diff options
Diffstat (limited to 'kubernetes')
521 files changed, 3583 insertions, 3921 deletions
diff --git a/kubernetes/.gitignore b/kubernetes/.gitignore index bc3a4f1ee0..f2b64de479 100644 --- a/kubernetes/.gitignore +++ b/kubernetes/.gitignore @@ -1 +1,3 @@ chartstorage/ +**/charts/*.tgz +helm/plugins/deploy/cache/ diff --git a/kubernetes/a1policymanagement/Chart.yaml b/kubernetes/a1policymanagement/Chart.yaml index 4c9f519e8d..563ee2094a 100644 --- a/kubernetes/a1policymanagement/Chart.yaml +++ b/kubernetes/a1policymanagement/Chart.yaml @@ -20,18 +20,18 @@ apiVersion: v2 appVersion: "1.0.0" description: A Helm chart for A1 Policy Management Service name: a1policymanagement -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/a1policymanagement/values.yaml b/kubernetes/a1policymanagement/values.yaml index f70deefaff..17fa320472 100644 --- a/kubernetes/a1policymanagement/values.yaml +++ b/kubernetes/a1policymanagement/values.yaml @@ -63,7 +63,7 @@ certInitializer: echo "*** change ownership of certificates to targeted user" chown -R 1000 . -image: onap/ccsdk-oran-a1policymanagementservice:1.3.0 +image: onap/ccsdk-oran-a1policymanagementservice:1.3.2 userID: 1000 #Should match with image-defined user ID groupID: 999 #Should match with image-defined group ID pullPolicy: IfNotPresent diff --git a/kubernetes/aaf/Chart.yaml b/kubernetes/aaf/Chart.yaml index 2c51172dfb..bcbe9fa155 100644 --- a/kubernetes/aaf/Chart.yaml +++ b/kubernetes/aaf/Chart.yaml @@ -18,46 +18,46 @@ apiVersion: v2 description: ONAP Application Authorization Framework name: aaf -version: 10.0.0 +version: 11.0.0 dependencies: - name: aaf-cass - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-cass' condition: aaf-authz.enabled - name: aaf-cm - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-cm' condition: aaf-authz.enabled - name: aaf-fs - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-fs' condition: aaf-authz.enabled - name: aaf-gui - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-gui' condition: aaf-authz.enabled - name: aaf-hello - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-hello' condition: aaf-hello.enabled - name: aaf-locate - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-locate' condition: aaf-authz.enabled - name: aaf-oauth - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-oauth' condition: aaf-authz.enabled - name: aaf-service - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-service' condition: aaf-authz.enabled - name: aaf-sms - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-sms' condition: aaf-sms.enabled - name: aaf-sshsm - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-sshsm' condition: aaf-sshsm.enabled diff --git a/kubernetes/aaf/components/Makefile b/kubernetes/aaf/components/Makefile index f4c9784bc4..4a15d0251b 100644 --- a/kubernetes/aaf/components/Makefile +++ b/kubernetes/aaf/components/Makefile @@ -19,7 +19,10 @@ SECRET_DIR := $(OUTPUT_DIR)/secrets EXCLUDES := HELM_BIN := helm -HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) +PROCESSED_FIRST := aaf-templates +TO_FILTER := $(PROCESSED_FIRST) $(EXCLUDES) + +HELM_CHARTS := $(PROCESSED_FIRST) $(filter-out $(TO_FILTER), $(sort $(patsubst %/.,%,$(wildcard */.)))) .PHONY: $(EXCLUDES) $(HELM_CHARTS) diff --git a/kubernetes/aaf/components/aaf-cass/Chart.yaml b/kubernetes/aaf/components/aaf-cass/Chart.yaml index 3f1394cc87..0006c9b8f7 100644 --- a/kubernetes/aaf/components/aaf-cass/Chart.yaml +++ b/kubernetes/aaf/components/aaf-cass/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP AAF cassandra name: aaf-cass -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aaf/components/aaf-cm/Chart.yaml b/kubernetes/aaf/components/aaf-cm/Chart.yaml index ab91b7252b..d2d0b5e296 100644 --- a/kubernetes/aaf/components/aaf-cm/Chart.yaml +++ b/kubernetes/aaf/components/aaf-cm/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: ONAP AAF Certificate Manager name: aaf-cm -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aaf-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-fs/Chart.yaml b/kubernetes/aaf/components/aaf-fs/Chart.yaml index 72b7133f24..660b8d6dba 100644 --- a/kubernetes/aaf/components/aaf-fs/Chart.yaml +++ b/kubernetes/aaf/components/aaf-fs/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP AAF File Server name: aaf-fs -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aaf-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-gui/Chart.yaml b/kubernetes/aaf/components/aaf-gui/Chart.yaml index be01174cea..1527051771 100644 --- a/kubernetes/aaf/components/aaf-gui/Chart.yaml +++ b/kubernetes/aaf/components/aaf-gui/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP AAF GUI name: aaf-gui -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aaf-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-hello/Chart.yaml b/kubernetes/aaf/components/aaf-hello/Chart.yaml index 5a368d5430..bc4c38de28 100644 --- a/kubernetes/aaf/components/aaf-hello/Chart.yaml +++ b/kubernetes/aaf/components/aaf-hello/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP AAF Hello name: aaf-hello -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aaf-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-locate/Chart.yaml b/kubernetes/aaf/components/aaf-locate/Chart.yaml index 15ac5ee554..629b2e06a9 100644 --- a/kubernetes/aaf/components/aaf-locate/Chart.yaml +++ b/kubernetes/aaf/components/aaf-locate/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP AAF Locate name: aaf-locate -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aaf-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-oauth/Chart.yaml b/kubernetes/aaf/components/aaf-oauth/Chart.yaml index 31239e9f68..b22deca963 100644 --- a/kubernetes/aaf/components/aaf-oauth/Chart.yaml +++ b/kubernetes/aaf/components/aaf-oauth/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP AAF OAuth name: aaf-oauth -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aaf-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-service/Chart.yaml b/kubernetes/aaf/components/aaf-service/Chart.yaml index 5cd6cc5a83..18813fc6e2 100644 --- a/kubernetes/aaf/components/aaf-service/Chart.yaml +++ b/kubernetes/aaf/components/aaf-service/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP AAF Service name: aaf-service -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aaf-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../aaf-templates'
\ No newline at end of file diff --git a/kubernetes/aaf/components/aaf-sms/Chart.yaml b/kubernetes/aaf/components/aaf-sms/Chart.yaml index c3e1692dc9..769a4df7cb 100644 --- a/kubernetes/aaf/components/aaf-sms/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sms/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 description: ONAP Secret Management Service name: aaf-sms -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aaf-sms-quorumclient - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-sms-quorumclient' - name: aaf-sms-vault - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-sms-vault' diff --git a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/Chart.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/Chart.yaml index b777223e89..96cf7a1b83 100644 --- a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP Secret Management Service Quorum Client name: aaf-sms-quorumclient -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/Chart.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/Chart.yaml index b3935d4372..9f06ec172b 100644 --- a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/Chart.yaml @@ -18,12 +18,12 @@ apiVersion: v2 description: Chart to launch Vault as SMS backend name: aaf-sms-vault appVersion: 0.9.5 -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aaf/components/aaf-sms/templates/job.yaml b/kubernetes/aaf/components/aaf-sms/templates/job.yaml index 8dbe276d97..2370cf60de 100644 --- a/kubernetes/aaf/components/aaf-sms/templates/job.yaml +++ b/kubernetes/aaf/components/aaf-sms/templates/job.yaml @@ -201,6 +201,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + {{ include "common.waitForJobContainer" . | indent 6 | trim }} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: diff --git a/kubernetes/aaf/components/aaf-sms/values.yaml b/kubernetes/aaf/components/aaf-sms/values.yaml index da268ccf06..114ad23672 100644 --- a/kubernetes/aaf/components/aaf-sms/values.yaml +++ b/kubernetes/aaf/components/aaf-sms/values.yaml @@ -276,3 +276,8 @@ resources: cpu: 25m memory: 100Mi unlimited: {} + +wait_for_job_container: + containers: + - '{{ include "common.name" . }}-preload' + diff --git a/kubernetes/aaf/components/aaf-sshsm/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/Chart.yaml index a7fd8f5fe2..2cd0cf4671 100644 --- a/kubernetes/aaf/components/aaf-sshsm/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 description: ONAP Hardware Security Components name: aaf-sshsm -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aaf-sshsm-abrmd - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-sshsm-abrmd' condition: aaf-sshsm-abrmd.enabled - name: aaf-sshsm-distcenter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-sshsm-distcenter' condition: aaf-sshsm-distcenter.enabled - name: aaf-sshsm-testca - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-sshsm-testca' condition: aaf-sshsm-testca.testca.enabled diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/Chart.yaml index f9dd2b9cb2..2149739897 100644 --- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP Trusted Platform Module Resource Manager name: aaf-sshsm-abrmd -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/Chart.yaml index 1f6b6f9afb..b0a9b9a05f 100644 --- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP Trusted Platform Module Distribution Center name: aaf-sshsm-distcenter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/Chart.yaml index 73ff507f91..617c742048 100644 --- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP Trusted Platform Module Test CA Service name: aaf-sshsm-testca -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aaf/components/aaf-templates/Chart.yaml b/kubernetes/aaf/components/aaf-templates/Chart.yaml index 9d0ecad16e..b4b01b06d6 100644 --- a/kubernetes/aaf/components/aaf-templates/Chart.yaml +++ b/kubernetes/aaf/components/aaf-templates/Chart.yaml @@ -16,9 +16,9 @@ apiVersion: v2 description: ONAP Application Authorization Framework Templates name: aaf-templates -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl index 50da519a89..c0614b255e 100644 --- a/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl +++ b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl @@ -23,6 +23,10 @@ spec: replicas: {{ .Values.replicaCount }} template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} + {{- if (include "common.onServiceMesh" .) }} + annotations: + sidecar.istio.io/inject: "false" + {{- end }} spec: {{ include "aaf.initContainers" . | nindent 6 }} containers: - name: {{ include "common.name" . }} diff --git a/kubernetes/aai/Chart.yaml b/kubernetes/aai/Chart.yaml index 278e1cd595..9bab1ee1ab 100644 --- a/kubernetes/aai/Chart.yaml +++ b/kubernetes/aai/Chart.yaml @@ -18,56 +18,56 @@ apiVersion: v2 description: ONAP Active and Available Inventory name: aai -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: cassandra - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' condition: global.cassandra.localCluster - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aai-babel - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aai-babel' condition: aai-babel.enabled - name: aai-graphadmin - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aai-graphadmin' condition: aai-graphadmin.enabled - name: aai-modelloader - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aai-modelloader' condition: aai-modelloader.enabled - name: aai-resources - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aai-resources' condition: aai-resources.enabled - name: aai-schema-service - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aai-schema-service' condition: aai-schema-service.enabled - name: aai-sparky-be - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aai-sparky-be' condition: aai-sparky-be.enabled - name: aai-traversal - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aai-traversal' condition: aai-traversal.enabled - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aai/components/aai-babel/Chart.yaml b/kubernetes/aai/components/aai-babel/Chart.yaml index 30140136a9..5f36a0e94f 100644 --- a/kubernetes/aai/components/aai-babel/Chart.yaml +++ b/kubernetes/aai/components/aai-babel/Chart.yaml @@ -18,21 +18,21 @@ apiVersion: v2 description: Babel microservice name: aai-babel -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aai/components/aai-graphadmin/Chart.yaml b/kubernetes/aai/components/aai-graphadmin/Chart.yaml index 0d5978aef7..d5d0851552 100644 --- a/kubernetes/aai/components/aai-graphadmin/Chart.yaml +++ b/kubernetes/aai/components/aai-graphadmin/Chart.yaml @@ -22,21 +22,21 @@ apiVersion: v2 description: ONAP AAI GraphAdmin name: aai-graphadmin -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml index b8adba8117..a93c6107e7 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml @@ -126,7 +126,9 @@ spec: args: - -c - | - bash docker-entrypoint.sh dataSnapshot.sh + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} + bash docker-entrypoint.sh dataSnapshot.sh; {{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }} env: - name: LOCAL_USER_ID diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml index 76a11fad54..a9349028f4 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml @@ -126,7 +126,9 @@ spec: args: - -c - | - bash docker-entrypoint.sh createDBSchema.sh + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} + bash docker-entrypoint.sh createDBSchema.sh; {{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }} env: - name: LOCAL_USER_ID diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml index d2d0809afb..10b8255c50 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml @@ -171,6 +171,8 @@ spec: args: - -c - | + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} bash docker-entrypoint.sh run_Migrations.sh -e UpdateAaiUriIndexMigration --commit --skipPreMigrationSnapShot --runDisabled RebuildAllEdges ; {{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }} env: @@ -325,6 +327,8 @@ spec: args: - -c - | + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} bash docker-entrypoint.sh dataSnapshot.sh {{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }} env: diff --git a/kubernetes/aai/components/aai-modelloader/Chart.yaml b/kubernetes/aai/components/aai-modelloader/Chart.yaml index a56dfdc088..468b41b757 100644 --- a/kubernetes/aai/components/aai-modelloader/Chart.yaml +++ b/kubernetes/aai/components/aai-modelloader/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 description: ONAP AAI modelloader name: aai-modelloader -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties b/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties index 09eb397860..2d7cf7f98c 100644 --- a/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties +++ b/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties @@ -26,6 +26,9 @@ ml.distribution.PASSWORD=OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go {{ else }} ml.distribution.ASDC_ADDRESS=sdc-be.