summaryrefslogtreecommitdiffstats
path: root/kubernetes
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes')
-rw-r--r--kubernetes/aai/components/aai-resources/templates/deployment.yaml2
-rw-r--r--kubernetes/common/cmpv2Config/values.yaml6
-rw-r--r--kubernetes/common/etcd/templates/statefulset.yaml4
-rw-r--r--kubernetes/common/repositoryGenerator/values.yaml2
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml2
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml2
-rw-r--r--kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service.yaml2
-rw-r--r--kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml2
-rw-r--r--kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml2
-rw-r--r--kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml6
-rwxr-xr-xkubernetes/onap/values.yaml2
-rw-r--r--kubernetes/platform/components/oom-cert-service/values.yaml4
-rw-r--r--kubernetes/sdnc/resources/config/conf/mountpoint-registrar.properties14
-rw-r--r--kubernetes/sdnc/templates/statefulset.yaml7
-rw-r--r--kubernetes/sdnc/values.yaml17
15 files changed, 60 insertions, 14 deletions
diff --git a/kubernetes/aai/components/aai-resources/templates/deployment.yaml b/kubernetes/aai/components/aai-resources/templates/deployment.yaml
index 84d3df3927..09e9607de7 100644
--- a/kubernetes/aai/components/aai-resources/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-resources/templates/deployment.yaml
@@ -1234,6 +1234,8 @@ spec:
value: {{ .Values.global.config.userId | quote }}
- name: LOCAL_GROUP_ID
value: {{ .Values.global.config.groupId | quote }}
+ - name: POST_JAVA_OPTS
+ value: '-Djavax.net.ssl.trustStore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword=changeit'
volumeMounts:
- mountPath: /etc/localtime
name: localtime
diff --git a/kubernetes/common/cmpv2Config/values.yaml b/kubernetes/common/cmpv2Config/values.yaml
index 19b87b1afa..b6ee064302 100644
--- a/kubernetes/common/cmpv2Config/values.yaml
+++ b/kubernetes/common/cmpv2Config/values.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2020 Nokia
+# Copyright © 2020-2021 Nokia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -14,7 +14,7 @@
global:
platform:
certServiceClient:
- image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.2
+ image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3
secretName: oom-cert-service-client-tls-secret
envVariables:
# Certificate related
@@ -29,5 +29,5 @@ global:
keystorePassword: "secret"
truststorePassword: "secret"
certPostProcessor:
- image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.2
+ image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.3
diff --git a/kubernetes/common/etcd/templates/statefulset.yaml b/kubernetes/common/etcd/templates/statefulset.yaml
index f5592bd252..e39b8c4ca2 100644
--- a/kubernetes/common/etcd/templates/statefulset.yaml
+++ b/kubernetes/common/etcd/templates/statefulset.yaml
@@ -133,6 +133,10 @@ spec:
# we should wait for other pods to be up before trying to join
# otherwise we got "no such host" errors when trying to resolve other members
for i in $(seq 0 $((${INITIAL_CLUSTER_SIZE} - 1))); do
+ if [ "${SET_NAME}-${i}" == "${HOSTNAME}" ]; then
+ echo "Skipping self-checking"
+ continue
+ fi
while true; do
echo "Waiting for ${SET_NAME}-${i}.${SERVICE_NAME} to come up"
ping -W 1 -c 1 ${SET_NAME}-${i}.${SERVICE_NAME} > /dev/null && break
diff --git a/kubernetes/common/repositoryGenerator/values.yaml b/kubernetes/common/repositoryGenerator/values.yaml
index 7d6fabe9b5..559675689f 100644
--- a/kubernetes/common/repositoryGenerator/values.yaml
+++ b/kubernetes/common/repositoryGenerator/values.yaml
@@ -23,7 +23,7 @@ global:
# common global images
busyboxImage: busybox:1.32
curlImage: curlimages/curl:7.69.1
- certServiceClientImage: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.2
+ certServiceClientImage: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3
