diff options
Diffstat (limited to 'kubernetes')
58 files changed, 1003 insertions, 137 deletions
diff --git a/kubernetes/aaf/charts/aaf-sms/values.yaml b/kubernetes/aaf/charts/aaf-sms/values.yaml index 8e7ea29300..28b46c24e1 100644 --- a/kubernetes/aaf/charts/aaf-sms/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/values.yaml @@ -67,11 +67,11 @@ readiness: periodSeconds: 30 service: - type: NodePort + type: ClusterIP name: aaf-sms portName: aaf-sms internalPort: 10443 - nodePort: 43 + externalPort: 10443 persistence: enabled: true diff --git a/kubernetes/aai/charts/aai-champ/values.yaml b/kubernetes/aai/charts/aai-champ/values.yaml index b35171ecd6..331786cf18 100644 --- a/kubernetes/aai/charts/aai-champ/values.yaml +++ b/kubernetes/aai/charts/aai-champ/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image -image: onap/champ:1.3.0 +image: onap/champ:1.4-STAGING-latest flavor: small diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml index 3fefe1690d..9172b71e8d 100644 --- a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml +++ b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml @@ -37,19 +37,19 @@ # HTTP # basic (challenging) # proxy (not challenging, needs xff) -# kerberos (challenging) NOT FREE FOR COMMERCIAL +# kerberos (challenging) # clientcert (not challenging, needs https) -# jwt (not challenging) NOT FREE FOR COMMERCIAL +# jwt (not challenging) # host (not challenging) #DEPRECATED, will be removed in a future version. # host based authentication is configurable in sg_roles_mapping # Authc # internal # noop -# ldap NOT FREE FOR COMMERCIAL USE +# ldap # Authz -# ldap NOT FREE FOR COMMERCIAL USE +# ldap # noop searchguard: @@ -59,7 +59,7 @@ searchguard: # Set filtered_alias_mode to 'nowarn' to allow more than 2 filtered aliases per index silently #filtered_alias_mode: warn #kibana: - # Kibana multitenancy - NOT FREE FOR COMMERCIAL USE + # Kibana multitenancy # see https://github.com/floragunncom/search-guard-docs/blob/master/multitenancy.md # To make this work you need to install https://github.com/floragunncom/search-guard-module-kibana-multitenancy/wiki #multitenancy_enabled: true @@ -85,7 +85,7 @@ searchguard: transport_enabled: false order: 6 http_authenticator: - type: kerberos # NOT FREE FOR COMMERCIAL USE + type: kerberos challenge: true config: # If true a lot of kerberos/security related debugging output will be logged to standard out @@ -150,7 +150,7 @@ searchguard: challenge: false authentication_backend: # LDAP authentication backend (authenticate users against a LDAP or Active Directory) - type: ldap # NOT FREE FOR COMMERCIAL USE + type: ldap config: # enable ldaps enable_ssl: false @@ -176,7 +176,7 @@ searchguard: transport_enabled: false authorization_backend: # LDAP authorization backend (gather roles from a LDAP or Active Directory, you have to configure the above LDAP authentication backend settings too) - type: ldap # NOT FREE FOR COMMERCIAL USE + type: ldap config: # enable ldaps enable_ssl: false @@ -217,5 +217,5 @@ searchguard: roles_from_another_ldap: enabled: false authorization_backend: - type: ldap # NOT FREE FOR COMMERCIAL USE + type: ldap #config goes here ... diff --git a/kubernetes/contrib/tools/rke/rke_setup.sh b/kubernetes/contrib/tools/rke/rke_setup.sh new file mode 100755 index 0000000000..cc71522f12 --- /dev/null +++ b/kubernetes/contrib/tools/rke/rke_setup.sh @@ -0,0 +1,355 @@ +#!/bin/bash +############################################################################# +# Copyright © 2019 Bell. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +############################################################################# +# +# This installation is for an RKE install of kubernetes +# after this run the standard oom install +# this installation can be run on amy ubuntu 16.04 VM, RHEL 7.6 (root only), physical or cloud azure/aws host +# https://wiki.onap.org/display/DW/OOM+RKE+Kubernetes+Deployment +# source from https://jira.onap.org/browse/OOM-1598 +# +# master/dublin +# RKE 0.1.16 Kubernetes 1.11.6, kubectl 1.11.6, Helm 2.9.1, Docker 18.06 +# single node install, HA pending + +usage() { +cat <<EOF +Usage: $0 [PARAMs] +example +sudo ./rke_setup.sh -b dublin -s rke.onap.cloud -e onap -l amdocs -v true +-u : Display usage +-b [branch] : branch = master or dublin (required) +-s [server] : server = IP or DNS name (required) +-e [environment] : use the default (onap) +-k [key] : ssh key name +-l [username] : login username account (use ubuntu for example) +EOF +} + +install_onap() { + #constants + PORT=8880 + if [ "$BRANCH" == "casablanca" ]; then + KUBERNETES_VERSION= + RKE_VERSION=0.1.15 + KUBECTL_VERSION=1.11.3 + HELM_VERSION=2.9.1 + DOCKER_VERSION=17.03 + else + KUBERNETES_VERSION= + RKE_VERSION=0.1.16 + KUBECTL_VERSION=1.11.6 + HELM_VERSION=2.9.1 + DOCKER_VERSION=18.06 + fi + + # copy your private ssh key and cluster.yml file to the vm + # on your dev machine + #sudo cp ~/.ssh/onap_rsa . + #sudo chmod 777 onap_rsa + #scp onap_rsa ubuntu@192.168.241.132:~/ + # on this vm + #sudo chmod 400 onap_rsa + #sudo cp onap_rsa ~/.ssh + # make sure public key is insetup correctly in + # sudo vi ~/.ssh/authorized_keys + + echo "please supply your ssh key as provided by the -k keyname - it must be be chmod 400 and chown user:user in ~/.ssh/" + echo "The RKE version specific cluster.yaml is already integrated in this script for 0.1.15/0.1.16 no need for below generation..." + echo "rke config --name cluster.yml" + echo "specifically" + echo "address: $SERVER" + echo "user: $USERNAME" + echo "ssh_key_path: $SSHPATH_PREFIX/$SSHKEY" + + RKETOOLS= + HYPERCUBE= + POD_INFRA_CONTAINER= + if [ "$RKE_VERSION" == "0.1.16" ]; then + RKETOOLS=0.1.15 + HYPERCUBE=1.11.6-rancher1 + POD_INFRA_CONTAINER=rancher/pause-amd64:3.1 + else + # 0.1.15 + RKETOOLS=0.1.14 + HYPERCUBE=1.11.3-rancher1 + POD_INFRA_CONTAINER=gcr.io.google_containers/pause-amd64:3.1 + fi + + cat > cluster.yml <<EOF +# generated from rke_setup.sh +nodes: +- address: $SERVER + port: "22" + internal_address: "" + role: + - controlplane + - worker + - etcd + hostname_override: "" + user: $USERNAME + docker_socket: /var/run/docker.sock + ssh_key: "" + ssh_key_path: $SSHPATH_PREFIX/$SSHKEY + labels: {} +services: + etcd: + image: "" + extra_args: {} + extra_binds: [] + extra_env: [] + external_urls: [] + ca_cert: "" + cert: "" + key: "" + path: "" + snapshot: null + retention: "" + creation: "" + kube-api: + image: "" + extra_args: {} + extra_binds: [] + extra_env: [] + service_cluster_ip_range: 10.43.0.0/16 + service_node_port_range: "" + pod_security_policy: false + kube-controller: + image: "" + extra_args: {} + extra_binds: [] + extra_env: [] + cluster_cidr: 10.42.0.0/16 + service_cluster_ip_range: 10.43.0.0/16 + scheduler: + image: "" + extra_args: {} + extra_binds: [] + extra_env: [] + kubelet: + image: "" + extra_args: + max-pods: 900 + extra_binds: [] + extra_env: [] + cluster_domain: cluster.local + infra_container_image: "" + cluster_dns_server: 10.43.0.10 + fail_swap_on: false + kubeproxy: + image: "" + extra_args: {} + extra_binds: [] + extra_env: [] +network: + plugin: canal + options: {} +authentication: + strategy: x509 + options: {} + sans: [] +system_images: + etcd: rancher/coreos-etcd:v3.2.18 + alpine: rancher/rke-tools:v$RKETOOLS + nginx_proxy: rancher/rke-tools:v$RKETOOLS + cert_downloader: rancher/rke-tools:v$RKETOOLS + kubernetes_services_sidecar: rancher/rke-tools:v$RKETOOLS + kubedns: rancher/k8s-dns-kube-dns-amd64:1.14.10 + dnsmasq: rancher/k8s-dns-dnsmasq-nanny-amd64:1.14.10 + kubedns_sidecar: rancher/k8s-dns-sidecar-amd64:1.14.10 + kubedns_autoscaler: rancher/cluster-proportional-autoscaler-amd64:1.0.0 + kubernetes: rancher/hyperkube:v$HYPERCUBE + flannel: rancher/coreos-flannel:v0.10.0 + flannel_cni: rancher/coreos-flannel-cni:v0.3.0 + calico_node: rancher/calico-node:v3.1.3 + calico_cni: rancher/calico-cni:v3.1.3 + calico_controllers: "" + calico_ctl: rancher/calico-ctl:v2.0.0 + canal_node: rancher/calico-node:v3.1.3 + canal_cni: rancher/calico-cni:v3.1.3 + canal_flannel: rancher/coreos-flannel:v0.10.0 + wave_node: weaveworks/weave-kube:2.1.2 + weave_cni: weaveworks/weave-npc:2.1.2 + pod_infra_container: $POD_INFRA_CONTAINER + ingress: rancher/nginx-ingress-controller:0.16.2-rancher1 + ingress_backend: rancher/nginx-ingress-controller-defaultbackend:1.4 + metrics_server: rancher/metrics-server-amd64:v0.2.1 +ssh_key_path: $SSHPATH +ssh_agent_auth: false +authorization: + mode: rbac + options: {} +ignore_docker_version: false +kubernetes_version: "$KUBERNETES_VERSION" +private_registries: [] +ingress: + provider: "" + options: {} + node_selector: {} + extra_args: {} +cluster_name: "" +cloud_provider: + name: "" +prefix_path: "" +addon_job_timeout: 0 +bastion_host: + address: "" + port: "" + user: "" + ssh_key: "" + ssh_key_path: "" +monitoring: + provider: "" + options: {} +EOF + + + + echo "Installing on ${SERVER} for ${BRANCH}: RKE: ${RKE_VERSION} Kubectl: ${KUBECTL_VERSION} Helm: ${HELM_VERSION} Docker: ${DOCKER_VERSION} username: ${USERNAME}" + sudo echo "127.0.0.1 ${SERVER}" >> /etc/hosts + echo "Install docker - If you must install as non-root - comment out the docker install below - run it separately, run the user mod, logout/login and continue this script" + curl https://releases.rancher.com/install-docker/$DOCKER_VERSION.sh | sh + sudo usermod -aG docker $USERNAME + + echo "Install RKE" + sudo wget https://github.com/rancher/rke/releases/download/v$RKE_VERSION/rke_linux-amd64 + mv rke_linux-amd64 rke + sudo chmod +x rke + sudo mv ./rke /usr/local/bin/rke + + echo "Install make - required for beijing+ - installed via yum groupinstall Development Tools in RHEL" + # ubuntu specific + sudo apt-get install make -y + + sudo curl -LO https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl + sudo chmod +x ./kubectl + sudo mv ./kubectl /usr/local/bin/kubectl + sudo mkdir ~/.kube + wget http://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz + sudo tar -zxvf helm-v${HELM_VERSION}-linux-amd64.tar.gz + sudo mv linux-amd64/helm /usr/local/bin/helm + + echo "Bringing RKE up - using supplied cluster.yml" + sudo rke up + echo "wait 2 extra min for the cluster" + sleep 60 + echo "1 more min" + sleep 60 + echo "copy kube_config_cluter.yaml generated - to ~/.kube/config" + sudo cp kube_config_cluster.yml ~/.kube/config + # avoid using sudo for kubectl + sudo chmod 777 ~/.kube/config + echo "Verify all pods up on the kubernetes system - will return localhost:8080 until a host is added" + echo "kubectl get pods --all-namespaces" + kubectl get pods --all-namespaces + echo "install tiller/helm" + kubectl -n kube-system create serviceaccount tiller + kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount=kube-system:tiller + helm init --service-account tiller + kubectl -n kube-system rollout status deploy/tiller-deploy + echo "upgrade server side of helm in kubernetes" + if [ "$USERNAME" == "root" ]; then + helm version + else + sudo helm version + fi + echo "sleep 30" + sleep 30 + if [ "$USERNAME" == "root" ]; then + helm init --upgrade + else + sudo helm init --upgrade + fi + echo "sleep 30" + sleep 30 + echo "verify both versions are the same below" + if [ "$USERNAME" == "root" ]; then + helm version + else + sudo helm version + fi + echo "start helm server" + if [ "$USERNAME" == "root" ]; then + helm serve & + else + sudo helm serve & + fi + echo "sleep 30" + sleep 30 + echo "add local helm repo" + if [ "$USERNAME" == "root" ]; then + helm repo add local http://127.0.0.1:8879 + helm repo list + else + sudo helm repo add local http://127.0.0.1:8879 + sudo helm repo list + fi + echo "To enable grafana dashboard - do this after running cd.sh which brings up onap - or you may get a 302xx port conflict" + echo "kubectl expose -n kube-system deployment monitoring-grafana --type=LoadBalancer --name monitoring-grafana-client" + echo "to get the nodeport for a specific VM running grafana" + echo "kubectl get services --all-namespaces | grep graf" + sudo docker version + helm version + kubectl version + kubectl get services --all-namespaces + kubectl get pods --all-namespaces + echo "finished!" +} + +BRANCH= +SERVER= +ENVIRON= +VALIDATE=false +USERNAME=ubuntu +SSHPATH_PREFIX=~/.ssh + +while getopts ":b:s:e:u:l:k:v" PARAM; do + case $PARAM in + u) + usage + exit 1 + ;; + b) + BRANCH=${OPTARG} + ;; + e) + ENVIRON=${OPTARG} + ;; + s) + SERVER=${OPTARG} + ;; + l) + USERNAME=${OPTARG} + ;; + k) + SSHKEY=${OPTARG} + ;; + v) + VALIDATE=${OPTARG} + ;; + ?) + usage + exit + ;; + esac +done + +if [[ -z $BRANCH ]]; then + usage + exit 1 +fi + +install_onap $BRANCH $SERVER $ENVIRON $USERNAME $SSHPATH_PREFIX $SSHKEY $VALIDATE diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json index 3f2168b6af..51d31a355b 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json @@ -19,6 +19,7 @@ { "namespace" : "{{ if .Values.dcae_ns }}{{ .Values.dcae_ns}}{{ else }}{{include "common.namespace" . }}{{ end}}", "consul_dns_name" : "{{ .Values.config.address.consul.host }}.