summaryrefslogtreecommitdiffstats
path: root/kubernetes
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes')
-rw-r--r--kubernetes/a1policymanagement/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-babel/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml6
-rw-r--r--kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml6
-rw-r--r--kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml6
-rw-r--r--kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml12
-rw-r--r--kubernetes/aai/components/aai-graphadmin/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-modelloader/templates/deployment.yaml4
-rw-r--r--kubernetes/aai/components/aai-resources/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-schema-service/templates/deployment.yaml7
-rw-r--r--kubernetes/aai/components/aai-schema-service/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-traversal/values.yaml2
-rw-r--r--kubernetes/aai/values.yaml2
-rw-r--r--kubernetes/common/cassandra/templates/servicemonitor.yaml19
-rw-r--r--kubernetes/common/cassandra/templates/statefulset.yaml46
-rw-r--r--kubernetes/common/cassandra/values.yaml62
-rwxr-xr-xkubernetes/common/cert-wrapper/resources/import-custom-certs.sh4
-rw-r--r--kubernetes/common/certInitializer/templates/job.yaml2
-rw-r--r--kubernetes/common/cmpv2Config/values.yaml2
-rw-r--r--kubernetes/common/common/templates/_dmaapProvisioning.tpl3
-rw-r--r--kubernetes/common/common/templates/_service.tpl5
-rw-r--r--kubernetes/common/common/templates/_serviceMesh.tpl33
-rw-r--r--kubernetes/common/mariadb-galera/values.yaml4
-rw-r--r--kubernetes/common/repositoryGenerator/templates/_repository.tpl4
-rw-r--r--kubernetes/common/repositoryGenerator/values.yaml11
-rw-r--r--kubernetes/common/timescaledb/values.yaml5
-rwxr-xr-xkubernetes/contrib/components/ejbca/resources/ejbca-config.sh2
-rw-r--r--kubernetes/cps/Chart.yaml4
-rw-r--r--kubernetes/dcaegen2-services/Chart.yaml4
-rw-r--r--kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl15
-rw-r--r--kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl32
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/values.yaml8
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/secret.yaml19
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml41
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml8
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml10
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml8
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml8
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml10
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml8
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml8
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml8
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-prh/values.yaml8
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml12
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml8
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml8
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml8
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml8
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml13
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml12
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/Chart.yaml (renamed from kubernetes/dcaegen2/components/dcae-ves-openapi-manager/Chart.yaml)0
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/deployment.yaml (renamed from kubernetes/dcaegen2/components/dcae-ves-openapi-manager/templates/deployment.yaml)0
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml (renamed from kubernetes/dcaegen2/components/dcae-ves-openapi-manager/values.yaml)0
-rw-r--r--kubernetes/dcaegen2-services/resources/config/log/filebeat/filebeat.yml (renamed from kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_filebeat-config.tpl)2
-rw-r--r--kubernetes/dcaegen2-services/resources/expected-components.json2
-rw-r--r--kubernetes/dcaegen2-services/templates/configmap.yaml4
-rw-r--r--kubernetes/dcaegen2-services/values.yaml33
-rw-r--r--kubernetes/dcaegen2/Chart.yaml5
-rw-r--r--kubernetes/dcaegen2/resources/expected-components.json2
-rw-r--r--kubernetes/dcaegen2/values.yaml3
-rw-r--r--kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml2
-rw-r--r--kubernetes/holmes/components/holmes-engine-mgmt/templates/deployment.yaml22
-rw-r--r--kubernetes/holmes/components/holmes-engine-mgmt/values.yaml2
-rw-r--r--kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml2
-rw-r--r--kubernetes/holmes/components/holmes-rule-mgmt/resources/config/cfy.json6
-rw-r--r--kubernetes/holmes/components/holmes-rule-mgmt/resources/rules/ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b.drl88
-rw-r--r--kubernetes/holmes/components/holmes-rule-mgmt/resources/rules/index.json6
-rw-r--r--kubernetes/holmes/components/holmes-rule-mgmt/templates/configmap.yaml9
-rw-r--r--kubernetes/holmes/components/holmes-rule-mgmt/templates/deployment.yaml31
-rw-r--r--kubernetes/holmes/components/holmes-rule-mgmt/values.yaml10
-rw-r--r--kubernetes/multicloud/components/multicloud-k8s/values.yaml2
-rw-r--r--kubernetes/multicloud/components/multicloud-starlingx/values.yaml2
-rw-r--r--kubernetes/multicloud/components/multicloud-windriver/values.yaml2
-rw-r--r--kubernetes/multicloud/values.yaml2
-rw-r--r--kubernetes/onap/resources/overrides/sm-onap.yaml5
-rwxr-xr-xkubernetes/onap/values.yaml2
-rw-r--r--kubernetes/platform/components/cmpv2-cert-provider/values.yaml2
-rw-r--r--kubernetes/platform/components/oom-cert-service/values.yaml2
-rwxr-xr-xkubernetes/policy/Chart.yaml8
-rwxr-xr-xkubernetes/policy/components/policy-apex-pdp/values.yaml2
-rwxr-xr-xkubernetes/policy/components/policy-api/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-be/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-cl-http-ppnt/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-cl-pf-ppnt/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-cl-runtime/resources/config/clRuntimeParameters.yaml13
-rw-r--r--kubernetes/policy/components/policy-clamp-cl-runtime/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-fe/values.yaml2
-rwxr-xr-xkubernetes/policy/components/policy-distribution/values.yaml2
-rwxr-xr-xkubernetes/policy/components/policy-drools-pdp/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-gui/values.yaml2
-rwxr-xr-xkubernetes/policy/components/policy-pap/values.yaml2
-rwxr-xr-xkubernetes/policy/components/policy-xacml-pdp/values.yaml2
-rwxr-xr-xkubernetes/policy/templates/job.yaml2
-rw-r--r--kubernetes/robot/resources/config/eteshare/config/robot_properties.py18
-rw-r--r--kubernetes/robot/values.yaml3
-rw-r--r--kubernetes/sdc/components/sdc-be/templates/deployment.yaml28
-rw-r--r--kubernetes/sdc/components/sdc-be/templates/job.yaml1
-rw-r--r--kubernetes/sdc/components/sdc-be/values.yaml14
-rw-r--r--kubernetes/sdc/components/sdc-cs/Chart.yaml8
-rw-r--r--kubernetes/sdc/components/sdc-cs/templates/job.yaml3
-rw-r--r--kubernetes/sdc/components/sdc-cs/values.yaml19
-rw-r--r--kubernetes/sdc/components/sdc-fe/resources/config/plugins/plugins-configuration.yaml8
-rw-r--r--kubernetes/sdc/components/sdc-fe/templates/configmap.yaml2
-rw-r--r--kubernetes/sdc/components/sdc-fe/templates/deployment.yaml32
-rw-r--r--kubernetes/sdc/components/sdc-fe/templates/service.yaml28
-rw-r--r--kubernetes/sdc/components/sdc-fe/values.yaml16
-rw-r--r--kubernetes/sdc/components/sdc-helm-validator/values.yaml2
-rw-r--r--kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml36
-rw-r--r--kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml10
-rw-r--r--kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml8
-rw-r--r--kubernetes/sdc/components/sdc-onboarding-be/values.yaml9
-rw-r--r--kubernetes/sdc/components/sdc-wfd-be/templates/_helper.tpl1
-rw-r--r--kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml21
-rw-r--r--kubernetes/sdc/components/sdc-wfd-be/templates/ingress.yaml2
-rw-r--r--kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml34
-rw-r--r--kubernetes/sdc/components/sdc-wfd-be/templates/service.yaml10
-rw-r--r--kubernetes/sdc/components/sdc-wfd-be/values.yaml43
-rw-r--r--kubernetes/sdc/components/sdc-wfd-fe/templates/_helper.tpl1
-rw-r--r--kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml16
-rw-r--r--kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml12
-rw-r--r--kubernetes/sdc/components/sdc-wfd-fe/values.yaml5
-rwxr-xr-xkubernetes/sdc/resources/config/environments/AUTO.json20
-rw-r--r--kubernetes/sdc/values.yaml17
-rw-r--r--kubernetes/sdnc/components/dmaap-listener/values.yaml2
-rw-r--r--kubernetes/sdnc/components/sdnc-ansible-server/values.yaml2
-rw-r--r--kubernetes/sdnc/components/sdnc-web/values.yaml2
-rw-r--r--kubernetes/sdnc/components/ueb-listener/values.yaml2
-rw-r--r--kubernetes/sdnc/values.yaml2
129 files changed, 866 insertions, 393 deletions
diff --git a/kubernetes/a1policymanagement/values.yaml b/kubernetes/a1policymanagement/values.yaml
index 489390d8f1..e4ded1b0b2 100644
--- a/kubernetes/a1policymanagement/values.yaml
+++ b/kubernetes/a1policymanagement/values.yaml
@@ -63,7 +63,7 @@ certInitializer:
echo "*** change ownership of certificates to targeted user"
chown -R 1000 .
-image: onap/ccsdk-oran-a1policymanagementservice:1.2.3
+image: onap/ccsdk-oran-a1policymanagementservice:1.2.5
userID: 1000 #Should match with image-defined user ID
groupID: 999 #Should match with image-defined group ID
pullPolicy: IfNotPresent
diff --git a/kubernetes/aai/components/aai-babel/values.yaml b/kubernetes/aai/components/aai-babel/values.yaml
index 3b68f4defe..f2dfd2c9c2 100644
--- a/kubernetes/aai/components/aai-babel/values.yaml
+++ b/kubernetes/aai/components/aai-babel/values.yaml
@@ -59,7 +59,7 @@ certInitializer:
#################################################################
# application image
-image: onap/babel:1.9.1
+image: onap/babel:1.9.2
flavor: small
flavorOverride: small
diff --git a/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml b/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml
index cccc2b1e66..d0147aa1a4 100644
--- a/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml
@@ -63,9 +63,9 @@ spec:
echo "*** retrieve Truststore and Keystore password"
export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0)
echo "*** obfuscate them "
- export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml
index 95c3fe2fbf..07307134d8 100644
--- a/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml
@@ -68,9 +68,9 @@ spec:
echo "*** retrieve Truststore and Keystore password"
export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0)
echo "*** obfuscate them "
- export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml
index 62e27b6321..b483489141 100644
--- a/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml
@@ -63,9 +63,9 @@ spec:
echo "*** retrieve Truststore and Keystore password"
export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0)
echo "*** obfuscate them "
- export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml
index 07009b2fbd..0d471f7d78 100644
--- a/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml
@@ -68,9 +68,9 @@ spec:
echo "*** retrieve Truststore and Keystore password"
export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0)
echo "*** obfuscate them "
- export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
@@ -266,9 +266,9 @@ spec:
echo "*** retrieve Truststore and Keystore password"
export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0)
echo "*** obfuscate them "
- export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
diff --git a/kubernetes/aai/components/aai-graphadmin/values.yaml b/kubernetes/aai/components/aai-graphadmin/values.yaml
index 2774609e8f..118f446b26 100644
--- a/kubernetes/aai/components/aai-graphadmin/values.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/values.yaml
@@ -144,7 +144,7 @@ certInitializer:
chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }}
# application image
-image: onap/aai-graphadmin:1.9.1
+image: onap/aai-graphadmin:1.9.2
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml b/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml
index c4098b1a3b..22f0dbcd05 100644
--- a/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml
@@ -56,8 +56,8 @@ spec:
echo "*** obfuscate them "
export KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD}
export TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD}
- export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
image: {{ include "repositoryGenerator.image.jetty" . }}
diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml
index fcf7cfedef..51984947cd 100644
--- a/kubernetes/aai/components/aai-resources/values.yaml
+++ b/kubernetes/aai/components/aai-resources/values.yaml
@@ -157,7 +157,7 @@ certInitializer:
chown -R 1000 {{ .Values.credsPath }}
# application image
-image: onap/aai-resources:1.9.1
+image: onap/aai-resources:1.9.3
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml b/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml
index e4f1d72d7b..cb58120159 100644
--- a/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml
@@ -52,8 +52,9 @@ spec:
echo "*** obfuscate them "
export KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD}
export TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD}
- export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ ls -l /usr/local/jetty/lib
+ export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
image: {{ include "repositoryGenerator.image.jetty" . }}
@@ -75,8 +76,6 @@ spec:
- |
echo "*** retrieve Truststore and Keystore password"
export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
- echo "keystore pass: $KEYSTORE_PASSWORD"
- echo "truststore pass: $TRUSTSTORE_PASSWORD"
echo "*** actual launch of AAI Schema Service"
/bin/bash /opt/app/aai-schema-service/docker-entrypoint.sh
{{- end }}
diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml
index 7989bcc63d..9ca398319b 100644
--- a/kubernetes/aai/components/aai-schema-service/values.yaml
+++ b/kubernetes/aai/components/aai-schema-service/values.yaml
@@ -94,7 +94,7 @@ certInitializer:
chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }}
# application image
-image: onap/aai-schema-service:1.9.2
+image: onap/aai-schema-service:1.9.3
pullPolicy: Always
restartPolicy: Always
flavorOverride: small
diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml
index 38c7bd0da2..7de12f54a7 100644
--- a/kubernetes/aai/components/aai-traversal/values.yaml
+++ b/kubernetes/aai/components/aai-traversal/values.yaml
@@ -140,7 +140,7 @@ certInitializer:
chown -R 1000 {{ .Values.credsPath }}
# application image
-image: onap/aai-traversal:1.9.1
+image: onap/aai-traversal:1.9.3
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml
index 3ceeb8439e..42b0fa622a 100644
--- a/kubernetes/aai/values.yaml
+++ b/kubernetes/aai/values.yaml
@@ -364,6 +364,8 @@ liveness:
# --set aai.global.cassandra.serviceName=aai-cassandra
cassandra:
nameOverride: aai-cassandra
+ serviceAccount:
+ nameOverride: aai-cassandra
replicaCount: 3
service:
name: aai-cassandra
diff --git a/kubernetes/common/cassandra/templates/servicemonitor.yaml b/kubernetes/common/cassandra/templates/servicemonitor.yaml
new file mode 100644
index 0000000000..5297e692d2
--- /dev/null
+++ b/kubernetes/common/cassandra/templates/servicemonitor.yaml
@@ -0,0 +1,19 @@
+{{/*
+# Copyright © 2022 Amdocs, Bitnami, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if .Values.metrics.serviceMonitor.enabled }}
+{{ include "common.serviceMonitor" . }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/common/cassandra/templates/statefulset.yaml b/kubernetes/common/cassandra/templates/statefulset.yaml
index 840e95b490..43367ee542 100644
--- a/kubernetes/common/cassandra/templates/statefulset.yaml
+++ b/kubernetes/common/cassandra/templates/statefulset.yaml
@@ -1,5 +1,5 @@
{{/*
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright © 2022 Amdocs, AT&T, Bell Canada, Bitnami
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -26,6 +26,15 @@ spec:
type: {{ .Values.updateStrategy.type }}
template:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+ {{- if or .Values.podAnnotations (and .Values.metrics.serviceMonitor.enabled .Values.metrics.podAnnotations) }}
+ annotations:
+ {{- if .Values.podAnnotations }}
+ {{- include "common.tplValue" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }}
+ {{- end }}
+ {{- if and .Values.metrics.serviceMonitor.enabled .Values.metrics.podAnnotations }}
+ {{- include "common.tplValue" (dict "value" .Values.metrics.podAnnotations "context" $) | nindent 8 }}
+ {{- end }}
+ {{- end }}
spec:
hostNetwork: {{ .Values.hostNetwork }}
imagePullSecrets:
@@ -126,6 +135,41 @@ spec:
command: ["/bin/sh", "-c", "PID=$(pidof java) && kill $PID && while ps -p $PID > /dev/null; do sleep 1; done"]
{{- end }}
resources: {{ toYaml .Values.resources | nindent 10 }}
+ {{- if .Values.metrics.serviceMonitor.enabled }}
+ - name: {{ include "common.name" . }}-metrics
+ image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.metrics.image }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.metrics.pullPolicy | quote}}
+ {{- if (.Values.metrics.enabled) }}
+ ports:
+ {{- range $index, $metricPort := .Values.metrics.ports }}
+ - name: {{ $metricPort.name }}
+ containerPort: {{ $metricPort.port }}
+ protocol: TCP
+ {{- end }}
+ livenessProbe:
+ httpGet:
+ path: {{ .Values.metrics.livenessProbe.httpGet.path }}
+ port: {{ .Values.metrics.livenessProbe.httpGet.port }}
+ initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }}
+ periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }}
+ timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }}
+ successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }}
+ failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }}
+ readinessProbe:
+ httpGet:
+ path: {{ .Values.metrics.readinessProbe.httpGet.path }}
+ port: {{ .Values.metrics.readinessProbe.httpGet.port }}
+ initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }}
+ periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
+ timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }}
+ successThreshold: {{ .Values.metrics.readinessProbe.successThreshold }}
+ failureThreshold: {{ .Values.metrics.readinessProbe.failureThreshold }}
+ {{- end }}
+ {{ include "common.containerSecurityContext" . | indent 10 | trim }}
+ {{- if .Values.metrics.resources }}
+ resources: {{- toYaml .Values.metrics.resources | nindent 10 }}
+ {{- end }}
+ {{- end }}
{{- if .Values.nodeSelector }}
nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
{{- end -}}
diff --git a/kubernetes/common/cassandra/values.yaml b/kubernetes/common/cassandra/values.yaml
index 1d69993956..597174ee0a 100644
--- a/kubernetes/common/cassandra/values.yaml
+++ b/kubernetes/common/cassandra/values.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
+# Copyright © 2022 Amdocs, Bell Canada, AT&T, Bitnami
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -168,3 +168,63 @@ serviceAccount:
nameOverride: cassandra
roles:
- nothing
+
+# Cassandra Metrics
+metrics:
+ enabled: false
+ image: bitnami/cassandra-exporter:2.3.4-debian-10-r641
+ pullPolicy: IfNotPresent
+ ports:
+ - name: tcp-metrics
+ port: 8080
+ podAnnotations:
+ prometheus.io/scrape: 'true'
+ prometheus.io/port: '8080'
+ livenessProbe:
+ enabled: true
+ httpGet:
+ path: /metrics
+ port: 8080
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ timeoutSeconds: 5
+ successThreshold: 1
+ failureThreshold: 3
+ readinessProbe:
+ httpGet:
+ path: /metrics
+ port: 8080
+ enabled: true
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ timeoutSeconds: 5
+ successThreshold: 1
+ failureThreshold: 3
+ serviceMonitor:
+ enabled: false
+ targetPort: 8080
+ path: /metrics
+ basicAuth:
+ enabled: false
+ ## Namespace in which Prometheus is running
+ ##
+ # namespace: monitoring
+
+ ## Interval at which metrics should be scraped.