{{.Release.Namespace}}:8080 ml.distribution.ASDC_USE_HTTPS=false +ml.distribution.KEYSTORE_PASSWORD= +ml.distribution.KEYSTORE_FILE= +ml.distribution.PASSWORD=OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp {{ end }} ml.distribution.CONSUMER_GROUP=aai-ml-group ml.distribution.CONSUMER_ID=aai-ml diff --git a/kubernetes/aai/components/aai-resources/Chart.yaml b/kubernetes/aai/components/aai-resources/Chart.yaml index c5ccf82da9..729d8087a7 100644 --- a/kubernetes/aai/components/aai-resources/Chart.yaml +++ b/kubernetes/aai/components/aai-resources/Chart.yaml @@ -18,21 +18,21 @@ apiVersion: v2 description: ONAP AAI resources name: aai-resources -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aai/components/aai-schema-service/Chart.yaml b/kubernetes/aai/components/aai-schema-service/Chart.yaml index 2553c943bd..f608b7596f 100644 --- a/kubernetes/aai/components/aai-schema-service/Chart.yaml +++ b/kubernetes/aai/components/aai-schema-service/Chart.yaml @@ -18,21 +18,21 @@ apiVersion: v2 description: ONAP AAI Schema Service name: aai-schema-service -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aai/components/aai-sparky-be/Chart.yaml b/kubernetes/aai/components/aai-sparky-be/Chart.yaml index ec1812e5e8..0a2c028721 100644 --- a/kubernetes/aai/components/aai-sparky-be/Chart.yaml +++ b/kubernetes/aai/components/aai-sparky-be/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 description: ONAP AAI sparky-be name: aai-sparky-be -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml index 6e5ab8b32b..d23d9cf6a8 100644 --- a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml @@ -33,6 +33,8 @@ spec: app: {{ include "common.name" . }} template: metadata: + annotations: + sidecar.istio.io/rewriteAppHTTPProbers: "false" labels: app: {{ include "common.name" . }} release: {{ include "common.release" . }} diff --git a/kubernetes/aai/components/aai-traversal/Chart.yaml b/kubernetes/aai/components/aai-traversal/Chart.yaml index 41dbe23aa3..13cda281f4 100644 --- a/kubernetes/aai/components/aai-traversal/Chart.yaml +++ b/kubernetes/aai/components/aai-traversal/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 description: ONAP AAI traversal name: aai-traversal -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aai/templates/service.yaml b/kubernetes/aai/templates/service.yaml index d93bfc9fd3..750e1babc3 100644 --- a/kubernetes/aai/templates/service.yaml +++ b/kubernetes/aai/templates/service.yaml @@ -35,4 +35,3 @@ spec: type: {{ .Values.service.type }} selector: app: {{ include "common.name" . }} - clusterIP: {{ .Values.service.aaiServiceClusterIp }} diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index 62d1d2eabd..ebbf8b688c 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -389,9 +389,6 @@ service: externalPort: 8443 internalPort: 8443 nodePort: 33 - # POLICY hotfix - Note this must be temporary - # See https://jira.onap.org/browse/POLICY-510 - aaiServiceClusterIp: externalPlainPort: 80 internalPlainPort: 8080 nodeport: 33 diff --git a/kubernetes/appc/Chart.yaml b/kubernetes/appc/Chart.yaml index d08a83ec4d..d65bbfbcbc 100644 --- a/kubernetes/appc/Chart.yaml +++ b/kubernetes/appc/Chart.yaml @@ -18,26 +18,26 @@ apiVersion: v2 description: Application Controller name: appc -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dgbuilder - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: appc-ansible-server - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/appc-ansible-server' condition: appc-ansible-server.enabled - name: appc-cdt - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/appc-cdt' condition: appc-cdt.enabled diff --git a/kubernetes/appc/components/appc-ansible-server/Chart.yaml b/kubernetes/appc/components/appc-ansible-server/Chart.yaml index 6bdd1ecaef..6daa29ca4f 100644 --- a/kubernetes/appc/components/appc-ansible-server/Chart.yaml +++ b/kubernetes/appc/components/appc-ansible-server/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP APPC Ansible Server name: appc-ansible-server -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/appc/components/appc-cdt/Chart.yaml b/kubernetes/appc/components/appc-cdt/Chart.yaml index 3cb22a4db6..faabb71acf 100644 --- a/kubernetes/appc/components/appc-cdt/Chart.yaml +++ b/kubernetes/appc/components/appc-cdt/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP APPC Self Service Controller Design Tool name: appc-cdt -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/cds/Chart.yaml b/kubernetes/cds/Chart.yaml index 2659767929..7115e9e39f 100644 --- a/kubernetes/cds/Chart.yaml +++ b/kubernetes/cds/Chart.yaml @@ -17,32 +17,32 @@ apiVersion: v2 description: ONAP Controller Design Studio (CDS) name: cds -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: cds-blueprints-processor - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/cds-blueprints-processor' condition: cds-blueprints-processor.enabled - name: cds-command-executor - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/cds-command-executor' condition: cds-command-executor.enabled - name: cds-py-executor - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/cds-py-executor' condition: cds-py-executor.enabled - name: cds-sdc-listener - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/cds-sdc-listener' condition: cds-sdc-listener.enabled - name: cds-ui - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/cds-ui' condition: cds-ui.enabled diff --git a/kubernetes/cds/components/cds-blueprints-processor/Chart.yaml b/kubernetes/cds/components/cds-blueprints-processor/Chart.yaml index 4374926e40..2002e5695b 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/Chart.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: ONAP CDS Blueprints Processor name: cds-blueprints-processor -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties b/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties index ea799e2119..2818fd99b4 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties +++ b/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties @@ -1,6 +1,6 @@ {{/* # -# Copyright (c) 2017-2019 AT&T, IBM, Bell Canada, Nordix Foundation. +# Copyright (c) 2017-2022 AT&T, IBM, Bell Canada, Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,7 +18,7 @@ ### START -Controller Blueprints Properties # Load Resource Source Mappings */}} -resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,sdnc=source-rest,aai-data=source-rest,capability=source-capability,rest=source-rest,vault-data=source-rest,script=source-capability +resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,sdnc=source-rest,aai-data=source-rest,capability=source-capability,rest=source-rest,vault-data=source-rest,script=source-capability,cps-data=source-rest # Blueprint Processor File Execution and Handling Properties blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy @@ -101,27 +101,90 @@ blueprintsprocessor.restclient.sdnc.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoG # AAI Data REST Client settings blueprintsprocessor.restclient.aai-data.type=basic-auth -blueprintsprocessor.restclient.aai-data.url=https://aai:8443 +{{ if ( include "common.needTLS" .) }} +blueprintsprocessor.restclient.aai-data.url=https://{{ .Values.global.aaiData.ServiceName }}:8443 +{{- else -}} +blueprintsprocessor.restclient.aai-data.url=http://{{ .Values.global.aaiData.ServiceName }}:{{ .Values.global.aaiData.ExternalPlainPort }} +{{- end }} blueprintsprocessor.restclient.aai-data.username=aai@aai.onap.org blueprintsprocessor.restclient.aai-data.password=demo123456! blueprintsprocessor.restclient.aai-data.additionalHeaders.X-TransactionId=cds-transaction-id blueprintsprocessor.restclient.aai-data.additionalHeaders.X-FromAppId=cds-app-id blueprintsprocessor.restclient.aai-data.additionalHeaders.Accept=application/json +# CPS Data +blueprintsprocessor.restclient.cps-data.type=basic-auth +blueprintsprocessor.restclient.cps-data.url=http://cps-core:8080 +blueprintsprocessor.restclient.cps-data.username=${CPS_USER} +blueprintsprocessor.restclient.cps-data.password=${CPS_PASS_PLAIN} +blueprintsprocessor.restclient.cps-data.additionalHeaders.Accept=application/json +blueprintsprocessor.restclient.cps-data.additionalHeaders.Content-Type=application/json + # Self Service Request Kafka Message Consumer -blueprintsprocessor.messageconsumer.self-service-api.kafkaEnable=false -blueprintsprocessor.messageconsumer.self-service-api.type=kafka-basic-auth -blueprintsprocessor.messageconsumer.self-service-api.bootstrapServers=message-router-kafka:9092 -blueprintsprocessor.messageconsumer.self-service-api.groupId=cds-consumer-group -blueprintsprocessor.messageconsumer.self-service-api.topic=cds-consumer -blueprintsprocessor.messageconsumer.self-service-api.clientId=cds-client -blueprintsprocessor.messageconsumer.self-service-api.pollMillSec=1000 +blueprintsprocessor.messageconsumer.self-service-api.kafkaEnable={{ .Values.kafkaRequestConsumer.enabled }} +blueprintsprocessor.messageconsumer.self-service-api.type={{ .Values.kafkaRequestConsumer.type }} +{{ if eq .Values.useStrimziKafka true }} +blueprintsprocessor.messageconsumer.self-service-api.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092 +{{- else -}} +blueprintsprocessor.messageconsumer.self-service-api.bootstrapServers={{ .Values.kafkaRequestConsumer.bootstrapServers }} +{{- end }} +blueprintsprocessor.messageconsumer.self-service-api.groupId={{ .Values.kafkaRequestConsumer.groupId }} +blueprintsprocessor.messageconsumer.self-service-api.topic={{ .Values.kafkaRequestConsumer.topic }} +blueprintsprocessor.messageconsumer.self-service-api.clientId={{ .Values.kafkaRequestConsumer.clientId }} +blueprintsprocessor.messageconsumer.self-service-api.pollMillSec={{ .Values.kafkaRequestConsumer.pollMillSec }} +{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }} +# SCRAM +blueprintsprocessor.messageconsumer.self-service-api.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }} +blueprintsprocessor.messageconsumer.self-service-api.scramPassword=${JAAS_PASS} +{{ end }} # Self Service Response Kafka Message Producer -blueprintsprocessor.messageproducer.self-service-api.bootstrapServers=message-router-kafka:9092 - -# Kafka Audit Service Configurations -blueprintsprocessor.messageproducer.self-service-api.audit.kafkaEnable=false +blueprintsprocessor.messageproducer.self-service-api.type={{ .Values.kafkaRequestProducer.type }} +{{ if eq .Values.useStrimziKafka true }} +blueprintsprocessor.messageproducer.self-service-api.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092 +{{- else -}} +blueprintsprocessor.messageproducer.self-service-api.bootstrapServers={{ .Values.kafkaRequestProducer.bootstrapServers }} +{{- end }} +blueprintsprocessor.messageproducer.self-service-api.clientId={{ .Values.kafkaRequestProducer.clientId }} +blueprintsprocessor.messageproducer.self-service-api.topic={{ .Values.kafkaRequestProducer.topic }} +{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }} +# SCRAM +blueprintsprocessor.messageproducer.self-service-api.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }} +blueprintsprocessor.messageproducer.self-service-api.scramPassword=${JAAS_PASS} +{{ end }} + +# AUDIT KAFKA FEATURE CONFIGURATION +# Audit feature dumps CDS request to a topic as well as a truncated response message to another topic. +## Audit request +blueprintsprocessor.messageproducer.self-service-api.audit.kafkaEnable={{ .Values.kafkaAuditRequest.enabled }} +blueprintsprocessor.messageproducer.self-service-api.audit.request.type={{ .Values.kafkaAuditRequest.type }} +{{ if eq .Values.useStrimziKafka true }} +blueprintsprocessor.messageproducer.self-service-api.audit.request.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092 +{{- else -}} +blueprintsprocessor.messageproducer.self-service-api.audit.request.bootstrapServers={{ .Values.kafkaAuditRequest.bootstrapServers }} +{{- end }} +blueprintsprocessor.messageproducer.self-service-api.audit.request.clientId={{ .Values.kafkaAuditRequest.clientId }} +blueprintsprocessor.messageproducer.self-service-api.audit.request.topic={{ .Values.kafkaAuditRequest.topic }} +{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }} +# SCRAM +blueprintsprocessor.messageproducer.self-service-api.audit.request.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }} +blueprintsprocessor.messageproducer.self-service-api.audit.request.scramPassword=${JAAS_PASS} +{{ end }} + +## Audit response +blueprintsprocessor.messageproducer.self-service-api.audit.response.type={{ .Values.kafkaAuditResponse.type }} +{{ if eq .Values.useStrimziKafka true }} +blueprintsprocessor.messageproducer.self-service-api.audit.response.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092 +{{- else -}} +blueprintsprocessor.messageproducer.self-service-api.audit.response.bootstrapServers={{ .Values.kafkaAuditRequest.bootstrapServers }} +{{- end }} +blueprintsprocessor.messageproducer.self-service-api.audit.response.clientId={{ .Values.kafkaAuditResponse.clientId }} +blueprintsprocessor.messageproducer.self-service-api.audit.response.topic={{ .Values.kafkaAuditResponse.topic }} +{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }} +# SCRAM +blueprintsprocessor.messageproducer.self-service-api.audit.response.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }} +blueprintsprocessor.messageproducer.self-service-api.audit.response.scramPassword=${JAAS_PASS} +{{ end }} # Executor Options blueprintsprocessor.resourceResolution.enabled=true @@ -132,10 +195,10 @@ blueprintsprocessor.remoteScriptCommand.enabled=true ## Enable py-executor blueprintsprocessor.streamingRemoteExecution.enabled=true -# Used in Health Check -blueprintsprocessor.messageproducer.self-service-api.type=kafka-basic-auth -blueprintsprocessor.messageproducer.self-service-api.clientId=cds-client -blueprintsprocessor.messageproducer.self-service-api.topic=cds-producer +## Used in Health Check +#blueprintsprocessor.messageproducer.self-service-api.type=kafka-basic-auth +#blueprintsprocessor.messageproducer.self-service-api.clientId=cds-client +#blueprintsprocessor.messageproducer.self-service-api.topic=cds-producer #Encrypted username and password for health check service @@ -143,7 +206,7 @@ endpoints.user.name=eHbVUbJAj4AG2522cSbrOQ== endpoints.user.password=eHbVUbJAj4AG2522cSbrOQ== #BaseUrls for health check blueprint processor services -blueprintprocessor.healthcheck.baseUrl=http://localhost:8080/ +blueprintprocessor.healthcheck.baseUrl=http://cds-blueprints-processor-http:8080/ blueprintprocessor.healthcheck.mapping-service-name-with-service-link=[Execution service,/api/v1/execution-service/health-check],[Resources service,/api/v1/resources/health-check],[Template service,/api/v1/template/health-check] #BaseUrls for health check Cds Listener services diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-topics.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-topics.yaml new file mode 100644 index 0000000000..555f4d4e60 --- /dev/null +++ b/kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-topics.yaml @@ -0,0 +1,68 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{ if eq .Values.useStrimziKafka true }} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: {{ .Values.kafkaRequestConsumer.topic }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + partitions: 10 + replicas: 2 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: {{ .Values.kafkaRequestProducer.topic }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + partitions: 10 + replicas: 2 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: {{ .Values.kafkaAuditRequest.topic }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + partitions: 10 + replicas: 2 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: {{ .Values.kafkaAuditResponse.topic }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + partitions: 10 + replicas: 2 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +{{ end }}
\ No newline at end of file diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-user.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-user.yaml new file mode 100644 index 0000000000..65ee1d2a96 --- /dev/null +++ b/kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-user.yaml @@ -0,0 +1,49 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{ if eq .Values.useStrimziKafka true }} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaUser +metadata: + name: {{ include "common.release" . }}-{{ .Values.cdsKafkaUser }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + authentication: + type: scram-sha-512 + authorization: + type: simple + acls: + - resource: + type: group + name: {{ .Values.kafkaRequestConsumer.groupId }} + operation: All + - resource: + type: topic + name: {{ .Values.kafkaRequestConsumer.topic }} + operation: All + - resource: + type: topic + name: {{ .Values.kafkaRequestProducer.topic }} + operation: All + - resource: + type: topic + name: {{ .Values.kafkaAuditRequest.topic }} + operation: All + - resource: + type: topic + name: {{ .Values.kafkaAuditResponse.topic }} + operation: All +{{ end }}
