFrom: @@ -77,9 +77,9 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: DB_HOST - value: {{ .Values.config.db.host }}.{{.Release.Namespace}} + value: {{ include "common.mariadbService" . }}.{{.Release.Namespace}} - name: DB_PORT - value: {{ .Values.config.db.port | quote}} + value: {{ include "common.mariadbPort" . | quote}} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}} - name: DB_SCHEMA @@ -113,9 +113,9 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: DB_HOST - value: {{ .Values.config.db.host }}.{{.Release.Namespace}} + value: {{ include "common.mariadbService" . }}.{{.Release.Namespace}} - name: DB_PORT - value: {{ .Values.config.db.port | quote}} + value: {{ include "common.mariadbPort" . | quote}} - name: DB_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}} - name: DB_SCHEMA diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml index 105163e95c..3eb94ead7b 100644 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml +++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml @@ -18,6 +18,7 @@ ################################################################# global: # global defaults nodePortPrefix: 302 + mariadbGalera: {} subChartsOnly: enabled: true @@ -83,6 +84,7 @@ service: # as of 20181022 port 23 is reserved for cmso # see https://wiki.onap.org/display/DW/OOM+NodePort+List +mariadb-galera: {} config: aaf: @@ -90,7 +92,6 @@ config: password: pass # userCredentialsExternalSecret: some-secret db: - port: 3306 # rootPassword: pass # rootPasswordExternalSecret: some secret user: cmso-admin diff --git a/kubernetes/oof/components/oof-cmso/requirements.yaml b/kubernetes/oof/components/oof-cmso/requirements.yaml index 535a1e1696..30946c6a33 100644 --- a/kubernetes/oof/components/oof-cmso/requirements.yaml +++ b/kubernetes/oof/components/oof-cmso/requirements.yaml @@ -23,6 +23,7 @@ dependencies: - name: mariadb-galera version: ~8.x-0 repository: '@local' + condition: global.mariadbGalera.localCluster - name: mariadb-init version: ~8.x-0 repository: '@local' diff --git a/kubernetes/oof/components/oof-cmso/values.yaml b/kubernetes/oof/components/oof-cmso/values.yaml index c46fd0a33a..15aac51888 100644 --- a/kubernetes/oof/components/oof-cmso/values.yaml +++ b/kubernetes/oof/components/oof-cmso/values.yaml @@ -13,6 +13,19 @@ # See the License for the specific language governing permissions and # limitations under the License. +global: + commonConfigPrefix: "oof-cmso" + truststoreFile: "truststoreONAPall.jks" + keystoreFile: "org.onap.oof.jks" + truststorePassword: + authentication: aaf-auth + mariadbGalera: &mariadbGalera + #This flag allows OOF-CMSO to instantiate its own mariadb-galera cluster + localCluster: false + service: mariadb-galera + internalPort: 3306 + nameOverride: mariadb-galera + ################################################################# # Secrets metaconfig ################################################################# @@ -42,7 +55,7 @@ secrets: login: '{{ .Values.config.aaf.user }}' password: '{{ .Values.config.aaf.password }}' -mariadb-galera: +mariadb-galera: &localMariadb replicaCount: 1 nameOverride: &dbName cmso-db nfsprovisionerPrefix: cmso @@ -56,19 +69,7 @@ mariadb-galera: serviceAccount: nameOverride: *dbName -global: - commonConfigPrefix: "oof-cmso" - truststoreFile: "truststoreONAPall.jks" - keystoreFile: "org.onap.oof.jks" - truststorePassword: - authentication: aaf-auth - mariadb-init: - mariadbGalera: - containerName: *dbName - serviceName: *dbName - servicePort: 3306 - userRootSecret: *rootPassword config: userCredentialsExternalSecret: *serviceDbCreds mysqlDatabase: cmso @@ -117,11 +118,10 @@ oof-cmso-service: certInitializer: << : *certInitConfig nameOverride: oof-cmso-service-cert-initializer + mariadb-galera: *localMariadb config: db: userCredentialsExternalSecret: *serviceDbCreds - host: *dbName - container: *dbName mysqlDatabase: cmso aaf: userCredentialsExternalSecret: *aafCreds @@ -131,12 +131,11 @@ oof-cmso-optimizer: certInitializer: << : *certInitConfig nameOverride: oof-cmso-optimizer-cert-initializer + mariadb-galera: *localMariadb config: enabled: true db: userCredentialsExternalSecret: *optimizerDbCreds - host: *dbName - container: *dbName mysqlDatabase: optimizer aaf: userCredentialsExternalSecret: *aafCreds diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml index 491250c72a..ba4a657c1a 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml @@ -55,21 +55,6 @@ spec: image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - name: {{ include "common.name" . }}-onboard-readiness - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-oof-has-onboard" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - name: {{ include "common.name" . }}-has-sms-readiness command: - sh @@ -94,7 +79,7 @@ spec: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"] + command: ["/bin/sh","-c"] args: ["/usr/local/bin/uwsgi -s /run/conductor/uwsgi.sock --chmod-socket=777 --wsgi-file /etc/nginx/conductor.wsgi --callable application --set port={{ .Values.uwsgi.internalPort }} --die-on-term --exit-on-reload --pidfile /run/conductor/conductor-uwsgi.pid --enable-threads --workers 6 --master --vacuum --single-interpreter --socket-timeout 10 --max-worker-lifetime 300 --max-requests 100 --no-defer-accept --protocol=uwsgi --socket 0.0.0.0:{{ .Values.uwsgi.internalPort }}"] ports: - containerPort: {{ .Values.uwsgi.internalPort }} @@ -112,7 +97,7 @@ spec: port: {{ .Values.uwsgi.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - env: + env: {{ include "oof.etcd.env" . | nindent 10 }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml index d6743cdfda..63461d9c83 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml @@ -16,7 +16,7 @@ global: # global defaults nodePortPrefix: 302 image: - optf_has: onap/optf-has:2.1.5 + optf_has: onap/optf-has:2.2.0 ################################################################# # secrets metaconfig @@ -26,6 +26,18 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certSecret) . }}' type: generic filePaths: '{{ .Values.secretsFilePaths }}' + - uid: oof-has-etcd-secret + name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.etcd.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.etcd.appUser }}' + password: '{{ .Values.config.etcd.appPassword }}' + passwordPolicy: required + +config: + etcd: + appUser: user + appPassword: pass service: type: NodePort diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml index 8e0ff1aeb5..895a305b53 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml @@ -41,8 +41,8 @@ spec: command: - /app/ready.py args: - - --container-name - - music-springboot + - --job-name + - {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job - --container-name - aaf-sms env: @@ -54,21 +54,6 @@ spec: image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - name: {{ include "common.name" . }}-onboard-readiness - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-oof-has-onboard" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - name: {{ include "common.name" . }}-cont-sms-readiness command: - sh @@ -114,7 +99,7 @@ spec: - /usr/local/bin/healthy.sh initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - env: + env: {{ include "oof.etcd.env" . | nindent 10 }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml index 3cbf96adc1..9e799e1045 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.1.5 + optf_has: onap/optf-has:2.2.0 ################################################################# # Secrets metaconfig @@ -24,6 +24,18 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certSecret) . }}' type: generic filePaths: '{{ .Values.secretsFilePaths }}' + - uid: oof-has-etcd-secret + name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.etcd.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.etcd.appUser }}' + password: '{{ .Values.config.etcd.appPassword }}' + passwordPolicy: required + +config: + etcd: + appUser: user + appPassword: pass ingress: enabled: false diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml index f4ccd57773..cc4eaf08b9 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml @@ -41,38 +41,8 @@ spec: command: - /app/ready.py args: - - --container-name - - music-springboot - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - - name: {{ include "common.name" . }}-onboard-readiness - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-oof-has-onboard" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - - name: {{ include "common.name" . }}-health-readiness - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-oof-has-healthcheck" + - --job-name + - {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job env: - name: NAMESPACE valueFrom: @@ -128,7 +98,7 @@ spec: - /usr/local/bin/healthy.sh initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - env: + env: {{ include "oof.etcd.env" . | nindent 10 }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml index 0940a9db39..915ffc019f 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.1.5 + optf_has: onap/optf-has:2.2.0 ################################################################# # secrets metaconfig @@ -24,6 +24,18 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certSecret) . }}' type: generic filePaths: '{{ .Values.secretsFilePaths }}' + - uid: oof-has-etcd-secret + name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.etcd.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.etcd.appUser }}' + password: '{{ .Values.config.etcd.appPassword }}' + passwordPolicy: required + +config: + etcd: + appUser: user + appPassword: pass ingress: enabled: false diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml index 4d04b6fe76..095162bea2 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml @@ -41,38 +41,8 @@ spec: command: - /app/ready.py args: - - --container-name - - music-springboot - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - - name: {{ include "common.name" . }}-onboard-readiness - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-oof-has-onboard" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - - name: {{ include "common.name" . }}-health-readiness - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-oof-has-healthcheck" + - --job-name + - {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job env: - name: NAMESPACE valueFrom: @@ -128,7 +98,7 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} {{ end -}} - env: + env: {{ include "oof.etcd.env" . | nindent 10 }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml index 0940a9db39..915ffc019f 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.1.5 + optf_has: onap/optf-has:2.2.0 ################################################################# # secrets metaconfig @@ -24,6 +24,18 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certSecret) . }}' type: generic filePaths: '{{ .Values.secretsFilePaths }}' + - uid: oof-has-etcd-secret + name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.etcd.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.etcd.appUser }}' + password: '{{ .Values.config.etcd.appPassword }}' + passwordPolicy: required + +config: + etcd: + appUser: user + appPassword: pass ingress: enabled: false diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml index 6079dcfd6e..d664ca0875 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml @@ -41,38 +41,8 @@ spec: command: - /app/ready.py args: - - --container-name - - music-springboot - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - - name: {{ include "common.name" . }}-onboard-readiness - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-oof-has-onboard" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - - name: {{ include "common.name" . }}-health-readiness - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-oof-has-healthcheck" + - --job-name + - {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job env: - name: NAMESPACE valueFrom: @@ -128,7 +98,7 @@ spec: - /usr/local/bin/healthy.sh initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - env: + env: {{ include "oof.etcd.env" . | nindent 10 }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml index 0940a9db39..915ffc019f 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.1.5 + optf_has: onap/optf-has:2.2.0 ################################################################# # secrets metaconfig @@ -24,6 +24,18 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certSecret) . }}' type: generic filePaths: '{{ .Values.secretsFilePaths }}' + - uid: oof-has-etcd-secret + name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.etcd.