{{ include "common.namespace" . }}", + "default_k8s_location" : "{{ .Values.default_k8s_location }}", "image_pull_secrets" : ["{{ include "common.namespace" . }}-docker-registry-key"], "filebeat": { diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml index 347e4a9620..8d525cb051 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml @@ -81,7 +81,8 @@ postgres: # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.9 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.10-STAGING-latest +default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager # Use to override default setting in blueprints diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml index 5b541fb19d..3995bc6cba 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml @@ -44,7 +44,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.cm-container:1.5.1 +image: onap/org.onap.dcaegen2.deployments.cm-container:1.5.2-STAGING-latest pullPolicy: Always # probe configuration parameters diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml index 088d381d50..794b896eef 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml @@ -30,7 +30,7 @@ spec: ports: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + nodePort: {{ .Values.global.nodePortPrefixExt| default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} name: {{ .Values.service.name }} {{- else -}} - port: {{ .Values.service.externalPort }} diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml index f6da1ef06c..31d6a8b2fb 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml @@ -20,6 +20,7 @@ ################################################################# global: nodePortPrefix: 302 + nodePortPrefixExt: 304 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co @@ -60,10 +61,11 @@ readiness: path: /healthcheck service: - type: ClusterIP + type: NodePort name: config-binding-service externalPort: 10000 internalPort: 10000 + nodePort: 15 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml index fbd3d9973e..6a00d36f2c 100644 --- a/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml @@ -27,7 +27,7 @@ global: tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.1-STAGING-latest consulLoaderRepository: nexus3.onap.org:10001 - consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 + consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0-STAGING-latest repositoryCred: user: docker password: docker diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml b/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml index 913cb714d6..97cd7d2482 100644 --- a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml @@ -45,7 +45,7 @@ readiness: periodSeconds: 10 # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.4 +image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.4-STAGING-latest # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml b/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml index 604f4ea6fa..c14614278c 100644 --- a/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml @@ -27,7 +27,7 @@ global: tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.1-STAGING-latest consulLoaderRepository: nexus3.onap.org:10001 - consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 + consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0-STAGING-latest repositoryCred: user: docker password: docker @@ -46,7 +46,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.policy-handler:4.6.0 +image: onap/org.onap.dcaegen2.platform.policy-handler:4.6.0-STAGING-latest pullPolicy: Always # probe configuration parameters diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties index faa19c6f4d..f15b9a12d1 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties +++ b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties @@ -25,7 +25,7 @@ # ##################################################### # Indicator for whether to use AAF -UseAAF: false +UseAAF: true # csit: stubs out some southbound APIs for csit csit: No @@ -198,10 +198,9 @@ KeyStoreType: jks KeyStoreFile: etc/keystore # password for the https keystore -KeyStorePassword: *j&Z*Ma;.4My4M]W0eB*fal$ - +KeyStorePassword: Y@Y5f&gm?PAz,CVQL,lk[VAF # password for the private key in the https keystore -KeyPassword: *j&Z*Ma;.4My4M]W0eB*fal$ +KeyPassword: Y@Y5f&gm?PAz,CVQL,lk[VAF # type of truststore for https TrustStoreType: jks @@ -210,8 +209,9 @@ TrustStoreType: jks TrustStoreFile: etc/org.onap.dmaap-bc.trust.jks # password for the https truststore -TrustStorePassword: pi8HuuSbN03MtQQ7(5TcyQ6; +TrustStorePassword: 8b&R5%l$l:@jSWz@FCs;rhY* # path to the file used to trigger an orderly shutdown QuiesceFile: etc/SHUTDOWN +inHttpsPort: 0 diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml index 02ad199e45..ee24cfb548 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml @@ -26,9 +26,14 @@ spec: containers: - name: post-install-job image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: DELAY value: "0" + - name: PROTO + value: "http" + - name: PORT + value: "8080" - name: REQUESTID value: "{{.Chart.Name}}-post-install" volumeMounts: diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml index 2d791df6c6..a7fc3d88db 100644 --- a/kubernetes/dmaap/components/dmaap-bc/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -30,7 +30,7 @@ pullPolicy: Always # application images repository: nexus3.onap.org:10001 -image: onap/dmaap/dmaap-bc:1.1.1 +image: onap/dmaap/dmaap-bc:1.1.2 # application configuration diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/post-install-job.yaml index 79c47a10d8..096b51c094 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/post-install-job.