+ #interval: 30s
+
+ ## Timeout after which the scrape is ended
+ # scrapeTimeout: 10s
+
+ ## ServiceMonitor selector labels
+ selector:
+ app.kubernetes.io/name: '{{ include "common.name" . }}'
+ helm.sh/chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
+ app.kubernetes.io/instance: '{{ include "common.release" . }}'
+ app.kubernetes.io/managed-by: '{{ .Release.Service }}'
+
+ ## RelabelConfigs to apply to samples before scraping
+ relabelings: []
+
+ ## MetricRelabelConfigs to apply to samples before ingestion
+ metricRelabelings: []
diff --git a/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh
index fa3de03ece..96b0c0c0c8 100755
--- a/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh
+++ b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh
@@ -41,7 +41,7 @@ for f in $CERTS_DIR/*; do
if echo $f | grep '\.sh$' >/dev/null; then
continue
fi
- if echo $f | grep '\.b64$' >/dev/null; then
+ if echo $f | grep '\.b64$' >/dev/null
then
base64 -d $f > $WORK_DIR/`basename $f .b64`
else
@@ -87,4 +87,4 @@ if [ $? != 0 ]
exit 1
else
cp /etc/ssl/certs/ca-certificates.crt $WORK_DIR/.
-fi \ No newline at end of file
+fi
diff --git a/kubernetes/common/certInitializer/templates/job.yaml b/kubernetes/common/certInitializer/templates/job.yaml
index 2acb423511..84a3e87098 100644
--- a/kubernetes/common/certInitializer/templates/job.yaml
+++ b/kubernetes/common/certInitializer/templates/job.yaml
@@ -25,6 +25,8 @@ spec:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers: {{ include "common.certInitializer.initContainer" (dict "dot" . "initRoot" .Values) | nindent 6 }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
containers:
- name: create-tls-secret
command:
diff --git a/kubernetes/common/cmpv2Config/values.yaml b/kubernetes/common/cmpv2Config/values.yaml
index 4b8438ace2..aeac9901a3 100644
--- a/kubernetes/common/cmpv2Config/values.yaml
+++ b/kubernetes/common/cmpv2Config/values.yaml
@@ -35,5 +35,5 @@ global:
truststorePasswordSecretName: oom-cert-service-truststore-password
truststorePasswordSecretKey: password
certPostProcessor:
- image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.4.0
+ image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.5.0
diff --git a/kubernetes/common/common/templates/_dmaapProvisioning.tpl b/kubernetes/common/common/templates/_dmaapProvisioning.tpl
index d28494aacd..eefd00d7bf 100644
--- a/kubernetes/common/common/templates/_dmaapProvisioning.tpl
+++ b/kubernetes/common/common/templates/_dmaapProvisioning.tpl
@@ -138,6 +138,7 @@
args:
- -c
- |
+ set -uex -o pipefail
if [ -d /opt/app/config/cache ]; then
cd /opt/app/config/cache
for file in $(ls feed*); do
@@ -147,8 +148,6 @@
done
for file in $(ls drpub*); do
NUM=$(echo "$file" | sed 's/drpubConfig-\([0-9]\+\)-resp.json/\1/')
- export DR_USERNAME_"$NUM"="$(grep -o '"username":"[^"]*' "$file" | cut -d '"' -f4)"
- export DR_PASSWORD_"$NUM"="$(grep -o '"userpwd":"[^"]*' "$file" | cut -d '"' -f4)"
export DR_FILES_PUBLISHER_ID_"$NUM"="$(grep -o '"pubId":"[^"]*' "$file" | cut -d '"' -f4)"
done
for file in $(ls drsub*); do
diff --git a/kubernetes/common/common/templates/_service.tpl b/kubernetes/common/common/templates/_service.tpl
index a488e0d5fa..f6a0f211a9 100644
--- a/kubernetes/common/common/templates/_service.tpl
+++ b/kubernetes/common/common/templates/_service.tpl
@@ -267,6 +267,11 @@ spec:
{{- $ports := $dot.Values.service.headlessPorts -}}
{{- $labels := default (dict) .labels -}}
{{- $matchLabels := default (dict) .matchLabels -}}
+{{- if ($dot.Values.metrics) }}
+{{- range $index, $metricPort := $dot.Values.metrics.ports }}
+{{- $ports = append $ports $metricPort }}
+{{- end }}
+{{- end }}
{{ include "common.genericService" (dict "suffix" $suffix "annotations" $annotations "dot" $dot "publishNotReadyAddresses" $publishNotReadyAddresses "ports" $ports "serviceType" "ClusterIP" "headless" true "labels" $labels "matchLabels" $matchLabels) }}
{{- end -}}
diff --git a/kubernetes/common/common/templates/_serviceMesh.tpl b/kubernetes/common/common/templates/_serviceMesh.tpl
index d4fc182b34..a685a73627 100644
--- a/kubernetes/common/common/templates/_serviceMesh.tpl
+++ b/kubernetes/common/common/templates/_serviceMesh.tpl
@@ -14,8 +14,7 @@
# limitations under the License.
*/}}
-
-{/*
+{{/*
Calculate if we are on service mesh.
*/}}
{{- define "common.onServiceMesh" -}}
@@ -26,6 +25,9 @@ true
{{- end -}}
{{- end -}}
+{{/*
+ Kills the sidecar proxy associated with a pod.
+*/}}
{{- define "common.serviceMesh.killSidecar" -}}
{{- if (include "common.onServiceMesh" .) }}
RCODE="$?";
@@ -37,3 +39,30 @@ echo "*** exiting with script exit code" ;
exit "$RCODE"
{{- end }}
{{- end -}}
+
+{{/*
+ Wait for job container.
+*/}}
+{{- define "common.waitForJobContainer" -}}
+{{- $dot := default . .dot -}}
+{{- $wait_for_job_container := default $dot.Values.wait_for_job_container .wait_for_job_container -}}
+{{- if (include "common.onServiceMesh" .) }}
+- name: {{ include "common.name" $dot }}{{ ternary "" (printf "-%s" $wait_for_job_container.name) (empty $wait_for_job_container.name) }}-service-mesh-wait-for-job-container
+ image: {{ include "repositoryGenerator.image.quitQuit" $dot }}
+ imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
+ command:
+ - /bin/sh
+ - "-c"
+ args:
+ - echo "waiting 10s for istio side cars to be up"; sleep 10s;
+ {{- range $container := $wait_for_job_container.containers }}
+ /app/ready.py --service-mesh-check {{ tpl $container $dot }} -t 45;
+ {{- end }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+{{- end }}
+{{- end }}
diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml
index f49a898818..9f7c882134 100644
--- a/kubernetes/common/mariadb-galera/values.yaml
+++ b/kubernetes/common/mariadb-galera/values.yaml
@@ -608,8 +608,8 @@ metrics:
## ServiceMonitor selector labels
## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration
##
- selector:
- prometheus: kube-prometheus
+ # selector:
+ # prometheus: kube-prometheus
## RelabelConfigs to apply to samples before scraping
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
diff --git a/kubernetes/common/repositoryGenerator/templates/_repository.tpl b/kubernetes/common/repositoryGenerator/templates/_repository.tpl
index 349bb4072a..f57d390477 100644
--- a/kubernetes/common/repositoryGenerator/templates/_repository.tpl
+++ b/kubernetes/common/repositoryGenerator/templates/_repository.tpl
@@ -141,6 +141,10 @@
{{- include "repositoryGenerator.image._helper" (merge (dict "image" "dbcClientImage") .) }}
{{- end -}}
+{{- define "repositoryGenerator.image.quitQuit" -}}
+ {{- include "repositoryGenerator.image._helper" (merge (dict "image" "quitQuitImage") .) }}
+{{- end -}}
+
{{/*
Resolve the image repository secret token.
The value for .Values.global.repositoryCred is used if provided:
diff --git a/kubernetes/common/repositoryGenerator/values.yaml b/kubernetes/common/repositoryGenerator/values.yaml
index a05bc13ae6..7058f865bc 100644
--- a/kubernetes/common/repositoryGenerator/values.yaml
+++ b/kubernetes/common/repositoryGenerator/values.yaml
@@ -1,6 +1,6 @@
# Copyright © 2020 Orange
# Copyright © 2021 Nokia, AT&T
-# Modifications Copyright (C) 2021 Nordix Foundation.
+# Modifications Copyright (c) 2022 Nordix Foundation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -28,7 +28,10 @@ global:
envsubstImage: dibi/envsubst:1
# there's only latest image for htpasswd
htpasswdImage: xmartlabs/htpasswd:latest
- jettyImage: jetty:9-jdk11-slim
+ # if you change jetty image, you'll also need to update jar file which is
+ # "hardcoded" to the value...
+ # (/usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar) for 9.4.45
+ jettyImage: jetty:9.4.45-jdk11-slim
jreImage: onap/integration-java11:10.0.0
kubectlImage: bitnami/kubectl:1.19
loggingImage: beats/filebeat:5.5.0
@@ -37,7 +40,8 @@ global:
postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1
readinessImage: onap/oom/readiness:3.0.1
dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1
- dbcClientImage: onap/dmaap/dbc-client:2.0.7
+ dbcClientImage: onap/dmaap/dbc-client:2.0.9
+ quitQuitImage: onap/oom/readiness:4.1.0
# Default credentials
# they're optional. If the target repository doesn't need them, comment them
@@ -71,3 +75,4 @@ imageRepoMapping:
readinessImage: repository
dcaePolicySyncImage: repository
dbcClientImage: repository
+ quitQuitImage: repository
diff --git a/kubernetes/common/timescaledb/values.yaml b/kubernetes/common/timescaledb/values.yaml
index 258f516ff0..72a4b6ffd0 100644
--- a/kubernetes/common/timescaledb/values.yaml
+++ b/kubernetes/common/timescaledb/values.yaml
@@ -1,5 +1,5 @@
# ============LICENSE_START=======================================================
-# Copyright (c) 2021 Bell Canada.
+# Copyright (c) 2021 2022 Bell Canada.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -23,7 +23,7 @@ global:
#################################################################
# Secrets.
##############################################################
-image: timescale/timescaledb:2.1.1-pg13
+image: timescale/timescaledb:2.5.1-pg14
pullPolicy: Always
containerPorts: 5432
@@ -125,4 +125,3 @@ secrets:
externalSecret: '{{ tpl (default "" .Values.config.pgUserExternalSecret) . }}'
login: '{{ .Values.config.pgUserName }}'
password: '{{ .Values.config.pgUserPassword }}'
-
diff --git a/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh b/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh
index 94c95d6c30..a538238151 100755
--- a/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh
+++ b/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh
@@ -49,6 +49,8 @@ configureEjbca() {
ejbca.sh roles changerule "Certificate Update Admin" /endentityprofilesrules/Custom_EndEntity/ ACCEPT
ejbca.sh roles changerule "Certificate Update Admin" /ra_functionality/edit_end_entity/ ACCEPT
ejbca.sh roles addrolemember "Certificate Update Admin" ManagementCA WITH_ORGANIZATION --value "{{ .Values.cmpv2Config.global.certificate.default.subject.organization }}"
+ # workarround to exit successfully, as a reexecution of "addrolemember" returns an error
+ exit 0
}
diff --git a/kubernetes/cps/Chart.yaml b/kubernetes/cps/Chart.yaml
index 097bb98559..5e951d7beb 100644
--- a/kubernetes/cps/Chart.yaml
+++ b/kubernetes/cps/Chart.yaml
@@ -1,4 +1,4 @@
-# Copyright (C) 2021 Bell Canada
+# Copyright (C) 2021 2022 Bell Canada
# Modifications Copyright © 2021 Orange
# Modifications Copyright © 2021 Nordix Foundation
#
@@ -34,4 +34,4 @@ dependencies:
- name: ncmp-dmi-plugin
version: ~10.x-0
repository: '@local'
- condition: ncmp-dmi-plugin.enabled \ No newline at end of file
+ condition: ncmp-dmi-plugin.enabled
diff --git a/kubernetes/dcaegen2-services/Chart.yaml b/kubernetes/dcaegen2-services/Chart.yaml
index 609d78b6f4..4710acc2b3 100644
--- a/kubernetes/dcaegen2-services/Chart.yaml
+++ b/kubernetes/dcaegen2-services/Chart.yaml
@@ -103,3 +103,7 @@ dependencies:
version: ~10.x-0
repository: '@local'
condition: dcae-ves-mapper.enabled
+ - name: dcae-ves-openapi-manager
+ version: ~10.x-0
+ repository: 'file://components/dcae-ves-openapi-manager'
+ condition: dcae-ves-openapi-manager.enabled
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl
index 5313b0782a..f76be4c190 100644
--- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl
@@ -52,19 +52,6 @@ data:
application_config.yaml: |
{{ $appConf | toYaml | indent 4 }}
-{{- if .Values.logDirectory }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-filebeat-configmap
- namespace: {{ include "common.namespace" . }}
- labels: {{ include "common.labels" . | nindent 6 }}
-data:
- filebeat.yml: |-
-{{ include "dcaegen2-services-common.filebeatConfiguration" . | indent 4 }}
-{{- end }}
-
{{- if .Values.drFeedConfig }}
---
apiVersion: v1
@@ -124,4 +111,4 @@ data:
{{ $topics | toJson | indent 2 }}
{{- end }}
{{- end }}
-{{- end }} \ No newline at end of file
+{{- end }}
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
index 5ba7d2977a..ef49f8c5d4 100644
--- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
@@ -222,7 +222,7 @@ policies:
*/}}
{{- define "dcaegen2-services-common.microserviceDeployment" -}}
-{{- $logDir := default "" .Values.logDirectory -}}
+{{- $logDir := default "" .Values.log.path -}}
{{- $certDir := default "" .Values.certDirectory . -}}
{{- $tlsServer := default "" .Values.tlsServer -}}
{{- $commonRelease := print (include "common.release" .) -}}
@@ -355,7 +355,7 @@ spec:
name: app-config-input
{{- if $logDir }}
- mountPath: {{ $logDir}}
- name: component-log
+ name: logs
{{- end }}
{{- if $certDir }}
- mountPath: {{ $certDir }}
@@ -370,24 +370,7 @@ spec:
{{- end }}
{{- include "dcaegen2-services-common._externalVolumeMounts" . | nindent 8 }}
{{- if $logDir }}
- - image: {{ include "repositoryGenerator.image.logging" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: filebeat
- env:
- - name: POD_IP
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: status.podIP
- resources: {{ include "common.resources" . | nindent 2 }}
- volumeMounts:
- - mountPath: /var/log/onap/{{ include "common.name" . }}
- name: component-log
- - mountPath: /usr/share/filebeat/data
- name: filebeat-data
- - mountPath: /usr/share/filebeat/filebeat.yml
- name: filebeat-conf
- subPath: filebeat.yml
+ {{ include "common.log.sidecar" . | nindent 6 }}
{{- end }}
{{- if $policy }}
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.dcaePolicySyncImage }}
@@ -448,13 +431,8 @@ spec:
name: app-config
{{- if $logDir }}
- emptyDir: {}
- name: component-log
- - emptyDir: {}
- name: filebeat-data
- - configMap:
- defaultMode: 420
- name: {{ include "common.fullname" . }}-filebeat-configmap
- name: filebeat-conf
+ name: logs
+ {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix . )) | nindent 6 }}
{{- end }}
{{- if $certDir }}
- emptyDir: {}
diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/values.yaml
index 572e812cf3..f55aeecdbd 100644
--- a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/values.yaml
@@ -21,6 +21,7 @@
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: true
#################################################################
# Filebeat Configuration Defaults.
@@ -59,8 +60,11 @@ image: onap/org.onap.dcaegen2.services.components.bbs-event-processor:2.1.1
pullPolicy: Always
# Log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-logDirectory: /opt/app/bbs-event-processor/logs
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: /opt/app/bbs-event-processor/logs
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# Directory where TLS certs should be stored
# if absent, no certs will be retrieved and stored
diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/secret.yaml
new file mode 100644
index 0000000000..13a14a5e12
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/secret.yaml
@@ -0,0 +1,19 @@
+{{/*
+################################################################################
+# Copyright (c) 2022 Nordix Foundation. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+*/}}
+
+{{ include "common.secretFast" . }} \ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml
index 2342470877..2ce6c89775 100644
--- a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml
@@ -1,6 +1,6 @@
# ================================ LICENSE_START ==========================
# =========================================================================
-# Copyright (C) 2021 Nordix Foundation.
+# Copyright (c) 2021 Nordix Foundation.
# =========================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -21,6 +21,7 @@
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: true
#################################################################
# Filebeat Configuration Defaults.
@@ -30,11 +31,21 @@ filebeatConfig:
logstashPort: 5044
#################################################################
+# Secrets Configuration.
+#################################################################
+secrets:
+ - uid: &drPubCredsUID drpubcreds
+ type: basicAuth
+ login: '{{ .Values.drPubscriberCreds.username }}'
+ password: '{{ .Values.drPubscriberCreds.password }}'
+ passwordPolicy: required
+
+#################################################################
# InitContainer Images.
#################################################################
tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1
-certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.4.0
+certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.5.0
#################################################################
# Application Configuration Defaults.
@@ -44,8 +55,11 @@ image: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.6.1
pullPolicy: Always
# Log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-logDirectory: /var/log/ONAP
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: /var/log/ONAP
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# Directory where TLS certs should be stored
# if absent, no certs will be retrieved and stored
@@ -112,6 +126,19 @@ applicationEnv:
# It's a workaround because DMAAP specific env variables are not available in main container.
CBS_CLIENT_CONFIG_PATH: ''
+# Data Router Publisher Credentials
+drPubscriberCreds:
+ username: username
+ password: password
+
+credentials:
+- name: DR_USERNAME
+ uid: *drPubCredsUID
+ key: login
+- name: DR_PASSWORD
+ uid: *drPubCredsUID
+ key: password
+
# Initial Application Configuration
applicationConfig:
dmaap.certificateConfig.keyCert: /opt/app/datafile/etc/cert/cert.p12
@@ -135,8 +162,8 @@ applicationConfig:
location: loc00
log_url: ${DR_LOG_URL_0}
publish_url: ${DR_FILES_PUBLISHER_URL_0}
- username: ${DR_USERNAME_0}
- password: ${DR_PASSWORD_0}
+ username: ${DR_USERNAME}
+ password: ${DR_PASSWORD}
type: data_router
streams_subscribes:
dmaap_subscriber:
@@ -155,6 +182,8 @@ drFeedConfig:
# DataRouter Publisher Configuration
drPubConfig:
- feedName: bulk_pm_feed
+ username: ${DR_USERNAME}
+ userpwd: ${DR_PASSWORD}
dcaeLocationName: loc00
# ConfigMap Configuration for Feed, Dr_Publisher
diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml
index 0553b52265..22a5a5b1cb 100644
--- a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml
@@ -21,6 +21,7 @@
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: true
#################################################################
# Filebeat Configuration Defaults.
@@ -52,8 +53,11 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.
image: onap/org.onap.dcaegen2.services.datalakeadminui:1.1.1
# Log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-logDirectory: /var/log/ONAP/dcaegen2/services/datalake-admin-ui
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: /var/log/ONAP/dcaegen2/services/datalake-admin-ui
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# Directory where TLS certs should be stored
# if absent, no certs will be retrieved and stored
diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml
index 9373e8256a..051a7a4673 100644
--- a/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml
@@ -21,10 +21,11 @@
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: true
#################################################################
# Filebeat Configuration Defaults.
-#B
+#
#################################################################
filebeatConfig:
logstashServiceName: log-ls
@@ -58,8 +59,11 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.
image: onap/org.onap.dcaegen2.services.datalake.exposure.service:1.1.1
# Log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-logDirectory: /var/log/ONAP/dcaegen2/services/datalake
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: /var/log/ONAP/dcaegen2/services/datalake
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# Directory where TLS certs should be stored
# if absent, no certs will be retrieved and stored
diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml
index 2452dc8a18..07306e1286 100644
--- a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml
@@ -21,6 +21,7 @@
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: true
#################################################################
# Filebeat Configuration Defaults.
@@ -60,8 +61,11 @@ image: onap/org.onap.dcaegen2.services.datalakefeeder:1.1.1
pullPolicy: Always
# Log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-logDirectory: /var/log/ONAP/dcaegen2/services/datalake
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: /var/log/ONAP/dcaegen2/services/datalake
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# Directory where TLS certs should be stored
# if absent, no certs will be retrieved and stored
diff --git a/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml b/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml
index bbf815d658..4ed0a83677 100644
--- a/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml
@@ -21,6 +21,7 @@
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: true
#################################################################
# Filebeat Configuration Defaults.
@@ -60,8 +61,11 @@ image: onap/org.onap.dcaegen2.services.heartbeat:2.3.1
pullPolicy: Always
# Log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-logDirectory: /var/log/ONAP/dcaegen2/services/heartbeat
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: /var/log/ONAP/dcaegen2/services/heartbeat
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# Directory where TLS certs should be stored
# if absent, no certs will be retrieved and stored
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
index 650ec03920..856c4a0f6b 100644
--- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
@@ -22,6 +22,7 @@
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: true
#################################################################
# Filebeat configuration defaults.
@@ -35,7 +36,7 @@ filebeatConfig:
#################################################################
tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1
-certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.4.0
+certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.5.0
#################################################################
# Application configuration defaults.
@@ -45,8 +46,11 @@ image: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.9.1
pullPolicy: Always
# log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-logDirectory: /var/log/ONAP/dcae-hv-ves-collector
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: /var/log/ONAP/dcae-hv-ves-collector
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# directory where TLS certs should be stored
# if absent, no certs will be retrieved and stored
diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml
index 5d8c6d59eb..037dd0aec0 100644
--- a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml
@@ -21,6 +21,7 @@
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: true
#################################################################
# Filebeat Configuration Defaults.
@@ -53,8 +54,11 @@ image: onap/org.onap.dcaegen2.services.components.kpi-ms:1.0.1
pullPolicy: Always
# Log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-logDirectory: /var/log/ONAP/dcaegen2/services/kpims
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: /var/log/ONAP/dcaegen2/services/kpims
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# Directory where TLS certs should be stored
# if absent, no certs will be retrieved and stored
diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml
index caae1c319e..39c4a8ed50 100644
--- a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml
@@ -21,6 +21,7 @@
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: true
#################################################################
# Filebeat Configuration Defaults.
@@ -58,8 +59,11 @@ image: onap/org.onap.dcaegen2.services.pm-mapper:1.7.2
pullPolicy: Always
# Log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-logDirectory: /var/log/ONAP/dcaegen2/services/pm-mapper
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: /var/log/ONAP/dcaegen2/services/pm-mapper
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# Directory where TLS certs should be stored
# if absent, no certs will be retrieved and stored
diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml
index b9005f01b8..4bdd2b8088 100644
--- a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml
@@ -21,6 +21,7 @@
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: true
#################################################################
# Filebeat Configuration Defaults.
@@ -60,8 +61,11 @@ image: onap/org.onap.dcaegen2.services.pmsh:1.3.2
pullPolicy: Always
# Log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-logDirectory: /var/log/ONAP/dcaegen2/services/pmsh
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: /var/log/ONAP/dcaegen2/services/pmsh
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# Directory where TLS certs should be stored
# if absent, no certs will be retrieved and stored
diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml
index a7f62912b1..a4ed6994f7 100644
--- a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml
@@ -21,6 +21,7 @@
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: true
#################################################################
# Filebeat configuration defaults.
@@ -43,8 +44,11 @@ image: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.7.1
pullPolicy: Always
# log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-logDirectory: /opt/app/prh/logs
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: /opt/app/prh/logs
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# directory where TLS certs should be stored
# if absent, no certs will be retrieved and stored
diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml
index 66c781cb3b..543b79b9c0 100644
--- a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml
@@ -1,6 +1,6 @@
# ================================ LICENSE_START =============================
# ============================================================================
-# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2021-2022 AT&T Intellectual Property. All rights reserved.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -21,6 +21,7 @@
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: false
#################################################################
# Filebeat Configuration Defaults.
@@ -50,12 +51,15 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.
# Application Configuration Defaults.
#################################################################
# Application Image
-image: onap/org.onap.dcaegen2.collectors.restconfcollector:1.2.5
+image: onap/org.onap.dcaegen2.collectors.restconfcollector:1.2.7
pullPolicy: Always
# Log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-# logDirectory: /opt/app/restconfcollector/logs
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: null # /opt/app/restconfcollector/logs
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# Directory where TLS certs should be stored
# if absent, no certs will be retrieved and stored
diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml
index 3300306668..6cebca6412 100644
--- a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml
@@ -21,6 +21,7 @@
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: true
#################################################################
# Filebeat Configuration Defaults.
@@ -59,8 +60,11 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.
image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.0.6
# Log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-logDirectory: /var/log/ONAP/dcaegen2/services/sliceanalysisms
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: /var/log/ONAP/dcaegen2/services/sliceanalysisms
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# Directory where TLS certs should be stored
# if absent, no certs will be retrieved and stored
diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml
index 266da24f7a..e2501729ec 100644
--- a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml
@@ -21,6 +21,7 @@
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: true
#################################################################
# Filebeat Configuration Defaults.
@@ -44,8 +45,11 @@ image: onap/org.onap.dcaegen2.collectors.snmptrap:2.0.5
pullPolicy: Always
# Log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-logDirectory: /opt/app/snmptrap/logs
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: /opt/app/snmptrap/logs
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# TLS role -- set to true if microservice acts as server
diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
index 54dcda831e..94c4d880dd 100644
--- a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
@@ -21,6 +21,7 @@
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: true
#################################################################
# Filebeat Configuration Defaults.
@@ -65,8 +66,11 @@ image: onap/org.onap.dcaegen2.services.son-handler:2.1.5
pullPolicy: Always
# Log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-logDirectory: /var/log/ONAP/dcaegen2/services/sonhms
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: /var/log/ONAP/dcaegen2/services/sonhms
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# Directory where TLS certs should be stored
# if absent, no certs will be retrieved and stored
diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
index 2ba8edbc68..a65fa7c347 100644
--- a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
@@ -22,6 +22,7 @@
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: true
#################################################################
# Filebeat configuration defaults.
@@ -45,8 +46,11 @@ image: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.3.1
pullPolicy: Always
# log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-logDirectory: /opt/logs/dcae-analytics-tca
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: /opt/logs/dcae-analytics-tca
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# directory where TLS certs should be stored
# if absent, no certs will be retrieved and stored
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
index 31007f2dde..508cea4766 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
@@ -2,6 +2,7 @@
# ================================================================================
# Copyright (c) 2021 J. F. Lucas. All rights reserved.
# Copyright (c) 2021 Nokia. All rights reserved.
+# Copyright (c) 2022 AT&T Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -22,6 +23,7 @@
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: true
#################################################################
# Filebeat configuration defaults.
@@ -35,18 +37,21 @@ filebeatConfig:
#################################################################
tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1
-certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.4.0
+certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.5.0
#################################################################
# Application configuration defaults.
#################################################################
# application image
-image: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.10.1
+image: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.10.3
pullPolicy: Always
# log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-logDirectory: /opt/app/VESCollector/logs
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: /opt/app/VESCollector/logs
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# directory where TLS certs should be stored
# if absent, no certs will be retrieved and stored
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml
index 93214d3057..d11f167acf 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml
@@ -1,6 +1,6 @@
# ================================ LICENSE_START =============================
# ============================================================================
-# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2021-2022 AT&T Intellectual Property. All rights reserved.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -21,6 +21,7 @@
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: true
#################################################################
# Filebeat Configuration Defaults.
@@ -39,12 +40,15 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.