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.etcd.appUser }}' + password: '{{ .Values.config.etcd.appPassword }}' + passwordPolicy: required + +config: + etcd: + appUser: user + appPassword: pass ingress: enabled: false diff --git a/kubernetes/oof/components/oof-has/requirements.yaml b/kubernetes/oof/components/oof-has/requirements.yaml index 851211a1fb..7310aac8d0 100755 --- a/kubernetes/oof/components/oof-has/requirements.yaml +++ b/kubernetes/oof/components/oof-has/requirements.yaml @@ -20,6 +20,15 @@ dependencies: - name: music version: ~8.x-0 repository: '@local' + condition: music.enabled + - name: etcd + version: ~8.x-0 + repository: '@local' + condition: etcd.enabled + - name: etcd-init + version: ~8.x-0 + repository: '@local' + condition: etcd-init.enabled - name: oof-has-api version: ~8.x-0 repository: 'file://components/oof-has-api' diff --git a/kubernetes/oof/components/oof-has/resources/config/conductor.conf b/kubernetes/oof/components/oof-has/resources/config/conductor.conf index ded979c4fc..18b60bba4a 100755 --- a/kubernetes/oof/components/oof-has/resources/config/conductor.conf +++ b/kubernetes/oof/components/oof-has/resources/config/conductor.conf @@ -424,6 +424,30 @@ server_url = http://{{.Values.config.msb.serviceName}}.{{ include "common.namesp #server_url_version = v0 +[db_options] + +# db_backend to use +db_backend = {{.Values.config.dbBackend}} + +# Use music mock api +music_mock = False + + +[etcd_api] + +# host/ip address of etcd server +host = {{.Values.config.etcd.serviceName}}.{{ include "common.namespace" . }} + +# port of etcd server +port = {{.Values.config.etcd.port}} + +# username for etcd authentication +username = + +# password for etcd authentication +password = + + [music_api] # diff --git a/kubernetes/oof/components/oof-has/resources/config/healthcheck.json b/kubernetes/oof/components/oof-has/resources/config/healthcheck.json deleted file mode 100755 index 833fa0f5d9..0000000000 --- a/kubernetes/oof/components/oof-has/resources/config/healthcheck.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "consistencyInfo": { - "type": "eventual" - }, - "values": { - "id": "healthcheck", - "created": 1479482603641, - "message": "", - "name": "foo", - "recommend_max": 1, - "solution": "{\"healthcheck\": \" healthcheck\"}", - "status": "solved", - "template": "{\"healthcheck\": \"healthcheck\"}", - "timeout": 3600, - "translation": "{\"healthcheck\": \" healthcheck\"}", - "updated": 1484324150629 - } -} diff --git a/kubernetes/oof/components/oof-has/resources/config/onboard.json b/kubernetes/oof/components/oof-has/resources/config/onboard.json deleted file mode 100755 index 2c3d69be8d..0000000000 --- a/kubernetes/oof/components/oof-has/resources/config/onboard.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "appname": "conductor", - "userId": "conductor", - "isAAF": "false", - "password": "c0nduct0r" -} diff --git a/kubernetes/oof/components/oof-has/templates/job-healthcheck.yaml b/kubernetes/oof/components/oof-has/templates/job-healthcheck.yaml deleted file mode 100755 index 49406ba423..0000000000 --- a/kubernetes/oof/components/oof-has/templates/job-healthcheck.yaml +++ /dev/null @@ -1,100 +0,0 @@ -{{/* -# Copyright 2018 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "common.fullname" . }}-healthcheck - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - command: - - /app/ready.py - args: - - --container-name - - oof-has-api - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - containers: - - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-healthcheck - command: - - "/bin/sh" - - "-c" - - | - echo "INSERT HEALTHCHECK PLAN"; - sleep 15; - resp="FAILURE"; - until [ $resp = "200" ]; do - resp=$(curl -k -s -o /dev/null --write-out %{http_code} -X POST https://{{.Values.config.music.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.music.port}}/MUSIC/rest/v2/keyspaces/conductor/tables/plans/rows?id=healthcheck \ - -H "Content-Type: application/json" \ - -H "ns: conductor" \ - -H "Authorization: Basic Y29uZHVjdG9yOmMwbmR1Y3Qwcg==" \ - --data @healthcheck.json); - echo $resp; - sleep 2; - done; - workingDir: /has - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /has/healthcheck.json - name: {{ .Values.global.commonConfigPrefix }}-config - subPath: healthcheck.json - resources: -{{ include "common.resources" . | indent 10 }} - nodeSelector: - {{- if .Values.nodeSelector }} -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ .Values.global.commonConfigPrefix }}-config - configMap: - name: {{ .Values.global.commonConfigPrefix }}-configmap - items: - - key: healthcheck.json - path: healthcheck.json - restartPolicy: OnFailure - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/components/oof-has/templates/job-onboard.yaml b/kubernetes/oof/components/oof-has/templates/job-onboard.yaml deleted file mode 100755 index e63aeb369a..0000000000 --- a/kubernetes/oof/components/oof-has/templates/job-onboard.yaml +++ /dev/null @@ -1,105 +0,0 @@ -{{/* -# Copyright 2018 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "common.fullname" . }}-onboard - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - command: - - /app/ready.py - args: - - --container-name - - "music-springboot" - - --container-name - - "music-cassandra" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-music-cassandra-config" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-music-db-readiness - containers: - - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-onboard - command: - - "/bin/sh" - - "-c" - - | - echo "job-onboard" - workingDir: /has - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /has/onboard.json - name: {{ .Values.global.commonConfigPrefix }}-config - subPath: onboard.json - resources: -{{ include "common.resources" . | indent 10 }} - nodeSelector: - {{- if .Values.nodeSelector }} -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ .Values.global.commonConfigPrefix }}-config - configMap: - name: {{ .Values.global.commonConfigPrefix }}-configmap - items: - - key: onboard.json - path: onboard.json - restartPolicy: OnFailure - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/components/oof-has/values.yaml b/kubernetes/oof/components/oof-has/values.yaml index 3615a3bd33..9a8b60574e 100755 --- a/kubernetes/oof/components/oof-has/values.yaml +++ b/kubernetes/oof/components/oof-has/values.yaml @@ -19,7 +19,7 @@ global: commonConfigPrefix: onap-oof-has image: - optf_has: onap/optf-has:2.1.5 + optf_has: onap/optf-has:2.2.0 persistence: enabled: true @@ -32,11 +32,24 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certSecret) . }}' type: generic filePaths: '{{ .Values.secretsFilePaths }}' + - uid: oof-has-etcd-root-password + name: &root-password '{{ include "common.release" . }}-has-etcd-root-password' + type: password + password: '{{ .Values.config.etcd.rootPassword }}' + policy: generate + - uid: oof-has-etcd-secret + name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.etcd.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.etcd.appUser }}' + password: '{{ .Values.config.etcd.appPassword }}' + passwordPolicy: generate pullPolicy: Always nodePortPrefix: 302 dataRootDir: /dockerdata-nfs config: + dbBackend: etcd aaf: serviceName: aaf-service port: 8100 @@ -58,6 +71,13 @@ config: cps: service: cps-tbdmt port: 8080 + etcd: + serviceName: &etcd-service oof-has-etcd + port: 2379 + appUser: conductor +# rootPassword: +# appPassword: +# userCredentialsExternalSecret: # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) @@ -79,19 +99,59 @@ resources: unlimited: {} #component overrides -oof-has-api: +oof-has-api: &has-config enabled: true certSecret: *oof-certs -oof-has-controller: - enabled: true - certSecret: *oof-certs -oof-has-data: - enabled: true - certSecret: *oof-certs -oof-has-reservation: - enabled: true - certSecret: *oof-certs -oof-has-solver: + config: + etcd: + userCredentialsExternalSecret: *user-creds + configJobNameOverride: &job-name oof-has-etcd-config +oof-has-controller: *has-config +oof-has-data: *has-config +oof-has-reservation: *has-config +oof-has-solver: *has-config +music: + enabled: false + +#etcd subchart configurations +etcd: enabled: true - certSecret: *oof-certs + replicaCount: 3 + nameOverride: &etcd-container oof-has-etcd + service: + name: *etcd-service + persistence: + mountSubPath: oof/etcd/data + enabled: true + flavor: &etcd-flavor large + resources: &etcd-resources + small: + limits: + cpu: 100m + memory: 300Mi + requests: + cpu: 10m + memory: 75Mi + large: + limits: + cpu: 200m + memory: 1Gi + requests: + cpu: 50m + memory: 300Mi + unlimited: {} +etcd-init: + enabled: true + nameOverride: *job-name + etcd: + serviceName: *etcd-service + port : 2379 + containerName: *etcd-container + config: + userRootSecret: *root-password + userCredentialsExternalSecret: *user-creds + appRole: conductor + keyPrefix: conductor + flavor: *etcd-flavor + resources: *etcd-resources diff --git a/kubernetes/oof/components/oof-templates/templates/_secret.tpl b/kubernetes/oof/components/oof-templates/templates/_secret.tpl new file mode 100644 index 0000000000..0b04f7120b --- /dev/null +++ b/kubernetes/oof/components/oof-templates/templates/_secret.tpl @@ -0,0 +1,6 @@ +{{- define "oof.etcd.env" -}} +- name: OS_ETCD_API__USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oof-has-etcd-secret" "key" "login") | indent 2 }} +- name: OS_ETCD_API__PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oof-has-etcd-secret" "key" "password") | indent 2 }} +{{- end -}}