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/post-install-job.yaml @@ -10,7 +10,7 @@ metadata: # This is what defines this resource as a hook. Without this line, the # job is considered part of the release. "helm.sh/hook": post-install - "helm.sh/hook-weight": "-5" + "helm.sh/hook-weight": "-2" "helm.sh/hook-delete-policy": hook-succeeded spec: template: @@ -25,9 +25,14 @@ spec: containers: - name: post-install-job image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: DELAY value: "60" + - name: PROTO + value: "http" + - name: PORT + value: "8080" - name: REQUESTID value: "{{.Chart.Name}}-post-install" diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index f223026357..c6087e8852 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/datarouter-node:2.0.1 +image: onap/dmaap/datarouter-node:2.0.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/DefaultPM.json b/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/DefaultPM.json index 411d7f41e1..994f9c9845 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/DefaultPM.json +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/DefaultPM.json @@ -1,5 +1,5 @@ { - "feedName": "Default PM Feed", + "feedName": "bulk_pm_feed", "feedVersion": "m1.1", "feedDescription": "Default feed provisioned for PM File collector", "asprClassification" : "unclassified", @@ -11,6 +11,21 @@ "userpwd": "dradmin" } - ] -} - + ], + "subs": [ + { + "dcaeLocationName": "san-francisco", + "deliveryURL": "https://dcae-pm-mapper:8443/delivery", + "feedId": "1", + "owner": "dcae-pm-mapper", + "status": "VALID", + "subId": "1", + "suspended": false, + "use100": true, + "username": "pmmapper", + "userpwd": "pmmapper", + "decompressData": true, + "privilegedSubscriber": true + } + ] +}
\ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml index ceb9a04ce2..8a2cf692b8 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml @@ -10,7 +10,7 @@ metadata: # This is what defines this resource as a hook. Without this line, the # job is considered part of the release. "helm.sh/hook": post-install - "helm.sh/hook-weight": "-5" + "helm.sh/hook-weight": "-3" "helm.sh/hook-delete-policy": hook-succeeded spec: template: @@ -25,9 +25,14 @@ spec: containers: - name: post-install-job image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: DELAY value: "30" + - name: PROTO + value: "http" + - name: PORT + value: "8080" - name: REQUESTID value: "{{.Chart.Name}}-post-install" diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index 9f08ad2958..3d65e911cf 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/datarouter-prov:2.0.1 +image: onap/dmaap/datarouter-prov:2.0.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service-hs.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service-hs.yaml new file mode 100644 index 0000000000..0dabe55e10 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service-hs.yaml @@ -0,0 +1,34 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + clusterIP: None + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml index 88de96b2d5..8200eda6b1 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml @@ -1,5 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Copyright © 2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,24 +12,28 @@ # See the License for the specific language governing permissions and # limitations under the License. +{{- $root := . -}} +{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }} +--- apiVersion: v1 kind: Service metadata: - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} + name: {{ $root.Values.service.name }}-{{ $i }} + namespace: {{ $root.Release.Namespace }} labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + app: {{ $root.Values.service.name }} + chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} + release: {{ $root.Release.Name }} + heritage: {{ $root.Release.Service }} + spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - clusterIP: None + type: {{ $root.Values.service.type }} + externalTrafficPolicy: Local selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - + statefulset.kubernetes.io/pod-name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }} + ports: + - port: {{ $root.Values.service.externalPort }} + targetPort: {{ $root.Values.service.externalPort }} + nodePort: {{ $root.Values.service.baseNodePort | add $i }} + name: {{ $root.Values.service.name }}-{{ $i }} +{{ end }} diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml index f4583a16ea..cc8fd5a93c 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml @@ -34,7 +34,11 @@ spec: release: {{ .Release.Name }} spec: podAntiAffinity: + {{if eq .Values.podAntiAffinityType "hard" -}} + requiredDuringSchedulingIgnoredDuringExecution: + {{- else -}} preferredDuringSchedulingIgnoredDuringExecution: + {{- end}} - weight: 1 podAffinityTerm: labelSelector: @@ -70,10 +74,19 @@ spec: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + - -exc + - | + export KAFKA_BROKER_ID=${HOSTNAME##*-} && \ + export ENDPOINT_PORT=$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )) && \ + export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_SASL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_SASL_PLAINTEXT://:{{ .Values.service.internalPort }} && \ + exec start-kafka.sh resources: {{ include "common.resources" . | indent 12 }} ports: - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.externalPort }} {{ if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -87,30 +100,31 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: - - name: HOST_NAME + - name: HOST_IP valueFrom: fieldRef: apiVersion: v1 - fieldPath: metadata.name - - name: HOST_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace + fieldPath: status.hostIP - name: KAFKA_ZOOKEEPER_CONNECT value: "{{.Values.zookeeper.name}}:{{.Values.zookeeper.port}}" - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP - value: "INTERNAL_PLAINTEXT:PLAINTEXT,EXTERNAL_PLAINTEXT:PLAINTEXT" - - name: KAFKA_ADVERTISED_LISTENERS - value: "INTERNAL_PLAINTEXT://$(HOST_NAME).{{ .Values.service.name }}.