# Application Configuration Defaults.
#################################################################
# Application Image
-image: onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor:1.3.0
+image: onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor:1.3.2
pullPolicy: Always
# Log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-logDirectory: /opt/app/VESAdapter/logs
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: /opt/app/VESAdapter/logs
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# Directory where TLS certs should be stored
# if absent, no certs will be retrieved and stored
diff --git a/kubernetes/dcaegen2/components/dcae-ves-openapi-manager/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/Chart.yaml
index 3065b57a85..3065b57a85 100644
--- a/kubernetes/dcaegen2/components/dcae-ves-openapi-manager/Chart.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/Chart.yaml
diff --git a/kubernetes/dcaegen2/components/dcae-ves-openapi-manager/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/deployment.yaml
index 1c6e3593ac..1c6e3593ac 100644
--- a/kubernetes/dcaegen2/components/dcae-ves-openapi-manager/templates/deployment.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/deployment.yaml
diff --git a/kubernetes/dcaegen2/components/dcae-ves-openapi-manager/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml
index 873579ee97..873579ee97 100644
--- a/kubernetes/dcaegen2/components/dcae-ves-openapi-manager/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_filebeat-config.tpl b/kubernetes/dcaegen2-services/resources/config/log/filebeat/filebeat.yml
index a402517068..af62dc30ca 100644
--- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_filebeat-config.tpl
+++ b/kubernetes/dcaegen2-services/resources/config/log/filebeat/filebeat.yml
@@ -27,7 +27,6 @@ running alongside a DCAE microservice pod.
See dcaegen2-services-common.configMap for more information.
*/}}
-{{- define "dcaegen2-services-common.filebeatConfiguration" -}}
filebeat.prospectors:
#it is mandatory, in our case it's log
- input_type: log
@@ -83,4 +82,3 @@ logging:
path: /usr/share/filebeat/logs
name: mybeat.log
keepfiles: 7
-{{- end -}} \ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/resources/expected-components.json b/kubernetes/dcaegen2-services/resources/expected-components.json
index f654ac8dc3..7c4c3fba4c 100644
--- a/kubernetes/dcaegen2-services/resources/expected-components.json
+++ b/kubernetes/dcaegen2-services/resources/expected-components.json
@@ -40,7 +40,7 @@
*/}}
{{- $ctx := . -}}
-{{- $components := list "dcae-hv-ves-collector" "dcae-prh" "dcae-tcagen2" "dcae-ves-collector" -}}
+{{- $components := list "dcae-hv-ves-collector" "dcae-prh" "dcae-tcagen2" "dcae-ves-collector" "dcae-ves-openapi-manager" -}}
{{- $enabled := dict "enabled" list -}}
{{- range $components -}}
{{- if index $ctx.Values . "enabled" -}}
diff --git a/kubernetes/dcaegen2-services/templates/configmap.yaml b/kubernetes/dcaegen2-services/templates/configmap.yaml
index 798f2a7939..52eb39fbf8 100644
--- a/kubernetes/dcaegen2-services/templates/configmap.yaml
+++ b/kubernetes/dcaegen2-services/templates/configmap.yaml
@@ -40,4 +40,6 @@ metadata:
name: {{ include "common.release" . }}-dcae-external-repo-configmap-sa88-rel16
namespace: {{ include "common.namespace" . }}
data:
-{{ (.Files.Glob "resources/external/schemas/sa88-rel16/*").AsConfig | indent 2 }} \ No newline at end of file
+{{ (.Files.Glob "resources/external/schemas/sa88-rel16/*").AsConfig | indent 2 }}
+---
+{{ include "common.log.configMap" . }}
diff --git a/kubernetes/dcaegen2-services/values.yaml b/kubernetes/dcaegen2-services/values.yaml
index eb0b9cc34d..5334caced0 100644
--- a/kubernetes/dcaegen2-services/values.yaml
+++ b/kubernetes/dcaegen2-services/values.yaml
@@ -14,43 +14,74 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-# Control deployment of DCAE microservices at ONAP installation time
+global:
+ centralizedLoggingEnabled: true
+
+#################################################################
+# Filebeat Configuration Defaults.
+#
+#################################################################
+filebeatConfig:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+# Control deployment of DCAE microservices at ONAP installation time
+dcae-ves-openapi-manager:
+ enabled: true
dcae-bbs-eventprocessor-ms:
enabled: false
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-datafile-collector:
enabled: false
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-datalake-admin-ui:
enabled: false
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-datalake-des:
enabled: false
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-datalake-feeder:
enabled: false
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-heartbeat:
enabled: false
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-hv-ves-collector:
enabled: true
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-kpi-ms:
enabled: false
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-ms-healthcheck:
enabled: true
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-pm-mapper:
enabled: false
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-pmsh:
enabled: false
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-prh:
enabled: true
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-restconf-collector:
enabled: false
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-slice-analysis-ms:
enabled: false
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-snmptrap-collector:
enabled: false
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-son-handler:
enabled: false
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-tcagen2:
enabled: true
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-ves-collector:
enabled: true
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-ves-mapper:
enabled: false
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
diff --git a/kubernetes/dcaegen2/Chart.yaml b/kubernetes/dcaegen2/Chart.yaml
index a14f9eef86..eb69410121 100644
--- a/kubernetes/dcaegen2/Chart.yaml
+++ b/kubernetes/dcaegen2/Chart.yaml
@@ -59,7 +59,4 @@ dependencies:
version: ~10.x-0
repository: 'file://components/dcae-dashboard'
condition: dcae-dashboard.enabled
- - name: dcae-ves-openapi-manager
- version: ~10.x-0
- repository: 'file://components/dcae-ves-openapi-manager'
- condition: dcae-ves-openapi-manager.enabled
+
diff --git a/kubernetes/dcaegen2/resources/expected-components.json b/kubernetes/dcaegen2/resources/expected-components.json
index 50c31845e1..43125d6195 100644
--- a/kubernetes/dcaegen2/resources/expected-components.json
+++ b/kubernetes/dcaegen2/resources/expected-components.json
@@ -40,7 +40,7 @@
*/}}
{{- $ctx := . -}}
-{{- $components := list "dcae-cloudify-manager" "dcae-config-binding-service" "dcae-dashboard" "dcae-deployment-handler" "dcae-inventory-api" "dcae-policy-handler" "dcae-servicechange-handler" "dcae-ves-openapi-manager" -}}
+{{- $components := list "dcae-cloudify-manager" "dcae-config-binding-service" "dcae-dashboard" "dcae-deployment-handler" "dcae-inventory-api" "dcae-policy-handler" "dcae-servicechange-handler" -}}
{{- $enabled := dict "enabled" list -}}
{{- range $components -}}
{{- if index $ctx.Values . "enabled" -}}
diff --git a/kubernetes/dcaegen2/values.yaml b/kubernetes/dcaegen2/values.yaml
index 7ce58ba88b..2c276a7827 100644
--- a/kubernetes/dcaegen2/values.yaml
+++ b/kubernetes/dcaegen2/values.yaml
@@ -67,5 +67,4 @@ dcae-policy-handler:
cloudifyManagerPasswordExternalSecret: *cmPassSecretName
dcae-servicechange-handler:
enabled: false
-dcae-ves-openapi-manager:
- enabled: true
+
diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml
index 27b79fd7d1..455996b063 100644
--- a/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml
+++ b/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml
@@ -15,7 +15,7 @@
# limitations under the License.
apiVersion: v2
-appVersion: "1.0"
+appVersion: "2.0"
description: Holmes Engine Management
name: holmes-engine-mgmt
version: 10.0.0
diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/templates/deployment.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/templates/deployment.yaml
index b625f6d72e..aef0c8c22a 100644
--- a/kubernetes/holmes/components/holmes-engine-mgmt/templates/deployment.yaml
+++ b/kubernetes/holmes/components/holmes-engine-mgmt/templates/deployment.yaml
@@ -20,6 +20,13 @@
apiVersion: apps/v1
kind: Deployment
metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+{{- $sum := "" }}
+{{- range $path, $bytes := .Files.Glob "resources/config/*.json"}}
+{{- $sum = $.Files.Get $path | sha256sum | print $sum }}
+{{- end }}
+ annotations:
+ checksum/config: {{ $sum | sha256sum }}
+
spec:
replicas: 1
selector: {{- include "common.selectors" . | nindent 4 }}
@@ -27,19 +34,6 @@ spec:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers: {{- include "common.certInitializer.initContainer" . | nindent 6 }}
- - name: init-consul
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.consulLoaderImage }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- env:
- - name: CONSUL_HOST
- value: {{ .Values.consulHost | default "consul-server-ui" }}.{{ include "common.namespace" . }}
- args:
- - --key
- - holmes-engine-mgmt|/hemconfig/cfy.json
- resources: {}
- volumeMounts:
- - mountPath: /hemconfig
- name: {{ include "common.fullname" . }}-config
- name: {{ include "common.name" . }}-env-config
image: {{ include "repositoryGenerator.image.envsubst" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
@@ -73,6 +67,8 @@ spec:
volumeMounts: {{- include "common.certInitializer.volumeMount" . | nindent 8 }}
- name: {{ include "common.fullname" . }}-env-config
mountPath: /opt/hemconfig
+ - name: {{ include "common.fullname" . }}-config
+ mountPath: /opt/hemtopics
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml
index 1bdf35da21..d9dfa2d96e 100644
--- a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml
+++ b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml
@@ -25,7 +25,7 @@ global:
# Application configuration defaults.
#################################################################
# application image
-image: onap/holmes/engine-management:9.0.0
+image: onap/holmes/engine-management:10.0.0
consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
#################################################################
diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml
index d224e94cb9..97d7fe3eea 100644
--- a/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml
+++ b/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml
@@ -15,7 +15,7 @@
# limitations under the License.
apiVersion: v2
-appVersion: "1.0"
+appVersion: "2.0"
description: Holmes Rule Management
name: holmes-rule-mgmt
version: 10.0.0
diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/cfy.json b/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/cfy.json
deleted file mode 100644
index 8710f81d1b..0000000000
--- a/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/cfy.json
+++ /dev/null
@@ -1,6 +0,0 @@
-{
- "holmes.default.rule.volte.scenario1": "ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b$$$package org.onap.holmes.droolsRule;\n\nimport org.onap.holmes.common.dmaap.DmaapService;\nimport org.onap.holmes.common.api.stat.VesAlarm;\nimport org.onap.holmes.common.aai.CorrelationUtil;\nimport org.onap.holmes.common.dmaap.entity.PolicyMsg;\nimport org.onap.holmes.common.dropwizard.ioc.utils.ServiceLocatorHolder;\nimport org.onap.holmes.common.utils.DroolsLog;\n \n\nrule \"Relation_analysis_Rule\"\nsalience 200\nno-loop true\n when\n $root : VesAlarm(alarmIsCleared == 0,\n $sourceId: sourceId, sourceId != null && !sourceId.equals(\"\"),\n\t\t\t$sourceName: sourceName, sourceName != null && !sourceName.equals(\"\"),\n\t\t\t$startEpochMicrosec: startEpochMicrosec,\n eventName in (\"Fault_MultiCloud_VMFailure\"),\n $eventId: eventId)\n $child : VesAlarm( eventId != $eventId, parentId == null,\n CorrelationUtil.getInstance().isTopologicallyRelated(sourceId, $sourceId, $sourceName),\n eventName in (\"Fault_MME_eNodeB out of service alarm\"),\n startEpochMicrosec < $startEpochMicrosec + 60000 && startEpochMicrosec > $startEpochMicrosec - 60000 )\n then\n\t\tDroolsLog.printInfo(\"===========================================================\");\n\t\tDroolsLog.printInfo(\"Relation_analysis_Rule: rootId=\" + $root.getEventId() + \", childId=\" + $child.getEventId());\n\t\t$child.setParentId($root.getEventId());\n\t\tupdate($child);\n\t\t\nend\n\nrule \"root_has_child_handle_Rule\"\nsalience 150\nno-loop true\n\twhen\n\t\t$root : VesAlarm(alarmIsCleared == 0, rootFlag == 0, $eventId: eventId)\n\t\t$child : VesAlarm(eventId != $eventId, parentId == $eventId)\n\tthen\n\t\tDroolsLog.printInfo(\"===========================================================\");\n\t\tDroolsLog.printInfo(\"root_has_child_handle_Rule: rootId=\" + $root.getEventId() + \", childId=\" + $child.getEventId());\n\t\tDmaapService dmaapService = ServiceLocatorHolder.getLocator().getService(DmaapService.class);\n\t\tPolicyMsg policyMsg = dmaapService.getPolicyMsg($root, $child, \"org.onap.holmes.droolsRule\");\n dmaapService.publishPolicyMsg(policyMsg, \"dcae_cl_out\");\n\t\t$root.setRootFlag(1);\n\t\tupdate($root);\nend\n\nrule \"root_no_child_handle_Rule\"\nsalience 100\nno-loop true\n when\n $root : VesAlarm(alarmIsCleared == 0, rootFlag == 0,\n sourceId != null && !sourceId.equals(\"\"),\n\t\t\tsourceName != null && !sourceName.equals(\"\"),\n eventName in (\"Fault_MultiCloud_VMFailure\"))\n then\n\t\tDroolsLog.printInfo(\"===========================================================\");\n\t\tDroolsLog.printInfo(\"root_no_child_handle_Rule: rootId=\" + $root.getEventId());\n\t\tDmaapService dmaapService = ServiceLocatorHolder.getLocator().getService(DmaapService.class);\n\t\tPolicyMsg policyMsg = dmaapService.getPolicyMsg($root, null, \"org.onap.holmes.droolsRule\");\n dmaapService.publishPolicyMsg(policyMsg, \"dcae_cl_out\");\n\t\t$root.setRootFlag(1);\n\t\tupdate($root);\nend\n\nrule \"root_cleared_handle_Rule\"\nsalience 100\nno-loop true\n when\n $root : VesAlarm(alarmIsCleared == 1, rootFlag == 1)\n then\n\t\tDroolsLog.printInfo(\"===========================================================\");\n\t\tDroolsLog.printInfo(\"root_cleared_handle_Rule: rootId=\" + $root.getEventId());\n\t\tDmaapService dmaapService = ServiceLocatorHolder.getLocator().getService(DmaapService.class);\n\t\tPolicyMsg policyMsg = dmaapService.getPolicyMsg($root, null, \"org.onap.holmes.droolsRule\");\n dmaapService.publishPolicyMsg(policyMsg, \"dcae_cl_out\");\n\t\tretract($root);\nend\n\nrule \"child_handle_Rule\"\nsalience 100\nno-loop true\n when\n $child : VesAlarm(alarmIsCleared == 1, rootFlag == 0)\n then\n\t\tDroolsLog.printInfo(\"===========================================================\");\n\t\tDroolsLog.printInfo(\"child_handle_Rule: childId=\" + $child.getEventId());\n\t\tretract($child);\nend",
- "services_calls": {},
- "streams_publishes": {},
- "streams_subscribes": {}
-}
diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/resources/rules/ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b.drl b/kubernetes/holmes/components/holmes-rule-mgmt/resources/rules/ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b.drl
new file mode 100644
index 0000000000..494333c2a8
--- /dev/null
+++ b/kubernetes/holmes/components/holmes-rule-mgmt/resources/rules/ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b.drl
@@ -0,0 +1,88 @@
+package org.onap.holmes.droolsRule;
+
+import org.onap.holmes.common.dmaap.DmaapService;
+import org.onap.holmes.common.api.stat.VesAlarm;
+import org.onap.holmes.common.aai.CorrelationUtil;
+import org.onap.holmes.common.dmaap.entity.PolicyMsg;
+import org.onap.holmes.common.dropwizard.ioc.utils.ServiceLocatorHolder;
+import org.onap.holmes.common.utils.DroolsLog;
+
+rule "Relation_analysis_Rule"
+salience 200
+no-loop true
+ when
+ $root : VesAlarm(alarmIsCleared == 0,