\ No newline at end of file diff --git a/kubernetes/platform/components/chartmuseum/Chart.yaml b/kubernetes/platform/components/chartmuseum/Chart.yaml new file mode 100644 index 0000000000..1aa8d929d5 --- /dev/null +++ b/kubernetes/platform/components/chartmuseum/Chart.yaml @@ -0,0 +1,21 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 AT&T. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +description: ONAP Chart Museum +name: chartmuseum +version: 8.0.0 diff --git a/kubernetes/platform/components/chartmuseum/requirements.yaml b/kubernetes/platform/components/chartmuseum/requirements.yaml new file mode 100644 index 0000000000..07ac4b4224 --- /dev/null +++ b/kubernetes/platform/components/chartmuseum/requirements.yaml @@ -0,0 +1,29 @@ +#============LICENSE_START======================================================== +# Copyright (c) 2021 AT&T. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/platform/components/chartmuseum/templates/deployment.yaml b/kubernetes/platform/components/chartmuseum/templates/deployment.yaml new file mode 100644 index 0000000000..cc07f27bb1 --- /dev/null +++ b/kubernetes/platform/components/chartmuseum/templates/deployment.yaml @@ -0,0 +1,83 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 AT&T. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +apiVersion: apps/v1 +kind: Deployment +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +spec: + replicas: 1 + selector: {{- include "common.selectors" . | nindent 4 }} + template: + metadata: {{- include "common.templateMetadata" . | nindent 6 }} + spec: + {{ include "common.podSecurityContext" . | indent 7 | trim}} + initContainers: + - name: volume-permissions + image: {{ include "repositoryGenerator.image.busybox" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + args: + - "-c" + - | + chown -R {{ .Values.securityContext.user_id }}:{{ .Values.securityContext.group_id }} //chartmuseum-persist + securityContext: + runAsUser: 0 + volumeMounts: + - name: chart-persistent + mountPath: "/chartmuseum-persist" + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.githubContainerRegistry" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{ include "common.containerSecurityContext" . | indent 12 | trim }} + resources: {{ include "common.resources" . | nindent 12 }} + ports: {{ include "common.containerPorts" . | nindent 12 }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + httpGet: + path: {{ .Values.liveness.path }} + port: {{ .Values.liveness.port }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + env: + - name: STORAGE + value: local + - name: STORAGE_LOCAL_ROOTDIR + value: "/chartmuseum-persist" + - name: BASIC_AUTH_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "registrycred" "key" "login") | indent 14 }} + - name: BASIC_AUTH_PASS + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "registrycred" "key" "password") | indent 14 }} + volumeMounts: + - mountPath: /chartmuseum-persist + name: chart-persistent + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} + volumes: + - name: chart-persistent + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} + + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/platform/components/chartmuseum/templates/pv.yaml b/kubernetes/platform/components/chartmuseum/templates/pv.yaml new file mode 100644 index 0000000000..a05ebfb207 --- /dev/null +++ b/kubernetes/platform/components/chartmuseum/templates/pv.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.PV" . }}
\ No newline at end of file diff --git a/kubernetes/platform/components/chartmuseum/templates/pvc.yaml b/kubernetes/platform/components/chartmuseum/templates/pvc.yaml new file mode 100644 index 0000000000..2bd21dde5c --- /dev/null +++ b/kubernetes/platform/components/chartmuseum/templates/pvc.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.PVC" . }}
\ No newline at end of file diff --git a/kubernetes/platform/components/chartmuseum/templates/secret.yaml b/kubernetes/platform/components/chartmuseum/templates/secret.yaml new file mode 100644 index 0000000000..c8fbd04150 --- /dev/null +++ b/kubernetes/platform/components/chartmuseum/templates/secret.yaml @@ -0,0 +1,21 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2017-2020 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/platform/components/chartmuseum/templates/service.yaml b/kubernetes/platform/components/chartmuseum/templates/service.yaml new file mode 100644 index 0000000000..40aaa735e2 --- /dev/null +++ b/kubernetes/platform/components/chartmuseum/templates/service.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 AT&T. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.service" . }} diff --git a/kubernetes/platform/components/chartmuseum/values.yaml b/kubernetes/platform/components/chartmuseum/values.yaml new file mode 100644 index 0000000000..05a8b1537b --- /dev/null +++ b/kubernetes/platform/components/chartmuseum/values.yaml @@ -0,0 +1,97 @@ +#============LICENSE_START======================================================== +#================================================================================= +# Copyright (c) 2021 AT&T. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +# Global values +global: + pullPolicy: Always + persistence: {} + githubContainerRegistry: ghcr.io +image: helm/chartmuseum:v0.13.1 +containerPort: &cont_port 8080 + + +# Secrets Configuration. +secrets: + - uid: registrycred + type: basicAuth + login: '{{ .Values.registryCred.username }}' + password: '{{ .Values.registryCred.password }}' + passwordPolicy: required + + +# service configuration +service: + type: ClusterIP + name: chart-museum + ports: + - port: 80 + internal_port: *cont_port + name: &port http + +chartsMap: + directory: "/charts/components/" + +liveness: + initialDelaySeconds: 30 + periodSeconds: 30 + path: /health + port: *port + enabled: true + +# Below parameter should match setting in all clients +# including contrib\tools\registry-initialize.sh +# which does preload +registryCred: + username: onapinitializer + password: demo123456! + +# Parameters for persistent storage +persistence: + enabled: true + accessMode: ReadWriteOnce + size: 4Gi + mountPath: /dockerdata-nfs + mountSubPath: chartmuseum/data + volumeReclaimPolicy: Retain + + +serviceAccount: + nameOverride: chartmuseum + roles: + - read + +securityContext: + user_id: 2000 + group_id: 3000 + +flavor: small +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 0.5 + memory: 512Mi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/configuration.yaml b/kubernetes/platform/components/cmpv2-cert-provider/templates/configuration.yaml index 9ba61a5f57..ae4ae81f02 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/templates/configuration.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/templates/configuration.yaml @@ -1,4 +1,4 @@ -{{ if .Values.global.CMPv2CertManagerIntegration }} +{{ if .Values.global.cmpv2Enabled }} # ============LICENSE_START======================================================= # Copyright (c) 2020 Nokia diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml b/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml index 3a993734e4..8bcbc1f7d0 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml @@ -1,4 +1,4 @@ -{{ if .Values.global.CMPv2CertManagerIntegration }} +{{ if .Values.global.cmpv2Enabled }} # ============LICENSE_START======================================================= # Copyright (c) 2020 Nokia diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/roles.yaml b/kubernetes/platform/components/cmpv2-cert-provider/templates/roles.yaml index add5622f41..f976a80268 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/templates/roles.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/templates/roles.yaml @@ -1,4 +1,4 @@ -{{ if .Values.global.CMPv2CertManagerIntegration }} +{{ if .Values.global.cmpv2Enabled }} # ============LICENSE_START======================================================= # Copyright (c) 2020 Nokia diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/service.yaml b/kubernetes/platform/components/cmpv2-cert-provider/templates/service.yaml index 152bd68ba6..bc689cc68f 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/templates/service.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/templates/service.yaml @@ -1,4 +1,4 @@ -{{ if .Values.global.CMPv2CertManagerIntegration }} +{{ if .Values.global.cmpv2Enabled }} # ============LICENSE_START======================================================= # Copyright (c) 2020 Nokia diff --git a/kubernetes/platform/components/cmpv2-cert-provider/values.yaml b/kubernetes/platform/components/cmpv2-cert-provider/values.yaml index fd34b1ef28..55c4d0beac 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/values.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/values.yaml @@ -21,7 +21,6 @@ global: busyboxRepository: registry.hub.docker.com busyboxImage: library/busybox:latest repository: "nexus3.onap.org:10001" - CMPv2CertManagerIntegration: false namespace: onap diff --git a/kubernetes/platform/requirements.yaml b/kubernetes/platform/requirements.yaml index 84ad7f8699..ce3310151f 100644 --- a/kubernetes/platform/requirements.yaml +++ b/kubernetes/platform/requirements.yaml @@ -22,3 +22,6 @@ dependencies: - name: cmpv2-cert-provider version: ~8.x-0 repository: 'file://components/cmpv2-cert-provider' + - name: chartmuseum + version: ~8.x-0 + repository: 'file://components/chartmuseum'
\ No newline at end of file diff --git a/kubernetes/platform/values.yaml b/kubernetes/platform/values.yaml index d21fb791e2..a30dabbcc2 100644 --- a/kubernetes/platform/values.yaml +++ b/kubernetes/platform/values.yaml @@ -28,11 +28,6 @@ global: cmpv2Enabled: true addTestingComponents: false - certService: - certServiceClient: - secret: - name: oom-cert-service-client-tls-secret - ################################################################# # Application configuration defaults. ################################################################# diff --git a/kubernetes/portal/components/portal-app/templates/deployment.yaml b/kubernetes/portal/components/portal-app/templates/deployment.yaml index 71b2aa3227..39393efb59 100644 --- a/kubernetes/portal/components/portal-app/templates/deployment.yaml +++ b/kubernetes/portal/components/portal-app/templates/deployment.yaml @@ -104,7 +104,7 @@ spec: -Djavax.net.ssl.keyStore="{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }}" -Djavax.net.ssl.trustStore="{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }}" {{- else }} - args: ["/start-apache-tomcat.sh -i "" -n "" -b {{ .Values.global.env.tomcatDir }}"] + args: ["/start-apache-tomcat.sh -i \"\" -n \"\" -b {{ .Values.global.env.tomcatDir }}"] {{- end }} ports: - containerPort: {{ .Values.service.internalPort }} diff --git a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh index c4a21b927f..40341bec11 100644 --- a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh +++ b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh @@ -1,4 +1,5 @@ #!/bin/bash + set -eo pipefail shopt -s nullglob @@ -30,10 +31,15 @@ file_env() { mysql_error "Both $var and $fileVar are set (but are exclusive)" fi local val="$def" + # val="${!var}" + # val="$(< "${!fileVar}")" + # eval replacement of the bashism equivalents above presents no security issue here + # since var and fileVar variables contents are derived from the file_env() function arguments. + # This method is only called inside this script with a limited number of possible values. if [ "${!var:-}" ]; then - val="${!var}" + eval val=\$$var elif [ "${!fileVar:-}" ]; then - val="$(< "${!fileVar}")" + val="$(< "$(eval echo "\$$fileVar")")" fi export "$var"="$val" unset "$fileVar" @@ -103,11 +109,11 @@ docker_temp_server_start() { for i in {30..0}; do # only use the root password if the database has already been initializaed # so that it won't try to fill in a password file when it hasn't been set yet - extraArgs=() + extraArgs="" if [ -z "$DATABASE_ALREADY_EXISTS" ]; then - extraArgs+=( '--dont-use-mysql-root-password' ) + extraArgs=${extraArgs}" --dont-use-mysql-root-password" fi - if echo 'SELECT 1' |docker_process_sql "${extraArgs[@]}" --database=mysql >/dev/null 2>&1; then + if echo 'SELECT 1' |docker_process_sql ${extraArgs} --database=mysql >/dev/null 2>&1; then break fi sleep 1 @@ -150,15 +156,15 @@ docker_create_db_directories() { # initializes the database directory docker_init_database_dir() { mysql_note "Initializing database files" - installArgs=( --datadir="$DATADIR" --rpm ) + installArgs=" --datadir=$DATADIR --rpm " if { mysql_install_db --help || :; } | grep -q -- '--auth-root-authentication-method'; then # beginning in 10.4.3, install_db uses "socket" which only allows system user root to connect, switch back to "normal" to allow mysql root without a password # see https://github.com/MariaDB/server/commit/b9f3f06857ac6f9105dc65caae19782f09b47fb3 # (this flag doesn't exist in 10.0 and below) - installArgs+=( --auth-root-authentication-method=normal ) + installArgs=${installArgs}" --auth-root-authentication-method=normal" fi # "Other options are passed to mysqld." (so we pass all "mysqld" arguments directly here) - mysql_install_db "${installArgs[@]}" "${@:2}" + mysql_install_db ${installArgs} "${@:2}" mysql_note "Database files initialized" } @@ -189,9 +195,9 @@ docker_setup_env() { # ie: docker_process_sql --database=mydb <<<'INSERT ...' # ie: docker_process_sql --dont-use-mysql-root-password --database=mydb <my-file.sql docker_process_sql() { - passfileArgs=() + passfileArgs="" if [ '--dont-use-mysql-root-password' = "$1" ]; then - passfileArgs+=( "$1" ) + passfileArgs=${passfileArgs}" $1" shift fi # args sent in can override this db, since they will be later in the command @@ -199,7 +205,7 @@ docker_process_sql() { set -- --database="$MYSQL_DATABASE" "$@" fi - mysql --defaults-extra-file=<( _mysql_passfile "${passfileArgs[@]}") --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" "$@" + mysql --defaults-extra-file=<( _mysql_passfile ${passfileArgs}) --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" "$@" } # Initializes database with timezone info and root password, plus optional extra db/user @@ -323,7 +329,7 @@ _main() { # If container is started as root user, restart as dedicated mysql user if [ "$(id -u)" = "0" ]; then mysql_note "Switching to dedicated user 'mysql'" - exec gosu mysql "$BASH_SOURCE" "$@" + exec gosu mysql "$0" "$@" fi # there's no database, so it needs to be initialized diff --git a/kubernetes/portal/docker/init/mariadb-client/db_migrate.sh b/kubernetes/portal/docker/init/mariadb-client/db_migrate.sh index 6f62a0ebac..2b90a994c3 100644 --- a/kubernetes/portal/docker/init/mariadb-client/db_migrate.sh +++ b/kubernetes/portal/docker/init/mariadb-client/db_migrate.sh @@ -17,10 +17,10 @@ SQL_DEST_DIR=${SQL_DEST_DIR:-/tmp/sql} DB_PORT=${DB_PORT:-3306} -[[ -z "$SQL_SRC_DIR" ]] && { echo "Error: SQL_SRC_DIR must be provided as an environment variable"; exit 1; } -[[ -z "$DB_USER" ]] && { echo "Error: DB_USER must be provided as an environment variable"; exit 1; } -[[ -z "$DB_PASS" ]] && { echo "Error: DB_PASS must be provided as an environment variable"; exit 1; } -[[ -z "$DB_HOST" ]] && { echo "Error: DB_HOST must be provided as an environment variable"; exit 1; } +[ -z "$SQL_SRC_DIR" ] && { echo "Error: SQL_SRC_DIR must be provided as an environment variable"; exit 1; } +[ -z "$DB_USER" ] && { echo "Error: DB_USER must be provided as an environment variable"; exit 1; } +[ -z "$DB_PASS" ] && { echo "Error: DB_PASS must be provided as an environment variable"; exit 1; } +[ -z "$DB_HOST" ] && { echo "Error: DB_HOST must be provided as an environment variable"; exit 1; } mkdir -p $SQL_DEST_DIR diff --git a/kubernetes/robot/demo-k8s.sh b/kubernetes/robot/demo-k8s.sh index d48070cf24..5e4e216c95 100755 --- a/kubernetes/robot/demo-k8s.sh +++ b/kubernetes/robot/demo-k8s.sh @@ -63,7 +63,7 @@ usage () # Check if execscript flag is used and drop it from input arguments -if [[ "${!#}" = "execscript" ]]; then +if [ "${!#}" = "execscript" ]; then set -- "${@:1:$#-1}" execscript=true fi @@ -222,7 +222,7 @@ ETEHOME=/var/opt/ONAP if [ $execscript ]; then for script in $(ls -1 "$DIR/$SCRIPTDIR"); do - [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script" + [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && . "$DIR/$SCRIPTDIR/$script" done fi diff --git a/kubernetes/robot/ete-k8s.sh b/kubernetes/robot/ete-k8s.sh index 97f4e4d032..01cf0922fa 100755 --- a/kubernetes/robot/ete-k8s.sh +++ b/kubernetes/robot/ete-k8s.sh @@ -76,9 +76,9 @@ SCRIPTDIR=scripts/etescript ETEHOME=/var/opt/ONAP -if [[ "${!#}" = "execscript" ]]; then +if [ "${!#}" = "execscript" ]; then for script in $(ls -1 "$DIR/$SCRIPTDIR"); do - [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script" + [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && . "$DIR/$SCRIPTDIR/$script" done fi diff --git a/kubernetes/robot/eteHelm-k8s.sh b/kubernetes/robot/eteHelm-k8s.sh index 2512e5f7ce..8b74da77f8 100755 --- a/kubernetes/robot/eteHelm-k8s.sh +++ b/kubernetes/robot/eteHelm-k8s.sh @@ -44,9 +44,9 @@ SCRIPTDIR=scripts/helmscript ETEHOME=/var/opt/ONAP -if [[ "${!#}" = "execscript" ]]; then +if [ "${!#}" = "execscript" ]; then for script in $(ls -1 "$DIR/$SCRIPTDIR"); do - [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script" + [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && . "$DIR/$SCRIPTDIR/$script" done fi diff --git a/kubernetes/robot/instantiate-k8s.sh b/kubernetes/robot/instantiate-k8s.sh index f4f6b04e4c..623870b9f3 100755 --- a/kubernetes/robot/instantiate-k8s.sh +++ b/kubernetes/robot/instantiate-k8s.sh @@ -1,4 +1,5 @@ #!/bin/bash + # Copyright 2019 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -13,7 +14,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -THIS_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" +THIS_DIR="$( cd "$( dirname "$0" )" >/dev/null 2>&1 && pwd )" NAMESPACE= FOLDER= @@ -138,13 +139,13 @@ kubectl --namespace $NAMESPACE cp ${POD}:share/logs/$OUTPUT_FOLDER/summary/stack kubectl --namespace $NAMESPACE cp ${POD}:share/logs/$OUTPUT_FOLDER/summary/results.json "$OUTPUT_DIRECTORY"/results.json kubectl --namespace $NAMESPACE cp ${POD}:share/logs/$OUTPUT_FOLDER/log.html "$OUTPUT_DIRECTORY"/log.html -pushd . +initdir=$(pwd) # echo -e "import hashlib\nwith open(\"README.md\", \"r\") as f: bytes = f.read()\nreadable_hash = hashlib.sha256(bytes).hexdigest()\nprint(readable_hash)" | python cd "$OUTPUT_DIRECTORY" tar -czvf vnf_heat_results.tar.gz * -popd +cd $initdir echo "VNF test results: $OUTPUT_DIRECTORY/vnf_heat_results.tar.gz" diff --git a/kubernetes/robot/scripts/etescript/vnfsdk-etescript.sh b/kubernetes/robot/scripts/etescript/vnfsdk-etescript.sh index 19864d438c..a93f109085 100755 --- a/kubernetes/robot/scripts/etescript/vnfsdk-etescript.sh +++ b/kubernetes/robot/scripts/etescript/vnfsdk-etescript.sh @@ -35,7 +35,7 @@ copy_package_certs_to_robot () { mkdir "$DIR/$SCRIPTDIR/tmp" cd "$DIR/$SCRIPTDIR/tmp" -if [[ -f rootCA-robot-$SDCVALID.cert && -f package-robot-$SDCVALID.cert && -f package-robot-$SDCINVALID.cert && -f package-private-robot-$SDCVALID.key && -f package-private-robot-$SDCINVALID.key ]]; then +if [ -f rootCA-robot-$SDCVALID.cert ] && [ -f package-robot-$SDCVALID.cert ] && [ -f package-robot-$SDCINVALID.cert ] && [ -f package-private-robot-$SDCVALID.key ] && [ -f package-private-robot-$SDCINVALID.key ]; then echo "All files are present"; else generate_ca_key_cert_and_package_cert_issued_by_CA $SDCVALID diff --git a/kubernetes/sdc/components/sdc-be/requirements.yaml b/kubernetes/sdc/components/sdc-be/requirements.yaml index b36d051041..b684a0e11f 100644 --- a/kubernetes/sdc/components/sdc-be/requirements.yaml +++ b/kubernetes/sdc/components/sdc-be/requirements.yaml @@ -24,3 +24,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml index 44439869cc..d731a56c5c 100644 --- a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml @@ -119,19 +119,32 @@ spec: livenessProbe: httpGet: path: /sdc2/rest/healthCheck - port: {{ .Values.liveness.port }} - scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }} + port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + successThreshold: {{ .Values.liveness.successThreshold }} + failureThreshold: {{ .Values.liveness.failureThreshold }} {{ end }} readinessProbe: - exec: - command: - - "/var/lib/jetty/ready-probe.sh" + httpGet: + path: /sdc2/rest/healthCheck + port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} + successThreshold: {{ .Values.readiness.successThreshold }} + failureThreshold: {{ .Values.readiness.failureThreshold }} + resources: {{ include "common.resources" . | nindent 12 }} + startupProbe: + httpGet: + path: /sdc2/rest/healthCheck + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }} + periodSeconds: {{ .Values.startup.periodSeconds }} + timeoutSeconds: {{ .Values.startup.timeoutSeconds }} + successThreshold: {{ .Values.startup.successThreshold }} + failureThreshold: {{ .Values.startup.failureThreshold }} resources: {{ include "common.resources" . | nindent 12 }} env: - name: ENVNAME @@ -146,12 +159,12 @@ spec: fieldPath: status.podIP volumeMounts: - name: sdc-environments-output - mountPath: /var/lib/jetty/chef-solo/environments/ + mountPath: /app/jetty/chef-solo/environments/ - name: sdc-environments-output - mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.p12 + mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.p12 subPath: org.onap.sdc.p12 - name: sdc-environments-output - mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.trust.jks + mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.trust.jks subPath: org.onap.sdc.trust.jks - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime @@ -164,7 +177,7 @@ spec: lifecycle: postStart: exec: - command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/var/lib/jetty/config/catalog-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] + command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/app/jetty/config/catalog-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] # side car containers - name: {{ include "common.name" . }}-filebeat-onap image: {{ include "repositoryGenerator.image.logging" . }} @@ -184,6 +197,7 @@ spec: requests: cpu: 3m memory: 20Mi + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: {{ include "common.fullname" . }}-localtime hostPath: diff --git a/kubernetes/sdc/components/sdc-be/templates/job.yaml b/kubernetes/sdc/components/sdc-be/templates/job.yaml index b9db3f93c8..aaf8fada28 100644 --- a/kubernetes/sdc/components/sdc-be/templates/job.yaml +++ b/kubernetes/sdc/components/sdc-be/templates/job.yaml @@ -64,7 +64,7 @@ spec: - name: {{ include "common.fullname" . }}-environments mountPath: /home/onap/chef-solo/environments/ - name: sdc-logs - mountPath: /var/lib/jetty/logs + mountPath: /home/onap/logs env: - name: ENVNAME value: {{ .Values.env.name }} diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml index bdaea44938..070583bfc2 100644 --- a/kubernetes/sdc/components/sdc-be/values.yaml +++ b/kubernetes/sdc/components/sdc-be/values.yaml @@ -35,8 +35,8 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-backend-all-plugins:1.8.5 -backendInitImage: onap/sdc-backend-init:1.8.5 +image: onap/sdc-backend-all-plugins:1.9.0 +backendInitImage: onap/sdc-backend-init:1.9.0 pullPolicy: Always @@ -83,23 +83,34 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 120 + initialDelaySeconds: 1 periodSeconds: 10 timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 3 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container - port: api enabled: true readiness: - initialDelaySeconds: 60 + initialDelaySeconds: 1 periodSeconds: 10 timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 3 + +startup: + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 60 service: type: NodePort name: sdc-be both_tls_and_plain: true + internalPort: 8080 msb: - port: 8443 url: "/sdc/v1" @@ -150,3 +161,9 @@ resources: cpu: 200m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: sdc-be + roles: + - read diff --git a/kubernetes/sdc/components/sdc-cs/requirements.yaml b/kubernetes/sdc/components/sdc-cs/requirements.yaml index 8febe6fac4..7d9ea04952 100644 --- a/kubernetes/sdc/components/sdc-cs/requirements.yaml +++ b/kubernetes/sdc/components/sdc-cs/requirements.yaml @@ -24,3 +24,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/sdc/components/sdc-cs/templates/job.yaml b/kubernetes/sdc/components/sdc-cs/templates/job.yaml index bb218bbfae..fb849b9f25 100644 --- a/kubernetes/sdc/components/sdc-cs/templates/job.yaml +++ b/kubernetes/sdc/components/sdc-cs/templates/job.yaml @@ -96,6 +96,7 @@ spec: requests: cpu: 200m memory: 300Mi + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: {{ include "common.fullname" . }}-environments configMap: diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml index 3422f9d14d..fed4769202 100644 --- a/kubernetes/sdc/components/sdc-cs/values.yaml +++ b/kubernetes/sdc/components/sdc-cs/values.yaml @@ -38,8 +38,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-cassandra:1.8.5 -cassandraInitImage: onap/sdc-cassandra-init:1.8.5 +image: onap/sdc-cassandra:1.9.0 +cassandraInitImage: onap/sdc-cassandra-init:1.9.0 pullPolicy: Always config: @@ -103,3 +103,9 @@ persistence: ingress: enabled: false + +#Pods Service Account +serviceAccount: + nameOverride: sdc-cs + roles: + - read diff --git a/kubernetes/sdc/components/sdc-fe/requirements.yaml b/kubernetes/sdc/components/sdc-fe/requirements.yaml index b36d051041..b684a0e11f 100644 --- a/kubernetes/sdc/components/sdc-fe/requirements.yaml +++ b/kubernetes/sdc/components/sdc-fe/requirements.yaml @@ -24,3 +24,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml index 45c7bc85b6..dcb17d0ba2 100644 --- a/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml @@ -117,13 +117,25 @@ spec: initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + successThreshold: {{ .Values.liveness.successThreshold }} + failureThreshold: {{ .Values.liveness.failureThreshold }} {{ end }} readinessProbe: tcpSocket: port: {{ .Values.service.internalPort2 }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} + successThreshold: {{ .Values.readiness.successThreshold }} + failureThreshold: {{ .Values.readiness.failureThreshold }} + startupProbe: + tcpSocket: + port: {{ .Values.service.internalPort2 }} + initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }} + periodSeconds: {{ .Values.startup.periodSeconds }} + timeoutSeconds: {{ .Values.startup.timeoutSeconds }} + successThreshold: {{ .Values.startup.successThreshold }} + failureThreshold: {{ .Values.startup.failureThreshold }} resources: {{ include "common.resources" . | nindent 12 }} env: - name: ENVNAME @@ -136,12 +148,12 @@ spec: value: {{ .Values.config.javaOptions }} volumeMounts: - name: sdc-environments-output - mountPath: /var/lib/jetty/chef-solo/environments/ + mountPath: /app/jetty/chef-solo/environments/ - name: sdc-environments-output - mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.p12 + mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.p12 subPath: org.onap.sdc.p12 - name: sdc-environments-output - mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.trust.jks + mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.trust.jks subPath: org.onap.sdc.trust.jks - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime @@ -149,7 +161,7 @@ spec: - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-configs - mountPath: /var/lib/jetty/config/catalog-fe/plugins-configuration.yaml + mountPath: /app/jetty/config/catalog-fe/plugins-configuration.yaml subPath: plugins-configuration.yaml - name: {{ include "common.fullname" . }}-logback mountPath: /tmp/logback.xml @@ -157,7 +169,7 @@ spec: lifecycle: postStart: exec: - command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/var/lib/jetty/config/catalog-fe/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] + command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/app/jetty/config/catalog-fe/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] # side car containers - name: {{ include "common.name" . }}-filebeat-onap image: {{ include "repositoryGenerator.image.logging" . }} @@ -177,6 +189,7 @@ spec: requests: cpu: 3m memory: 20Mi + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: {{ include "common.fullname" . }}-localtime hostPath: diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml index 1e269d0552..e9b2eee8db 100644 --- a/kubernetes/sdc/components/sdc-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-fe/values.yaml @@ -47,7 +47,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-frontend:1.8.5 +image: onap/sdc-frontend:1.9.0 pullPolicy: Always config: @@ -76,17 +76,28 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 - periodSeconds: 60 + initialDelaySeconds: 1 + periodSeconds: 10 timeoutSeconds: 15 + successThreshold: 1 + failureThreshold: 3 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: + initialDelaySeconds: 1 + periodSeconds: 10 + timeoutSeconds: 15 + successThreshold: 1 + failureThreshold: 3 + +startup: initialDelaySeconds: 10 - periodSeconds: 60 + periodSeconds: 10 timeoutSeconds: 15 + successThreshold: 1 + failureThreshold: 60 service: #Example service definition with external, internal and node ports. @@ -132,3 +143,9 @@ resources: cpu: 80m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: sdc-fe + roles: + - read diff --git a/kubernetes/sdc/components/sdc-helm-validator/templates/deployment.yaml b/kubernetes/sdc/components/sdc-helm-validator/templates/deployment.yaml index 08228ad99c..f736a174db 100644 --- a/kubernetes/sdc/components/sdc-helm-validator/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-helm-validator/templates/deployment.yaml @@ -40,5 +40,15 @@ spec: port: {{ .Values.liveness.port }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + successThreshold: {{ .Values.liveness.successThreshold }} + failureThreshold: {{ .Values.liveness.failureThreshold }} + startupProbe: + httpGet: + path: {{ .Values.startup.path }} + port: {{ .Values.startup.port }} + initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }} + periodSeconds: {{ .Values.startup.periodSeconds }} + successThreshold: {{ .Values.startup.successThreshold }} + failureThreshold: {{ .Values.startup.failureThreshold }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/components/sdc-helm-validator/values.yaml b/kubernetes/sdc/components/sdc-helm-validator/values.yaml index 9c0d90649f..5c5c5995b0 100644 --- a/kubernetes/sdc/components/sdc-helm-validator/values.yaml +++ b/kubernetes/sdc/components/sdc-helm-validator/values.yaml @@ -18,7 +18,7 @@ global: pullPolicy: Always -image: onap/org.onap.sdc.sdc-helm-validator:1.2.0 +image: onap/org.onap.sdc.sdc-helm-validator:1.2.1 containerPort: &svc_port 8080 config: @@ -31,14 +31,24 @@ service: port: *svc_port liveness: - initialDelaySeconds: 30 - periodSeconds: 30 + initialDelaySeconds: 1 + periodSeconds: 10 path: /actuator/health + successThreshold: 1 + failureThreshold: 3 port: *port # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true +startup: + initialDelaySeconds: 10 + periodSeconds: 10 + path: /actuator/health + successThreshold: 1 + failureThreshold: 12 + port: *port + flavor: small resources: small: diff --git a/kubernetes/sdc/components/sdc-onboarding-be/requirements.yaml b/kubernetes/sdc/components/sdc-onboarding-be/requirements.yaml index b36d051041..b684a0e11f 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/requirements.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/requirements.yaml @@ -24,3 +24,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml index af53fd6708..2bd53ff91b 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml @@ -122,20 +122,33 @@ spec: - containerPort: {{ .Values.service.internalPort2 }} {{ if eq .Values.liveness.enabled true }} livenessProbe: - exec: - command: - - "/var/lib/jetty/ready-probe.sh" + httpGet: + path: /onboarding-api/v1.0/healthcheck + port: {{ .Values.service.internalPort2 }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + successThreshold: {{ .Values.liveness.successThreshold }} + failureThreshold: {{ .Values.liveness.failureThreshold }} {{ end }} readinessProbe: - exec: - command: - - "/var/lib/jetty/ready-probe.sh" + httpGet: + path: /onboarding-api/v1.0/healthcheck + port: {{ .Values.service.internalPort2 }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} + successThreshold: {{ .Values.readiness.successThreshold }} + failureThreshold: {{ .Values.readiness.failureThreshold }} + startupProbe: + httpGet: + path: /onboarding-api/v1.0/healthcheck + port: {{ .Values.service.internalPort2 }} + initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }} + periodSeconds: {{ .Values.startup.periodSeconds }} + timeoutSeconds: {{ .Values.startup.timeoutSeconds }} + successThreshold: {{ .Values.startup.successThreshold }} + failureThreshold: {{ .Values.startup.failureThreshold }} resources: {{ include "common.resources" . | nindent 12 }} env: - name: ENVNAME @@ -160,12 +173,12 @@ spec: value: {{ .Values.cert.certDir }} volumeMounts: - name: sdc-environments-output - mountPath: /var/lib/jetty/chef-solo/environments/ + mountPath: /app/jetty/chef-solo/environments/ - name: sdc-environments-output - mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12 + mountPath: /app/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12 subPath: org.onap.sdc.p12 - name: sdc-environments-output - mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks + mountPath: /app/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks subPath: org.onap.sdc.trust.jks - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime @@ -180,7 +193,7 @@ spec: lifecycle: postStart: exec: - command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/var/lib/jetty/config/onboarding-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] + command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/app/jetty/config/onboarding-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] # side car containers - name: {{ include "common.name" . }}-filebeat-onap image: {{ include "repositoryGenerator.image.logging" . }} @@ -200,6 +213,7 @@ spec: requests: cpu: 3m memory: 20Mi + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: {{ include "common.fullname" . }}-localtime hostPath: diff --git a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml index d2dd808d86..aa7d535db3 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml @@ -59,8 +59,8 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-onboard-backend:1.8.5 -onboardingInitImage: onap/sdc-onboard-cassandra-init:1.8.5 +image: onap/sdc-onboard-backend:1.9.0 +onboardingInitImage: onap/sdc-onboard-cassandra-init:1.9.0 pullPolicy: Always # flag to enable debugging - application support required @@ -83,17 +83,28 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 120 - periodSeconds: 60 + initialDelaySeconds: 1 + periodSeconds: 10 timeoutSeconds: 15 + successThreshold: 1 + failureThreshold: 3 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 120 - periodSeconds: 60 + initialDelaySeconds: 1 + periodSeconds: 10 timeoutSeconds: 15 + successThreshold: 1 + failureThreshold: 3 + +startup: + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 15 + successThreshold: 1 + failureThreshold: 60 service: type: ClusterIP @@ -130,7 +141,7 @@ persistence: ##Certificate storage persistence ##This is temporary solution for SDC-1980 cert: - certDir: /var/lib/jetty/cert + certDir: /app/jetty/cert persistence: enabled: true size: 10Mi @@ -164,3 +175,9 @@ resources: cpu: 80m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: sdc-onboarding-be + roles: + - read diff --git a/kubernetes/sdc/components/sdc-wfd-be/requirements.yaml b/kubernetes/sdc/components/sdc-wfd-be/requirements.yaml index b36d051041..b684a0e11f 100644 --- a/kubernetes/sdc/components/sdc-wfd-be/requirements.yaml +++ b/kubernetes/sdc/components/sdc-wfd-be/requirements.yaml @@ -24,3 +24,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml index 9defb8e1ce..343bda8ff9 100644 --- a/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml @@ -88,12 +88,23 @@ spec: port: {{ template "wfd-be.internalPort" . }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + successThreshold: {{ .Values.liveness.successThreshold }} + failureThreshold: {{ .Values.liveness.failureThreshold }} {{ end }} readinessProbe: tcpSocket: port: {{ template "wfd-be.internalPort" . }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + successThreshold: {{ .Values.readiness.successThreshold }} + failureThreshold: {{ .Values.readiness.failureThreshold }} + startupProbe: + tcpSocket: + port: {{ template "wfd-be.internalPort" . }} + initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }} + periodSeconds: {{ .Values.startup.periodSeconds }} + successThreshold: {{ .Values.startup.successThreshold }} + failureThreshold: {{ .Values.startup.failureThreshold }} env: - name: JAVA_OPTIONS value: {{ .Values.config.javaOptions }} @@ -133,6 +144,7 @@ spec: value: "{{ .Values.config.serverSSLTrustStoreType }}" volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} resources: {{ include "common.resources" . | nindent 12 }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/components/sdc-wfd-be/values.yaml b/kubernetes/sdc/components/sdc-wfd-be/values.yaml index dbd643806c..8b61567114 100644 --- a/kubernetes/sdc/components/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/components/sdc-wfd-be/values.yaml @@ -101,6 +101,28 @@ readiness: initialDelaySeconds: 60 periodSeconds: 10 +# probe configuration parameters +liveness: + initialDelaySeconds: 1 + periodSeconds: 10 + successThreshold: 1 + failureThreshold: 3 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 1 + periodSeconds: 10 + successThreshold: 1 + failureThreshold: 3 + +startup: + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + failureThreshold: 60 + service: type: NodePort portName: sdc-wfd-be @@ -138,3 +160,9 @@ resources: cpu: 80m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: sdc-wfd-be + roles: + - read diff --git a/kubernetes/sdc/components/sdc-wfd-fe/requirements.yaml b/kubernetes/sdc/components/sdc-wfd-fe/requirements.yaml index b36d051041..b684a0e11f 100644 --- a/kubernetes/sdc/components/sdc-wfd-fe/requirements.yaml +++ b/kubernetes/sdc/components/sdc-wfd-fe/requirements.yaml @@ -24,3 +24,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml index 7a8cf8fb34..d221c07612 100644 --- a/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml @@ -105,12 +105,23 @@ spec: port: {{ template "wfd-fe.internalPort" . }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + successThreshold: {{ .Values.liveness.successThreshold }} + failureThreshold: {{ .Values.liveness.failureThreshold }} {{ end }} readinessProbe: tcpSocket: port: {{ template "wfd-fe.internalPort" . }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + successThreshold: {{ .Values.readiness.successThreshold }} + failureThreshold: {{ .Values.readiness.failureThreshold }} + startupProbe: + tcpSocket: + port: {{ template "wfd-fe.internalPort" . }} + initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }} + periodSeconds: {{ .Values.startup.periodSeconds }} + successThreshold: {{ .Values.startup.successThreshold }} + failureThreshold: {{ .Values.startup.failureThreshold }} env: - name: ENVNAME value: {{ .Values.env.name }} @@ -167,6 +178,7 @@ spec: requests: cpu: 3m memory: 20Mi + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: {{ include "common.fullname" . }}-localtime hostPath: diff --git a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml index e001f2f5a7..d8ee5c8285 100644 --- a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml @@ -77,15 +77,25 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 60 + initialDelaySeconds: 1 periodSeconds: 10 + successThreshold: 1 + failureThreshold: 3 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 60 + initialDelaySeconds: 1 periodSeconds: 10 + successThreshold: 1 + failureThreshold: 3 + +startup: + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + failureThreshold: 60 service: type: NodePort @@ -129,3 +139,9 @@ resources: cpu: 80m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: sdc-wfd-fe + roles: + - read diff --git a/kubernetes/sdc/requirements.yaml b/kubernetes/sdc/requirements.yaml index 2f2cb6c373..1f9b2d1600 100644 --- a/kubernetes/sdc/requirements.yaml +++ b/kubernetes/sdc/requirements.yaml @@ -37,4 +37,4 @@ dependencies: - name: sdc-helm-validator version: ~8.x-0 repository: 'file://components/sdc-helm-validator' - condition: sdc-helm-validator.enabled + condition: sdcHelmValidator.enabled diff --git a/kubernetes/sdc/resources/config/environments/AUTO.json b/kubernetes/sdc/resources/config/environments/AUTO.json index 79428f73c6..d01f8557f3 100755 --- a/kubernetes/sdc/resources/config/environments/AUTO.json +++ b/kubernetes/sdc/resources/config/environments/AUTO.json @@ -46,6 +46,14 @@ "VnfRepo": { "vnfRepoPort": "{{.Values.config.environment.vnfRepoPort}}", "vnfRepoHost": "refrepo.{{include "common.namespace" .}}" + }, + "HelmValidator": { + "validator_enabled": "{{.Values.sdcHelmValidator.enabled}}", + "helm_version": "{{.Values.sdcHelmValidator.helmVersion}}", + "deployable": "{{.Values.sdcHelmValidator.deployable}}", + "lintable": "{{.Values.sdcHelmValidator.lintable}}", + "strict_lintable": "{{.Values.sdcHelmValidator.strictLintable}}", + "validator_url": "{{.Values.sdcHelmValidator.url}}" } }, "override_attributes": { diff --git a/kubernetes/sdc/values.yaml b/kubernetes/sdc/values.yaml index b7476a584e..cd3dc1e5fd 100644 --- a/kubernetes/sdc/values.yaml +++ b/kubernetes/sdc/values.yaml @@ -63,5 +63,10 @@ cassandra: # dependency / sub-chart configuration sdc-wfd: enabled: true -sdc-helm-validator: +sdcHelmValidator: enabled: true + helmVersion: 3.5.2 + deployable: true + lintable: false + strictLintable: false + url: http://sdc-helm-validator:8080/validate diff --git a/kubernetes/sdnc/components/dmaap-listener/values.yaml b/kubernetes/sdnc/components/dmaap-listener/values.yaml index b37b2be590..c32a6a6230 100644 --- a/kubernetes/sdnc/components/dmaap-listener/values.yaml +++ b/kubernetes/sdnc/components/dmaap-listener/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-dmaap-listener-image:2.1.5 +image: onap/sdnc-dmaap-listener-image:2.1.6 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml index f9c8ca4401..b8d59f96c9 100644 --- a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml +++ b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-ansible-server-image:2.1.5 +image: onap/sdnc-ansible-server-image:2.1.6 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh index feb6662196..099103ca79 100755 --- a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh +++ b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh @@ -1,6 +1,6 @@ #!/bin/bash -{{/* +{{/* # Copyright © 2018 Amdocs # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncStandby.sh b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncStandby.sh index 94858339e7..05a17017ab 100755 --- a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncStandby.sh +++ b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncStandby.sh @@ -1,6 +1,6 @@ -#!/bin/bash -{{/* +#!/bin/sh +{{/* # Copyright © 2018 Amdocs # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/kubernetes/sdnc/components/sdnc-web/values.yaml b/kubernetes/sdnc/components/sdnc-web/values.yaml index acd21ae8b9..8514641a1c 100644 --- a/kubernetes/sdnc/components/sdnc-web/values.yaml +++ b/kubernetes/sdnc/components/sdnc-web/values.yaml @@ -23,7 +23,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: "onap/sdnc-web-image:2.1.5" +image: "onap/sdnc-web-image:2.1.6" pullPolicy: Always config: diff --git a/kubernetes/sdnc/components/ueb-listener/values.yaml b/kubernetes/sdnc/components/ueb-listener/values.yaml index b5c062945b..5838809efe 100644 --- a/kubernetes/sdnc/components/ueb-listener/values.yaml +++ b/kubernetes/sdnc/components/ueb-listener/values.yaml @@ -55,7 +55,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-ueb-listener-image:2.1.5 +image: onap/sdnc-ueb-listener-image:2.1.6 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/requirements.yaml b/kubernetes/sdnc/requirements.yaml index 0c82f9581d..ac0e6ed868 100644 --- a/kubernetes/sdnc/requirements.yaml +++ b/kubernetes/sdnc/requirements.yaml @@ -21,9 +21,6 @@ dependencies: - name: certInitializer version: ~8.x-0 repository: '@local' - - name: cmpv2Certificate - version: ~8.x-0 - repository: '@local' - name: certManagerCertificate version: ~8.x-0 repository: '@local' diff --git a/kubernetes/sdnc/resources/config/conf/mountpoint-registrar.properties b/kubernetes/sdnc/resources/config/conf/mountpoint-registrar.properties index 57a16bd488..303e504aa9 100644 --- a/kubernetes/sdnc/resources/config/conf/mountpoint-registrar.properties +++ b/kubernetes/sdnc/resources/config/conf/mountpoint-registrar.properties @@ -23,7 +23,6 @@ topic=unauthenticated.SEC_FAULT_OUTPUT contenttype=application/json group=myG id=C1 -timeout=50000 limit=10000 [pnfRegistration] @@ -41,5 +40,4 @@ topic=unauthenticated.VES_PNFREG_OUTPUT contenttype=application/json group=myG id=C1 -timeout=50000 limit=10000 diff --git a/kubernetes/sdnc/resources/geo/bin/switchVoting.sh b/kubernetes/sdnc/resources/geo/bin/switchVoting.sh index 65b76265fc..a276854d5c 100755 --- a/kubernetes/sdnc/resources/geo/bin/switchVoting.sh +++ b/kubernetes/sdnc/resources/geo/bin/switchVoting.sh @@ -1,6 +1,6 @@ -#!/bin/bash -{{/* +#!/bin/sh +{{/* # Copyright © 2018 Amdocs # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/kubernetes/sdnc/templates/certificates.yaml b/kubernetes/sdnc/templates/certificates.yaml index c4eca61e35..acf9012099 100644 --- a/kubernetes/sdnc/templates/certificates.yaml +++ b/kubernetes/sdnc/templates/certificates.yaml @@ -14,6 +14,6 @@ # limitations under the License. */}} -{{ if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }} +{{ if .Values.global.cmpv2Enabled }} {{ include "certManagerCertificate.certificate" . }} {{ end }} diff --git a/kubernetes/sdnc/templates/service.yaml b/kubernetes/sdnc/templates/service.yaml index 693ef41af6..d2482eab56 100644 --- a/kubernetes/sdnc/templates/service.yaml +++ b/kubernetes/sdnc/templates/service.yaml @@ -75,7 +75,7 @@ spec: targetPort: {{ .Values.service.internalPort }} {{- else -}} port: {{ .Values.service.internalPort4 }} - target: {{ .Values.service.internalPort4 }} + targetPort: {{ .Values.service.internalPort4 }} {{ end }} - name: "{{ .Values.service.portName }}-karaf" port: {{ .Values.service.externalPort2 }} diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index 8a7259ba0d..f0ee8a9456 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -155,7 +155,6 @@ spec: name: {{ include "common.name" . }}-readiness {{ end -}} {{ include "common.certInitializer.initContainer" . | indent 6 }} -{{ include "common.certServiceClient.initContainer" . | indent 6 }} - name: {{ include "common.name" . }}-chown image: {{ include "repositoryGenerator.image.busybox" . }} command: @@ -178,7 +177,7 @@ spec: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - {{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }} + {{- if .Values.global.cmpv2Enabled }} {{- $linkCommand := include "common.certManager.linkVolumeMounts" . }} lifecycle: postStart: @@ -312,8 +311,7 @@ spec: value: "{{ .Values.config.sdnr.netconfCallHome.enabled | default "false" }}" volumeMounts: {{ include "common.certInitializer.volumeMount" . | indent 10 }} -{{ include "common.certServiceClient.volumeMounts" . | indent 10 }} -{{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }} +{{- if .Values.global.cmpv2Enabled }} {{ include "common.certManager.volumeMounts" . | indent 10 }} {{- end }} - mountPath: /etc/localtime @@ -437,8 +435,7 @@ spec: emptyDir: {} {{ else }} {{ include "common.certInitializer.volumes" . | nindent 8 }} -{{ include "common.certServiceClient.volumes" . | nindent 8 }} -{{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }} +{{- if .Values.global.cmpv2Enabled }} {{ include "common.certManager.volumes" . | nindent 8 }} {{- end }} volumeClaimTemplates: diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index 9f6118051b..6ab96adde7 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -30,8 +30,6 @@ global: service: mariadb-galera internalPort: 3306 nameOverride: mariadb-galera - # Enabling CMPv2 