\ No newline at end of file diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml index d92f09a4c8..1e4f5e10a0 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml @@ -1,6 +1,7 @@ {{/* # Copyright (c) 2019 IBM, Bell Canada # Copyright (c) 2020 Samsung Electronics +# Modification Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -78,10 +79,6 @@ spec: args: - --container-name - cds-db - {{- if .Values.dmaapEnabled }} - - --container-name - - message-router - {{ end }} env: - name: NAMESPACE valueFrom: @@ -121,6 +118,14 @@ spec: fieldPath: metadata.name - name: CLUSTER_CONFIG_FILE value: {{ .Values.config.appConfigDir }}/hazelcast.yaml + - name: CPS_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "login") | indent 12 }} + - name: CPS_PASS_PLAIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "password") | indent 12 }} + {{ if .Values.useStrimziKafka }} + - name: JAAS_PASS + value: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-kafka-secret" "key" "password") | indent 12 }} + {{ end }} ports: - containerPort: {{ .Values.service.http.internalPort }} - containerPort: {{ .Values.service.grpc.internalPort }} diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/service.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/service.yaml index 5d2e438e1e..153740c553 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/templates/service.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/templates/service.yaml @@ -33,7 +33,7 @@ spec: {{- if eq .Values.service.http.type "NodePort"}} nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.http.nodePort }} {{- end}} - name: {{ .Values.service.http.portName | default "http" }} + name: {{ .Values.service.http.portName | default "http" }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} selector: app: {{ include "common.name" . }} release: {{ include "common.release" . }} diff --git a/kubernetes/cds/components/cds-blueprints-processor/values.yaml b/kubernetes/cds/components/cds-blueprints-processor/values.yaml index a5180c53c6..023bf4917b 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/values.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/values.yaml @@ -1,5 +1,6 @@ # Copyright (c) 2019 IBM, Bell Canada # Copyright (c) 2020 Samsung Electronics +# Modification Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -27,10 +28,17 @@ global: persistence: mountPath: /dockerdata-nfs - #This configuration specifies Service and port for SDNC OAM interface + # This configuration specifies Service and port for SDNC OAM interface sdncOamService: sdnc-oam sdncOamPort: 8282 + # This concerns CDS/AAI communication through HTTP when TLS is not being needed + # Port value should match the one in aai/values.yml : service.externalPlainPort + aaiData: + ExternalPlainPort: 80 # when TLS is not needed + ServiceName: aai # domain + # http://aai:80 or https://aai:443 + #AAF is enabled by default #aafEnabled: true @@ -57,6 +65,19 @@ secrets: externalSecret: '{{ tpl (default "" .Values.config.sdncDB.dbRootPassExternalSecret) . }}' password: '{{ .Values.config.sdncDB.dbRootPass }}' passwordPolicy: required + - uid: cds-kafka-secret + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: password + value: '{{ .Values.config.someConfig }}' + policy: generate + - uid: cps-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.cps.cpsUserExternalSecret) . }}' + login: '{{ .Values.config.cps.cpsUsername }}' + password: '{{ .Values.config.cps.cpsPassword }}' + passwordPolicy: required ################################################################# # AAF part @@ -100,7 +121,7 @@ config: dbService: mariadb-galera dbPort: 3306 dbName: sdnctl - #dbRootPass: Custom root password + # dbRootPass: Custom root password dbRootPassExternalSecret: '{{ include "common.mariadb.secret.rootPassSecretName" ( dict "dot" . "chartName" .Values.config.sdncDB.dbService ) }}' cdsDB: dbServer: cds-db @@ -111,6 +132,11 @@ config: # dbCredsExternalSecret: <some secret name> # dbRootPassword: password # dbRootPassExternalSecret + someConfig: blah + cps: + cpsUsername: '' + cpsPassword: '' + cpsUserExternalSecret: '{{ include "common.release" . }}-cps-core-app-user-creds' # default number of instances replicaCount: 1 @@ -119,10 +145,40 @@ nodeSelector: {} affinity: {} -# flag for kafka-listener dependency. Set to true if you are using message-router otherwise set to false if you are using -# custom kafka cluster. -dmaapEnabled: true +# If useStrimziKafka is true, the following also applies: +# strimzi will create an associated kafka user and the topics defined for Request and Audit elements below. +# The connection type must be kafka-scram-plain-text-auth +# The bootstrapServers will target the strimzi kafka cluster by default +useStrimziKafka: false +cdsKafkaUser: cds-kafka-user +kafkaRequestConsumer: + enabled: false + type: kafka-scram-plain-text-auth + bootstrapServers: host:port + groupId: cds-consumer + topic: cds.blueprint-processor.self-service-api.request + clientId: request-receiver-client-id + pollMillSec: 1000 +kafkaRequestProducer: + type: kafka-scram-plain-text-auth + bootstrapServers: host:port + clientId: request-producer-client-id + topic: cds.blueprint-processor.self-service-api.response + enableIdempotence: false +kafkaAuditRequest: + enabled: false + type: kafka-scram-plain-text-auth + bootstrapServers: host:port + clientId: audit-request-producer-client-id + topic: cds.blueprint-processor.self-service-api.audit.request + enableIdempotence: false +kafkaAuditResponse: + type: kafka-scram-plain-text-auth + bootstrapServers: host:port + clientId: audit-response-producer-client-id + topic: cds.blueprint-processor.self-service-api.audit.response + enableIdempotence: false # probe configuration parameters startup: @@ -131,12 +187,12 @@ startup: periodSeconds: 10 liveness: - initialDelaySeconds: 0 + initialDelaySeconds: 1 periodSeconds: 20 - timeoutSeconds: 20 + timeoutSeconds: 30 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container - enabled: true + enabled: false readiness: initialDelaySeconds: 120 @@ -146,17 +202,17 @@ readiness: service: http: type: ClusterIP - portName: blueprints-processor-http + portName: http internalPort: 8080 externalPort: 8080 grpc: type: ClusterIP - portName: blueprints-processor-grpc + portName: grpc internalPort: 9111 externalPort: 9111 cluster: type: ClusterIP - portName: blueprints-processor-cluster + portName: tcp-cluster internalPort: 5701 externalPort: 5701 @@ -184,8 +240,8 @@ ingress: - baseaddr: "blueprintsprocessorhttp" name: "cds-blueprints-processor-http" port: 8080 - config: - ssl: "none" + config: + ssl: "none" logback: rootLogLevel: INFO diff --git a/kubernetes/cds/components/cds-command-executor/Chart.yaml b/kubernetes/cds/components/cds-command-executor/Chart.yaml index e6b87930e3..6749d8d9e8 100755 --- a/kubernetes/cds/components/cds-command-executor/Chart.yaml +++ b/kubernetes/cds/components/cds-command-executor/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP CDS Command Executor name: cds-command-executor -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/cds/components/cds-command-executor/values.yaml b/kubernetes/cds/components/cds-command-executor/values.yaml index b0c1e35cba..e2511401f3 100755 --- a/kubernetes/cds/components/cds-command-executor/values.yaml +++ b/kubernetes/cds/components/cds-command-executor/values.yaml @@ -63,11 +63,11 @@ readiness: service: type: ClusterIP grpc: - portName: command-executor-grpc + portName: grpc internalPort: 50051 externalPort: 50051 metrics: - portName: command-executor-metrics + portName: tcp-metrics internalPort: 10005 externalPort: 10005 @@ -105,7 +105,7 @@ serviceAccount: metrics: serviceMonitor: enabled: false - port: command-executor-metrics + port: tcp-metrics path: /actuator/prometheus basicAuth: enabled: false diff --git a/kubernetes/cds/components/cds-py-executor/Chart.yaml b/kubernetes/cds/components/cds-py-executor/Chart.yaml index 702d183555..cf09b56b96 100755 --- a/kubernetes/cds/components/cds-py-executor/Chart.yaml +++ b/kubernetes/cds/components/cds-py-executor/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP CDS Py Executor name: cds-py-executor -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/cds/components/cds-py-executor/values.yaml b/kubernetes/cds/components/cds-py-executor/values.yaml index 9dc4a3181e..a1eb0a0818 100755 --- a/kubernetes/cds/components/cds-py-executor/values.yaml +++ b/kubernetes/cds/components/cds-py-executor/values.yaml @@ -60,9 +60,9 @@ service: type: ClusterIP ports: - port: 50052 - name: executor-grpc + name: grpc-executor - port: 50053 - name: manager-grpc + name: grpc-manager secrets: - uid: api-credentials diff --git a/kubernetes/cds/components/cds-sdc-listener/Chart.yaml b/kubernetes/cds/components/cds-sdc-listener/Chart.yaml index 3c547b9c76..14cd147255 100755 --- a/kubernetes/cds/components/cds-sdc-listener/Chart.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP CDS SDC listener microservice name: cds-sdc-listener -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml b/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml index 7ef5959a1b..3710f5f510 100644 --- a/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml @@ -1,6 +1,6 @@ listenerservice: config: - asdcAddress: sdc-be.{{include "common.namespace" .}}:8443 #SDC-BE + asdcAddress: sdc-be.{{include "common.namespace" .}}:{{ (eq "true" (include "common.needTLS" .)) | ternary 8443 8080 }} #SDC-BE messageBusAddress: message-router.{{include "common.namespace" .}} #Message-Router user: cds #SDC-username password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U #SDC-password @@ -14,7 +14,7 @@ listenerservice: keyStorePath: activateServerTLSAuth : false isUseHttpsWithDmaap: false - isUseHttpsWithSDC: true + isUseHttpsWithSDC: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }} archivePath: /opt/app/onap/sdc-listener/ grpcAddress: cds-blueprints-processor-grpc grpcPort: 9111 @@ -24,14 +24,11 @@ listenerservice: httpsProxyPort: 0 httpProxyPort: 0 - - cdslistener: healthcheck: baseUrl: http://localhost:9000/ mapping-service-name-with-service-link: "[SDC Listener service,/api/v1/sdclistener/healthcheck]" - management: endpoint: health: diff --git a/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml b/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml index 4ac847005e..3a6d76165b 100644 --- a/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml @@ -63,18 +63,19 @@ spec: value: {{ .Values.config.appConfigDir }} ports: - containerPort: {{ .Values.service.http.internalPort }} + name: {{ .Values.service.http.portName }} {{ if .Values.liveness.enabled }} livenessProbe: httpGet: path: /api/v1/sdclistener/healthcheck - port: {{ .Values.service.http.internalPort }} + port: {{ .Values.service.http.portName }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{end}} readinessProbe: httpGet: path: /api/v1/sdclistener/healthcheck - port: {{ .Values.service.http.internalPort }} + port: {{ .Values.service.http.portName }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: diff --git a/kubernetes/cds/components/cds-sdc-listener/templates/service.yaml b/kubernetes/cds/components/cds-sdc-listener/templates/service.yaml index af837f2b3a..42bd2b33e9 100644 --- a/kubernetes/cds/components/cds-sdc-listener/templates/service.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/templates/service.yaml @@ -31,7 +31,7 @@ spec: {{- if eq .Values.service.type "NodePort"}} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} {{- end}} - name: {{ .Values.service.http.portName | default "http" }} + name: {{ .Values.service.http.portName | default "http" }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} selector: app: {{ include "common.name" . }} release: {{ include "common.release" . }} diff --git a/kubernetes/cds/components/cds-sdc-listener/values.yaml b/kubernetes/cds/components/cds-sdc-listener/values.yaml index ac1e3b4dde..1499ad5b04 100644 --- a/kubernetes/cds/components/cds-sdc-listener/values.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/values.yaml @@ -62,7 +62,7 @@ readiness: service: type: ClusterIP http: - portName: cds-sdc-listener-http + portName: http internalPort: 8080 externalPort: 8080 diff --git a/kubernetes/cds/components/cds-ui/Chart.yaml b/kubernetes/cds/components/cds-ui/Chart.yaml index e220b0ceab..c356a0f9b0 100644 --- a/kubernetes/cds/components/cds-ui/Chart.yaml +++ b/kubernetes/cds/components/cds-ui/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: ONAP CDS UI name: cds-ui -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/cds/components/cds-ui/values.yaml b/kubernetes/cds/components/cds-ui/values.yaml index 05f766e186..14fc014920 100644 --- a/kubernetes/cds/components/cds-ui/values.yaml +++ b/kubernetes/cds/components/cds-ui/values.yaml @@ -105,8 +105,8 @@ ingress: - baseaddr: "cdsui" name: "cds-ui" port: 3000 - config: - ssl: "redirect" + config: + ssl: "redirect" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/cds/values.yaml b/kubernetes/cds/values.yaml index edac066f6f..58e6b65c6f 100644 --- a/kubernetes/cds/values.yaml +++ b/kubernetes/cds/values.yaml @@ -1,6 +1,7 @@ # Copyright © 2020 Samsung Electronics # Copyright © 2019 Orange, Bell Canada # Copyright © 2017 Amdocs, Bell Canada +# Modification Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -22,6 +23,7 @@ global: nodePortPrefixExt: 304 persistence: mountPath: /dockerdata-nfs + cdsKafkaUser: cds-kafka-user ################################################################# # Secrets metaconfig @@ -212,6 +214,7 @@ cds-blueprints-processor: dbPort: 3306 dbName: *mysqlDbName dbCredsExternalSecret: *dbUserSecretName + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.kafkaUser }}' cds-command-executor: enabled: true diff --git a/kubernetes/cli/Chart.yaml b/kubernetes/cli/Chart.yaml index 3f91203c1d..1432f750f5 100644 --- a/kubernetes/cli/Chart.yaml +++ b/kubernetes/cli/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 description: ONAP Command Line Interface name: cli -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/cli/values.yaml b/kubernetes/cli/values.yaml index 28d227645a..58c649c326 100644 --- a/kubernetes/cli/values.yaml +++ b/kubernetes/cli/values.yaml @@ -90,9 +90,9 @@ service: type: NodePort name: cli externalPort: 443 - externalPort1: 9090 + externalPort1: 9443 internalPort: "443" - internalPort1: 9090 + internalPort1: 9443 nodePort: "60" nodePort1: "71" @@ -104,7 +104,7 @@ ingress: port: 443 - baseaddr: "cli2.api" name: cli - port: 9090 + port: 9443 config: ssl: "redirect" diff --git a/kubernetes/common/cassandra/Chart.yaml b/kubernetes/common/cassandra/Chart.yaml index f2f7ffa6a2..8095acbddd 100644 --- a/kubernetes/common/cassandra/Chart.yaml +++ b/kubernetes/common/cassandra/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: ONAP cassandra name: cassandra -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../serviceAccount' diff --git a/kubernetes/common/cassandra/values.yaml b/kubernetes/common/cassandra/values.yaml index 597174ee0a..7d017f266b 100644 --- a/kubernetes/common/cassandra/values.yaml +++ b/kubernetes/common/cassandra/values.yaml @@ -99,7 +99,11 @@ service: - name: tcp-agent port: 61621 -podAnnotations: {} +podAnnotations: + # sidecar.istio.io/inject: "false" + traffic.sidecar.istio.io/excludeInboundPorts: "7000,7001" + traffic.sidecar.istio.io/includeInboundPorts: '*' + traffic.sidecar.istio.io/excludeOutboundPorts: "7000,7001" podManagementPolicy: OrderedReady updateStrategy: type: RollingUpdate diff --git a/kubernetes/common/cert-wrapper/Chart.yaml b/kubernetes/common/cert-wrapper/Chart.yaml index 550de8d618..fbafd9a4f8 100644 --- a/kubernetes/common/cert-wrapper/Chart.yaml +++ b/kubernetes/common/cert-wrapper/Chart.yaml @@ -17,9 +17,9 @@ apiVersion: v2 description: Wrapper chart to allow truststore to be shared among cert-initializer instances name: cert-wrapper -version: 10.0.0 +version: 11.0.0 dependencies: - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../certInitializer' diff --git a/kubernetes/common/certInitializer/Chart.yaml b/kubernetes/common/certInitializer/Chart.yaml index 0f62dc7ae8..f083bf8f53 100644 --- a/kubernetes/common/certInitializer/Chart.yaml +++ b/kubernetes/common/certInitializer/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: Template used to obtain certificates in onap name: certInitializer -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../readinessCheck' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' diff --git a/kubernetes/common/certManagerCertificate/Chart.yaml b/kubernetes/common/certManagerCertificate/Chart.yaml index 807b90d4c2..b65f9f38fd 100644 --- a/kubernetes/common/certManagerCertificate/Chart.yaml +++ b/kubernetes/common/certManagerCertificate/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 name: certManagerCertificate description: A Helm chart for Cert-Manager Certificate CRD template -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: cmpv2Config - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../cmpv2Config' diff --git a/kubernetes/common/cmpv2Config/Chart.yaml b/kubernetes/common/cmpv2Config/Chart.yaml index 5210061426..7689e08d97 100644 --- a/kubernetes/common/cmpv2Config/Chart.yaml +++ b/kubernetes/common/cmpv2Config/Chart.yaml @@ -17,9 +17,9 @@ apiVersion: v2 description: Template used to store cmpv2 configuration in onap name: cmpv2Config -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' diff --git a/kubernetes/common/common/Chart.yaml b/kubernetes/common/common/Chart.yaml index 15a3f721c3..aeb07eeb15 100644 --- a/kubernetes/common/common/Chart.yaml +++ b/kubernetes/common/common/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v2 description: Common templates for inclusion in other charts name: common -version: 10.0.0 +version: 11.0.0 diff --git a/kubernetes/common/common/templates/_dmaapProvisioning.tpl b/kubernetes/common/common/templates/_dmaapProvisioning.tpl index eefd00d7bf..11d7501256 100644 --- a/kubernetes/common/common/templates/_dmaapProvisioning.tpl +++ b/kubernetes/common/common/templates/_dmaapProvisioning.tpl @@ -1,6 +1,7 @@ {{/* ################################################################################ # Copyright (C) 2021 Nordix Foundation. # +# Copyright (c) 2022 J. F. Lucas. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. # @@ -18,14 +19,14 @@ {{/* This template generates a Kubernetes init containers common template to enable applications to provision - DMaaP topics (on Message Router) and feeds (on Data Router), with associated authorization (on AAF). + DMaaP feeds (on Data Router), with associated authorization. DMaap Bus Controller endpoints are used to provision: - - Authorized topic on MR, and to create and grant permission for publishers and subscribers. + - Feed on DR, with associated user authentication. common.dmaap.provisioning.initContainer: This template make use of Dmaap Bus Controller docker image to create resources on Dmaap Data Router - microservice, with the help of dbc-client.sh script it makes use of Bus Controller API to create Feed, Topics. + microservice, with the help of dbc-client.sh script it makes use of Bus Controller API to create Feeds. If the resource creation is successful via script response is logged back at particular location with appropriate naming convention. @@ -57,20 +58,7 @@ privilegedSubscriber: True deliveryURL: https://dcae-pm-mapper:8443/delivery - # MessageRouter Topic, Publisher Configuration - mrTopicsConfig: - - topicName: PERFORMANCE_MEASUREMENTS - topicDescription: Description about Topic - owner: dcaecm - tnxEnabled: false - clients: - - dcaeLocationName: san-francisco - clientRole: org.onap.dcae.pmPublisher - action: - - pub - - view - - # ConfigMap Configuration for DR Feed, Dr_Publisher, Dr_Subscriber, MR Topics + # ConfigMap Configuration for DR Feed, Dr_Publisher, Dr_Subscriber volumes: - name: feeds-config path: /opt/app/config/feeds @@ -78,8 +66,6 @@ path: /opt/app/config/dr_pubs - name: drsub-config path: /opt/app/config/dr_subs - - name: topics-config - path: /opt/app/config/topics In deployments/jobs/stateful include: initContainers: @@ -113,8 +99,7 @@ {{- define "common.dmaap.provisioning.initContainer" -}} {{- $dot := default . .dot -}} {{- $drFeedConfig := default $dot.Values.drFeedConfig .drFeedConfig -}} -{{- $mrTopicsConfig := default $dot.Values.mrTopicsConfig .mrTopicsConfig -}} -{{- if or $drFeedConfig $mrTopicsConfig -}} +{{- if $drFeedConfig -}} - name: {{ include "common.name" $dot }}-init-dmaap-provisioning image: {{ include "repositoryGenerator.image.dbcClient" $dot }} imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }} diff --git a/kubernetes/common/common/templates/_kafkaNodes.tpl b/kubernetes/common/common/templates/_kafkaNodes.tpl deleted file mode 100644 index f428b58d63..0000000000 --- a/kubernetes/common/common/templates/_kafkaNodes.tpl +++ /dev/null @@ -1,34 +0,0 @@ -{{/* -# Copyright © 2021 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} -{{/* - Generate comma separated list of kafka or zookeper nodes to reuse in message router charts. - How to use: - - zookeeper servers list: {{ include "common.kafkaNodes" (dict "dot" . "replicaCount" (index .Values "message-router-zookeeper" "replicaCount") "componentName" .Values.zookeeper.name "port" .Values.zookeeper.port ) }} - kafka servers list: {{ include "common.kafkaNodes" (dict "dot" . "replicaCount" (index .Values "message-router-kafka" "replicaCount") "componentName" .Values.kafka.name "port" .Values.kafka.port ) }} - -*/}} -{{- define "common.kafkaNodes" -}} -{{- $dot := .dot -}} -{{- $replicaCount := .replicaCount -}} -{{- $componentName := .componentName -}} -{{- $port := .port -}} -{{- $kafkaNodes := list -}} -{{- range $i, $e := until (int $replicaCount) -}} -{{- $kafkaNodes = print (include "common.release" $dot) "-" $componentName "-" $i "." $componentName "." (include "common.namespace" $dot) ".svc.cluster.local:" $port | append $kafkaNodes -}} -{{- end -}} -{{- $kafkaNodes | join "," -}} -{{- end -}} diff --git a/kubernetes/common/common/templates/_serviceMonitor.tpl b/kubernetes/common/common/templates/_serviceMonitor.tpl index 81d7a74578..907d9c6a9c 100644 --- a/kubernetes/common/common/templates/_serviceMonitor.tpl +++ b/kubernetes/common/common/templates/_serviceMonitor.tpl @@ -135,7 +135,7 @@ spec: {{- else if $dot.Values.metrics.serviceMonitor.targetPort }} targetPort: {{ $dot.Values.metrics.serviceMonitor.targetPort }} {{- else }} - port: metrics + port: tcp-metrics {{- end }} {{- if $dot.Values.metrics.serviceMonitor.isHttps }} scheme: https diff --git a/kubernetes/common/dgbuilder/Chart.yaml b/kubernetes/common/dgbuilder/Chart.yaml index 54106955fd..1a1b8e2d86 100644 --- a/kubernetes/common/dgbuilder/Chart.yaml +++ b/kubernetes/common/dgbuilder/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: D.G. Builder application name: dgbuilder -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../serviceAccount' diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml index 9257dc89f9..ddad8d7360 100644 --- a/kubernetes/common/dgbuilder/values.yaml +++ b/kubernetes/common/dgbuilder/values.yaml @@ -69,7 +69,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-dgbuilder-image:1.3.1 +image: onap/ccsdk-dgbuilder-image:1.3.4 pullPolicy: Always # flag to enable debugging - application support required @@ -130,7 +130,7 @@ readiness: service: type: NodePort name: dgbuilder - portName: dgbuilder + portName: http externalPort: 3000 internalPort: 3100 nodePort: 28 diff --git a/kubernetes/common/elasticsearch/Chart.yaml b/kubernetes/common/elasticsearch/Chart.yaml index 6f6df2247d..cd187ffdbd 100644 --- a/kubernetes/common/elasticsearch/Chart.yaml +++ b/kubernetes/common/elasticsearch/Chart.yaml @@ -18,26 +18,26 @@ apiVersion: v2 description: ONAP elasticsearch name: elasticsearch -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: master - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/master' - name: data - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/data' condition: elasticsearch.data.enabled,data.enabled - name: curator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/curator' condition: elasticsearch.curator.enabled,curator.enabled - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../certInitializer' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' diff --git a/kubernetes/common/elasticsearch/components/curator/Chart.yaml b/kubernetes/common/elasticsearch/components/curator/Chart.yaml index b1e80f034c..21017c4999 100644 --- a/kubernetes/common/elasticsearch/components/curator/Chart.yaml +++ b/kubernetes/common/elasticsearch/components/curator/Chart.yaml @@ -18,12 +18,12 @@ apiVersion: v2 description: ONAP elasticsearch curator name: curator -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../repositoryGenerator'
\ No newline at end of file diff --git a/kubernetes/common/elasticsearch/components/data/Chart.yaml b/kubernetes/common/elasticsearch/components/data/Chart.yaml index fc5d402a95..fc890719cb 100644 --- a/kubernetes/common/elasticsearch/components/data/Chart.yaml +++ b/kubernetes/common/elasticsearch/components/data/Chart.yaml @@ -18,12 +18,12 @@ apiVersion: v2 description: ONAP elasticsearch data name: data -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../repositoryGenerator' diff --git a/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml b/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml index ea805c1813..a7278ba104 100644 --- a/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml +++ b/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml @@ -111,6 +111,12 @@ spec: value: "yes" - name: ELASTICSEARCH_NODE_TYPE value: "data" + - name: network.bind_host + value: 127.0.0.1 + - name: network.publish_host + valueFrom: + fieldRef: + fieldPath: status.podIP ports: {{- include "common.containerPorts" . |indent 12 }} {{- if .Values.livenessProbe.enabled }} livenessProbe: diff --git a/kubernetes/common/elasticsearch/components/data/values.yaml b/kubernetes/common/elasticsearch/components/data/values.yaml index 1328a20439..1dc9ab8588 100644 --- a/kubernetes/common/elasticsearch/components/data/values.yaml +++ b/kubernetes/common/elasticsearch/components/data/values.yaml @@ -47,7 +47,7 @@ replicaCount: 0 service: ## list of ports for "common.containerPorts" ports: - - name: http-transport + - name: tcp-transport port: 9300 image: bitnami/elasticsearch:7.9.3 diff --git a/kubernetes/common/elasticsearch/components/master/Chart.yaml b/kubernetes/common/elasticsearch/components/master/Chart.yaml index 01ee8f3c20..43fe42f62b 100644 --- a/kubernetes/common/elasticsearch/components/master/Chart.yaml +++ b/kubernetes/common/elasticsearch/components/master/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP elasticsearch master name: master -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../repositoryGenerator' diff --git a/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml b/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml index a35b4bf741..85ea2bbc54 100644 --- a/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml +++ b/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml @@ -115,6 +115,12 @@ spec: value: {{ .Values.dedicatednode | quote }} - name: ELASTICSEARCH_NODE_TYPE value: "master" + - name: network.bind_host + value: 127.0.0.1 + - name: network.publish_host + valueFrom: + fieldRef: + fieldPath: status.podIP ports: {{- include "common.containerPorts" . |indent 12 }} {{- if .Values.livenessProbe.enabled }} livenessProbe: diff --git a/kubernetes/common/elasticsearch/components/master/values.yaml b/kubernetes/common/elasticsearch/components/master/values.yaml index 33804494e9..2eae0de4c0 100644 --- a/kubernetes/common/elasticsearch/components/master/values.yaml +++ b/kubernetes/common/elasticsearch/components/master/values.yaml @@ -170,7 +170,7 @@ service: ## list of ports for "common.containerPorts" ## Elasticsearch transport port ports: - - name: http-transport + - name: tcp-transport port: 9300 ## master-eligible service type ## diff --git a/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml b/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml index 22de4dbf37..05e09cb696 100644 --- a/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml +++ b/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml @@ -113,6 +113,12 @@ spec: value: "coordinating" - name: ELASTICSEARCH_PORT_NUMBER value: "9000" + - name: network.bind_host + value: 127.0.0.1 + - name: network.publish_host + valueFrom: + fieldRef: + fieldPath: status.podIP {{/*ports: {{- include "common.containerPorts" . | indent 12 -}} */}} {{- if .Values.livenessProbe.enabled }} livenessProbe: diff --git a/kubernetes/common/elasticsearch/values.yaml b/kubernetes/common/elasticsearch/values.yaml index a3f15645a3..6c46f32c96 100644 --- a/kubernetes/common/elasticsearch/values.yaml +++ b/kubernetes/common/elasticsearch/values.yaml @@ -148,7 +148,7 @@ nginx: service: name: nginx ports: - - name: elasticsearch + - name: http-es port: 8080 ## Custom server block to be added to NGINX configuration ## PHP-FPM example server block: @@ -230,7 +230,7 @@ service: ## type: ClusterIP headlessPorts: - - name: http-transport + - name: tcp-transport port: 9300 headless: suffix: discovery @@ -240,7 +240,7 @@ service: ## Elasticsearch tREST API port ## ports: - - name: elasticsearch + - name: http-es port: 9200 diff --git a/kubernetes/common/etcd-init/Chart.yaml b/kubernetes/common/etcd-init/Chart.yaml index 7f1e89e433..b4c36c368e 100644 --- a/kubernetes/common/etcd-init/Chart.yaml +++ b/kubernetes/common/etcd-init/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: Chart for etcd init job name: etcd-init -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator'
\ No newline at end of file diff --git a/kubernetes/common/etcd-init/templates/job.yaml b/kubernetes/common/etcd-init/templates/job.yaml index 69bcfaaf99..9d7dcc26da 100644 --- a/kubernetes/common/etcd-init/templates/job.yaml +++ b/kubernetes/common/etcd-init/templates/job.yaml @@ -55,6 +55,8 @@ spec: - /bin/sh - -ec - | + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} # Create users export ETCDCTL_ENDPOINTS=http://${ETCD_HOST}:${ETCD_PORT} export ETCDCTL_API=3 @@ -89,6 +91,7 @@ spec: name: localtime readOnly: true resources: {{ include "common.resources" . | nindent 12 }} + {{ include "common.waitForJobContainer" . | indent 6 | trim }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} {{- end -}} diff --git a/kubernetes/common/etcd-init/values.yaml b/kubernetes/common/etcd-init/values.yaml index c99c9f1e5b..6ccfb3e5d7 100644 --- a/kubernetes/common/etcd-init/values.yaml +++ b/kubernetes/common/etcd-init/values.yaml @@ -72,3 +72,7 @@ resources: cpu: 20m memory: 20Mi unlimited: {} + +wait_for_job_container: + containers: + - '{{ include "common.name" . }}' diff --git a/kubernetes/common/etcd/Chart.yaml b/kubernetes/common/etcd/Chart.yaml index 9bc3702501..44649199fa 100644 --- a/kubernetes/common/etcd/Chart.yaml +++ b/kubernetes/common/etcd/Chart.yaml @@ -17,7 +17,7 @@ apiVersion: v2 name: etcd home: https://github.com/coreos/etcd -version: 10.0.0 +version: 11.0.0 appVersion: 2.2.5 description: Distributed reliable key-value store for the most critical data of a distributed system. @@ -27,8 +27,8 @@ sources: dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' diff --git a/kubernetes/common/logConfiguration/Chart.yaml b/kubernetes/common/logConfiguration/Chart.yaml index 3bdad3d339..5b9286ddb8 100644 --- a/kubernetes/common/logConfiguration/Chart.yaml +++ b/kubernetes/common/logConfiguration/Chart.yaml @@ -17,9 +17,9 @@ apiVersion: v2 description: Template used to create same STDOUT log configuration name: logConfiguration -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' diff --git a/kubernetes/common/mariadb-galera/Chart.yaml b/kubernetes/common/mariadb-galera/Chart.yaml index c255227262..ddbaacca40 100644 --- a/kubernetes/common/mariadb-galera/Chart.yaml +++ b/kubernetes/common/mariadb-galera/Chart.yaml @@ -18,7 +18,7 @@ apiVersion: v2 description: Chart for MariaDB Galera cluster name: mariadb-galera -version: 10.0.0 +version: 11.0.0 keywords: - mariadb - mysql @@ -29,14 +29,14 @@ keywords: dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../readinessCheck' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../serviceAccount'
\ No newline at end of file diff --git a/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml b/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml index e71351e9cb..841aab3e17 100644 --- a/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml +++ b/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml @@ -27,8 +27,8 @@ metadata: spec: type: {{ .Values.metrics.service.type }} ports: - - name: metrics + - name: tcp-metrics port: {{ .Values.metrics.service.port }} - targetPort: metrics + targetPort: tcp-metrics selector: {{- include "common.matchLabels" . | nindent 4 }} {{- end }} diff --git a/kubernetes/common/mariadb-galera/templates/service.yaml b/kubernetes/common/mariadb-galera/templates/service.yaml index 75aff985e5..9b4c05ef70 100644 --- a/kubernetes/common/mariadb-galera/templates/service.yaml +++ b/kubernetes/common/mariadb-galera/templates/service.yaml @@ -18,3 +18,20 @@ {{ include "common.service" . }} --- {{ include "common.headlessService" . }} +{{- if (include "common.onServiceMesh" .) }} +{{- if eq (default "istio" .Values.global.serviceMesh.engine) "istio" }} +--- +apiVersion: security.istio.io/v1beta1 +kind: PeerAuthentication +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "common.servicename" . }} + portLevelMtls: + {{ .Values.service.internalPort }}: + mode: DISABLE +{{- end}} +{{- end}} diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml index 22832c936d..c95b572465 100644 --- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml +++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml @@ -197,12 +197,12 @@ spec: - | DATA_SOURCE_NAME="$MARIADB_ROOT_USER:$MARIADB_ROOT_PASSWORD@(localhost:3306)/" /bin/mysqld_exporter $MARIADB_METRICS_EXTRA_FLAGS ports: - - name: metrics + - name: tcp-metrics containerPort: 9104 livenessProbe: httpGet: path: /metrics - port: metrics + port: tcp-metrics initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }} @@ -211,7 +211,7 @@ spec: readinessProbe: httpGet: path: /metrics - port: metrics + port: tcp-metrics initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }} diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index 112b8c0618..e9fe577233 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -50,7 +50,7 @@ global: clusterDomain: cluster.local metrics: {} -image: bitnami/mariadb-galera:10.6.5-debian-10-r28 +image: bitnami/mariadb-galera:10.5.8 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images @@ -89,14 +89,14 @@ service: headless: {} internalPort: &dbPort 3306 ports: - - name: mysql + - name: tcp-mysql port: *dbPort headlessPorts: - - name: galera + - name: tcp-galera port: 4567 - - name: ist + - name: tcp-ist port: 4568 - - name: sst + - name: tcp-sst port: 4444 @@ -380,8 +380,13 @@ updateStrategy: ## Additional pod annotations for MariaDB Galera pods ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +## -> here required to enable mariadb-galera in istio ## -podAnnotations: {} +podAnnotations: + # sidecar.istio.io/inject: "false" + traffic.sidecar.istio.io/excludeInboundPorts: "4444,4567,4568" + traffic.sidecar.istio.io/includeInboundPorts: '*' + traffic.sidecar.istio.io/excludeOutboundPorts: "4444,4567,4568" ## Pod affinity preset ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity @@ -504,14 +509,14 @@ livenessProbe: enabled: true initialDelaySeconds: 1 periodSeconds: 10 - timeoutSeconds: 1 + timeoutSeconds: 180 successThreshold: 1 failureThreshold: 3 readinessProbe: enabled: true initialDelaySeconds: 1 periodSeconds: 10 - timeoutSeconds: 1 + timeoutSeconds: 180 successThreshold: 1 failureThreshold: 3 startupProbe: @@ -520,7 +525,7 @@ startupProbe: enabled: true initialDelaySeconds: 10 periodSeconds: 10 - timeoutSeconds: 1 + timeoutSeconds: 180 successThreshold: 1 # will wait up for initialDelaySeconds + failureThreshold*periodSeconds before # stating startup wasn't good (910s per default) @@ -644,7 +649,7 @@ metrics: release: prometheus ## Rules as a map. - rules: {} + rules: [] # - alert: MariaDB-Down # annotations: # message: 'MariaDB instance {{ $labels.instance }} is down' diff --git a/kubernetes/common/mariadb-init/Chart.yaml b/kubernetes/common/mariadb-init/Chart.yaml index ab8110fde7..b9fa78f814 100644 --- a/kubernetes/common/mariadb-init/Chart.yaml +++ b/kubernetes/common/mariadb-init/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: Chart for MariaDB Galera init job name: mariadb-init -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator'