+ $sourceId: sourceId, sourceId != null && !sourceId.equals(""),
+ $sourceName: sourceName, sourceName != null && !sourceName.equals(""),
+ $startEpochMicrosec: startEpochMicrosec,
+ eventName in ("Fault_MultiCloud_VMFailure"),
+ $eventId: eventId)
+ $child : VesAlarm( eventId != $eventId, parentId == null,
+ CorrelationUtil.getInstance().isTopologicallyRelated(sourceId, $sourceId, $sourceName),
+ eventName in ("Fault_MME_eNodeB out of service alarm"),
+ startEpochMicrosec < $startEpochMicrosec + 60000 && startEpochMicrosec > $startEpochMicrosec - 60000 )
+ then
+ DroolsLog.printInfo("===========================================================");
+ DroolsLog.printInfo("Relation_analysis_Rule: rootId=" + $root.getEventId() + ", childId=" + $child.getEventId());
+ $child.setParentId($root.getEventId());
+ update($child);
+end
+
+rule "root_has_child_handle_Rule"
+salience 150
+no-loop true
+ when
+ $root : VesAlarm(alarmIsCleared == 0, rootFlag == 0, $eventId: eventId)
+ $child : VesAlarm(eventId != $eventId, parentId == $eventId)
+ then
+ DroolsLog.printInfo("===========================================================");
+ DroolsLog.printInfo("root_has_child_handle_Rule: rootId=" + $root.getEventId() + ", childId=" + $child.getEventId());
+ DmaapService dmaapService = ServiceLocatorHolder.getLocator().getService(DmaapService.class);
+ PolicyMsg policyMsg = dmaapService.getPolicyMsg($root, $child, "org.onap.holmes.droolsRule");
+ dmaapService.publishPolicyMsg(policyMsg, "dcae_cl_out");
+ $root.setRootFlag(1);
+ update($root);
+end
+
+rule "root_no_child_handle_Rule"
+salience 100
+no-loop true
+ when
+ $root : VesAlarm(alarmIsCleared == 0, rootFlag == 0,
+ sourceId != null && !sourceId.equals(""),
+ sourceName != null && !sourceName.equals(""),
+ eventName in ("Fault_MultiCloud_VMFailure"))
+ then
+ DroolsLog.printInfo("===========================================================");
+ DroolsLog.printInfo("root_no_child_handle_Rule: rootId=" + $root.getEventId());
+ DmaapService dmaapService = ServiceLocatorHolder.getLocator().getService(DmaapService.class);
+ PolicyMsg policyMsg = dmaapService.getPolicyMsg($root, null, "org.onap.holmes.droolsRule");
+ dmaapService.publishPolicyMsg(policyMsg, "dcae_cl_out");
+ $root.setRootFlag(1);
+ update($root);
+end
+
+rule "root_cleared_handle_Rule"
+salience 100
+no-loop true
+ when
+ $root : VesAlarm(alarmIsCleared == 1, rootFlag == 1)
+ then
+ DroolsLog.printInfo("===========================================================");
+ DroolsLog.printInfo("root_cleared_handle_Rule: rootId=" + $root.getEventId());
+ DmaapService dmaapService = ServiceLocatorHolder.getLocator().getService(DmaapService.class);
+ PolicyMsg policyMsg = dmaapService.getPolicyMsg($root, null, "org.onap.holmes.droolsRule");
+ dmaapService.publishPolicyMsg(policyMsg, "dcae_cl_out");
+ retract($root);
+end
+
+rule "child_handle_Rule"
+salience 100
+no-loop true
+ when
+ $child : VesAlarm(alarmIsCleared == 1, rootFlag == 0)
+ then
+ DroolsLog.printInfo("===========================================================");
+ DroolsLog.printInfo("child_handle_Rule: childId=" + $child.getEventId());
+ retract($child);
+end
diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/resources/rules/index.json b/kubernetes/holmes/components/holmes-rule-mgmt/resources/rules/index.json
new file mode 100644
index 0000000000..70f9dd09db
--- /dev/null
+++ b/kubernetes/holmes/components/holmes-rule-mgmt/resources/rules/index.json
@@ -0,0 +1,6 @@
+[
+ {
+ "closedControlLoopName": "ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b",
+ "file": "ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b.drl"
+ }
+]
diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/templates/configmap.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/templates/configmap.yaml
index 76b339faea..3d54264723 100644
--- a/kubernetes/holmes/components/holmes-rule-mgmt/templates/configmap.yaml
+++ b/kubernetes/holmes/components/holmes-rule-mgmt/templates/configmap.yaml
@@ -17,5 +17,12 @@
apiVersion: v1
kind: ConfigMap
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+metadata:
+ name: {{ include "common.fullname" . }}-general-config
data: {{ tpl (.Files.Glob "resources/config/*").AsConfig . | nindent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rule-config
+data: {{ tpl (.Files.Glob "resources/rules/*").AsConfig . | nindent 2 }}
diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/templates/deployment.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/templates/deployment.yaml
index 19ccbc0cdc..f3e9ce5dde 100644
--- a/kubernetes/holmes/components/holmes-rule-mgmt/templates/deployment.yaml
+++ b/kubernetes/holmes/components/holmes-rule-mgmt/templates/deployment.yaml
@@ -20,6 +20,12 @@
apiVersion: apps/v1
kind: Deployment
metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+{{- $sum := "" }}
+{{- range $path, $bytes := .Files.Glob "resources/rules/*"}}
+{{- $sum = $.Files.Get $path | sha256sum | print $sum }}
+{{- end }}
+ annotations:
+ checksum/rules: {{ $sum | sha256sum }}
spec:
replicas: 1
selector: {{- include "common.selectors" . | nindent 4 }}
@@ -27,19 +33,6 @@ spec:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers: {{- include "common.certInitializer.initContainer" . | nindent 6 }}
- - name: init-consul
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.consulLoaderImage }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- env:
- - name: CONSUL_HOST
- value: {{ .Values.consulHost | default "consul-server-ui" }}.{{ include "common.namespace" . }}
- args:
- - --key
- - holmes-rule-mgmt|/hrmconfigs/cfy.json
- resources: {}
- volumeMounts:
- - mountPath: /hrmconfigs
- name: {{ include "common.fullname" . }}-config
- name: {{ include "common.name" . }}-env-config
image: {{ include "repositoryGenerator.image.envsubst" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
@@ -61,7 +54,7 @@ spec:
value: "{{ .Values.config.pgConfig.dbPort }}"
volumeMounts:
- mountPath: /hrmconfig
- name: {{ include "common.fullname" . }}-config
+ name: {{ include "common.fullname" . }}-general-config
- mountPath: /config
name: {{ include "common.fullname" . }}-env-config
containers:
@@ -72,6 +65,8 @@ spec:
volumeMounts: {{- include "common.certInitializer.volumeMount" . | nindent 8 }}
- name: {{ include "common.fullname" . }}-env-config
mountPath: /opt/hrmconfig
+ - name: {{ include "common.fullname" . }}-rule-config
+ mountPath: /opt/hrmrules
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
@@ -119,10 +114,14 @@ spec:
value: "{{ .Values.config.pgConfig.dbPort }}"
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- - name: {{ include "common.fullname" . }}-config
+ - name: {{ include "common.fullname" . }}-general-config
+ configMap:
+ defaultMode: 422
+ name: {{ include "common.fullname" . }}-general-config
+ - name: {{ include "common.fullname" . }}-rule-config
configMap:
defaultMode: 422
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}-rule-config
- name: {{ include "common.fullname" . }}-env-config
emptyDir:
medium: Memory
diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml
index 06248824b4..d26e88d193 100644
--- a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml
+++ b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml
@@ -25,7 +25,7 @@ global:
# Application configuration defaults.
#################################################################
# application image
-image: onap/holmes/rule-management:9.0.1
+image: onap/holmes/rule-management:10.0.0
consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
#################################################################
@@ -120,17 +120,17 @@ resources:
small:
limits:
cpu: 250m
- memory: 256Mi
+ memory: 1024Mi
requests:
cpu: 250m
- memory: 1024Mi
+ memory: 256Mi
large:
limits:
cpu: 500m
- memory: 512Mi
+ memory: 2Gi
requests:
cpu: 500m
- memory: 2Gi
+ memory: 512Mi
unlimited: {}
#Pods Service Account
diff --git a/kubernetes/multicloud/components/multicloud-k8s/values.yaml b/kubernetes/multicloud/components/multicloud-k8s/values.yaml
index 1c7c8fa489..bf9dbf55d4 100644
--- a/kubernetes/multicloud/components/multicloud-k8s/values.yaml
+++ b/kubernetes/multicloud/components/multicloud-k8s/values.yaml
@@ -18,7 +18,7 @@
global:
nodePortPrefixExt: 304
persistence: {}
- artifactImage: onap/multicloud/framework-artifactbroker:1.7.1
+ artifactImage: onap/multicloud/framework-artifactbroker:1.7.2
#################################################################
# Application configuration defaults.
diff --git a/kubernetes/multicloud/components/multicloud-starlingx/values.yaml b/kubernetes/multicloud/components/multicloud-starlingx/values.yaml
index f18a090dba..b3387c6c3a 100644
--- a/kubernetes/multicloud/components/multicloud-starlingx/values.yaml
+++ b/kubernetes/multicloud/components/multicloud-starlingx/values.yaml
@@ -17,7 +17,7 @@
#################################################################
global:
nodePortPrefixExt: 304
- artifactImage: onap/multicloud/framework-artifactbroker:1.7.1
+ artifactImage: onap/multicloud/framework-artifactbroker:1.7.2
#################################################################
# Application configuration defaults.
diff --git a/kubernetes/multicloud/components/multicloud-windriver/values.yaml b/kubernetes/multicloud/components/multicloud-windriver/values.yaml
index 802659f2c0..ad50b4010f 100644
--- a/kubernetes/multicloud/components/multicloud-windriver/values.yaml
+++ b/kubernetes/multicloud/components/multicloud-windriver/values.yaml
@@ -18,7 +18,7 @@
#################################################################
global:
nodePortPrefix: 302
- artifactImage: onap/multicloud/framework-artifactbroker:1.7.1
+ artifactImage: onap/multicloud/framework-artifactbroker:1.7.2
persistence: {}
#################################################################
diff --git a/kubernetes/multicloud/values.yaml b/kubernetes/multicloud/values.yaml
index 4f946a70c7..c4c95a4d62 100644
--- a/kubernetes/multicloud/values.yaml
+++ b/kubernetes/multicloud/values.yaml
@@ -18,7 +18,7 @@
#################################################################
global:
nodePortPrefix: 302
- artifactImage: onap/multicloud/framework-artifactbroker:1.7.1
+ artifactImage: onap/multicloud/framework-artifactbroker:1.7.2
prometheus:
enabled: false
persistence: {}
diff --git a/kubernetes/onap/resources/overrides/sm-onap.yaml b/kubernetes/onap/resources/overrides/sm-onap.yaml
index 312fc4b65f..06ad5b7c9b 100644
--- a/kubernetes/onap/resources/overrides/sm-onap.yaml
+++ b/kubernetes/onap/resources/overrides/sm-onap.yaml
@@ -44,6 +44,11 @@
#######################
global:
aafEnabled: false
+ centralizedLoggingEnabled: false
+ serviceMesh:
+ enabled: true
+ tls: true
+ engine: "istio"
aai:
enabled: true
global:
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 3ae58a3390..08f404a70c 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -155,6 +155,8 @@ global:
serviceMesh:
enabled: false
tls: true
+ # be aware that linkerd is not well tested
+ engine: "istio" # valid value: istio or linkerd
# metrics part
# If enabled, exporters (for prometheus) will be deployed
diff --git a/kubernetes/platform/components/cmpv2-cert-provider/values.yaml b/kubernetes/platform/components/cmpv2-cert-provider/values.yaml
index 2237811465..f05fbe1a08 100644
--- a/kubernetes/platform/components/cmpv2-cert-provider/values.yaml
+++ b/kubernetes/platform/components/cmpv2-cert-provider/values.yaml
@@ -28,7 +28,7 @@ namespace: onap
# Deployment configuration
deployment:
name: oom-certservice-cmpv2issuer
- image: onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.4.0
+ image: onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.5.0
proxyImage: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.0
# fol local development use IfNotPresent
pullPolicy: Always
diff --git a/kubernetes/platform/components/oom-cert-service/values.yaml b/kubernetes/platform/components/oom-cert-service/values.yaml
index 6cabde79da..c74fe9b2c0 100644
--- a/kubernetes/platform/components/oom-cert-service/values.yaml
+++ b/kubernetes/platform/components/oom-cert-service/values.yaml
@@ -34,7 +34,7 @@ service:
# Deployment configuration
repository: "nexus3.onap.org:10001"
-image: onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.4.0
+image: onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.5.0
pullPolicy: Always
replicaCount: 1
diff --git a/kubernetes/policy/Chart.yaml b/kubernetes/policy/Chart.yaml
index 54e2103ce7..52c1b86f06 100755
--- a/kubernetes/policy/Chart.yaml
+++ b/kubernetes/policy/Chart.yaml
@@ -67,6 +67,14 @@ dependencies:
version: ~10.x-0
repository: 'file://components/policy-clamp-cl-k8s-ppnt'
condition: policy-clamp-cl-k8s-ppnt.enabled
+ - name: policy-clamp-cl-http-ppnt
+ version: ~10.x-0
+ repository: 'file://components/policy-clamp-cl-http-ppnt'
+ condition: policy-clamp-cl-http-ppnt.enabled
+ - name: policy-clamp-cl-pf-ppnt
+ version: ~10.x-0
+ repository: 'file://components/policy-clamp-cl-pf-ppnt'
+ condition: policy-clamp-cl-pf-ppnt.enabled
- name: policy-clamp-cl-runtime
version: ~10.x-0
repository: 'file://components/policy-clamp-cl-runtime'
diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml
index 3318a199f1..48e6802219 100755
--- a/kubernetes/policy/components/policy-apex-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml
@@ -49,7 +49,7 @@ secrets:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-apex-pdp:2.6.1
+image: onap/policy-apex-pdp:2.7.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml
index 43ec1d7e62..e037c64e15 100755
--- a/kubernetes/policy/components/policy-api/values.yaml
+++ b/kubernetes/policy/components/policy-api/values.yaml
@@ -78,7 +78,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-api:2.5.1
+image: onap/policy-api:2.6.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-clamp-be/values.yaml b/kubernetes/policy/components/policy-clamp-be/values.yaml
index 35011dea1d..85e97b9af3 100644
--- a/kubernetes/policy/components/policy-clamp-be/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-be/values.yaml
@@ -70,7 +70,7 @@ secrets:
flavor: small
# application image
-image: onap/policy-clamp-backend:6.1.3
+image: onap/policy-clamp-backend:6.2.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-clamp-cl-http-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-cl-http-ppnt/values.yaml
index 6ea647e388..44535c99e2 100644
--- a/kubernetes/policy/components/policy-clamp-cl-http-ppnt/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-cl-http-ppnt/values.yaml
@@ -65,7 +65,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-cl-http-ppnt:6.1.3
+image: onap/policy-clamp-cl-http-ppnt:6.2.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/values.yaml
index f98fce1137..701536a168 100644
--- a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/values.yaml
@@ -72,7 +72,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-cl-k8s-ppnt:6.1.3
+image: onap/policy-clamp-cl-k8s-ppnt:6.2.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-clamp-cl-pf-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-cl-pf-ppnt/values.yaml
index a831da8df4..ef8a7c0745 100644
--- a/kubernetes/policy/components/policy-clamp-cl-pf-ppnt/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-cl-pf-ppnt/values.yaml
@@ -77,7 +77,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-cl-pf-ppnt:6.1.3
+image: onap/policy-clamp-cl-pf-ppnt:6.2.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-clamp-cl-runtime/resources/config/clRuntimeParameters.yaml b/kubernetes/policy/components/policy-clamp-cl-runtime/resources/config/clRuntimeParameters.yaml
index 250e91213c..157db833b2 100644
--- a/kubernetes/policy/components/policy-clamp-cl-runtime/resources/config/clRuntimeParameters.yaml
+++ b/kubernetes/policy/components/policy-clamp-cl-runtime/resources/config/clRuntimeParameters.yaml
@@ -1,5 +1,5 @@
# ============LICENSE_START=======================================================
-# Copyright (C) 2021 Nordix Foundation. All rights reserved.