envsubstImage: dibi/envsubst:1
# there's only latest image for htpasswd
htpasswdImage: xmartlabs/htpasswd:latest
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml
index f653a02cff..40a4d7db93 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml
@@ -87,7 +87,7 @@ spec:
{{- end -}}
{{- if .Values.affinity }}
affinity: {{ toYaml .Values.affinity | nindent 10 }}
- {{- end -}}
+ {{- end }}
# Filebeat sidecar container
- name: {{ include "common.name" . }}-filebeat-onap
image: {{ include "repositoryGenerator.image.logging" . }}
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
index a43073e8e2..5c94116bac 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
@@ -105,7 +105,7 @@ spec:
{{- if .Values.affinity }}
affinity:
{{ toYaml .Values.affinity | indent 10 }}
- {{- end -}}
+ {{- end }}
# Filebeat sidecar container
- name: {{ include "common.name" . }}-filebeat-onap
image: {{ include "repositoryGenerator.image.logging" . }}
diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service.yaml
index b9472444a3..88c83981bb 100644
--- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service.yaml
+++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service.yaml
@@ -32,7 +32,7 @@ spec:
type: {{ $root.Values.service.type }}
externalTrafficPolicy: Local
selector:
- statefulset.kubernetes.io/pod-name: {{ include "common.release" $root }}-{{ $root.Values.service.name }}-{{ $i }}
+ statefulset.kubernetes.io/pod-name: {{ include "common.release" $root }}-{{ $root.Values.service.name }}-{{ $i }}
ports:
- port: {{ $root.Values.service.externalPort }}
targetPort: {{ $root.Values.service.externalPort }}
diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml
index 03f8afa182..6c3cbc385a 100644
--- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml
+++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml
@@ -159,7 +159,7 @@ persistence:
service:
type: NodePort
name: message-router-kafka
- portName: message-router-kafka
+ portName: tcp-message-router-kafka
internalPort: 9092
internalSSLPort: 9093
externalPort: 9091
diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml
index 52eff32242..5ea5bc53b7 100644
--- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml
@@ -163,6 +163,8 @@ spec:
value: "{{ .Values.zkConfig.clientPort }}"
- name: KAFKA_OPTS
value: "{{ .Values.zkConfig.kafkaOpts }}"
+ - name: ZOOKEEPER_QUORUM_LISTEN_ON_ALL_IPS
+ value: "true"
- name: ZOOKEEPER_SERVER_ID
valueFrom:
fieldRef:
diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml
index 2da42a4604..64c29db935 100644
--- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml
+++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml
@@ -122,11 +122,11 @@ service:
type: ClusterIP
name: message-router-zookeeper
portName: message-router-zookeeper
- clientPortName: client
+ clientPortName: tcp-client
clientPort: 2181
- serverPortName: server
+ serverPortName: tcp-server
serverPort: 2888
- leaderElectionPortName: leader-election
+ leaderElectionPortName: tcp-leader
leaderElectionPort: 3888
ingress:
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 048945025c..b401d66c3a 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -202,7 +202,7 @@ global:
CMPv2CertManagerIntegration: false
platform:
certServiceClient:
- image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.2
+ image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3
secret:
name: oom-cert-service-client-tls-secret
mountPath: /etc/onap/oom/certservice/certs/
diff --git a/kubernetes/platform/components/oom-cert-service/values.yaml b/kubernetes/platform/components/oom-cert-service/values.yaml
index 8f31124e41..537b025fb0 100644
--- a/kubernetes/platform/components/oom-cert-service/values.yaml
+++ b/kubernetes/platform/components/oom-cert-service/values.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2020, Nokia
+# Copyright © 2020-2021, Nokia