\ No newline at end of file diff --git a/kubernetes/common/mariadb-init/templates/job.yaml b/kubernetes/common/mariadb-init/templates/job.yaml index 96d1dc54a4..e911d46d12 100644 --- a/kubernetes/common/mariadb-init/templates/job.yaml +++ b/kubernetes/common/mariadb-init/templates/job.yaml @@ -59,6 +59,8 @@ spec: - /bin/sh - -c - | + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} /db_init/db_init.sh {{ if or .Values.dbScriptConfigMap .Values.dbScript }} && /db_config/db_cmd.sh{{ end }} env: @@ -91,6 +93,7 @@ spec: {{- end }} resources: {{ include "common.resources" . | indent 12 }} + {{ include "common.waitForJobContainer" . | indent 6 | trim }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/common/mariadb-init/values.yaml b/kubernetes/common/mariadb-init/values.yaml index b2c0a05e46..9104dd84d6 100644 --- a/kubernetes/common/mariadb-init/values.yaml +++ b/kubernetes/common/mariadb-init/values.yaml @@ -117,3 +117,7 @@ resources: cpu: 20m memory: 20Mi unlimited: {} + +wait_for_job_container: + containers: + - '{{ include "common.name" . }}' diff --git a/kubernetes/common/mongo/Chart.yaml b/kubernetes/common/mongo/Chart.yaml index 5a97afed4e..229da3530f 100644 --- a/kubernetes/common/mongo/Chart.yaml +++ b/kubernetes/common/mongo/Chart.yaml @@ -16,12 +16,12 @@ apiVersion: v2 description: MongoDB Server name: mongo -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator'
\ No newline at end of file diff --git a/kubernetes/common/music/Chart.yaml b/kubernetes/common/music/Chart.yaml index 723a125008..f275168967 100644 --- a/kubernetes/common/music/Chart.yaml +++ b/kubernetes/common/music/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: MUSIC - Multi-site State Coordination Service name: music -version: 10.0.0 +version: 11.0.0 dependencies: - name: music-cassandra - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/music-cassandra' - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../certInitializer'
\ No newline at end of file diff --git a/kubernetes/common/music/components/music-cassandra/Chart.yaml b/kubernetes/common/music/components/music-cassandra/Chart.yaml index b902dd73f5..8a575c72f7 100644 --- a/kubernetes/common/music/components/music-cassandra/Chart.yaml +++ b/kubernetes/common/music/components/music-cassandra/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP - Cassandra Database name: music-cassandra -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../repositoryGenerator'
\ No newline at end of file diff --git a/kubernetes/common/network-name-gen/Chart.yaml b/kubernetes/common/network-name-gen/Chart.yaml index 2712596e9b..2c4ed9e581 100644 --- a/kubernetes/common/network-name-gen/Chart.yaml +++ b/kubernetes/common/network-name-gen/Chart.yaml @@ -17,20 +17,20 @@ apiVersion: v2
description: Name Generation Micro Service
name: network-name-gen
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../repositoryGenerator'
- name: mariadb-galera
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../mariadb-galera'
condition: global.mariadbGalera.localCluster
- name: mariadb-init
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../mariadb-init'
condition: not global.mariadbGalera.localCluster
\ No newline at end of file diff --git a/kubernetes/common/network-name-gen/templates/deployment.yaml b/kubernetes/common/network-name-gen/templates/deployment.yaml index 9bdf19c7ec..97fece8a54 100644 --- a/kubernetes/common/network-name-gen/templates/deployment.yaml +++ b/kubernetes/common/network-name-gen/templates/deployment.yaml @@ -80,7 +80,11 @@ spec: - name: POL_BASIC_AUTH_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pol-basic-auth-secret" "key" "password") | indent 10}} - name: POL_URL - value: "{{ .Values.config.polUrl }}" + {{- if (include "common.needTLS" .) }} + value: "{{ .Values.config.polUrl.https }}" + {{- else }} + value: "{{ .Values.config.polUrl.http }}" + {{- end }} - name: POL_ENV value: "{{ .Values.config.polEnv }}" - name: POL_REQ_ID @@ -90,7 +94,11 @@ spec: - name: AAI_CERT_PATH value: "{{ .Values.config.aaiCertPath }}" - name: AAI_URI - value: "{{ .Values.config.aaiUri }}" + {{- if (include "common.needTLS" .) }} + value: "{{ .Values.config.aaiUri.https }}" + {{- else }} + value: "{{ .Values.config.aaiUri.http }}" + {{- end }} - name: AAI_AUTH value: "{{ .Values.config.aaiAuth }}" - name: DISABLE_HOST_VERIFICATION diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml index 5f864a6555..e5e2a7a338 100644 --- a/kubernetes/common/network-name-gen/values.yaml +++ b/kubernetes/common/network-name-gen/values.yaml @@ -87,14 +87,18 @@ config: polClientAuth: cHl0aG9uOnRlc3Q= polBasicAuthUser: healthcheck polBasicAuthPassword: zb!XztG34 - polUrl: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision + polUrl: + https: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision + http: http://policy-xacml-pdp:8080/policy/pdpx/v1/decision polEnv: TEST polReqId: xx disableHostVerification: true aaiCertPass: changeit aaiCertPath: /opt/etc/config/aai_keystore aaiAuth: QUFJOkFBSQ== - aaiUri: https://aai:8443/aai/v14/ + aaiUri: + https: https://aai:8443/aai/v14/ + http: http://aai:8080/aai/v14/ # default number of instances replicaCount: 1 @@ -118,7 +122,7 @@ readiness: service: type: ClusterIP name: neng-serv - portName: neng-serv-port + portName: http internalPort: 8080 externalPort: 8080 diff --git a/kubernetes/common/postgres-init/Chart.yaml b/kubernetes/common/postgres-init/Chart.yaml index eacba404ed..ff8c98cd13 100644 --- a/kubernetes/common/postgres-init/Chart.yaml +++ b/kubernetes/common/postgres-init/Chart.yaml @@ -16,13 +16,13 @@ apiVersion: v2 description: Chart for Postgres init job name: postgres-init -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator'
\ No newline at end of file diff --git a/kubernetes/common/postgres-init/templates/job.yaml b/kubernetes/common/postgres-init/templates/job.yaml index 01151bb4a9..d9a7386f83 100644 --- a/kubernetes/common/postgres-init/templates/job.yaml +++ b/kubernetes/common/postgres-init/templates/job.yaml @@ -59,6 +59,8 @@ spec: } export PG_PASSWORD=`prepare_password $PG_PASSWORD_INPUT`; export PG_ROOT_PASSWORD=`prepare_password $PG_ROOT_PASSWORD_INPUT`; + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done; psql "postgresql://postgres:$PG_ROOT_PASSWORD@$PG_HOST" < /config/setup.sql env: @@ -98,6 +100,7 @@ spec: name: pgconf resources: {{ include "common.resources" . | indent 12 }} + {{ include "common.waitForJobContainer" . | indent 6 | trim }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/common/postgres-init/values.yaml b/kubernetes/common/postgres-init/values.yaml index 7bcd8e23b4..d6d51f0b51 100644 --- a/kubernetes/common/postgres-init/values.yaml +++ b/kubernetes/common/postgres-init/values.yaml @@ -89,3 +89,7 @@ resources: cpu: 1 memory: 2Gi unlimited: {} + +wait_for_job_container: + containers: + - '{{ include "common.name" . }}-update-config'
\ No newline at end of file diff --git a/kubernetes/common/postgres/Chart.yaml b/kubernetes/common/postgres/Chart.yaml index 7cf590a275..8644bcfd6d 100644 --- a/kubernetes/common/postgres/Chart.yaml +++ b/kubernetes/common/postgres/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP Postgres Server name: postgres -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator'
\ No newline at end of file diff --git a/kubernetes/common/readinessCheck/Chart.yaml b/kubernetes/common/readinessCheck/Chart.yaml index 7591363143..3997aeb260 100644 --- a/kubernetes/common/readinessCheck/Chart.yaml +++ b/kubernetes/common/readinessCheck/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: Template used to wait for other deployment/sts/jobs in onap name: readinessCheck -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator'
\ No newline at end of file diff --git a/kubernetes/common/repository-wrapper/Chart.yaml b/kubernetes/common/repository-wrapper/Chart.yaml index 49f747433a..c385a3bb36 100644 --- a/kubernetes/common/repository-wrapper/Chart.yaml +++ b/kubernetes/common/repository-wrapper/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: Wrapper chart to allow docker secret to be shared all instances name: repository-wrapper -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator'
\ No newline at end of file diff --git a/kubernetes/common/repositoryGenerator/Chart.yaml b/kubernetes/common/repositoryGenerator/Chart.yaml index 230525f415..fe710e1a2f 100644 --- a/kubernetes/common/repositoryGenerator/Chart.yaml +++ b/kubernetes/common/repositoryGenerator/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v2 description: Template used to generate the right repository link name: repositoryGenerator -version: 10.0.0 +version: 11.0.0 diff --git a/kubernetes/common/repositoryGenerator/values.yaml b/kubernetes/common/repositoryGenerator/values.yaml index 34ce466f48..10703eff6e 100644 --- a/kubernetes/common/repositoryGenerator/values.yaml +++ b/kubernetes/common/repositoryGenerator/values.yaml @@ -35,7 +35,7 @@ global: jreImage: onap/integration-java11:10.0.0 kubectlImage: bitnami/kubectl:1.22.4 loggingImage: beats/filebeat:5.5.0 - mariadbImage: bitnami/mariadb:10.6.5-debian-10-r28 + mariadbImage: bitnami/mariadb:10.5.8 nginxImage: bitnami/nginx:1.21.4 postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1 readinessImage: onap/oom/readiness:3.0.1 diff --git a/kubernetes/common/roles-wrapper/Chart.yaml b/kubernetes/common/roles-wrapper/Chart.yaml index 855dd52e81..8024abafd8 100644 --- a/kubernetes/common/roles-wrapper/Chart.yaml +++ b/kubernetes/common/roles-wrapper/Chart.yaml @@ -16,9 +16,9 @@ apiVersion: v2 description: Wrapper chart to allow default roles to be shared among onap instances name: roles-wrapper -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common'
\ No newline at end of file diff --git a/kubernetes/common/serviceAccount/Chart.yaml b/kubernetes/common/serviceAccount/Chart.yaml index 6ddb8357c6..3309753f37 100644 --- a/kubernetes/common/serviceAccount/Chart.yaml +++ b/kubernetes/common/serviceAccount/Chart.yaml @@ -17,9 +17,9 @@ apiVersion: v2 description: Template used to create the right Service Accounts / Role / RoleBinding name: serviceAccount -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common'
\ No newline at end of file diff --git a/kubernetes/common/timescaledb/Chart.yaml b/kubernetes/common/timescaledb/Chart.yaml index 6099351928..5e84be191b 100644 --- a/kubernetes/common/timescaledb/Chart.yaml +++ b/kubernetes/common/timescaledb/Chart.yaml @@ -22,15 +22,15 @@ apiVersion: v2 appVersion: "1.0" description: ONAP timescaledb name: timescaledb -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator'
\ No newline at end of file diff --git a/kubernetes/consul/Chart.yaml b/kubernetes/consul/Chart.yaml index c80c318f7a..c180bc16f0 100644 --- a/kubernetes/consul/Chart.yaml +++ b/kubernetes/consul/Chart.yaml @@ -18,22 +18,22 @@ apiVersion: v2 description: ONAP Consul Agent name: consul -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: consul-server - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/consul-server' condition: consul-server.enabled - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/consul/components/consul-server/Chart.yaml b/kubernetes/consul/components/consul-server/Chart.yaml index 7460980a40..e1f838142a 100644 --- a/kubernetes/consul/components/consul-server/Chart.yaml +++ b/kubernetes/consul/components/consul-server/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 description: ONAP Consul Server name: consul-server -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh index 1d99c516b7..1b721b363c 100644 --- a/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh +++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh @@ -19,7 +19,7 @@ NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-clampdb[^[:space:]]*") if [ -n "$NAME" ]; then - if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then + if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then echo Success. CLAMP DBHost is running. 2>&1 exit 0 else diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/policy-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/policy-mariadb-script.sh index 30f324b7cf..865d477b7d 100644 --- a/kubernetes/consul/resources/config/consul-agent-config/scripts/policy-mariadb-script.sh +++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/policy-mariadb-script.sh @@ -19,7 +19,7 @@ NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-policydb[^[:space:]]*") if [ -n "$NAME" ]; then - if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then + if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then echo Success. mariadb process is running. 2>&1 exit 0 else diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh index db5dcad558..a0974c0a45 100755 --- a/kubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh +++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh @@ -19,7 +19,7 @@ NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-so-db[^[:space:]]*") if [ -n "$NAME" ]; then - if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then + if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then echo Success. mariadb process is running. 2>&1 exit 0 else diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh index f5d9941395..7b0bc246f6 100755 --- a/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh +++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh @@ -19,7 +19,7 @@ NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-vid-mariadb[^[:space:]]*") if [ -n "$NAME" ]; then - if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then + if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then echo Success. mariadb process is running. 2>&1 exit 0 else diff --git a/kubernetes/contrib/Chart.yaml b/kubernetes/contrib/Chart.yaml index 1b5552a22e..0d366ff68f 100755 --- a/kubernetes/contrib/Chart.yaml +++ b/kubernetes/contrib/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 description: ONAP optional tools name: contrib -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: awx - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/awx' condition: awx.enabled - name: ejbca - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/ejbca' condition: global.cmpv2Enabled - name: netbox - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/netbox' condition: netbox.enabled - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/contrib/components/awx/Chart.yaml b/kubernetes/contrib/components/awx/Chart.yaml index b29a3d79b3..3eea511656 100755 --- a/kubernetes/contrib/components/awx/Chart.yaml +++ b/kubernetes/contrib/components/awx/Chart.yaml @@ -19,18 +19,18 @@ description: Ansible AWX name: awx sources: - https://github.com/ansible/awx -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: awx-postgres - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/awx-postgres' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/Chart.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/Chart.yaml index 2999873ec7..be7254a892 100755 --- a/kubernetes/contrib/components/awx/components/awx-postgres/Chart.yaml +++ b/kubernetes/contrib/components/awx/components/awx-postgres/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: Ansible AWX database name: awx-postgres -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/values.