with CertManager - CMPv2CertManagerIntegration: false ################################################################# # Secrets metaconfig @@ -208,7 +206,7 @@ certificates: # application images pullPolicy: Always -image: onap/sdnc-image:2.1.5 +image: onap/sdnc-image:2.1.6 # flag to enable debugging - application support required debugEnabled: false @@ -461,6 +459,8 @@ dgbuilder: dbServiceName: mariadb-galera # This should be revisited and changed to plain text dgUserPassword: cc03e747a6afbbcbf8be7668acfebee5 + serviceAccount: + nameOverride: sdnc-dgbuilder mariadb-galera: service: name: sdnc-dgbuilder diff --git a/kubernetes/so/components/so-admin-cockpit/requirements.yaml b/kubernetes/so/components/so-admin-cockpit/requirements.yaml index 730d75ae80..724526613d 100755 --- a/kubernetes/so/components/so-admin-cockpit/requirements.yaml +++ b/kubernetes/so/components/so-admin-cockpit/requirements.yaml @@ -25,3 +25,6 @@ dependencies: - name: soHelpers version: ~8.x-0 repository: 'file://../soHelpers' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml b/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml index 9de1b50c8c..4b46721c2a 100644 --- a/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml +++ b/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml @@ -118,6 +118,7 @@ spec: - containerPort: {{ index .Values.containerPort }} name: {{ .Values.service.portName }} protocol: TCP + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} - name: logs emptyDir: {} diff --git a/kubernetes/so/components/so-admin-cockpit/values.yaml b/kubernetes/so/components/so-admin-cockpit/values.yaml index d59189b98b..6cba922571 100644 --- a/kubernetes/so/components/so-admin-cockpit/values.yaml +++ b/kubernetes/so/components/so-admin-cockpit/values.yaml @@ -159,3 +159,9 @@ ingress: nodeSelector: {} tolerations: [] affinity: {} + +#Pods Service Account +serviceAccount: + nameOverride: so-admin-cockpit + roles: + - read diff --git a/kubernetes/so/components/so-appc-orchestrator/requirements.yaml b/kubernetes/so/components/so-appc-orchestrator/requirements.yaml index f8b1d7445e..f8c29f83f8 100755 --- a/kubernetes/so/components/so-appc-orchestrator/requirements.yaml +++ b/kubernetes/so/components/so-appc-orchestrator/requirements.yaml @@ -24,3 +24,7 @@ dependencies: - name: soHelpers version: ~8.x-0 repository: 'file://../soHelpers' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' + diff --git a/kubernetes/so/components/so-appc-orchestrator/templates/deployment.yaml b/kubernetes/so/components/so-appc-orchestrator/templates/deployment.yaml index 142ae725d6..d6584250e2 100644 --- a/kubernetes/so/components/so-appc-orchestrator/templates/deployment.yaml +++ b/kubernetes/so/components/so-appc-orchestrator/templates/deployment.yaml @@ -81,6 +81,7 @@ spec: mountPath: /app/config readOnly: true {{ include "so.helpers.livenessProbe" .| indent 8 }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} - name: logs emptyDir: {} diff --git a/kubernetes/so/components/so-appc-orchestrator/values.yaml b/kubernetes/so/components/so-appc-orchestrator/values.yaml index 310cb9f323..724fcbd032 100644 --- a/kubernetes/so/components/so-appc-orchestrator/values.yaml +++ b/kubernetes/so/components/so-appc-orchestrator/values.yaml @@ -158,3 +158,9 @@ appc: key: VIlbtVl6YLhNUrtU secret: 64AG2hF4pYeG2pq7CT6XwUOT service: ueb + +#Pods Service Account +serviceAccount: + nameOverride: so-appc-orchestrator + roles: + - read diff --git a/kubernetes/so/components/so-bpmn-infra/requirements.yaml b/kubernetes/so/components/so-bpmn-infra/requirements.yaml index ff6f19ddde..1ea0239014 100755 --- a/kubernetes/so/components/so-bpmn-infra/requirements.yaml +++ b/kubernetes/so/components/so-bpmn-infra/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: soHelpers version: ~8.x-0 repository: 'file://../soHelpers' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml index 6e117cd8bf..2609e99781 100755 --- a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml +++ b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml @@ -103,6 +103,7 @@ spec: mountPath: /var/log/onap/so - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} - name: logs emptyDir: {} diff --git a/kubernetes/so/components/so-bpmn-infra/values.yaml b/kubernetes/so/components/so-bpmn-infra/values.yaml index 3e59cbfd74..09ad91191d 100755 --- a/kubernetes/so/components/so-bpmn-infra/values.yaml +++ b/kubernetes/so/components/so-bpmn-infra/values.yaml @@ -165,3 +165,9 @@ ingress: nodeSelector: {} tolerations: [] affinity: {} + +#Pods Service Account +serviceAccount: + nameOverride: so-bpmn-infra + roles: + - read diff --git a/kubernetes/so/components/so-catalog-db-adapter/requirements.yaml b/kubernetes/so/components/so-catalog-db-adapter/requirements.yaml index ff6f19ddde..1ea0239014 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/requirements.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: soHelpers version: ~8.x-0 repository: 'file://../soHelpers' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml index f756448e2b..30e55511cc 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml @@ -87,6 +87,7 @@ spec: - containerPort: {{ index .Values.containerPort }} name: {{ .Values.service.portName }} protocol: TCP + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} - name: logs emptyDir: {} diff --git a/kubernetes/so/components/so-catalog-db-adapter/values.yaml b/kubernetes/so/components/so-catalog-db-adapter/values.yaml index 6308e9f8de..f3d6bdbcb9 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/values.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/values.yaml @@ -148,3 +148,9 @@ config: nodeSelector: {} tolerations: [] affinity: {} + +serviceAccount: + nameOverride: so-catalog-db-adapter + roles: + - read + diff --git a/kubernetes/so/components/so-cnf-adapter/requirements.yaml b/kubernetes/so/components/so-cnf-adapter/requirements.yaml index ce294949a2..6f2b29e6ba 100755 --- a/kubernetes/so/components/so-cnf-adapter/requirements.yaml +++ b/kubernetes/so/components/so-cnf-adapter/requirements.yaml @@ -28,3 +28,6 @@ dependencies: - name: soHelpers version: ~8.x-0 repository: 'file://../soHelpers' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml b/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml index 0d80b2a9ae..340571a59b 100755 --- a/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml @@ -104,6 +104,7 @@ spec: timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}} successThreshold: {{ index .Values.livenessProbe.successThreshold}} failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 8 }} - name: logs emptyDir: {} diff --git a/kubernetes/so/components/so-cnf-adapter/values.yaml b/kubernetes/so/components/so-cnf-adapter/values.yaml index 2d6d57b2f1..f3d53c974c 100755 --- a/kubernetes/so/components/so-cnf-adapter/values.yaml +++ b/kubernetes/so/components/so-cnf-adapter/values.yaml @@ -165,3 +165,8 @@ nodeSelector: {} tolerations: [] affinity: {} +#Pods Service Account +serviceAccount: + nameOverride: so-cnf-adapter + roles: + - read diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/requirements.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/requirements.yaml index f8b1d7445e..421fe7e290 100755 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/requirements.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/requirements.yaml @@ -24,3 +24,6 @@ dependencies: - name: soHelpers version: ~8.x-0 repository: 'file://../soHelpers' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml index c33dcb7f32..6465af4e4a 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml @@ -83,6 +83,7 @@ spec: successThreshold: {{ index .Values.livenessProbe.successThreshold}} failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} ports: {{ include "common.containerPorts" . | nindent 12 }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 8 }} - name: logs emptyDir: {} diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml index 363ce40cae..57bf2f3c17 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml @@ -161,3 +161,9 @@ nodeSelector: {} tolerations: [] affinity: {} + +#Pods Service Account +serviceAccount: + nameOverride: so-etsi-nfvo-ns-lcm + roles: + - read diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/requirements.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/requirements.yaml index f8b1d7445e..421fe7e290 100755 --- a/kubernetes/so/components/so-etsi-sol003-adapter/requirements.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/requirements.yaml @@ -24,3 +24,6 @@ dependencies: - name: soHelpers version: ~8.x-0 repository: 'file://../soHelpers' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml index 29ebd97229..3272bfd299 100755 --- a/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml @@ -78,6 +78,7 @@ spec: - containerPort: {{ .Values.containerPort }} name: {{ .Values.service.portName }} protocol: TCP + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} - name: logs emptyDir: {} diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/values.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/values.yaml index b8a7776da6..42554bb5a2 100755 --- a/kubernetes/so/components/so-etsi-sol003-adapter/values.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/values.yaml @@ -109,3 +109,9 @@ ingress: nodeSelector: {} tolerations: [] affinity: {} + +#Pods Service Account +serviceAccount: + nameOverride: so-etsi-sol003-adapter + roles: + - read diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/requirements.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/requirements.yaml index ff6f19ddde..1ea0239014 100755 --- a/kubernetes/so/components/so-etsi-sol005-adapter/requirements.yaml +++ b/kubernetes/so/components/so-etsi-sol005-adapter/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: soHelpers version: ~8.x-0 repository: 'file://../soHelpers' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml index c769961059..4f8f4d9f26 100755 --- a/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml @@ -96,6 +96,7 @@ spec: - containerPort: {{ .Values.containerPort }} name: {{ .Values.service.portName }} protocol: TCP + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} - name: logs emptyDir: {} diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/values.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/values.yaml index d43bffd71b..31b925576b 100755 --- a/kubernetes/so/components/so-etsi-sol005-adapter/values.yaml +++ b/kubernetes/so/components/so-etsi-sol005-adapter/values.yaml @@ -134,3 +134,9 @@ ingress: nodeSelector: {} tolerations: [] affinity: {} + +#Pods Service Account +serviceAccount: + nameOverride: so-etsi-sol005-adapter + roles: + - read diff --git a/kubernetes/so/components/so-mariadb/requirements.yaml b/kubernetes/so/components/so-mariadb/requirements.yaml index a9e9697689..b182a7008b 100755 --- a/kubernetes/so/components/so-mariadb/requirements.yaml +++ b/kubernetes/so/components/so-mariadb/requirements.yaml @@ -24,3 +24,6 @@ dependencies: - name: readinessCheck version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/so/components/so-mariadb/templates/job.yaml b/kubernetes/so/components/so-mariadb/templates/job.yaml index 0eeba7b61a..178dff0261 100644 --- a/kubernetes/so/components/so-mariadb/templates/job.yaml +++ b/kubernetes/so/components/so-mariadb/templates/job.yaml @@ -60,6 +60,7 @@ spec: readOnly: true - name: backup-storage mountPath: /var/data/mariadb + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/so/components/so-mariadb/values.yaml b/kubernetes/so/components/so-mariadb/values.yaml index 2dfd5b831f..58e34b78d6 100755 --- a/kubernetes/so/components/so-mariadb/values.yaml +++ b/kubernetes/so/components/so-mariadb/values.yaml @@ -181,3 +181,9 @@ persistence: mountPath: /dockerdata-nfs mountSubPath: so/migration + +#Pods Service Account +serviceAccount: + nameOverride: so-mariadb + roles: + - read diff --git a/kubernetes/so/components/so-nssmf-adapter/requirements.yaml b/kubernetes/so/components/so-nssmf-adapter/requirements.yaml index ff6f19ddde..1ea0239014 100755 --- a/kubernetes/so/components/so-nssmf-adapter/requirements.