$(HOST_NAMESPACE).svc.cluster.local:{{ .Values.service.internalPort}}" + value: "INTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT,EXTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT" - name: KAFKA_LISTENERS - value: "INTERNAL_PLAINTEXT://0.0.0.0:{{.Values.service.internalPort}}" + value: "EXTERNAL_SASL_PLAINTEXT://0.0.0.0:{{ .Values.service.externalPort }},INTERNAL_SASL_PLAINTEXT://0.0.0.0:{{ .Values.service.internalPort }}" - name: KAFKA_INTER_BROKER_LISTENER_NAME - value: "INTERNAL_PLAINTEXT" + value: "INTERNAL_SASL_PLAINTEXT" + - name: KAFKA_SASL_ENABLED_MECHANISMS + value: "PLAIN" + - name: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL + value: "PLAIN" + - name: KAFKA_AUTHORIZER_CLASS_NAME + value: "{{ .Values.kafkaCustomAuthorizer }}" + - name: KAFKA_DELETE_TOPIC_ENABLE + value: "{{ .Values.deleteTopicEnable }}" + - name: aaf_locate_url + value: "https://aaf-locate:8095" - name: KAFKA_LOG_DIRS value: "kafka/logs" - - name: BROKER_ID_COMMAND - value: "hostname | awk -F '-' '{print $NF}'" - name: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR value: "{{ .Values.replicaCount }}" - name: KAFKA_DEFAULT_REPLICATION_FACTOR diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml index e719cb1ad4..5b83bb0a55 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml @@ -30,7 +30,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/kafka01101:0.0.1 +image: onap/dmaap/kafka111:0.0.5 pullPolicy: Always ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 @@ -44,6 +44,13 @@ debugEnabled: false # default number of instances replicaCount: 3 +#Kafka custom authorizer class name +kafkaCustomAuthorizer: org.onap.dmaap.kafkaAuthorize.KafkaCustomAuthorizer +deleteTopicEnable: true + +# To access Kafka outside cluster, this value must be set to hard and the number of nodes in K8S cluster must be equal or greater then replica count +podAntiAffinityType: soft + # defult partitions defaultpartitions: 3 @@ -55,6 +62,8 @@ affinity: {} tolerations: {} + + # probe configuration parameters liveness: initialDelaySeconds: 60 @@ -91,11 +100,14 @@ persistence: mountSubPath: message-router/data-kafka service: - type: ClusterIP + type: NodePort name: message-router-kafka portName: message-router-kafka internalPort: 9092 - externalPort: 9092 + externalPort: 9093 + baseNodePort: 30490 + + ingress: enabled: false diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/Chart.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/Chart.yaml new file mode 100644 index 0000000000..1d0b7bea22 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/Chart.yaml @@ -0,0 +1,20 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Message Router Kafka Service +name: message-router-mirrormaker +version: 4.0.0 + diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/NOTES.txt b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/NOTES.txt new file mode 100644 index 0000000000..a44d0f76ee --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/NOTES.txt @@ -0,0 +1,34 @@ +# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml new file mode 100644 index 0000000000..51c4149094 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml @@ -0,0 +1,103 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + serviceName: {{ .Values.service.name }} + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-initcontainer + image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.messagerouter.container }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + - -exc + - | + exec start-mirrormaker.sh + resources: +{{ include "common.resources" . | indent 12 }} + ports: + - containerPort: {{ .Values.service.internalPort }} + {{ if eq .Values.liveness.enabled true }} + livenessProbe: + exec: + command: + - sh + - -c + - "touch /tmp/lprobe.txt" + - "rm /tmp/lprobe.txt" + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + exec: + command: + - sh + - -c + - "touch /tmp/rprobe.txt" + - "rm /tmp/rprobe.txt" + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: KAFKA_HEAP_OPTS + value: "{{ .Values.kafkaHeapOptions }}" + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /var/run/docker.sock + name: docker-socket + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: docker-socket + hostPath: + path: /var/run/docker.sock + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml new file mode 100644 index 0000000000..2fbd884ab8 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml @@ -0,0 +1,98 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + persistence: {} + ubuntuInitRepository: registry.hub.docker.com + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/dmaap/kafka111:0.0.5 +pullPolicy: Always +ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 + +zookeeper: + name: message-router-zookeeper + port: 2181 + +messagerouter: + container: message-router + +# flag to enable debugging - application support required +debugEnabled: false + +# default number of instances +replicaCount: 1 +kafkaHeapOptions: -Xmx4G -Xms2G + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 60 + periodSeconds: 20 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 60 + periodSeconds: 20 + + +service: + type: NodePort + name: message-router-mirrormaker + portName: message-router-mirrormaker + internalPort: 9092 + + + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: large +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2000m + memory: 4Gi + requests: + cpu: 500m + memory: 1Gi + large: + limits: + cpu: 4000m + memory: 8Gi + requests: + cpu: 1000m + memory: 2Gi + unlimited: {} + diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml index c0a7450d5e..37a1babe17 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml @@ -30,7 +30,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/zookeeper:2.0.0 +image: onap/dmaap/zookeeper:3.0.0 pullPolicy: Always ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 @@ -130,4 +130,4 @@ resources: requests: cpu: 1000m memory: 2Gi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties index d40d2a1468..8e446610d4 100755 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties @@ -149,17 +149,18 @@ maxcontentlength=10000 #AAF Properties msgRtr.namespace.aaf=org.onap.dmaap.mr.topic msgRtr.topicfactory.aaf=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic: -enforced.topic.name.AAF=org.onap +enforced.topic.name.AAF=org.onap.dmaap.mr forceAAF=false transidUEBtopicreqd=false defaultNSforUEB=org.onap.dmaap.mr ############################################################################## #Mirror Maker Agent -msgRtr.mirrormakeradmin.aaf=com.onap.dmaap.mr.dev.mirrormaker|*|admin -msgRtr.mirrormakeruser.aaf=com.onap.dmaap.mr.dev.mirrormaker|*|user -msgRtr.mirrormakeruser.aaf.create=com.onap.dmaap.mr.dev.topicFactory|:com.onap.dmaap.mr.dev.topic: + +msgRtr.mirrormakeradmin.aaf=org.onap.dmaap.mr.mirrormaker|*|admin +msgRtr.mirrormakeruser.aaf=org.onap.dmaap.mr.mirrormaker|*|user +msgRtr.mirrormakeruser.aaf.create=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic: msgRtr.mirrormaker.timeout=15000 -msgRtr.mirrormaker.topic=com.onap.dmaap.mr.prod.mm.agent +msgRtr.mirrormaker.topic=org.onap.dmaap.mr.mirrormakeragent msgRtr.mirrormaker.consumergroup=mmagentserver msgRtr.mirrormaker.consumerid=1 diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties index a79bb8d40a..948577aaa7 100755 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties @@ -1,4 +1,4 @@ -aaf_locate_url=https://aaf-onap-test.osaaf.org:8095 +aaf_locate_url=https://aaf-locate:8095 aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 aaf_env=DEV aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm @@ -17,4 +17,4 @@ cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US cadi_loglevel=INFO cadi_protocols=TLSv1.1,TLSv1.2 cadi_latitude=37.78187 -cadi_longitude=-122.26147