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/values.yaml index 4cf03b2482..a6dc5ff90a 100755 --- a/kubernetes/contrib/components/awx/components/awx-postgres/values.yaml +++ b/kubernetes/contrib/components/awx/components/awx-postgres/values.yaml @@ -75,7 +75,7 @@ persistence: service: type: ClusterIP name: awx-postgresql - portName: awx-postgresql + portName: tcp-postgresql internalPort: 5432 externalPort: 5432 diff --git a/kubernetes/contrib/components/awx/templates/job.yaml b/kubernetes/contrib/components/awx/templates/job.yaml index f974f446c2..1ebe340a68 100644 --- a/kubernetes/contrib/components/awx/templates/job.yaml +++ b/kubernetes/contrib/components/awx/templates/job.yaml @@ -51,11 +51,16 @@ spec: apiVersion: v1 fieldPath: metadata.namespace containers: - - command: ["/bin/sh","-c"] - args: ["/etc/tower/job-entrypoint.sh"] + - name: {{ include "common.name" . }}-mgnt + command: + - /bin/sh + - -cx + - | + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} + /etc/tower/job-entrypoint.sh image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.task }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-mgnt resources: requests: cpu: 1500m @@ -78,7 +83,7 @@ spec: name: awx-secret-key readOnly: true subPath: SECRET_KEY - + {{ include "common.waitForJobContainer" . | indent 6 | trim }} volumes: - configMap: defaultMode: 0777 diff --git a/kubernetes/contrib/components/awx/templates/service.yaml b/kubernetes/contrib/components/awx/templates/service.yaml index 10f031da82..85ec8c8428 100755 --- a/kubernetes/contrib/components/awx/templates/service.yaml +++ b/kubernetes/contrib/components/awx/templates/service.yaml @@ -49,7 +49,6 @@ spec: ports: - port: {{ .Values.service.web.externalPort }} targetPort: {{ .Values.service.web.internalPort }} - nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.web.nodePort }} name: {{ .Values.service.web.portName }} selector: app: {{ include "common.fullname" . }} diff --git a/kubernetes/contrib/components/awx/values.yaml b/kubernetes/contrib/components/awx/values.yaml index 0a247c5743..c30999fa6d 100755 --- a/kubernetes/contrib/components/awx/values.yaml +++ b/kubernetes/contrib/components/awx/values.yaml @@ -88,23 +88,22 @@ persistence: service: rmqmgmt: type: ClusterIP - portName: rmqmgmt + portName: http-rmqmgmt internalPort: 15672 externalPort: 15672 web: - type: NodePort - portName: web + type: ClusterIP + portName: http-web internalPort: 8052 externalPort: 8052 - nodePort: 78 rabbitmq: type: ClusterIP http: - portName: http + portName: http-rmq internalPort: 15672 externalPort: 15672 amqp: - portName: amqp + portName: tcp-amqp internalPort: 5672 externalPort: 5672 @@ -115,3 +114,7 @@ serviceAccount: nameOverride: awx roles: - read + +wait_for_job_container: + containers: + - '{{ include "common.name" . }}-mgnt' diff --git a/kubernetes/contrib/components/ejbca/Chart.yaml b/kubernetes/contrib/components/ejbca/Chart.yaml index 2d683269af..9b675c8b1e 100644 --- a/kubernetes/contrib/components/ejbca/Chart.yaml +++ b/kubernetes/contrib/components/ejbca/Chart.yaml @@ -17,26 +17,26 @@ apiVersion: v2 description: ONAP EJBCA test server name: ejbca -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.mariadbGalera.localCluster - name: mariadb-init - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: not global.mariadbGalera.localCluster - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: cmpv2Config - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/contrib/components/ejbca/templates/deployment.yaml b/kubernetes/contrib/components/ejbca/templates/deployment.yaml index 6bd5b259ea..a36dcacb23 100644 --- a/kubernetes/contrib/components/ejbca/templates/deployment.yaml +++ b/kubernetes/contrib/components/ejbca/templates/deployment.yaml @@ -22,6 +22,16 @@ spec: selector: {{- include "common.selectors" . | nindent 4 }} template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} + {{- if (include "common.onServiceMesh" . ) }} + annotations: + {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }} + linkerd.io/inject: disabled + {{- end }} + {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }} + sidecar.istio.io/rewriteAppHTTPProbers: "false" + proxy.istio.io/config: '{ "holdApplicationUntilProxyStarts": true }' + {{- end }} + {{- end }} spec: imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" @@ -51,7 +61,11 @@ spec: lifecycle: postStart: exec: - command: ["/bin/sh", "-c", "/opt/primekey/scripts/ejbca-config.sh"] + command: + - sh + - -c + - | + sleep 60; /opt/primekey/scripts/ejbca-config.sh volumeMounts: - name: "{{ include "common.fullname" . }}-volume" mountPath: /opt/primekey/scripts/ diff --git a/kubernetes/contrib/components/ejbca/values.yaml b/kubernetes/contrib/components/ejbca/values.yaml index 52e0e750a0..b777a7d388 100644 --- a/kubernetes/contrib/components/ejbca/values.yaml +++ b/kubernetes/contrib/components/ejbca/values.yaml @@ -86,14 +86,14 @@ affinity: {} # probe configuration parameters liveness: path: /ejbca/publicweb/healthcheck/ejbcahealth - port: api - initialDelaySeconds: 30 + port: 8443 + initialDelaySeconds: 180 periodSeconds: 30 readiness: path: /ejbca/publicweb/healthcheck/ejbcahealth - port: api - initialDelaySeconds: 30 + port: 8443 + initialDelaySeconds: 180 periodSeconds: 30 service: @@ -106,7 +106,7 @@ service: port_protocol: http # Resource Limit flavor -By Default using small -flavor: small +flavor: unlimited # Segregation for Different environment (Small and Large) resources: small: diff --git a/kubernetes/contrib/components/netbox/Chart.yaml b/kubernetes/contrib/components/netbox/Chart.yaml index 24c9801ded..a0a8cdc7fb 100755 --- a/kubernetes/contrib/components/netbox/Chart.yaml +++ b/kubernetes/contrib/components/netbox/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 description: Netbox IPAM name: netbox -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: netbox-app - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/netbox-app' - name: netbox-nginx - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/netbox-nginx' - name: netbox-postgres - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/netbox-postgres'
\ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/Chart.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/Chart.yaml index 19087d3999..d820ee4250 100755 --- a/kubernetes/contrib/components/netbox/components/netbox-app/Chart.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-app/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: Netbox - Application (WSGI + Gunicorn) name: netbox-app -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/Chart.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/Chart.yaml index 4e4fdc0a28..bad4be1585 100755 --- a/kubernetes/contrib/components/netbox/components/netbox-nginx/Chart.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-nginx/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: Netbox - Nginx web server name: netbox-nginx -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/Chart.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/Chart.yaml index 85654d953f..8aca215a71 100755 --- a/kubernetes/contrib/components/netbox/components/netbox-postgres/Chart.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-postgres/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: Netbox Posgres database name: netbox-postgres -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/cps/Chart.yaml b/kubernetes/cps/Chart.yaml index 9052e00058..7b60d63c19 100644 --- a/kubernetes/cps/Chart.yaml +++ b/kubernetes/cps/Chart.yaml @@ -17,25 +17,25 @@ apiVersion: v2 description: ONAP Configuration Persistance Service (CPS) name: cps -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: roles-wrapper - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: standaloneDeployment - name: cps-core - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: cps-core.enabled - name: cps-temporal - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: cps-temporal.enabled - name: ncmp-dmi-plugin - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: ncmp-dmi-plugin.enabled diff --git a/kubernetes/cps/components/cps-core/Chart.yaml b/kubernetes/cps/components/cps-core/Chart.yaml index 95201a0d4a..fcaee60ac3 100644 --- a/kubernetes/cps/components/cps-core/Chart.yaml +++ b/kubernetes/cps/components/cps-core/Chart.yaml @@ -18,26 +18,26 @@ apiVersion: v2 description: ONAP Configuration Persistance Service (CPS) - Core name: cps-core -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.postgres.localCluster - name: postgres-init - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: postgres.postgresInit - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/cps/components/cps-core/resources/config/application-helm.yml b/kubernetes/cps/components/cps-core/resources/config/application-helm.yml index e9958f1114..e295a37b45 100644 --- a/kubernetes/cps/components/cps-core/resources/config/application-helm.yml +++ b/kubernetes/cps/components/cps-core/resources/config/application-helm.yml @@ -1,7 +1,7 @@ {{/* # Copyright (C) 2021 Pantheon.tech # Modifications Copyright (C) 2020 Bell Canada. -# Modifications Copyright (C) 2021 Nordix Foundation. +# Modifications Copyright (C) 2021-2022 Nordix Foundation. # Modifications Copyright (C) 2021 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,17 +28,21 @@ spring: password: ${DB_PASSWORD} driverClassName: org.postgresql.Driver initialization-mode: always - liquibase: change-log: classpath:changelog/changelog-master.yaml labels: {{ .Values.config.liquibaseLabels }} + kafka: + producer: + client-id: cps-core + security: - # comma-separated uri patterns which do not require authorization - permit-uri: /manage/**,/swagger-ui/**,/swagger-resources/**,/api-docs - auth: - username: ${CPS_USERNAME} - password: ${CPS_PASSWORD} + # comma-separated uri patterns which do not require authorization + permit-uri: /manage/**,/swagger-ui/**,/swagger-resources/**,/api-docs + auth: + username: ${CPS_USERNAME} + password: ${CPS_PASSWORD} + logging: level: org: @@ -49,12 +53,18 @@ dmi: username: ${DMI_USERNAME} password: ${DMI_PASSWORD} -{{- if .Values.config.eventPublisher }} +{{- if .Values.config.useStrimziKafka }} +spring.kafka.bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +spring.kafka.security.protocol: SASL_PLAINTEXT +spring.kafka.properties.sasl.mechanism: SCRAM-SHA-512 +spring.kafka.properties.sasl.jaas.config: ${JAASLOGIN} +{{ else }} {{ toYaml .Values.config.eventPublisher | nindent 2 }} {{- end }} {{- if .Values.config.additional }} {{ toYaml .Values.config.additional | nindent 2 }} {{- end }} + # Last empty line is required otherwise the last property will be missing from application.yml file in the pod. diff --git a/kubernetes/cps/components/cps-core/templates/deployment.yaml b/kubernetes/cps/components/cps-core/templates/deployment.yaml index e6ee161feb..a247f148a7 100644 --- a/kubernetes/cps/components/cps-core/templates/deployment.yaml +++ b/kubernetes/cps/components/cps-core/templates/deployment.yaml @@ -1,7 +1,7 @@ {{/* # Copyright (C) 2021 Pantheon.tech, Orange # Modifications Copyright (C) 2021 Bell Canada. -# Modifications Copyright (C) 2021 Nordix Foundation. +# Modifications Copyright (C) 2021-2022 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -57,7 +57,10 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmi-plugin-user-creds" "key" "login") | indent 12 }} - name: DMI_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmi-plugin-user-creds" "key" "password") | indent 12 }} - + {{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-kafka-user" "key" "sasl.jaas.config") | indent 12 }} + {{- end }} volumeMounts: - mountPath: /config-input name: init-data-input @@ -85,6 +88,12 @@ spec: path: {{ .Values.readiness.path }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + startupProbe: + httpGet: + path: {{ .Values.startup.path }} + port: {{ .Values.startup.port }} + failureThreshold: {{ .Values.startup.failureThreshold }} + periodSeconds: {{ .Values.startup.periodSeconds }} env: - name: SPRING_PROFILES_ACTIVE value: {{ .Values.config.spring.profile }} diff --git a/kubernetes/cps/components/cps-core/values.yaml b/kubernetes/cps/components/cps-core/values.yaml index d65924e90f..5a10b2f4ae 100644 --- a/kubernetes/cps/components/cps-core/values.yaml +++ b/kubernetes/cps/components/cps-core/values.yaml @@ -1,5 +1,6 @@ # Copyright (C) 2021 Pantheon.tech, Orange, Bell Canada. # Modifications Copyright (C) 2022 Bell Canada +# Modifications Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -42,6 +43,13 @@ secrets: login: '{{ .Values.config.dmiPluginUserName }}' password: '{{ .Values.config.dmiPluginUserPassword }}' passwordPolicy: generate + - uid: cps-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate ################################################################# # Global configuration defaults. @@ -67,7 +75,7 @@ global: container: name: postgres -image: onap/cps-and-ncmp:3.0.0 +image: onap/cps-and-ncmp:3.0.1 containerPort: &svc_port 8080 managementPort: &mgt_port 8081 @@ -137,6 +145,12 @@ readiness: path: /manage/health port: *mgt_port +startup: + failureThreshold: 5 + periodSeconds: 60 + path: /manage/health + port: *mgt_port + ingress: enabled: true service: @@ -170,17 +184,23 @@ config: #appUserPassword: dmiPluginUserName: dmiuser # Any new property can be added in the env by setting in overrides in the format mentioned below -# All the added properties must be in "key: value" format insead of yaml. +# All the added properties must be in "key: value" format instead of yaml. # additional: # spring.config.max-size: 200 # spring.config.min-size: 10 - eventPublisher: - spring.kafka.bootstrap-servers: message-router-kafka:9092 - spring.kafka.security.protocol: SASL_PLAINTEXT - spring.kafka.properties.sasl.mechanism: PLAIN - spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username=admin password=admin_secret; - spring.kafka.producer.client-id: cps-core +# kafka config + useStrimziKafka: true + kafkaBootstrap: strimzi-kafka-bootstrap +# If targeting a custom kafka cluster, ie useStrimziKakfa: false +# uncomment below config and target your kafka bootstrap servers, +# along with any other security config. + +# eventPublisher: +# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092 +# spring.kafka.security.protocol: SASL_PLAINTEXT +# spring.kafka.properties.sasl.mechanism: PLAIN +# spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username=admin password=admin_secret; additional: notification.data-updated.enabled: true diff --git a/kubernetes/cps/components/cps-temporal/Chart.yaml b/kubernetes/cps/components/cps-temporal/Chart.yaml index 502131bc7c..cbda1175d6 100644 --- a/kubernetes/cps/components/cps-temporal/Chart.yaml +++ b/kubernetes/cps/components/cps-temporal/Chart.yaml @@ -21,21 +21,21 @@ apiVersion: v2 description: ONAP Configuration Persistance Service (CPS) - Temporal name: cps-temporal -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: timescaledb - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/cps/components/cps-temporal/resources/config/application-helm.yml b/kubernetes/cps/components/cps-temporal/resources/config/application-helm.yml index 32ae51b51a..6e80843949 100644 --- a/kubernetes/cps/components/cps-temporal/resources/config/application-helm.yml +++ b/kubernetes/cps/components/cps-temporal/resources/config/application-helm.yml @@ -1,6 +1,7 @@ {{/* # ============LICENSE_START======================================================= # Copyright (c) 2021 Bell Canada. +# Modifications Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -24,19 +25,31 @@ spring: username: ${DB_USERNAME} password: ${DB_PASSWORD} -security: - auth: - username: ${APP_USERNAME} - password: ${APP_PASSWORD} + kafka: + consumer: + group-id: {{ .Values.config.kafka.consumer.groupId }} + +app: + listener: + data-updated: + topic: {{ .Values.config.app.listener.dataUpdatedTopic }} -# Event consumption properties (kafka) -{{- if .Values.config.eventConsumption }} -{{ toYaml .Values.config.eventConsumption | nindent 2 }} +{{- if .Values.config.useStrimziKafka }} +spring.kafka.bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +spring.kafka.security.protocol: SASL_PLAINTEXT +spring.kafka.properties.sasl.mechanism: SCRAM-SHA-512 +spring.kafka.properties.sasl.jaas.config: ${JAASLOGIN} +{{ else }} +{{ toYaml .Values.config.eventPublisher | nindent 2 }} {{- end }} -# Additional properties {{- if .Values.config.additional }} {{ toYaml .Values.config.additional | nindent 2 }} {{- end }} +security: + auth: + username: ${APP_USERNAME} + password: ${APP_PASSWORD} + # Last empty line is required otherwise the last property will be missing from application.yml file in the pod. diff --git a/kubernetes/cps/components/cps-temporal/templates/deployment.yaml b/kubernetes/cps/components/cps-temporal/templates/deployment.yaml index 806e65a865..71ff37193b 100644 --- a/kubernetes/cps/components/cps-temporal/templates/deployment.yaml +++ b/kubernetes/cps/components/cps-temporal/templates/deployment.yaml @@ -1,6 +1,7 @@ {{/* # ============LICENSE_START======================================================= # Copyright (c) 2021 Bell Canada. +# Modifications Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -53,6 +54,10 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "login") | indent 12 }} - name: APP_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "password") | indent 12 }} + {{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-kafka-user" "key" "sasl.jaas.config") | indent 12 }} + {{- end }} volumeMounts: - mountPath: /config-input name: init-data-input diff --git a/kubernetes/cps/components/cps-temporal/values.yaml b/kubernetes/cps/components/cps-temporal/values.yaml index 68bc2a7e8a..a92791e019 100644 --- a/kubernetes/cps/components/cps-temporal/values.yaml +++ b/kubernetes/cps/components/cps-temporal/values.yaml @@ -1,5 +1,6 @@ # ============LICENSE_START======================================================= # Copyright (c) 2021 Bell Canada. +# Modifications Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -39,6 +40,13 @@ secrets: login: '{{ .Values.config.appUserName }}' password: '{{ .Values.config.appUserPassword }}' passwordPolicy: generate + - uid: cps-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate image: onap/cps-temporal:1.1.0 containerPort: &svc_port 8080 @@ -139,13 +147,23 @@ config: profile: helm #appUserPassword: - # Event consumption (kafka) properties - # All Kafka properties must be in "key: value" format instead of yaml. - eventConsumption: - spring.kafka.bootstrap-servers: message-router-kafka:9092 - spring.kafka.security.protocol: PLAINTEXT - spring.kafka.consumer.group-id: cps-temporal-group - app.listener.data-updated.topic: cps.data-updated-events +# Event consumption (kafka) properties + useStrimziKafka: true + kafkaBootstrap: strimzi-kafka-bootstrap + kafka: + consumer: + groupId: cps-temporal-group + app: + listener: + dataUpdatedTopic: cps.data-updated-events +# If targeting a custom kafka cluster, ie useStrimziKakfa: false +# uncomment below config and target your kafka bootstrap servers, +# along with any other security config. + +# eventConsumption: +# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092 +# spring.kafka.security.protocol: PLAINTEXT +# spring.kafka.consumer.group-id: cps-temporal-group # Any new property can be added in the env by setting in overrides in the format mentioned below # All the added properties must be in "key: value" format instead of yaml. diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/Chart.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/Chart.yaml index 10c2aab323..669be9e274 100644 --- a/kubernetes/cps/components/ncmp-dmi-plugin/Chart.yaml +++ b/kubernetes/cps/components/ncmp-dmi-plugin/Chart.yaml @@ -21,18 +21,18 @@ apiVersion: v2 description: ONAP Configuration Persistance Service (CPS) - NCMP-DMI-Plugin name: ncmp-dmi-plugin -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/poddisruptionbudget.yaml b/kubernetes/cps/templates/cps-kafka-topic.yaml index db81b890ef..1a23ddfc9b 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/poddisruptionbudget.yaml +++ b/kubernetes/cps/templates/cps-kafka-topic.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2018 AT&T +# Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,18 +13,16 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget +{{- if .Values.config.useStrimziKafka }} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic metadata: - name: {{ include "common.fullname" . }}-pdb + name: {{ .Values.config.dataUpdatedTopic.name }} labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} + strimzi.io/cluster: {{ include "common.release" . }}-strimzi spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - maxUnavailable: {{ include "zk.maxUnavailable" . }} + partitions: {{ .Values.config.dataUpdatedTopic.partitions }} + config: + retention.ms: {{ .Values.config.dataUpdatedTopic.retentionMs }} + segment.bytes: {{ .Values.config.dataUpdatedTopic.segmentBytes }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/cps/templates/cps-kafka-user.yaml b/kubernetes/cps/templates/cps-kafka-user.yaml new file mode 100644 index 0000000000..b3136d7f04 --- /dev/null +++ b/kubernetes/cps/templates/cps-kafka-user.yaml @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{- if .Values.config.useStrimziKafka }} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaUser +metadata: + name: {{ include "common.release" . }}-{{ .Values.global.cpsKafkaUser }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + authentication: + type: scram-sha-512 + authorization: + type: simple + acls: + - resource: + type: group + name: {{ .Values.config.dataUpdatedTopic.consumer.groupId }} + operation: Read + - resource: + type: topic + name: {{ .Values.config.dataUpdatedTopic.name }} + operation: Read + - resource: + type: topic + name: {{ .Values.config.dataUpdatedTopic.name }} + operation: Write +{{- end }}