# Modifications Copyright © 2020, Nordix Foundation, Orange
# Modifications Copyright © 2020 Nokia
#
@@ -38,7 +38,7 @@ certificateGenerationImage: onap/integration-java11:7.2.0
# Deployment configuration
repository: "nexus3.onap.org:10001"
-image: onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.3.2
+image: onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.3.3
pullPolicy: Always
replicaCount: 1
diff --git a/kubernetes/sdnc/resources/config/conf/mountpoint-registrar.properties b/kubernetes/sdnc/resources/config/conf/mountpoint-registrar.properties
index a21ac0441c..57a16bd488 100644
--- a/kubernetes/sdnc/resources/config/conf/mountpoint-registrar.properties
+++ b/kubernetes/sdnc/resources/config/conf/mountpoint-registrar.properties
@@ -12,6 +12,13 @@ sdnrPasswd=${ODL_ADMIN_PASSWORD}
faultConsumerClass=org.onap.ccsdk.features.sdnr.wt.mountpointregistrar.impl.DMaaPFaultVESMsgConsumer
TransportType=HTTPNOAUTH
host=message-router.{{.Release.Namespace}}:{{.Values.config.dmaapPort | default "3904"}}
+{{- if .Values.config.sdnr.dmaapProxy.enabled }}
+{{- if .Values.config.sdnr.dmaapProxy.usepwd }}
+jersey.config.client.proxy.username=${DMAAP_HTTP_PROXY_USERNAME}
+jersey.config.client.proxy.password=${DMAAP_HTTP_PROXY_PASSWORD}
+{{- end }}
+jersey.config.client.proxy.uri={{ .Values.config.sdnr.dmaapProxy.url }}
+{{- end }}
topic=unauthenticated.SEC_FAULT_OUTPUT
contenttype=application/json
group=myG
@@ -23,6 +30,13 @@ limit=10000
pnfRegConsumerClass=org.onap.ccsdk.features.sdnr.wt.mountpointregistrar.impl.DMaaPPNFRegVESMsgConsumer
TransportType=HTTPNOAUTH
host=message-router.{{.Release.Namespace}}:{{.Values.config.dmaapPort | default "3904"}}
+{{- if .Values.config.sdnr.dmaapProxy.enabled }}
+{{- if .Values.config.sdnr.dmaapProxy.usepwd }}
+jersey.config.client.proxy.username=${DMAAP_HTTP_PROXY_USERNAME}
+jersey.config.client.proxy.password=${DMAAP_HTTP_PROXY_PASSWORD}
+{{- end }}
+jersey.config.client.proxy.uri={{ .Values.config.sdnr.dmaapProxy.url }}
+{{- end }}
topic=unauthenticated.VES_PNFREG_OUTPUT
contenttype=application/json
group=myG
diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml
index b668fd8e4d..2158fefe19 100644
--- a/kubernetes/sdnc/templates/statefulset.yaml
+++ b/kubernetes/sdnc/templates/statefulset.yaml
@@ -67,6 +67,13 @@ spec:
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }}
- name: ODL_ADMIN_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }}
+ {{ if and .Values.config.sdnr.dmaapProxy.enabled .Values.config.sdnr.dmaapProxy.usepwd }}
+ - name: DMAAP_HTTP_PROXY_USERNAME
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "login") | indent 10 }}
+ - name: DMAAP_HTTP_PROXY_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "password") | indent 10 }}
+ {{- end }}
+
volumeMounts:
- mountPath: /config-input
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index 4354fe4a23..c02d5592e6 100644
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -73,6 +73,14 @@ secrets:
password: '{{ .Values.config.odlPassword }}'
# For now this is left hardcoded but should be revisited in a future
passwordPolicy: required
+ - uid: dmaap-proxy-creds
+ name: &dmaapProxyCredsSecretName '{{ include "common.release" . }}-sdnc-dmaap-proxy-creds'
+ type: basicAuth
+ externalSecret: '{{ .Values.config.dmaapProxyCredsExternalSecret }}'
+ login: '{{ .Values.config.sdnr.dmaapProxy.user }}'
+ password: '{{ .Values.config.sdnr.dmaapProxy.password }}'
+ # For now this is left hardcoded but should be revisited in a future
+ passwordPolicy: required
- uid: netbox-apikey
type: password
externalSecret: '{{ .Values.config.netboxApikeyExternalSecret }}'
@@ -227,6 +235,15 @@ config:
sdnrdbTrustAllCerts: true
mountpointRegistrarEnabled: false
mountpointStateProviderEnabled: false
+ # enable and set dmaap-proxy for mountpointRegistrar
+ dmaapProxy:
+ enabled: false
+ usepwd: true
+ user: addUserHere
+ password: addPasswordHere
+ url: addProxyUrlHere
+
+