+# Copyright (C) 2021-2022 Nordix Foundation. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -24,6 +24,16 @@ spring:
http:
converters:
preferred-json-mapper: gson
+ datasource:
+ url: jdbc:mariadb://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort }}/controlloop
+ driverClassName: org.mariadb.jdbc.Driver
+ username: ${SQL_USER}
+ password: ${SQL_PASSWORD}
+ hikari:
+ connectionTimeout: 30000
+ idleTimeout: 600000
+ maxLifetime: 1800000
+ maximumPoolSize: 10
security:
enable-csrf: false
@@ -47,6 +57,7 @@ runtime:
updateParameters:
maxRetryCount: 3
maxWaitMs: 100000
+ databasePlatform: org.eclipse.persistence.platform.database.MySQLPlatform
databaseProviderParameters:
name: PolicyProviderParameterGroup
implementation: org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl
diff --git a/kubernetes/policy/components/policy-clamp-cl-runtime/values.yaml b/kubernetes/policy/components/policy-clamp-cl-runtime/values.yaml
index c0044e2cd1..59d7d313a8 100644
--- a/kubernetes/policy/components/policy-clamp-cl-runtime/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-cl-runtime/values.yaml
@@ -78,7 +78,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-cl-runtime:6.1.3
+image: onap/policy-clamp-cl-runtime:6.2.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-clamp-fe/values.yaml b/kubernetes/policy/components/policy-clamp-fe/values.yaml
index e5587411d5..80f40995d2 100644
--- a/kubernetes/policy/components/policy-clamp-fe/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-fe/values.yaml
@@ -60,7 +60,7 @@ subChartsOnly:
flavor: small
# application image
-image: onap/policy-clamp-frontend:6.1.3
+image: onap/policy-clamp-frontend:6.2.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml
index ef676bb2c4..42caed4163 100755
--- a/kubernetes/policy/components/policy-distribution/values.yaml
+++ b/kubernetes/policy/components/policy-distribution/values.yaml
@@ -67,7 +67,7 @@ global:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-distribution:2.6.1
+image: onap/policy-distribution:2.7.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml
index 4d7c0f2fac..411855e4b8 100755
--- a/kubernetes/policy/components/policy-drools-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml
@@ -35,7 +35,7 @@ secrets:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-pdpd-cl:1.9.1
+image: onap/policy-pdpd-cl:1.10.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-gui/values.yaml b/kubernetes/policy/components/policy-gui/values.yaml
index a1810d387c..6ee7715678 100644
--- a/kubernetes/policy/components/policy-gui/values.yaml
+++ b/kubernetes/policy/components/policy-gui/values.yaml
@@ -63,7 +63,7 @@ subChartsOnly:
flavor: small
# application image
-image: onap/policy-gui:2.1.1
+image: onap/policy-gui:2.2.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml
index e7db99e2c6..a31de712ef 100755
--- a/kubernetes/policy/components/policy-pap/values.yaml
+++ b/kubernetes/policy/components/policy-pap/values.yaml
@@ -92,7 +92,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-pap:2.5.1
+image: onap/policy-pap:2.6.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml
index 2007ab29c6..718c222307 100755
--- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml
@@ -83,7 +83,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-xacml-pdp:2.5.1
+image: onap/policy-xacml-pdp:2.6.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/templates/job.yaml b/kubernetes/policy/templates/job.yaml
index d781a634ae..d59b5fe770 100755
--- a/kubernetes/policy/templates/job.yaml
+++ b/kubernetes/policy/templates/job.yaml
@@ -73,7 +73,7 @@ spec:
{{ include "common.resources" . }}
containers:
- name: {{ include "common.release" . }}-policy-galera-db-migrator
- image: {{ .Values.repository }}/{{ .Values.dbmigrator.image }}
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.dbmigrator.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- mountPath: /dbcmd-config/db_migrator_policy_init.sh
diff --git a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
index 9076a1f9f9..c2d1c48fe8 100644
--- a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
+++ b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
@@ -143,13 +143,13 @@ GLOBAL_APPC_CDT_SERVER_PROTOCOL = "https"
GLOBAL_APPC_CDT_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "appc-cdt" "port" 18080) }}'
GLOBAL_APPC_CDT_USERNAME = "demo"
# sdc info - everything is from the private oam network (also called onap private network)
-GLOBAL_SDC_SERVER_PROTOCOL = "https"
-GLOBAL_SDC_FE_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdc-fe" "port" 9443) }}'
-GLOBAL_SDC_BE_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdc-be" "port" 8443) }}'
-GLOBAL_SDC_BE_ONBOARD_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdc-onboarding-be" "port" 8445) }}'
+GLOBAL_SDC_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}'
+GLOBAL_SDC_FE_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdc-fe" "port" ( ternary 9443 8181 (eq "true" (include "common.needTLS" . )))) }}'
+GLOBAL_SDC_BE_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdc-be" "port" ( ternary 8443 8080 (eq "true" (include "common.needTLS" . )))) }}'
+GLOBAL_SDC_BE_ONBOARD_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdc-onboarding-be" "port" ( ternary 8445 8081 (eq "true" (include "common.needTLS" . )))) }}'
GLOBAL_SDC_DCAE_BE_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdc-dcae-be" "port" 8444) }}'
-GLOBAL_SDC_USERNAME = "beep"
-GLOBAL_SDC_PASSWORD = "boop"
+GLOBAL_SDC_USERNAME = '{{ .Values.sdcUsername }}'
+GLOBAL_SDC_PASSWORD = '{{ .Values.sdcPassword }}'
GLOBAL_SDC_AUTHENTICATION = [GLOBAL_SDC_USERNAME, GLOBAL_SDC_PASSWORD]
# clamp info - everything is from the private oam network (also called onap private network)
GLOBAL_CLAMP_SERVER_PROTOCOL = "https"
@@ -377,3 +377,9 @@ GLOBAL_CCSDK_CDS_USERNAME = 'ccsdkapps'
GLOBAL_CCSDK_CDS_PASSWORD = 'ccsdkapps'
GLOBAL_CCSDK_CDS_AUTHENTICATION = [GLOBAL_CCSDK_CDS_USERNAME, GLOBAL_CCSDK_CDS_PASSWORD]
GLOBAL_CDS_AUTH = "Y2NzZGthcHBzOmNjc2RrYXBwcw=="
+
+#cps info - everything is from the private oam network (also called onap private network)
+GLOBAL_INJECTED_CPS_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "cps") }}'
+GLOBAL_CPS_SERVER_PROTOCOL = "http"
+GLOBAL_CPS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "cps" "port" 8080) }}'
+GLOBAL_CPS_HEALTH_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "cps" "port" 8081) }}'
diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml
index 89d83c85a3..b057fc7304 100644
--- a/kubernetes/robot/values.yaml
+++ b/kubernetes/robot/values.yaml
@@ -322,6 +322,9 @@ aaiPassword: "demo123456!"
# APPC
appcUsername: "appc@appc.onap.org"
appcPassword: "demo123456!"
+# SDC
+sdcUsername: "beep"
+sdcPassword: "boop"
# DCAE
dcaeUsername: "dcae@dcae.onap.org"
dcaePassword: "demo123456!"
diff --git a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml
index 5a5fcd6f75..24f169a5b9 100644
--- a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml
@@ -98,9 +98,9 @@ spec:
cpu: 3m
memory: 20Mi
volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
- - name: {{ include "common.fullname" . }}-environments
+ - name: sdc-environments-input
mountPath: /config-input/
- - name: sdc-environments-output
+ - name: sdc-environments
mountPath: /config-output/
{{- end }}
containers:
@@ -160,20 +160,22 @@ spec:
fieldRef:
fieldPath: status.podIP
volumeMounts:
- - name: sdc-environments-output
+ - name: sdc-environments
mountPath: /app/jetty/chef-solo/environments/
- - name: sdc-environments-output
+ {{- if .Values.global.aafEnabled }}
+ - name: sdc-environments
mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.p12
subPath: org.onap.sdc.p12
- - name: sdc-environments-output
+ - name: sdc-environments
mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.trust.jks
subPath: org.onap.sdc.trust.jks
- - name: {{ include "common.fullname" . }}-localtime
+ {{- end }}
+ - name: localtime
mountPath: /etc/localtime
readOnly: true
- name: logs
mountPath: /var/log/onap
- - name: {{ include "common.fullname" . }}-logback
+ - name: logback
mountPath: /tmp/logback.xml
subPath: logback.xml
lifecycle:
@@ -184,19 +186,21 @@ spec:
{{ include "common.log.sidecar" . | nindent 8 }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- - name: {{ include "common.fullname" . }}-localtime
+ - name: localtime
hostPath:
path: /etc/localtime
{{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 6 }}
- - name: {{ include "common.fullname" . }}-logback
+ - name: logback
configMap:
name : {{ include "common.fullname" . }}-logging-configmap
- - name: {{ include "common.fullname" . }}-environments
+ - name: sdc-environments
+ {{- if .Values.global.aafEnabled }}
+ emptyDir: { medium: "Memory" }
+ - name: sdc-environments-input
+ {{- end }}
configMap:
name: {{ include "common.release" . }}-sdc-environments-configmap
defaultMode: 0755
- - name: sdc-environments-output
- emptyDir: { medium: "Memory" }
- name: logs
emptyDir: {}
imagePullSecrets:
diff --git a/kubernetes/sdc/components/sdc-be/templates/job.yaml b/kubernetes/sdc/components/sdc-be/templates/job.yaml
index aaf8fada28..5f70991e6f 100644
--- a/kubernetes/sdc/components/sdc-be/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-be/templates/job.yaml
@@ -79,6 +79,7 @@ spec:
requests:
cpu: 200m
memory: 200Mi
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
volumes:
- name: {{ include "common.fullname" . }}-environments
configMap:
diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml
index 0449648b27..0ae39bf436 100644
--- a/kubernetes/sdc/components/sdc-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-be/values.yaml
@@ -19,7 +19,7 @@
global:
nodePortPrefix: 302
aafEnabled: true
- cassandra:
+ sdc_cassandra:
#This flag allows SDC to instantiate its own cluster, serviceName
#should be sdc-cs if this flag is enabled
localCluster: false
@@ -85,7 +85,7 @@ affinity: {}
liveness:
initialDelaySeconds: 1
periodSeconds: 10
- timeoutSeconds: 5
+ timeoutSeconds: 180
successThreshold: 1
failureThreshold: 3
# necessary to disable liveness probe when setting breakpoints
@@ -95,14 +95,14 @@ liveness:
readiness:
initialDelaySeconds: 1
periodSeconds: 10
- timeoutSeconds: 5
+ timeoutSeconds: 180
successThreshold: 1
failureThreshold: 3
startup:
initialDelaySeconds: 10
periodSeconds: 10
- timeoutSeconds: 5
+ timeoutSeconds: 180
successThreshold: 1
failureThreshold: 60
@@ -126,7 +126,7 @@ service:
visualRange: "1"
serviceName: sdc-deprecated
ports:
- - name: api
+ - name: tcp-api
port: 8443
plain_port: 8080
port_protocol: http
@@ -168,6 +168,10 @@ serviceAccount:
roles:
- read
+wait_for_job_container:
+ containers:
+ - '{{ include "common.name" . }}-job'
+
#Log configuration
log:
path: /var/log/onap
diff --git a/kubernetes/sdc/components/sdc-cs/Chart.yaml b/kubernetes/sdc/components/sdc-cs/Chart.yaml
index 5b4d631889..0789ee32b2 100644
--- a/kubernetes/sdc/components/sdc-cs/Chart.yaml
+++ b/kubernetes/sdc/components/sdc-cs/Chart.yaml
@@ -30,3 +30,11 @@ dependencies:
- name: serviceAccount
version: ~10.x-0
repository: '@local'
+ - name: cassandra
+ version: ~10.x-0
+ # local reference to common chart, as it is
+ # a part of this chart's package and will not
+ # be published independently to a repo (at this point)
+ repository: '@local'
+ condition: global.sdc_cassandra.localCluster
+
diff --git a/kubernetes/sdc/components/sdc-cs/templates/job.yaml b/kubernetes/sdc/components/sdc-cs/templates/job.yaml
index fb849b9f25..0eeeff52da 100644
--- a/kubernetes/sdc/components/sdc-cs/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-cs/templates/job.yaml
@@ -42,7 +42,7 @@ spec:
- /app/ready.py
args:
- --container-name
- {{- if .Values.global.cassandra.localCluster }}
+ {{- if .Values.global.sdc_cassandra.localCluster }}
- sdc-cs
{{- else }}
- cassandra
@@ -96,6 +96,7 @@ spec:
requests:
cpu: 200m
memory: 300Mi
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: {{ include "common.fullname" . }}-environments
diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml
index e00475adc4..951249cfbd 100644
--- a/kubernetes/sdc/components/sdc-cs/values.yaml
+++ b/kubernetes/sdc/components/sdc-cs/values.yaml
@@ -21,7 +21,7 @@ global:
readinessImage: onap/oom/readiness:3.0.1
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
- cassandra:
+ sdc_cassandra:
#This flag allows SDC to instantiate its own cluster, serviceName
#should be sdc-cs if this flag is enabled
localCluster: false
@@ -36,6 +36,19 @@ global:
#################################################################
# Application configuration defaults.
#################################################################
+
+#Used only if localCluster is enabled. Instantiates SDC's own cassandra cluster
+cassandra:
+ nameOverride: sdc-cs
+ replicaCount: 3
+ service:
+ name: sdc-cs
+ serviceAccount:
+ nameOverride: sdc-cs
+ persistence:
+ mountSubPath: sdc/sdc-cs/CS
+ enabled: true
+
# application image
repository: nexus3.onap.org:10001
image: onap/sdc-cassandra:1.9.5
@@ -109,3 +122,7 @@ serviceAccount:
nameOverride: sdc-cs
roles:
- read
+
+wait_for_job_container:
+ containers:
+ - '{{ include "common.name" . }}-job'
diff --git a/kubernetes/sdc/components/sdc-fe/resources/config/plugins/plugins-configuration.yaml b/kubernetes/sdc/components/sdc-fe/resources/config/plugins/plugins-configuration.yaml
index 9dc317b2b5..cc91960dbf 100644
--- a/kubernetes/sdc/components/sdc-fe/resources/config/plugins/plugins-configuration.yaml
+++ b/kubernetes/sdc/components/sdc-fe/resources/config/plugins/plugins-configuration.yaml
@@ -1,6 +1,10 @@
pluginsList:
- pluginId: WORKFLOW
- pluginDiscoveryUrl: "{{ .Values.config.plugins.workflow_discovery_url }}"
+ {{- if (include "common.needTLS" .) }}
+ pluginDiscoveryUrl: "{{ .Values.config.plugins.workflow_discovery_url.https }}"
+ {{- else }}
+ pluginDiscoveryUrl: "{{ .Values.config.plugins.workflow_discovery_url.http }}"
+ {{- end }}
pluginSourceUrl: "{{ .Values.config.plugins.workflow_source_url }}"
pluginStateUrl: "workflowDesigner"
pluginDisplayOptions:
@@ -8,4 +12,4 @@ pluginsList:
displayName: "WORKFLOW"
displayRoles: ["DESIGNER", "TESTER"]
-connectionTimeout: 1000 \ No newline at end of file
+connectionTimeout: 1000
diff --git a/kubernetes/sdc/components/sdc-fe/templates/configmap.yaml b/kubernetes/sdc/components/sdc-fe/templates/configmap.yaml
index 2ac85aead6..948a3fee99 100644
--- a/kubernetes/sdc/components/sdc-fe/templates/configmap.yaml
+++ b/kubernetes/sdc/components/sdc-fe/templates/configmap.yaml
@@ -39,4 +39,4 @@ metadata:
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/config/plugins/*").AsConfig . | indent 2 }} \ No newline at end of file
+{{ tpl (.Files.Glob "resources/config/plugins/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml
index 43f9f2c928..599e32e175 100644
--- a/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml
@@ -82,9 +82,9 @@ spec:
chmod 0755 /config-output/${PFILE}
done
volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- - name: {{ include "common.fullname" . }}-environments
+ - name: sdc-environments-input
mountPath: /config-input/
- - name: sdc-environments-output
+ - name: sdc-environments
mountPath: /config-output/
resources:
limits:
@@ -147,23 +147,25 @@ spec:
- name: JAVA_OPTIONS
value: {{ .Values.config.javaOptions }}
volumeMounts:
- - name: sdc-environments-output
+ - name: sdc-environments
mountPath: /app/jetty/chef-solo/environments/
- - name: sdc-environments-output
+ {{- if .Values.global.aafEnabled }}
+ - name: sdc-environments
mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.p12
subPath: org.onap.sdc.p12
- - name: sdc-environments-output
+ - name: sdc-environments
mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.trust.jks
subPath: org.onap.sdc.trust.jks
- - name: {{ include "common.fullname" . }}-localtime
+ {{- end }}
+ - name: localtime
mountPath: /etc/localtime
readOnly: true
- name: logs
mountPath: /var/log/onap
- - name: {{ include "common.fullname" . }}-configs
+ - name: configs
mountPath: /app/jetty/config/catalog-fe/plugins-configuration.yaml
subPath: plugins-configuration.yaml
- - name: {{ include "common.fullname" . }}-logback
+ - name: logback
mountPath: /tmp/logback.xml
subPath: logback.xml
lifecycle:
@@ -174,23 +176,25 @@ spec:
{{ include "common.log.sidecar" . | nindent 8 }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- - name: {{ include "common.fullname" . }}-localtime
+ - name: localtime
hostPath:
path: /etc/localtime
{{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 8 }}
- - name: {{ include "common.fullname" . }}-configs
+ - name: configs
configMap:
name : {{ include "common.fullname" . }}-plugins-configmap
defaultMode: 0777
- - name: {{ include "common.fullname" . }}-logback
+ - name: logback
configMap:
name : {{ include "common.fullname" . }}-logging-configmap
- - name: {{ include "common.fullname" . }}-environments
+ - name: sdc-environments
+ {{- if .Values.global.aafEnabled }}
+ emptyDir: { medium: "Memory" }
+ - name: sdc-environments-input
+ {{- end }}
configMap:
name: {{ include "common.release" . }}-sdc-environments-configmap
defaultMode: 0755
- - name: sdc-environments-output
- emptyDir: { medium: "Memory" }
- name: logs
emptyDir: {}
imagePullSecrets:
diff --git a/kubernetes/sdc/components/sdc-fe/templates/service.yaml b/kubernetes/sdc/components/sdc-fe/templates/service.yaml
index db8b59c2ce..f899d58971 100644
--- a/kubernetes/sdc/components/sdc-fe/templates/service.yaml
+++ b/kubernetes/sdc/components/sdc-fe/templates/service.yaml
@@ -39,28 +39,20 @@ metadata:
spec:
type: {{ .Values.service.type }}
ports:
- {{ if not .Values.security.disableHttp }}
- # setting http port only if enabled
- {{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
name: {{ .Values.service.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{ end }}
- {{ end }}
-
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort2 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
- name: {{ .Values.service.portName }}2
- {{- else -}}
- - port: {{ .Values.service.externalPort2 }}
+ {{ if eq .Values.service.type "NodePort" -}}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ {{ end }}
+ {{ if (include "common.needTLS" .) }}
+ - port: {{ .Values.service.internalPort2 }}
targetPort: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.portName }}2
- {{- end}}
+ name: {{ .Values.service.portName }}s
+ {{ if eq .Values.service.type "NodePort" -}}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+ {{ end }}
+ {{ end }}
selector:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml
index a208226b76..09d9829c59 100644
--- a/kubernetes/sdc/components/sdc-fe/values.yaml
+++ b/kubernetes/sdc/components/sdc-fe/values.yaml
@@ -53,11 +53,17 @@ pullPolicy: Always
config:
javaOptions: "-Xmx256m -Xms256m"
plugins:
- dcae_discovery_url: "https://sdc-dcae-fe:9444/dcaed/#/home"
+ dcae_discovery_url:
+ https: "https://sdc-dcae-fe:9444/dcaed/#/home"
+ http: "http://sdc-dcae-fe:8183/dcaed/#/home"
dcae_source_url: "https://sdc.dcae.plugin.simpledemo.onap.org:30264/dcaed/#/home"
- dcae_dt_discovery_url: "https://sdc-dcae-dt:9446/dcae/#/dcae/home"
+ dcae_dt_discovery_url:
+ https: "https://sdc-dcae-dt:9446/dcae/#/dcae/home"
+ http: "http://sdc-dcae-dt:8186/dcae/#/dcae/home"
dcae_dt_source_url: "https://sdc.dcae.plugin.simpledemo.onap.org:30266/dcae/#/dcae/home"
- workflow_discovery_url: "https://sdc-wfd-fe:8443/workflows"
+ workflow_discovery_url:
+ https: "https://sdc-wfd-fe:8443/workflows"
+ http: "http://sdc-wfd-fe:8080/workflows"
workflow_source_url: "https://sdc.workflow.plugin.simpledemo.onap.org:30256/workflows/"
#environment file
@@ -105,7 +111,7 @@ service:
#service being defined.
type: NodePort
name: sdc-fe
- portName: sdc-fe
+ portName: http
nodePort: "06"
internalPort: 8181
externalPort: 8181
@@ -113,8 +119,6 @@ service:
internalPort2: 9443
externalPort2: 9443
-
-
ingress:
enabled: false
service:
diff --git a/kubernetes/sdc/components/sdc-helm-validator/values.yaml b/kubernetes/sdc/components/sdc-helm-validator/values.yaml
index 4cd4a76506..e51c242d5c 100644
--- a/kubernetes/sdc/components/sdc-helm-validator/values.yaml
+++ b/kubernetes/sdc/components/sdc-helm-validator/values.yaml
@@ -18,7 +18,7 @@
global:
pullPolicy: Always
-image: onap/org.onap.sdc.sdc-helm-validator:1.2.2
+image: onap/sdc-helm-validator:1.3.0
containerPort: &svc_port 8080
config:
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
index d6b8a4e026..8180cc79f1 100644
--- a/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
@@ -1,6 +1,7 @@
{{/*
# Copyright © 2017 Amdocs, AT&T, Bell Canada
# Modifications Copyright © 2018 ZTE
+# Modifications Copyright © 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -80,9 +81,9 @@ spec:
chmod 0755 /config-output/${PFILE}
done
volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- - name: {{ include "common.fullname" . }}-environments
+ - name: sdc-environments-input
mountPath: /config-input/
- - name: sdc-environments-output
+ - name: sdc-environments
mountPath: /config-output/
resources:
limits:
@@ -104,7 +105,7 @@ spec:
securityContext:
runAsUser: 0
volumeMounts:
- - name: {{ include "common.fullname" . }}-cert-storage
+ - name: cert-storage
mountPath: "/onboard/cert"
resources:
limits:
@@ -172,22 +173,24 @@ spec:
- name: SDC_CERT_DIR
value: {{ .Values.cert.certDir }}
volumeMounts:
- - name: sdc-environments-output
+ - name: sdc-environments
mountPath: /app/jetty/chef-solo/environments/
- - name: sdc-environments-output
+ {{- if .Values.global.aafEnabled }}
+ - name: sdc-environments
mountPath: /app/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12
subPath: org.onap.sdc.p12
- - name: sdc-environments-output
+ - name: sdc-environments
mountPath: /app/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks
subPath: org.onap.sdc.trust.jks
- - name: {{ include "common.fullname" . }}-localtime
+ {{- end }}
+ - name: localtime
mountPath: /etc/localtime
readOnly: true
- name: logs
mountPath: /var/log/onap
- - name: {{ include "common.fullname" . }}-cert-storage
+ - name: cert-storage
mountPath: "{{ .Values.cert.certDir }}"
- - name: {{ include "common.fullname" . }}-logback
+ - name: logback
mountPath: /tmp/logback.xml
subPath: logback.xml
lifecycle:
@@ -198,22 +201,25 @@ spec:
{{ include "common.log.sidecar" . | nindent 8 }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- - name: {{ include "common.fullname" . }}-localtime
+ - name: localtime
hostPath:
path: /etc/localtime
+
{{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 6 }}
- - name: {{ include "common.fullname" . }}-logback
+ - name: logback
configMap:
name : {{ include "common.fullname" . }}-logging-configmap
- - name: {{ include "common.fullname" . }}-environments
+ - name: sdc-environments
+ {{- if .Values.global.aafEnabled }}
+ emptyDir: { medium: "Memory" }
+ - name: sdc-environments-input
+ {{- end }}
configMap:
name: {{ include "common.release" . }}-sdc-environments-configmap
defaultMode: 0755
- - name: sdc-environments-output
- emptyDir: { medium: "Memory" }
- name: logs
emptyDir: {}
- - name: {{ include "common.fullname" . }}-cert-storage
+ - name: cert-storage
persistentVolumeClaim:
claimName: {{ include "common.fullname" . }}-cert
imagePullSecrets:
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
index c8edb29a28..bfc1ef8e7b 100644
--- a/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
@@ -62,6 +62,13 @@ spec:
- name: {{ include "common.name" . }}-job
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.onboardingInitImage }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if include "common.onServiceMesh" . }}
+ args:
+ - echo "waiting 10s for istio side cars to be up"; sleep 10s; /home/sdc/startup.sh
+ command:
+ - /bin/sh
+ - -c
+ {{- end }}
volumeMounts:
- name: {{ include "common.fullname" . }}-environments
mountPath: /home/sdc/chef-solo/environments/
@@ -82,7 +89,7 @@ spec:
valueFrom:
secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: cs_password}
- name: CS_HOST_IP
- value: "{{ .Values.global.cassandra.serviceName }}"
+ value: "{{ .Values.global.sdc_cassandra.serviceName }}"
resources:
limits:
cpu: 800m
@@ -90,6 +97,7 @@ spec:
requests:
cpu: 200m
memory: 200Mi
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
volumes:
- name: {{ include "common.fullname" . }}-environments
configMap:
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml
index 2ee87eeb33..ece5a439a3 100644
--- a/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml
@@ -31,18 +31,18 @@ spec:
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.externalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName | default "http" }}
+ name: {{ .Values.service.portName | default "http" }}s
- port: {{ .Values.service.externalPort2 }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
- name: {{ .Values.service.portName | default "http" }}2
+ name: {{ .Values.service.portName | default "http" }}}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName | default "http" }}
+ name: {{ .Values.service.portName | default "http" }}s
- port: {{ .Values.service.externalPort2 }}
targetPort: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.portName | default "http" }}2
+ name: {{ .Values.service.portName | default "http" }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
index d8cc670bdf..f96d59b71a 100644
--- a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
@@ -20,7 +20,7 @@ global:
nodePortPrefix: 302
aafEnabled: true
persistence: {}
- cassandra:
+ sdc_cassandra:
#This flag allows SDC to instantiate its own cluster, serviceName
#should be sdc-cs if this flag is enabled
localCluster: false
@@ -109,9 +109,10 @@ startup:
service:
type: ClusterIP
name: sdc-onboarding-be
- portName: sdc-onboarding-be
+ portName: http
internalPort: 8445
externalPort: 8445
+
internalPort2: 8081
externalPort2: 8081
@@ -182,6 +183,10 @@ serviceAccount:
roles:
- read
+wait_for_job_container:
+ containers:
+ - '{{ include "common.name" . }}-job'
+
#Log configuration
log:
path: /var/log/onap
diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/_helper.tpl b/kubernetes/sdc/components/sdc-wfd-be/templates/_helper.tpl
deleted file mode 100644
index 298a2cd673..0000000000
--- a/kubernetes/sdc/components/sdc-wfd-be/templates/_helper.tpl
+++ /dev/null
@@ -1 +0,0 @@
-{{- define "wfd-be.internalPort" }}{{ if .Values.config.serverSSLEnabled }}{{ .Values.service.internalPort2 }}{{ else }}{{ .Values.service.internalPort }}{{ end }}{{- end }}
diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
index 343bda8ff9..a187e19a75 100644
--- a/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
@@ -79,13 +79,13 @@ spec:
./startup.sh
{{- end }}
ports:
- - containerPort: {{ template "wfd-be.internalPort" . }}
+ - containerPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{ if .Values.liveness.enabled }}
livenessProbe:
tcpSocket:
- port: {{ template "wfd-be.internalPort" . }}
+ port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
successThreshold: {{ .Values.liveness.successThreshold }}
@@ -93,14 +93,14 @@ spec:
{{ end }}
readinessProbe:
tcpSocket:
- port: {{ template "wfd-be.internalPort" . }}
+ port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
successThreshold: {{ .Values.readiness.successThreshold }}
failureThreshold: {{ .Values.readiness.failureThreshold }}
startupProbe:
tcpSocket:
- port: {{ template "wfd-be.internalPort" . }}
+ port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
periodSeconds: {{ .Values.startup.periodSeconds }}
successThreshold: {{ .Values.startup.successThreshold }}
@@ -109,7 +109,7 @@ spec:
- name: JAVA_OPTIONS
value: {{ .Values.config.javaOptions }}
- name: CS_HOSTS
- value: "{{ .Values.global.cassandra.serviceName }}"
+ value: "{{ .Values.global.sdc_cassandra.serviceName }}"
- name: CS_PORT
value: "{{ .Values.config.cassandraClientPort }}"
- name: CS_AUTHENTICATE
@@ -128,20 +128,25 @@ spec:
valueFrom:
secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: cs_truststore_password}
- name: SDC_PROTOCOL
- value: "{{ .Values.config.sdcProtocol }}"
+ value: "{{ (eq "true" (include "common.needTLS" .)) | ternary "HTTPS" "HTTP" }}"
- name: SDC_ENDPOINT
- value: "{{ .Values.config.sdcEndpoint }}"
+ value: "{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdcEndpoint.https .Values.config.sdcEndpoint.http }}"
- name: SDC_USER
value: "{{ .Values.config.sdcExternalUser }}"
- name: SDC_PASSWORD
valueFrom:
secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: wf_external_user_password}