\ No newline at end of file diff --git a/kubernetes/cps/values.yaml b/kubernetes/cps/values.yaml index 754b016fe8..700ad38844 100755 --- a/kubernetes/cps/values.yaml +++ b/kubernetes/cps/values.yaml @@ -1,4 +1,5 @@ # Copyright (C) 2021 Bell Canada +# Modifications Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -40,9 +41,20 @@ global: virtualhost: baseurl: "simpledemo.onap.org" + kafkaBootstrap: strimzi-kafka-bootstrap + cpsKafkaUser: cps-kafka-user + config: coreUserName: cpsuser dmiPluginUserName: dmiuser + useStrimziKafka: true + dataUpdatedTopic: + name: cps.data-updated-events + partitions: 10 + retentionMs: 7200000 + segmentBytes: 1073741824 + consumer: + groupId: cps-temporal-group # Enable all CPS components by default cps-core: @@ -50,9 +62,12 @@ cps-core: config: appUserExternalSecret: *core-creds-secret dmiPluginUserExternalSecret: *dmi-plugin-creds-secret + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.cpsKafkaUser }}' cps-temporal: enabled: true + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.cpsKafkaUser }}' ncmp-dmi-plugin: enabled: true diff --git a/kubernetes/dcaegen2-services/Chart.yaml b/kubernetes/dcaegen2-services/Chart.yaml index 4710acc2b3..23d0bbd929 100644 --- a/kubernetes/dcaegen2-services/Chart.yaml +++ b/kubernetes/dcaegen2-services/Chart.yaml @@ -18,92 +18,88 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE Microservices name: dcaegen2-services -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - - name: dcae-bbs-eventprocessor-ms - version: ~10.x-0 - repository: '@local' - condition: dcae-bbs-eventprocessor-ms.enabled - name: dcae-datafile-collector - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-datafile-collector.enabled - name: dcae-datalake-admin-ui - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-datalake-admin-ui.enabled - name: dcae-datalake-des - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-datalake-des.enabled - name: dcae-datalake-feeder - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-datalake-feeder.enabled - name: dcae-heartbeat - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-heartbeat.enabled - name: dcae-hv-ves-collector - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-hv-ves-collector.enabled - name: dcae-kpi-ms - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-kpi-ms.enabled - name: dcae-ms-healthcheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-ms-healthcheck.enabled - name: dcae-pm-mapper - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-pm-mapper.enabled - name: dcae-pmsh - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-pmsh.enabled - name: dcae-prh - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-prh.enabled - name: dcae-restconf-collector - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-restconf-collector.enabled - name: dcae-slice-analysis-ms - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-slice-analysis-ms.enabled - name: dcae-snmptrap-collector - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-snmptrap-collector.enabled - name: dcae-son-handler - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-son-handler.enabled - name: dcae-tcagen2 - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-tcagen2.enabled - name: dcae-ves-collector - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-ves-collector.enabled - name: dcae-ves-mapper - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-ves-mapper.enabled - name: dcae-ves-openapi-manager - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-ves-openapi-manager' condition: dcae-ves-openapi-manager.enabled diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/Chart.yaml b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/Chart.yaml index b3c0146aed..25fa92b696 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/Chart.yaml +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/Chart.yaml @@ -18,12 +18,12 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE Microservices Common templates name: dcaegen2-services-common -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl index f76be4c190..afd3c38f31 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl @@ -1,7 +1,7 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2019 AT&T -# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved. # Copyright (c) 2021 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -30,14 +30,21 @@ use of templates from the ONAP "common" collection) references data in .Release. The template always produces a configMap containing the microservice's -initial configuration data. This configMap is used by an initContainer -that loads the configuration into Consul. (See the documentation for +initial configuration data. (See the documentation for dcaegen2-services-common.microserviceDeployment for more details.) -If the microservice is using a logging sidecar (again, see the documentation -for dcaegen2-services-common.microserviceDeployment for more details), the -template generates an additiona configMap that supplies configuration -information for the logging sidecar. +If the microservice is using one or more Data Router (DR) feeds, the +template produces a configMap containing the information needed to +provision the feed(s). An init container performs the provisioning. + +If the microservice acts as a DR publisher for one or more feeds, the +template produces a configMap containing the information needed to +provision the publisher(s). An init container performs the provisioning. + +If the microservice acts as a DR subscriber for one or more feeds, the +template produces a configMap containing the information needed to +provision the subscribeer(s). An init container performs the provisioning. + */}} {{- define "dcaegen2-services-common.configMap" -}} @@ -96,19 +103,4 @@ data: {{ $drsub | toJson | indent 2 }} {{- end }} {{- end }} - -{{- if .Values.mrTopicsConfig }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-topics-config - namespace: {{ include "common.namespace" . }} - labels: {{ include "common.labels" . | nindent 6 }} -data: - {{- range $i, $topics := .Values.mrTopicsConfig }} - topicsConfig-{{$i}}.json: |- - {{ $topics | toJson | indent 2 }} - {{- end }} -{{- end }} {{- end }} diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl index fbaaedf0dd..6c742c07de 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl @@ -33,7 +33,7 @@ provided to all microservices. The template expects a single argument, pointing to the caller's global context. Microservice-specific environment variables can be specified in two ways: - 1. As literal string values. + 1. As literal string values. (The values can also be Helm template fragments.) 2. As values that are sourced from a secret, identified by the secret's uid and the key within the secret that provides the value. @@ -58,7 +58,7 @@ the the literal string "An example value". {{- range $envName, $envValue := .Values.applicationEnv }} {{- if kindIs "string" $envValue }} - name: {{ $envName }} - value: {{ $envValue | quote }} + value: {{ tpl $envValue $global | quote }} {{- else }} {{ if or (not $envValue.secretUid) (not $envValue.key) }} {{ fail (printf "Env %s definition is not a string and does not contain secretUid or key fields" $envName) }} @@ -180,21 +180,6 @@ The sidecar is included if .Values.log.path is set. The logging sidecar and the DCAE microservice container share a volume where the microservice logs are written. -The Deployment includes an initContainer that checks for the -readiness of other components that the microservice relies on. -This container is generated by the "common.readinessCheck.waitfor" -template. - -If the microservice acts as a TLS client or server, the Deployment will -include an initContainer that retrieves certificate information from -the AAF certificate manager. The information is mounted at the -mount point specified in .Values.certDirectory. If the microservice is -a TLS server (indicated by setting .Values.tlsServer to true), the -certificate information will include a server cert and key, in various -formats. It will also include the AAF CA cert. If the microservice is -a TLS client only (indicated by setting .Values.tlsServer to false), the -certificate information includes only the AAF CA cert. - Deployed POD may also include a Policy-sync sidecar container. The sidecar is included if .Values.policies is set. The Policy-sync sidecar polls PolicyEngine (PDP) periodically based @@ -212,6 +197,35 @@ policies: policyRelease: "onap" policyID: | '["onap.vfirewall.tca","onap.vdns.tca"]' + +The Deployment includes an initContainer that checks for the +readiness of other components that the microservice relies on. +This container is generated by the "common.readinessCheck.waitfor" +template. See the documentation for this template +(oom/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl). + +If the microservice uses a DMaaP Data Router (DR) feed, the Deployment +includes an initContainer that makes provisioning requests to the DMaaP +bus controller (dmaap-bc) to create the feed and to set up a publisher +and/or subscriber to the feed. The Deployment also includes a second +initContainer that merges the information returned by the provisioning +process into the microservice's configuration. See the documentation for +the common DMaaP provisioning template +(oom/kubernetes/common/common/templates/_dmaapProvisioning.tpl). + +If the microservice acts as a TLS client or server, the Deployment will +include an initContainer that retrieves certificate information from +the AAF certificate manager. The information is mounted at the +mount point specified in .Values.certDirectory. If the microservice is +a TLS server (indicated by setting .Values.tlsServer to true), the +certificate information will include a server cert and key, in various +formats. It will also include the AAF CA cert. If the microservice is +a TLS client only (indicated by setting .Values.tlsServer to false), the +certificate information includes only the AAF CA cert. + +If the microservice uses certificates from an external CMPv2 provider, +the Deployment will include an initContainer that performs certificate +post-processing. */}} {{- define "dcaegen2-services-common.microserviceDeployment" -}} @@ -236,30 +250,6 @@ spec: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - {{- if not $drFeedConfig }} - - command: - - sh - args: - - -c - - | - {{- range $var := .Values.customEnvVars }} - export {{ $var.name }}="{{ $var.value }}"; - {{- end }} - cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done - env: - {{- range $cred := .Values.credentials }} - - name: {{ $cred.name }} - {{- include "common.secret.envFromSecretFast" (dict "global" $ "uid" $cred.uid "key" $cred.key) | indent 10 }} - {{- end }} - volumeMounts: - - mountPath: /config-input - name: app-config-input - - mountPath: /config - name: app-config - image: {{ include "repositoryGenerator.image.envsubst" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-update-config - {{- end }} {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} {{- include "common.dmaap.provisioning.initContainer" . | nindent 6 }} {{- if $certDir }} @@ -331,7 +321,7 @@ spec: resources: {{ include "common.resources" . | nindent 2 }} volumeMounts: - mountPath: /app-config - name: app-config + name: {{ ternary "app-config-input" "app-config" (not $drFeedConfig) }} - mountPath: /app-config-input name: app-config-input {{- if $logDir }} diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/Chart.yaml deleted file mode 100644 index 5463d37a6e..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/Chart.yaml +++ /dev/null @@ -1,41 +0,0 @@ -# ================================ LICENSE_START ============================= -# ============================================================================ -# Copyright (c) 2021 AT&T Intellectual Property -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# ============================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ================================= LICENSE_END ============================== - -apiVersion: v2 -appVersion: "Jakarta" -description: DCAE BBS-EventProcessor Microservice -name: dcae-bbs-eventprocessor-ms -version: 10.0.0 - -dependencies: - - name: common - version: ~10.x-0 - repository: '@local' - - name: readinessCheck - version: ~10.x-0 - repository: '@local' - - name: repositoryGenerator - version: ~10.x-0 - repository: '@local' - - name: dcaegen2-services-common - version: ~10.x-0 - repository: '@local' - - name: serviceAccount - version: ~10.x-0 - repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/configmap.yaml deleted file mode 100644 index a914446c99..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/configmap.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -################################################################################ -# Copyright (c) 2021 AT&T Intellectual Property # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################ -*/}} - -{{ include "dcaegen2-services-common.configMap" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/deployment.yaml deleted file mode 100644 index 0ad66b62a9..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/deployment.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -################################################################################ -# Copyright (c) 2021 AT&T Intellectual Property # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################ -*/}} - -{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/secret.yaml deleted file mode 100644 index 6b70356ca9..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/secret.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -################################################################################ -# Copyright (c) 2021 AT&T Intellectual Property # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################ -*/}} - -{{ include "common.secretFast" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/service.yaml deleted file mode 100644 index cf11d2a0c5..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -################################################################################ -# Copyright (c) 2021 AT&T Intellectual Property # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################ -*/}} - -{{ include "common.service" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/values.yaml deleted file mode 100644 index f55aeecdbd..