\ No newline at end of file +cadi_longitude=-122.26147 diff --git a/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json b/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json new file mode 100644 index 0000000000..9e732d2af8 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json @@ -0,0 +1,6 @@ +{ + "dcaeLocationName": "san-francisco", + "fqdn": "message-router", + "topicProtocol": "http", + "topicPort": "3904" +} diff --git a/kubernetes/dmaap/components/message-router/resources/topics/MMagent.json b/kubernetes/dmaap/components/message-router/resources/topics/MMagent.json deleted file mode 100644 index 2612e0d64c..0000000000 --- a/kubernetes/dmaap/components/message-router/resources/topics/MMagent.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "topicName": "MirrorMakerProvisioning", - "topicDescription": "the topic used to provision the MM agent whitelist", - "replicationCase": "REPLICATION_NONE", - "owner": "dmaap", - "txenabled": false, - "partitionCount": "1", - "clients": [ - { - "dcaeLocationName": "san-francisco", - "clientIdentity": "dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org", - "action": [ - "pub", - "view" - ] - - } - ] -} diff --git a/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json b/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json new file mode 100644 index 0000000000..691e66abac --- /dev/null +++ b/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json @@ -0,0 +1,14 @@ +{ + "topicName": "PM_MAPPER", + "topicDescription": "The PM Mapper will be publishing perf3gpp VES events to this topic", + "owner": "pm-mapper", + "txenabled": false, + "clients": [{ + "dcaeLocationName": "san-francisco", + "clientIdentity" "dcae@dcae.onap.org", + "action": [ + "pub", + "view" + ] + }] +} diff --git a/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json b/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json new file mode 100644 index 0000000000..7ae77cd8a8 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json @@ -0,0 +1,42 @@ +{ + "topicName": "mirrormakeragent", + "topicDescription": "the topic used to provision the MM agent whitelist", + "replicationCase": "REPLICATION_NONE", + "owner": "dmaap", + "txenabled": false, + "partitionCount": "1", + "clients": [ + { + "dcaeLocationName": "san-francisco", + "clientIdentity": "dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org", + "action": [ + "pub", + "sub", + "view" + ] + + }, + { + "dcaeLocationName": "san-francisco", + "clientIdentity": "dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org", + "action": [ + "pub", + "sub", + "view" + ] + + }, + { + "dcaeLocationName": "san-francisco", + "clientIdentity": "demo@people.osaaf.org", + "action": [ + "pub", + "sub", + "view" + ] + + } + + ] +} + diff --git a/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml b/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml index 5637812437..6d246de87f 100644 --- a/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml +++ b/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml @@ -10,7 +10,7 @@ metadata: # This is what defines this resource as a hook. Without this line, the # job is considered part of the release. "helm.sh/hook": post-install - "helm.sh/hook-weight": "-5" + "helm.sh/hook-weight": "-4" "helm.sh/hook-delete-policy": hook-succeeded spec: template: @@ -25,9 +25,14 @@ spec: containers: - name: post-install-job image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: "Always" env: - name: DELAY - value: "60" + value: "30" + - name: PROTO + value: "http" + - name: PORT + value: "8080" - name: REQUESTID value: "{{.Chart.Name}}-post-install" volumeMounts: diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index bdd134ac64..7bf88f5f8e 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -68,7 +68,7 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: enableCadi - value: "false" + value: "true" volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index 5d01e55077..10ce59c0ac 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/dmaap-mr:1.1.9 +image: onap/dmaap/dmaap-mr:1.1.11 pullPolicy: Always kafka: diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index 02f0ac5399..e7b39af1ad 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -22,7 +22,7 @@ global: readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 - clientImage: onap/dmaap/dbc-client:1.0.3 + clientImage: onap/dmaap/dbc-client:1.0.5 # application configuration config: logstashServiceName: log-ls diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index ecc01fafa4..9f50620ab6 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -85,7 +85,7 @@ affinity: {} # probe configuration parameters liveness: httpGet: - path: /nbi/api/v3/status + path: /nbi/api/v4/status port: 8080 initialDelaySeconds: 180 periodSeconds: 30 @@ -95,7 +95,7 @@ liveness: readiness: httpGet: - path: /nbi/api/v3/status + path: /nbi/api/v4/status port: 8080 initialDelaySeconds: 185 periodSeconds: 30 diff --git a/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml b/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml index e22b8d26e7..d01c1548c2 100644 --- a/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml +++ b/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml @@ -38,7 +38,6 @@ pnda: osUser: centos nameserver: 8.8.8.8 ntp: pool.ntp.org - mirrorNodePort: 88 apps: fsType: local networkCidr: 10.0.0.0/16 diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties index 9a27a6c8c8..77789f49bd 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties +++ b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties @@ -24,4 +24,4 @@ key.manager.factory.algorithm=SunX509 security.protocol=TLS connection.timeout.ms=60000 read.timeout.ms=60000 -base.uri=/sdccontextbuilder/service/context +base.uri=/sdccontextbuilder/v2/service/context diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/templates/service.