+ {{- if (include "common.needTLS" .) }}
- name: SERVER_SSL_ENABLED
- value: "{{ .Values.config.serverSSLEnabled }}"
+ value: "true"
- name: SERVER_SSL_KEYSTORE_TYPE
value: "{{ .Values.config.serverSSLKeyStoreType }}"
- name: SERVER_SSL_TRUSTSTORE_TYPE
value: "{{ .Values.config.serverSSLTrustStoreType }}"
+ {{- else }}
+ - name: SERVER_SSL_ENABLED
+ value: "false"
+ {{- end }}
volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
resources: {{ include "common.resources" . | nindent 12 }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/ingress.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/ingress.yaml
index 8f87c68f1e..171442dfdc 100644
--- a/kubernetes/sdc/components/sdc-wfd-be/templates/ingress.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-be/templates/ingress.yaml
@@ -1 +1 @@
-{{ include "common.ingress" . }}
+{{include "common.ingress" .}}
diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml
index f7b0cfa04b..2e5826d229 100644
--- a/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml
@@ -60,23 +60,31 @@ spec:
cpu: 3m
memory: 20Mi
containers:
- - name: {{ include "common.name" . }}-job
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.configInitImage }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- env:
+ - name: {{ include "common.name" . }}-job
+ image:
+ {{ include "repositoryGenerator.repository" . }}/{{ .Values.configInitImage }}
+ imagePullPolicy:
+ {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if include "common.onServiceMesh" . }}
+ args:
+ - echo "waiting 10s for istio side cars to be up"; sleep 10s; /start.sh
+ command:
+ - /bin/sh
+ - -c
+ {{- end }}
+ env:
- name: CS_HOST
- value: "{{ .Values.global.cassandra.serviceName }}"
+ value: "{{ .Values.global.sdc_cassandra.serviceName }}"
- name: CS_PORT
- value: "{{ .Values.config.cassandraClientPort }}"
+ value: {{ .Values.config.cassandraClientPort | quote }}
- name: CS_AUTHENTICATE
- value: "{{ .Values.config.cassandraAuthenticationEnabled }}"
+ value: {{ .Values.config.cassandraAuthenticationEnabled | quote }}
- name: CS_USER
- valueFrom:
- secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_user}
+ valueFrom: {secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_user}}
- name: CS_PASSWORD
- valueFrom:
- secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_password}
- resources: {{ include "common.resources" . | nindent 12 }}
+ valueFrom: {secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_password}}
+ resources: {{ include "common.resources" . | nindent 12 }}
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
{{ end }}
diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/service.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/service.yaml
index 2af5e2ba26..2f4129b03f 100644
--- a/kubernetes/sdc/components/sdc-wfd-be/templates/service.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-be/templates/service.yaml
@@ -30,13 +30,13 @@ spec:
type: {{ .Values.service.type }}
ports:
{{if eq .Values.service.type "NodePort" -}}
- - port: {{ template "wfd-be.internalPort" . }}
+ - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
{{- else -}}
- - port: {{ if .Values.config.serverSslEnabled }}{{ .Values.service.externalPort2 }}{{ else }}{{ .Values.service.externalPort }}{{ end }}
- targetPort: {{ template "wfd-be.internalPort" . }}
- name: {{ .Values.service.portName }}
+ - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.externalPort2 .Values.service.externalPort }}
+ targetPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/sdc/components/sdc-wfd-be/values.yaml b/kubernetes/sdc/components/sdc-wfd-be/values.yaml
index 8b61567114..6b18f47d66 100644
--- a/kubernetes/sdc/components/sdc-wfd-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-be/values.yaml
@@ -19,14 +19,15 @@
global:
nodePortPrefix: 302
aafEnabled: true
- cassandra:
- #This flag allows SDC to instantiate its own cluster, serviceName
- #should be sdc-cs if this flag is enabled
+ sdc_cassandra:
+ # This flag allows SDC to instantiate its own cluster, serviceName
+ # should be sdc-cs if this flag is enabled
localCluster: false
- #The cassandra service name to connect to (default: shared cassandra service)
+ # The cassandra service name to connect to
+ # (default: shared cassandra service)
serviceName: cassandra
- #Shared cassandra cluster replicaCount, should be changed if localCluster is enabled
- #to match with its own cluster replica
+ # Shared cassandra cluster replicaCount, should be changed if
+ # localCluster is enabled to match with its own cluster replica
replicaCount: 3
clusterName: cassandra
dataCenter: Pod
@@ -69,10 +70,10 @@ config:
javaOptions: "-Xmx1536m -Xms1536m"
cassandraAuthenticationEnabled: true
cassandraClientPort: 9042
- sdcProtocol: HTTPS
- sdcEndpoint: sdc-be:8443
+ sdcEndpoint:
+ https: sdc-be:8443
+ http: sdc-be:8080
sdcExternalUser: workflow
- serverSSLEnabled: true
serverSSLKeyStoreType: jks
serverSSLTrustStoreType: jks
cassandraSSLEnabled: false
@@ -90,16 +91,16 @@ nodeSelector: {}
affinity: {}
# probe configuration parameters
-liveness:
- initialDelaySeconds: 60
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
+#liveness:
+# initialDelaySeconds: 60
+# periodSeconds: 10
+# # necessary to disable liveness probe when setting breakpoints
+# # in debugger so K8s doesn't restart unresponsive container
+# enabled: true
-readiness:
- initialDelaySeconds: 60
- periodSeconds: 10
+#readiness:
+# initialDelaySeconds: 60
+# periodSeconds: 10
# probe configuration parameters
liveness:
@@ -125,7 +126,7 @@ startup:
service:
type: NodePort
- portName: sdc-wfd-be
+ portName: http
internalPort: 8080
externalPort: 8080
internalPort2: 8443
@@ -166,3 +167,7 @@ serviceAccount:
nameOverride: sdc-wfd-be
roles:
- read
+
+wait_for_job_container:
+ containers:
+ - '{{ include "common.name" . }}-job'
diff --git a/kubernetes/sdc/components/sdc-wfd-fe/templates/_helper.tpl b/kubernetes/sdc/components/sdc-wfd-fe/templates/_helper.tpl
deleted file mode 100644
index 546bab7ddf..0000000000
--- a/kubernetes/sdc/components/sdc-wfd-fe/templates/_helper.tpl
+++ /dev/null
@@ -1 +0,0 @@
-{{- define "wfd-fe.internalPort" }}{{ if .Values.config.isHttpsEnabled }}{{ .Values.service.internalPort2 }}{{ else }}{{ .Values.service.internalPort }}{{ end }}{{- end }}
diff --git a/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
index b703e6656c..d57309004d 100644
--- a/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
@@ -98,11 +98,11 @@ spec:
./startup.sh
{{- end }}
ports:
- - containerPort: {{ template "wfd-fe.internalPort" . }}
+ - containerPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
{{ if .Values.liveness.enabled }}
livenessProbe:
tcpSocket:
- port: {{ template "wfd-fe.internalPort" . }}
+ port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
successThreshold: {{ .Values.liveness.successThreshold }}
@@ -110,14 +110,14 @@ spec:
{{ end }}
readinessProbe:
tcpSocket:
- port: {{ template "wfd-fe.internalPort" . }}
+ port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
successThreshold: {{ .Values.readiness.successThreshold }}
failureThreshold: {{ .Values.readiness.failureThreshold }}
startupProbe:
tcpSocket:
- port: {{ template "wfd-fe.internalPort" . }}
+ port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
periodSeconds: {{ .Values.startup.periodSeconds }}
successThreshold: {{ .Values.startup.successThreshold }}
@@ -128,13 +128,13 @@ spec:
- name: JAVA_OPTIONS
value: {{ .Values.config.javaOptions }}
- name: BACKEND
- value: {{ .Values.config.backendServerURL }}
+ value: "{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.backendServerURL.https .Values.config.backendServerURL.http }}"
- name: IS_HTTPS
- value: "{{ .Values.config.isHttpsEnabled}}"
- {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }}
+ value: "{{ (eq "true" (include "common.needTLS" .)) | ternary "true" "false" }}"
+ {{- if and (include "common.needTLS" .) (eq .Values.security.isDefaultStore false) }}
- name: TRUST_ALL
value: "{{ .Values.config.isTrustAll}}"
- {{ end }}
+ {{- end }}
volumeMounts:
- name: {{ include "common.fullname" . }}-localtime
mountPath: /etc/localtime
diff --git a/kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml b/kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml
index bc838ac22f..08feb5a6ed 100644
--- a/kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml
@@ -31,7 +31,7 @@ metadata:
"version": "v1",
"url": "/",
"protocol": "UI",
- "port": "{{ .Values.service.internalPort2 }}",
+ "port": "{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}",
"visualRange":"0|1"
}
]'
@@ -39,13 +39,13 @@ spec:
type: {{ .Values.service.type }}
ports:
{{if eq .Values.service.type "NodePort" -}}
- - port: {{ template "wfd-fe.internalPort" . }}
+ - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
{{- else -}}
- - port: {{ if .Values.config.isHttpsEnabled }}{{ .Values.service.externalPort2 }}{{ else }}{{ .Values.service.externalPort }}{{ end }}
- targetPort: {{ template "wfd-fe.internalPort" . }}
- name: {{ .Values.service.portName }}
+ - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.externalPort2 .Values.service.externalPort }}
+ targetPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml
index b3e3b39a41..c7e680a745 100644
--- a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml
@@ -55,8 +55,9 @@ debugEnabled: false
config:
javaOptions: "-Xmx256m -Xms256m"
- backendServerURL: "https://sdc-wfd-be:8443"
- isHttpsEnabled: true
+ backendServerURL:
+ https: "https://sdc-wfd-be:8443"
+ http: "http://sdc-wfd-be:8080"
# following flag decides whether to check the certificate on the outgoing proxy request or whether to trust all parties
isTrustAll: true
# https relevant settings. Change in case you have other trust files then default ones.
diff --git a/kubernetes/sdc/resources/config/environments/AUTO.json b/kubernetes/sdc/resources/config/environments/AUTO.json
index bd76b97b98..c9535592d8 100755
--- a/kubernetes/sdc/resources/config/environments/AUTO.json
+++ b/kubernetes/sdc/resources/config/environments/AUTO.json
@@ -8,8 +8,8 @@
"chef_type": "environment",
"default_attributes": {
- "disableHttp": {{ .Values.global.security.disableHttp }},
- "CS_VIP": "{{.Values.global.cassandra.serviceName}}.{{include "common.namespace" .}}",
+ "disableHttp": {{ (eq "true" (include "common.needTLS" .)) | ternary "true" "false" }},
+ "CS_VIP": "{{.Values.global.sdc_cassandra.serviceName}}.{{include "common.namespace" .}}",
"BE_VIP": "sdc-be.{{include "common.namespace" .}}",
"ONBOARDING_BE_VIP": "sdc-onboarding-be.{{include "common.namespace" .}}",
"FE_VIP": "sdc-fe.{{include "common.namespace" .}}",
@@ -37,7 +37,7 @@
},
"Nodes": {
"CS": [
- "{{.Values.global.cassandra.serviceName}}.{{include "common.namespace" .}}"
+ "{{.Values.global.sdc_cassandra.serviceName}}.{{include "common.namespace" .}}"
],
"BE": "sdc-be.{{include "common.namespace" .}}",
"ONBOARDING_BE": "sdc-onboarding-be.{{include "common.namespace" .}}",
@@ -79,8 +79,8 @@
"cassandra_user": "asdc_user",
"cassandra_password": "Aa1234%^!",
"concurrent_writes": "32",
- "cluster_name": "{{.Values.global.cassandra.clusterName}}",
- "datacenter_name": "{{.Values.global.cassandra.dataCenter}}",
+ "cluster_name": "{{.Values.global.sdc_cassandra.clusterName}}",
+ "datacenter_name": "{{.Values.global.sdc_cassandra.dataCenter}}",
"multithreaded_compaction": "false",
"cache_dir": "/var/lib/cassandra/saved_caches",
"log_file": "/var/lib/cassandra/log/system.log",
@@ -89,10 +89,10 @@
"socket_read_timeout": "20000",
"socket_connect_timeout": "20000",
"janusgraph_connection_timeout": "10000",
- "replication_factor": "{{.Values.global.cassandra.replicaCount}}",
- "db_cache": "{{.Values.global.cassandra.dbCache}}",
- "read_consistency_level": "{{.Values.global.cassandra.readConsistencyLevel}}",
- "write_consistency_level":"{{.Values.global.cassandra.writeConsistencyLevel}}"
+ "replication_factor": "{{.Values.global.sdc_cassandra.replicaCount}}",
+ "db_cache": "{{.Values.global.sdc_cassandra.dbCache}}",
+ "read_consistency_level": "{{.Values.global.sdc_cassandra.readConsistencyLevel}}",
+ "write_consistency_level":"{{.Values.global.sdc_cassandra.writeConsistencyLevel}}"
},
"DMAAP": {
"consumer": {
@@ -112,11 +112,13 @@
"username": "user1@sdc.com",
"password": "password=="
}
+ {{- if .Values.global.aafEnabled }}
},
"jetty": {
"keystore_pwd": "${KEYSTORE_PASS}",
"truststore_pwd": "${TRUSTSTORE_PASS}",
"keymanager_pwd": "${KEYMANAGER_PASS}"
+ {{- end }}
}
}
}
diff --git a/kubernetes/sdc/values.yaml b/kubernetes/sdc/values.yaml
index 98b4abe2ee..e7643069bf 100644
--- a/kubernetes/sdc/values.yaml
+++ b/kubernetes/sdc/values.yaml
@@ -25,22 +25,21 @@ global:
keystore_password: PyhrUCFZdXIhWyohWTUhRV5mKFpLYzMx
wf_external_user_password: S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ==
aafEnabled: true
- cassandra:
+ sdc_cassandra:
#This flag allows SDC to instantiate its own cluster, serviceName
- #should be sdc-cs if this flag is enabled
+ #should be "sdc-cs" if this flag is enabled
localCluster: false
#The cassandra service name to connect to (default: shared cassandra service)
serviceName: cassandra
#Shared cassandra cluster replicaCount, should be changed if localCluster is enabled
#to match with its own cluster replica
+ #see "cassandra: replicaCount" in file sdc-cs/values.yaml)
replicaCount: 3
dbCache: true
readConsistencyLevel: ONE
writeConsistencyLevel: ALL
clusterName: cassandra
dataCenter: Pod
- security:
- disableHttp: true
centralizedLoggingEnabled: true
sdc-be:
@@ -63,16 +62,6 @@ config:
workflowUrl: 10.0.2.15
vnfRepoPort: 8703
-#Used only if localCluster is enabled. Instantiates SDC's own cassandra cluster
-cassandra:
- nameOverride: sdc-cs
- replicaCount: 1
- service:
- name: sdc-cs
- persistence:
- mountSubPath: sdc/sdc-cs/CS
- enabled: true
-
# dependency / sub-chart configuration
sdc-wfd:
enabled: true
diff --git a/kubernetes/sdnc/components/dmaap-listener/values.yaml b/kubernetes/sdnc/components/dmaap-listener/values.yaml
index 801d542bc0..a1a583b3f9 100644
--- a/kubernetes/sdnc/components/dmaap-listener/values.yaml
+++ b/kubernetes/sdnc/components/dmaap-listener/values.yaml
@@ -49,7 +49,7 @@ secrets:
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdnc-dmaap-listener-image:2.2.2
+image: onap/sdnc-dmaap-listener-image:2.2.5
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml
index 4b8ac2198a..b247e71452 100644
--- a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml
+++ b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml
@@ -49,7 +49,7 @@ secrets:
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdnc-ansible-server-image:2.2.2
+image: onap/sdnc-ansible-server-image:2.2.5
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/sdnc/components/sdnc-web/values.yaml b/kubernetes/sdnc/components/sdnc-web/values.yaml
index dd76f58dd2..f75b56726c 100644
--- a/kubernetes/sdnc/components/sdnc-web/values.yaml
+++ b/kubernetes/sdnc/components/sdnc-web/values.yaml
@@ -23,7 +23,7 @@ global:
# Application configuration defaults.
#################################################################
# application image
-image: "onap/sdnc-web-image:2.2.2"
+image: "onap/sdnc-web-image:2.2.5"
pullPolicy: Always
config:
diff --git a/kubernetes/sdnc/components/ueb-listener/values.yaml b/kubernetes/sdnc/components/ueb-listener/values.yaml
index 848fd97eb2..795ffeaa79 100644
--- a/kubernetes/sdnc/components/ueb-listener/values.yaml
+++ b/kubernetes/sdnc/components/ueb-listener/values.yaml
@@ -55,7 +55,7 @@ secrets:
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdnc-ueb-listener-image:2.2.2
+image: onap/sdnc-ueb-listener-image:2.2.5
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index cbf5678283..5d2f5be9b2 100644
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -210,7 +210,7 @@ certificates:
# application images
pullPolicy: Always
-image: onap/sdnc-image:2.2.2
+image: onap/sdnc-image:2.2.5
# flag to enable debugging - application support required
debugEnabled: false