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: soHelpers version: ~8.x-0 repository: 'file://../soHelpers' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml b/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml index dde03a4aad..f41352e63f 100755 --- a/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml @@ -93,6 +93,7 @@ spec: timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}} successThreshold: {{ index .Values.livenessProbe.successThreshold}} failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 8 }} - name: logs emptyDir: {} diff --git a/kubernetes/so/components/so-nssmf-adapter/values.yaml b/kubernetes/so/components/so-nssmf-adapter/values.yaml index c9f13b9d76..583f9ad3e8 100755 --- a/kubernetes/so/components/so-nssmf-adapter/values.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/values.yaml @@ -155,3 +155,9 @@ ingress: nodeSelector: {} tolerations: [] affinity: {} + +#Pods Service Account +serviceAccount: + nameOverride: so-nssmf-adapter + roles: + - read diff --git a/kubernetes/so/components/so-oof-adapter/requirements.yaml b/kubernetes/so/components/so-oof-adapter/requirements.yaml index 12f93f95a6..4d6d760eef 100644 --- a/kubernetes/so/components/so-oof-adapter/requirements.yaml +++ b/kubernetes/so/components/so-oof-adapter/requirements.yaml @@ -25,3 +25,6 @@ dependencies: - name: soHelpers version: ~8.x-0 repository: 'file://../soHelpers' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/so/components/so-oof-adapter/templates/deployment.yaml b/kubernetes/so/components/so-oof-adapter/templates/deployment.yaml index 62ebfff99f..5e8869ce11 100755 --- a/kubernetes/so/components/so-oof-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-oof-adapter/templates/deployment.yaml @@ -83,6 +83,7 @@ spec: mountPath: /var/log/onap/so - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} - name: logs emptyDir: {} diff --git a/kubernetes/so/components/so-oof-adapter/values.yaml b/kubernetes/so/components/so-oof-adapter/values.yaml index 5de0866b9a..240f05f204 100755 --- a/kubernetes/so/components/so-oof-adapter/values.yaml +++ b/kubernetes/so/components/so-oof-adapter/values.yaml @@ -139,3 +139,9 @@ ingress: nodeSelector: {} tolerations: [] affinity: {} + +#Pods Service Account +serviceAccount: + nameOverride: so-oof-adapter + roles: + - read diff --git a/kubernetes/so/components/so-openstack-adapter/requirements.yaml b/kubernetes/so/components/so-openstack-adapter/requirements.yaml index ff6f19ddde..1ea0239014 100755 --- a/kubernetes/so/components/so-openstack-adapter/requirements.yaml +++ b/kubernetes/so/components/so-openstack-adapter/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: soHelpers version: ~8.x-0 repository: 'file://../soHelpers' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml index 6e117cd8bf..2609e99781 100755 --- a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml @@ -103,6 +103,7 @@ spec: mountPath: /var/log/onap/so - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} - name: logs emptyDir: {} diff --git a/kubernetes/so/components/so-openstack-adapter/values.yaml b/kubernetes/so/components/so-openstack-adapter/values.yaml index 29fc50b2b2..ff0277bf14 100755 --- a/kubernetes/so/components/so-openstack-adapter/values.yaml +++ b/kubernetes/so/components/so-openstack-adapter/values.yaml @@ -152,3 +152,9 @@ config: nodeSelector: {} tolerations: [] affinity: {} + +#Pods Service Account +serviceAccount: + nameOverride: so-openstack-adapter + roles: + - read diff --git a/kubernetes/so/components/so-request-db-adapter/requirements.yaml b/kubernetes/so/components/so-request-db-adapter/requirements.yaml index ff6f19ddde..1ea0239014 100755 --- a/kubernetes/so/components/so-request-db-adapter/requirements.yaml +++ b/kubernetes/so/components/so-request-db-adapter/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: soHelpers version: ~8.x-0 repository: 'file://../soHelpers' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml index f756448e2b..30e55511cc 100755 --- a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml @@ -87,6 +87,7 @@ spec: - containerPort: {{ index .Values.containerPort }} name: {{ .Values.service.portName }} protocol: TCP + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} - name: logs emptyDir: {} diff --git a/kubernetes/so/components/so-request-db-adapter/values.yaml b/kubernetes/so/components/so-request-db-adapter/values.yaml index c117a7434a..61ec26d1f6 100755 --- a/kubernetes/so/components/so-request-db-adapter/values.yaml +++ b/kubernetes/so/components/so-request-db-adapter/values.yaml @@ -133,3 +133,9 @@ ingress: nodeSelector: {} tolerations: [] affinity: {} + +#Pods Service Account +serviceAccount: + nameOverride: so-request-db-adapter + roles: + - read diff --git a/kubernetes/so/components/so-sdc-controller/requirements.yaml b/kubernetes/so/components/so-sdc-controller/requirements.yaml index ff6f19ddde..1ea0239014 100755 --- a/kubernetes/so/components/so-sdc-controller/requirements.yaml +++ b/kubernetes/so/components/so-sdc-controller/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: soHelpers version: ~8.x-0 repository: 'file://../soHelpers' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml index 6e117cd8bf..2609e99781 100755 --- a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml +++ b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml @@ -103,6 +103,7 @@ spec: mountPath: /var/log/onap/so - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} - name: logs emptyDir: {} diff --git a/kubernetes/so/components/so-sdc-controller/values.yaml b/kubernetes/so/components/so-sdc-controller/values.yaml index b1d7173a62..4b6eceecdd 100755 --- a/kubernetes/so/components/so-sdc-controller/values.yaml +++ b/kubernetes/so/components/so-sdc-controller/values.yaml @@ -141,3 +141,9 @@ ingress: nodeSelector: {} tolerations: [] affinity: {} + +#Pods Service Account +serviceAccount: + nameOverride: so-sdc-controller + roles: + - read diff --git a/kubernetes/so/components/so-sdnc-adapter/requirements.yaml b/kubernetes/so/components/so-sdnc-adapter/requirements.yaml index f8b1d7445e..421fe7e290 100755 --- a/kubernetes/so/components/so-sdnc-adapter/requirements.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/requirements.yaml @@ -24,3 +24,6 @@ dependencies: - name: soHelpers version: ~8.x-0 repository: 'file://../soHelpers' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml index 0971b4f0db..5c7a9af467 100755 --- a/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml @@ -136,6 +136,7 @@ org: unassign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource vnf-topology-operation: create: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + update: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource activate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource assign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource changeassign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource diff --git a/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml b/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml index 7b32cb6050..703186e292 100755 --- a/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml @@ -107,6 +107,7 @@ spec: mountPath: /var/log/onap/so - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} - name: logs emptyDir: {} diff --git a/kubernetes/so/components/so-sdnc-adapter/values.yaml b/kubernetes/so/components/so-sdnc-adapter/values.yaml index 9a67ef8220..8f3565ed3e 100755 --- a/kubernetes/so/components/so-sdnc-adapter/values.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/values.yaml @@ -162,3 +162,9 @@ ingress: nodeSelector: {} tolerations: [] affinity: {} + +#Pods Service Account +serviceAccount: + nameOverride: so-sdnc-adapter + roles: + - read diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/requirements.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/requirements.yaml index ff6f19ddde..1ea0239014 100755 --- a/kubernetes/so/components/so-ve-vnfm-adapter/requirements.yaml +++ b/kubernetes/so/components/so-ve-vnfm-adapter/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: soHelpers version: ~8.x-0 repository: 'file://../soHelpers' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml index ac4f574bec..9a6b79c440 100755 --- a/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-ve-vnfm-adapter/templates/deployment.yaml @@ -48,6 +48,7 @@ spec: successThreshold: {{ .Values.livenessProbe.successThreshold}} failureThreshold: {{ .Values.livenessProbe.failureThreshold}} ports: {{- include "common.containerPorts" . | nindent 10 }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 8 }} - name: logs emptyDir: {} diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml index 83ec78d857..8e8236cfb4 100755 --- a/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml +++ b/kubernetes/so/components/so-ve-vnfm-adapter/values.yaml @@ -84,3 +84,9 @@ livenessProbe: nodeSelector: {} tolerations: [] affinity: {} + +#Pods Service Account +serviceAccount: + nameOverride: so-ve-vnfm-adapter + roles: + - read diff --git a/kubernetes/so/requirements.yaml b/kubernetes/so/requirements.yaml index 06fc6e9eb5..f2fc70c1f9 100755 --- a/kubernetes/so/requirements.yaml +++ b/kubernetes/so/requirements.yaml @@ -91,3 +91,6 @@ dependencies: version: ~8.x-0 repository: 'file://components/so-etsi-sol005-adapter' condition: so-etsi-sol005-adapter.enabled + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/so/resources/config/docker-files/scripts/start-jboss-server.sh b/kubernetes/so/resources/config/docker-files/scripts/start-jboss-server.sh index 52ba27ddca..3a9ef84834 100755 --- a/kubernetes/so/resources/config/docker-files/scripts/start-jboss-server.sh +++ b/kubernetes/so/resources/config/docker-files/scripts/start-jboss-server.sh @@ -37,7 +37,7 @@ trap "kill -TERM $JBOSS_PID" INT trap "kill -QUIT $JBOSS_PID" QUIT trap "kill -PIPE $JBOSS_PID" PIPE trap "kill -TERM $JBOSS_PID" TERM -if [ "x$JBOSS_PIDFILE" != "x" ]; then +if [ "$JBOSS_PIDFILE" != "" ]; then echo $JBOSS_PID > $JBOSS_PIDFILE fi # Wait until the background process exits @@ -60,6 +60,6 @@ if [ "$JBOSS_STATUS" -ne 10 ]; then # Wait for a complete shudown wait $JBOSS_PID 2>/dev/null fi -if [ "x$JBOSS_PIDFILE" != "x" ]; then +if [ "$JBOSS_PIDFILE" != "" ]; then grep "$JBOSS_PID" $JBOSS_PIDFILE && rm $JBOSS_PIDFILE fi diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml index 6e117cd8bf..2609e99781 100755 --- a/kubernetes/so/templates/deployment.yaml +++ b/kubernetes/so/templates/deployment.yaml @@ -103,6 +103,7 @@ spec: mountPath: /var/log/onap/so - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} - name: logs emptyDir: {} diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index ba98c344ac..f0bb7d1fe5 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -378,3 +378,9 @@ so-etsi-sol005-adapter: so-etsi-sol003-adapter: enabled: true + +#Pods Service Account +serviceAccount: + nameOverride: so + roles: + - read diff --git a/kubernetes/uui/.helmignore b/kubernetes/uui/.helmignore index f0c1319444..7ddbad7ef4 100644 --- a/kubernetes/uui/.helmignore +++ b/kubernetes/uui/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +components/ diff --git a/kubernetes/vfc/.helmignore b/kubernetes/vfc/.helmignore new file mode 100644 index 0000000000..7ddbad7ef4 --- /dev/null +++ b/kubernetes/vfc/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +components/ |