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/templates/service.yaml new file mode 100644 index 0000000000..defd063d2f --- /dev/null +++ b/kubernetes/pomba/charts/pomba-contextaggregator/templates/service.yaml @@ -0,0 +1,41 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName | default "http" }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml index 32544219f3..40d40b3611 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml +++ b/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml @@ -75,8 +75,8 @@ service: #Services may use any combination of ports depending on the 'type' of #service being defined. - #type: ClusterIP - #externalPort: 9529 + type: ClusterIP + externalPort: 9529 internalPort: 9529 #nodePort: <replace with unused node port suffix eg. 23> # optional port name override - default can be defined in service.yaml diff --git a/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml index f3d2aaa311..00eb921779 100644 --- a/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml +++ b/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml @@ -29,7 +29,7 @@ busyboxImage: library/busybox:latest # application image loggingRepository: docker.elastic.co -image: elasticsearch/elasticsearch:6.3.1 +image: elasticsearch/elasticsearch:6.6.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/pomba/charts/pomba-kibana/values.yaml b/kubernetes/pomba/charts/pomba-kibana/values.yaml index fe50e47fda..53725b7798 100644 --- a/kubernetes/pomba/charts/pomba-kibana/values.yaml +++ b/kubernetes/pomba/charts/pomba-kibana/values.yaml @@ -34,7 +34,7 @@ busyboxImage: library/busybox:latest # application image loggingRepository: docker.elastic.co -image: kibana/kibana:6.3.1 +image: kibana/kibana:6.6.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml b/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml index 4d8d496223..b1065c14a8 100644 --- a/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml +++ b/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs +# Copyright © 2018 Amdocs # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks Binary files differdeleted file mode 100644 index 4b7e115d8c..0000000000 --- a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks +++ /dev/null diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 Binary files differindex df2f4f6cd3..c53a7ae9b3 100644 --- a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 +++ b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 diff --git a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py index 0600f963d5..5e6288e5e7 100644 --- a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py @@ -76,6 +76,7 @@ GLOBAL_POMBA_NETWORKDISCOVERY_MICROSERVICE_PORT = "9531" GLOBAL_POMBA_VALIDATIONSERVICE_PORT = "9529" GLOBAL_POMBA_KIBANA_PORT = "5601" GLOBAL_POMBA_ELASTICSEARCH_PORT = "9200" +GLOBAL_POMBA_CONTEXTAGGREGATOR_PORT = "9529" # microservice bus info - everything is from the private oam network (also called onap private network) GLOBAL_MSB_SERVER_PROTOCOL = "http" diff --git a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py index 03321f4e65..6684bcab05 100644 --- a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py @@ -41,6 +41,7 @@ GLOBAL_INJECTED_POMBA_NETWORKDISCOVERY_MICROSERVICE_IP_ADDR = "pomba-networkdisc GLOBAL_INJECTED_POMBA_VALIDATION_SERVICE_IP_ADDR = "pomba-validation-service.{{include "common.namespace" .}}" GLOBAL_INJECTED_POMBA_KIBANA_IP_ADDR = "pomba-kibana.{{include "common.namespace" .}}" GLOBAL_INJECTED_POMBA_ELASTIC_SEARCH_IP_ADDR = "pomba-es.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR = "pomba-contextaggregator.{{include "common.namespace" .}}" GLOBAL_INJECTED_KEYSTONE = "{{ .Values.openStackKeyStoneUrl }}" GLOBAL_INJECTED_MR_IP_ADDR = "message-router.{{include "common.namespace" .}}" GLOBAL_INJECTED_MUSIC_IP_ADDR = "music.{{include "common.namespace" .}}" @@ -117,6 +118,7 @@ GLOBAL_INJECTED_PROPERTIES = { "GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR" : "pomba-networkdiscovery.{{include "common.namespace" .}}", "GLOBAL_INJECTED_POMBA_SERVICE_DECOMPOSITION_IP_ADDR" : "pomba-servicedecomposition.{{include "common.namespace" .}}", "GLOBAL_INJECTED_POMBA_SDNC_CTX_BUILDER_IP_ADDR" : "pomba-sdncctxbuilder.{{include "common.namespace" .}}", + "GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR" : "pomba-contextaggregator.{{include "common.namespace" .}}", "GLOBAL_INJECTED_MUSIC_IP_ADDR" : "music.{{include "common.namespace" .}}", "GLOBAL_INJECTED_NBI_IP_ADDR" : "nbi.{{include "common.namespace" .}}", "GLOBAL_INJECTED_NETWORK" : "{{ .Values.openStackPrivateNetId }}", diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl b/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl new file mode 100644 index 0000000000..c69fb7c81c --- /dev/null +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl @@ -0,0 +1,29 @@ +{{- define "sdc-wfd-be.volumes" }} + {{ if .Values.config.cassandraSSLEnabled }} + - name: {{ include "common.fullname" . }}-cassandra-client-truststore + hostPath: + path: /etc/cassandra-client-truststore/truststore + type: File + {{- end }} + {{ if .Values.config.serverSSLEnabled }} + - name: {{ include "common.fullname" . }}-server-https-keystore + hostPath: + path: /config/server-https-keystore/keystore + type: File + {{- end }} +{{- end }} + +{{- define "sdc-wfd-be.volumeMounts" }} + {{ if .Values.config.cassandraSSLEnabled }} + - name: {{ include "common.fullname" . }}-cassandra-client-truststore + mountPath: /etc/cassandra-client-truststore/truststore + subPath: truststore + readOnly: true + {{- end }} + {{ if .Values.config.serverSSLEnabled }} + - name: {{ include "common.fullname" . }}-server-https-keystore + mountPath: /etc/server-https-keystore/keystore + subPath: keystore + readOnly: true + {{- end }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml index 26ad05555a..bb96d342f7 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml @@ -101,34 +101,14 @@ spec: - name: SERVER_SSL_ENABLED value: "{{ .Values.config.serverSSLEnabled }}" - name: SERVER_SSL_KEYSTORE_TYPE - value: "{{ .Values.config.ser }}" + value: "{{ .Values.config.serverSSLKeyStoreType }}" - name: SERVER_SSL_KEYSTORE_PATH value: "{{ .Values.config.serverSSLKeyStorePath }}" - name: SERVER_SSL_KEY_PASSWORD value: "{{ .Values.config.serverSSLKeyPassword }}" volumeMounts: - {{ if .Values.config.cassandraSSLEnabled }} - - name: {{ include "common.fullname" . }}-cassandra-client-truststore - mountPath: /config/cassandra-client-truststore - subPath: truststore - readOnly: true - {{- end }} - {{ if .Values.config.serverSSLEnabled }} - - name: {{ include "common.fullname" . }}-server-https-keystore - mountPath: /config/server-https-keystore - subPath: keystore - readOnly: true - {{- end }} + {{- template "sdc-wfd-be.volumeMounts" . }} volumes: - {{ if .Values.config.cassandraSSLEnabled }} - - name: {{ include "common.fullname" . }}-cassandra-client-truststore - hostPath: - path: /config/cassandra-client-truststore - {{- end }} - {{ if .Values.config.serverSSLEnabled }} - - name: {{ include "common.fullname" . }}-server-https-keystore - hostPath: - path: /config/server-https-keystore - {{- end }} + {{- template "sdc-wfd-be.volumes" . }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml index ed8833a9e5..63554369ed 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml @@ -50,10 +50,10 @@ config: sdcExternalUserPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U serverSSLEnabled: false serverSSLKeyStoreType: jks - serverSSLKeyStorePath: /config/server-https-keystore/keystore + serverSSLKeyStorePath: /etc/server-https-keystore/keystore serverSSLKeyPassword: password cassandraSSLEnabled: false - cassandraTrustStorePath: /config/cassandra-client-truststore/truststore + cassandraTrustStorePath: /etc/cassandra-client-truststore/truststore cassandraTrustStorePassword: password # default number of instances diff --git a/kubernetes/sdnc/resources/config/bin/startODL.sh b/kubernetes/sdnc/resources/config/bin/startODL.sh index 6718aaf128..2513fc9dd4 100755 --- a/kubernetes/sdnc/resources/config/bin/startODL.sh +++ b/kubernetes/sdnc/resources/config/bin/startODL.sh @@ -20,17 +20,52 @@ # ============LICENSE_END========================================================= ### +# Append features to karaf boot feature configuration +# $1 additional feature to be added +# $2 repositories to be added (optional) +function addToFeatureBoot() { + CFG=$ODL_HOME/etc/org.apache.karaf.features.cfg + ORIG=$CFG.orig + if [ -n "$2" ] ; then + echo "Add repository: $2" + mv $CFG $ORIG + cat $ORIG | sed -e "\|featuresRepositories|s|$|,$2|" > $CFG + fi + echo "Add boot feature: $1" + mv $CFG $ORIG + cat $ORIG | sed -e "\|featuresBoot *=|s|$|,$1|" > $CFG +} + +# Append features to karaf boot feature configuration +# $1 search pattern +# $2 replacement +function replaceFeatureBoot() { + CFG=$ODL_HOME/etc/org.apache.karaf.features.cfg + ORIG=$CFG.orig + echo "Replace boot feature $1 with: $2" + sed -i "/featuresBoot/ s/$1/$2/g" $CFG +} + +function install_sdnrwt_features() { + addToFeatureBoot "$SDNRWT_BOOTFEATURES" $SDNRWT_REPOSITORY +} + function enable_odl_cluster(){ if [ -z $SDNC_REPLICAS ]; then echo "SDNC_REPLICAS is not configured in Env field" exit fi + #Be sure to remove feature odl-netconf-connector-all from list + replaceFeatureBoot "odl-netconf-connector-all," + echo "Installing Opendaylight cluster features" - mv $ODL_HOME/etc/org.apache.karaf.features.cfg $ODL_HOME/etc/org.apache.karaf.features.cfg.orig - cat $ODL_HOME/etc/org.apache.karaf.features.cfg.orig | sed -e "\|featuresBoot=config|s|$|,odl-mdsal-clustering,odl-jolokia|" > $ODL_HOME/etc/org.apache.karaf.features.cfg + replaceFeatureBoot odl-netconf-topology odl-netconf-clustered-topology + replaceFeatureBoot odl-mdsal-all odl-mdsal-all,odl-mdsal-clustering + addToFeatureBoot odl-jolokia #${ODL_HOME}/bin/client feature:install odl-mdsal-clustering #${ODL_HOME}/bin/client feature:install odl-jolokia + echo "Update cluster information statically" hm=$(hostname) @@ -88,6 +123,13 @@ MYSQL_HOST=${MYSQL_HOST:-{{.Release.Name}}-{{.Values.mysql.nameOverride}}-0.{{.V ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false} GEO_ENABLED=${GEO_ENABLED:-false} DBINIT_DIR=${DBINIT_DIR:-/opt/opendaylight/current/daexim} +SDNRWT=${SDNRWT:-false} +SDNRWT_BOOTFEATURES=${SDNRWT_BOOTFEATURES:-sdnr-wt-feature-aggregator} + +echo "Settings:" +echo " ENABLE_ODL_CLUSTER=$ENABLE_ODL_CLUSTER" +echo " SDNC_REPLICAS=$SDNC_REPLICAS" +echo " SDNRWT=$SDNRWT" # # Wait for database to init properly @@ -129,6 +171,8 @@ then if $ENABLE_ODL_CLUSTER ; then enable_odl_cluster ; fi + if $SDNRWT ; then install_sdnrwt_features ; fi + echo "Installed at `date`" > ${SDNC_HOME}/.installed fi diff --git a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml index 807bfaba0a..92c5c78b5f 100755 --- a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml @@ -345,3 +345,8 @@ spring: username: mso_admin password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' role: ACTUATOR +so: + vnfm: + adapter: + url: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/ + auth: Basic dm5mbTpwYXNzd29yZDEk diff --git a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml index 592c390084..0078711ff1 100755 --- a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml @@ -11,6 +11,8 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +aai: + auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586 server: port: {{ index .Values.containerPort }} spring: @@ -97,6 +99,8 @@ mso: db: spring: endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082 + aai: + endpoint: https://aai.{{ include "common.namespace" . }}:8443 db: auth: Basic YnBlbDpwYXNzd29yZDEk site-name: localDevEnv diff --git a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml index 924042d4c2..0b52949103 100755 --- a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml @@ -11,6 +11,10 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +aai: + auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586 + version: v15 + endpoint: https://aai.{{ include "common.namespace" . }}:8443 spring: security: usercredentials: @@ -23,6 +27,7 @@ spring: server: port: {{ index .Values.containerPort }} mso: + key: 07a7159d3bf51a0e53be7a8f89699be7 site-name: localSite logPath: ./logs/vnfm-adapter msb-ip: msb-iag.{{ include "common.namespace" . }} |