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/values.yaml +++ /dev/null @@ -1,211 +0,0 @@ -# ================================ LICENSE_START ============================= -# ============================================================================ -# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. -# ============================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ================================= LICENSE_END ============================== - -################################################################# -# Global Configuration Defaults. -################################################################# -global: - nodePortPrefix: 302 - nodePortPrefixExt: 304 - centralizedLoggingEnabled: true - -################################################################# -# Filebeat Configuration Defaults. -################################################################# -filebeatConfig: - logstashServiceName: log-ls - logstashPort: 5044 - -################################################################# -# Secrets Configuration. -################################################################# -secrets: - - uid: &aafCredsUID aafcreds - type: basicAuth - login: '{{ .Values.aafCreds.identity }}' - password: '{{ .Values.aafCreds.password }}' - passwordPolicy: required - - uid: &aaiCredsUID aaicreds - type: basicAuth - login: '{{ .Values.aaiCreds.username }}' - password: '{{ .Values.aaiCreds.password }}' - passwordPolicy: required - - -################################################################# -# InitContainer Images. -################################################################# -tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 - -################################################################# -# Application Configuration Defaults. -################################################################# -# Application Image -image: onap/org.onap.dcaegen2.services.components.bbs-event-processor:2.1.1 -pullPolicy: Always - -# Log directory where logging sidecar should look for log files -# if path is set to null sidecar won't be deployed in spite of -# global.centralizedLoggingEnabled setting. -log: - path: /opt/app/bbs-event-processor/logs -logConfigMapNamePrefix: '{{ include "common.fullname" . }}' - -# Directory where TLS certs should be stored -# if absent, no certs will be retrieved and stored -certDirectory: /opt/app/bbs-event-processor/etc/cert/ - -# TLS role -- set to true if microservice acts as server -# If true, an init container will retrieve a server cert -# and key from AAF and mount them in certDirectory. -tlsServer: true - -# Dependencies -readinessCheck: - wait_for: - - dcae-config-binding-service - - aaf-cm - -# Probe Configuration -readiness: - initialDelaySeconds: 120 - periodSeconds: 180 - timeoutSeconds: 5 - path: /heartbeat - scheme: HTTP - port: 8100 - - -# Service Configuration -service: - type: ClusterIP - name: dcae-bbs-eventprocessor - ports: - - name: https - port: 8100 - port_protocol: http - -# AAF Credentials -aafCreds: - identity: dcae@dcae.onap.org - password: demo123456! - -# AAI Credentials -aaiCreds: - username: AAI - password: AAI - -credentials: -- name: AAF_USERNAME - uid: *aafCredsUID - key: login -- name: AAF_PASSWORD - uid: *aafCredsUID - key: password -- name: AAI_USERNAME - uid: *aaiCredsUID - key: login -- name: AAI_PASSWORD - uid: *aaiCredsUID - key: password - - -# Initial Application Configuration -applicationConfig: - streams_subscribes: - pnf_reregistration: - type: message_router - aaf_username: ${AAF_USERNAME} - aaf_password: ${AAF_PASSWORD} - dmaap_info: - topic_url: https:message-router:3905/events/unauthenticated.PNF_UPDATE - cpe_authentication: - type: message_router - aaf_username: ${AAF_USERNAME} - aaf_password: ${AAF_PASSWORD} - dmaap_info: - topic_url: https:message-router:3905/events/unauthenticated.CPE_AUTHENTICATION - streams_publishes: - close_loop: - type: message_router - aaf_username: ${AAF_USERNAME} - aaf_password: ${AAF_PASSWORD} - dmaap_info: - topic_url: https:message-router:3905/events/unauthenticated.DCAE_CL_OUTPUT - dmaap.protocol: https - dmaap.contentType: application/json - dmaap.consumer.consumerId: c12 - dmaap.consumer.consumerGroup: OpenDcae-c12 - dmaap.messageLimit: -1 - dmaap.timeoutMs: -1 - aai.host: aai.onap - aai.port: 8443 - aai.protocol: https - aai.username: ${AAI_USERNAME} - aai.password: ${AAF_PASSWORD} - aai.aaiIgnoreSslCertificateErrors: true - application.pipelinesPollingIntervalSec: 25 - application.pipelinesTimeoutSec: 15 - application.cbsPollingIntervalSec: 120 - application.policyVersion: 1.0.0.5 - application.clTargetType: VM - application.clEventStatus: ONSET - application.clVersion: 1.0.2 - application.clTarget: vserver.vserver-name - application.clOriginator: DCAE-BBS-ep - application.reregistration.policyScope: policyScopeReReg - application.reregistration.clControlName: clControlNameReReg - application.cpe.authentication.policyScope: policyScopeCpeAuth - application.cpe.authentication.clControlName: clControlNameCpeAuth - application.reregistration.configKey: pnf_reregistration - application.cpeAuth.configKey: cpe_authentication - application.closeLoop.configKey: close_loop - application.loggingLevel: INFO - application.ssl.keyStorePath: "/opt/app/bbs-event-processor/etc/cert/cert.jks" - application.ssl.keyStorePasswordPath: "/opt/app/bbs-event-processor/etc/cert/jks.pass" - application.ssl.trustStorePath: "/opt/app/bbs-event-processor/etc/cert/trust.jks" - application.ssl.trustStorePasswordPath: "/opt/app/bbs-event-processor/etc/cert/trust.pass" - application.ssl.enableAaiCertAuth: true - application.ssl.enableDmaapCertAuth: true - -# Resource Limit Flavor -By Default Using Small -flavor: small - -# Segregation for Different Environment (Small and Large) -resources: - small: - limits: - cpu: 1 - memory: 1Gi - requests: - cpu: 1 - memory: 1Gi - large: - limits: - cpu: 2 - memory: 2Gi - requests: - cpu: 2 - memory: 2Gi - unlimited: {} - -#Pods Service Account -serviceAccount: - nameOverride: dcae-bbs-eventprocessor-ms - roles: - - read diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/Chart.yaml index 36edd4b6ae..c51c2221dd 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/Chart.yaml @@ -18,27 +18,27 @@ # ================================= LICENSE_END ============================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE DataFile Collector Helm charts name: dcae-datafile-collector -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certManagerCertificate - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml index 14dd89a186..3fffb9c79b 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml @@ -52,7 +52,7 @@ certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice- # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.7.1 +image: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.8.0 pullPolicy: Always # Log directory where logging sidecar should look for log files @@ -139,6 +139,7 @@ applicationConfig: dmaap.certificateConfig.keyPasswordPath: /opt/app/datafile/etc/cert/p12.pass dmaap.certificateConfig.trustedCa: /opt/app/datafile/etc/cert/trust.jks dmaap.certificateConfig.trustedCaPasswordPath: /opt/app/datafile/etc/cert/trust.pass + dmaap.certificateConfig.enableCertAuth: true dmaap.dmaapConsumerConfiguration.consumerGroup: OpenDcae-c12 dmaap.dmaapConsumerConfiguration.consumerId: C12 dmaap.dmaapConsumerConfiguration.timeoutMs: -1 diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/Chart.yaml index d61a50c7bd..c4843d639c 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/Chart.yaml @@ -18,24 +18,24 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE datalake-admin-ui helm chart name: dcae-datalake-admin-ui -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-des/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-des/Chart.yaml index 7d2f36c350..20b65f03f9 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datalake-des/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-des/Chart.yaml @@ -18,24 +18,24 @@ # ================================= LICENSE_END ============================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE Datalake DES MS charts name: dcae-datalake-des -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/Chart.yaml index c62cbd1a0f..3d1ea6e1f3 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/Chart.yaml @@ -18,27 +18,27 @@ # ================================= LICENSE_END ============================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE Datalake feeder MS charts name: dcae-datalake-feeder -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-heartbeat/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-heartbeat/Chart.yaml index 207052f077..056696a45c 100644 --- a/kubernetes/dcaegen2-services/components/dcae-heartbeat/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-heartbeat/Chart.yaml @@ -18,27 +18,27 @@ # ================================= LICENSE_END ============================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE Heartbeat Microservice name: dcae-heartbeat -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml index 30d73f3844..0c9732a242 100644 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml @@ -18,27 +18,27 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE HV VES collector name: dcae-hv-ves-collector -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certManagerCertificate - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml new file mode 100644 index 0000000000..ff977aaa32 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml @@ -0,0 +1,47 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaUser +metadata: + name: {{ include "common.release" . }}-{{ .Values.hvVesKafkaUser }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + authentication: + type: scram-sha-512 + authorization: + type: simple + acls: + - resource: + type: topic + name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-fault-supervision" "kafka_info" "topic_name" }} + operation: Write + - resource: + type: topic + name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-provisioning" "kafka_info" "topic_name" }} + operation: Write + - resource: + type: topic + name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-heartbeat" "kafka_info" "topic_name" }} + operation: Write + - resource: + type: topic + name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-performance-assurance" "kafka_info" "topic_name" }} + operation: Write + - resource: + type: topic + name: {{ .Values.applicationConfig.streams_publishes.perf3gpp.kafka_info.topic_name }} + operation: Write diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml new file mode 100644 index 0000000000..e40775833a --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml @@ -0,0 +1,79 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: ves-3gpp-fault-supervision + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-fault-supervision" "kafka_info" "topic_name" }} + partitions: 10 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: ves-3gpp-provisioning + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-provisioning" "kafka_info" "topic_name" }} + partitions: 10 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: ves-3gpp-heartbeat + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-heartbeat" "kafka_info" "topic_name" }} + partitions: 10 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: ves-3gpp-performance-assurance + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-performance-assurance" "kafka_info" "topic_name" }} + partitions: 10 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: perf3gpp + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + topicName: {{ .Values.applicationConfig.streams_publishes.perf3gpp.kafka_info.topic_name }} + partitions: 10 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml index 5a6283697c..67add37cea 100644 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml @@ -2,6 +2,7 @@ # ================================================================================ # Copyright (c) 2021-2022 J. F. Lucas. All rights reserved. # Copyright (c) 2021-2022 Nokia. All rights reserved. +# Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -61,11 +62,15 @@ certDirectory: /etc/ves-hv/ssl tlsServer: true secrets: - - uid: &aafCredsUID aafcreds - type: basicAuth - login: '{{ .Values.aafCreds.user }}' - password: '{{ .Values.aafCreds.password }}' - passwordPolicy: required + - uid: hv-ves-kafka-secret + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate +config: + someConfig: blah # CMPv2 certificate # It is used only when: @@ -113,17 +118,8 @@ service: port_protocol: http nodePort: 22 -aafCreds: - user: admin - password: admin_secret - -credentials: -- name: AAF_USER - uid: *aafCredsUID - key: login -- name: AAF_PASSWORD - uid: *aafCredsUID - key: password +#strimzi kafka config +hvVesKafkaUser: dcae-hv-ves-kafka-user # initial application configuration applicationConfig: @@ -139,48 +135,38 @@ applicationConfig: streams_publishes: ves-3gpp-fault-supervision: type: kafka - aaf_credentials: - username: ${AAF_USER} - password: ${AAF_PASSWORD} kafka_info: - bootstrap_servers: message-router-kafka:9092 + bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} topic_name: SEC_3GPP_FAULTSUPERVISION_OUTPUT ves-3gpp-provisioning: type: kafka - aaf_credentials: - username: ${AAF_USER} - password: ${AAF_PASSWORD} kafka_info: - bootstrap_servers: message-router-kafka:9092 + bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} topic_name: SEC_3GPP_PROVISIONING_OUTPUT ves-3gpp-heartbeat: type: kafka - aaf_credentials: - username: ${AAF_USER} - password: ${AAF_PASSWORD} kafka_info: - bootstrap_servers: message-router-kafka:9092 + bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} topic_name: SEC_3GPP_HEARTBEAT_OUTPUT ves-3gpp-performance-assurance: type: kafka - aaf_credentials: - username: ${AAF_USER} - password: ${AAF_PASSWORD} kafka_info: - bootstrap_servers: message-router-kafka:9092 + bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} topic_name: SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT perf3gpp: type: kafka - aaf_credentials: - username: ${AAF_USER} - password: ${AAF_PASSWORD} kafka_info: - bootstrap_servers: message-router-kafka:9092 + bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} topic_name: HV_VES_PERF3GPP applicationEnv: JAVA_OPTS: '-Dlogback.configurationFile=/etc/ONAP/dcae-hv-ves-collector/logback.xml' CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml' + KAFKA_BOOTSTRAP_SERVERS: '{{ include "common.release" . }}-strimzi-kafka-bootstrap:9092' + USE_SCRAM: 'true' + JAAS_CONFIG: + secretUid: hv-ves-kafka-secret + key: sasl.jaas.config # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/Chart.yaml index 53b070ea90..ff18e15e3d 100644 --- a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/Chart.yaml @@ -18,24 +18,24 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE KPI MS chart name: dcae-kpi-ms -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml index 72c6a4bcce..6ce0a1f98a 100644 --- a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml @@ -70,10 +70,12 @@ certDirectory: /opt/app/kpims/etc/cert/ tlsServer: true enable_tls: true -dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 -policies: - policyID: | - '["com.Config_KPIMS_CONFIG_POLICY"]' +# Optional Policy configuration properties +# if present, policy-sync side car will be deployed +#dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 +#policies: +# policyID: | +# '["com.Config_KPIMS_CONFIG_POLICY"]' # Dependencies readinessCheck: @@ -123,15 +125,11 @@ applicationConfig: cid: kpi-cid streams_subscribes: performance_management_topic: - aafUsername: ${AAF_IDENTITY} - aafPassword: ${AAF_PASSWORD} type: message-router dmaap_info: topic_url: http://message-router:3904/events/unauthenticated.PERFORMANCE_MEASUREMENTS streams_publishes: kpi_topic: - aafUsername: ${AAF_IDENTITY} - aafPassword: ${AAF_PASSWORD} type: message-router dmaap_info: topic_url: http://message-router:3904/events/unauthenticated.DCAE_KPI_OUTPUT diff --git a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/Chart.yaml index 73331aa66a..2e13863cbe 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/Chart.yaml @@ -20,18 +20,18 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: ONAP DCAE Microservice Health Check name: dcae-ms-healthcheck -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/Chart.yaml index d3a128f653..5aa8feaab0 100644 --- a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/Chart.yaml @@ -18,24 +18,24 @@ # ================================= LICENSE_END ============================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE PM-Mapper Helm charts name: dcae-pm-mapper -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../common/dcaegen2-services-common' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml index e023d819b8..eaa961c53a 100644 --- a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml @@ -178,27 +178,12 @@ drSubConfig: privilegedSubscriber: true deliveryURL: http://dcae-pm-mapper:8081/delivery -# MessageRouter Topic, Publisher Configuration -mrTopicsConfig: - - topicName: PERFORMANCE_MEASUREMENTS - topicDescription: PM Mapper publishes perf3gpp VES PM Events to authenticated MR topic - owner: dcaecm - tnxEnabled: false - clients: - - dcaeLocationName: san-francisco - clientRole: org.onap.dcae.pmPublisher - action: - - pub - - view - # ConfigMap Configuration for Dr Feed, Subscriber, MR Topics volumes: - name: feeds-config path: /opt/app/config/feeds - name: drsub-config path: /opt/app/config/dr_subs - - name: topics-config - path: /opt/app/config/topics # Resource Limit Flavor -By Default Using Small flavor: small diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/Chart.yaml index 25f25e69cb..f68e715184 100644 --- a/kubernetes/dcaegen2-services/components/dcae-pmsh/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/Chart.yaml @@ -19,27 +19,27 @@ # ================================= LICENSE_END ============================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE PMSH Service name: dcae-pmsh -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml index 1c6d68969c..971d7bfd24 100644 --- a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml @@ -57,7 +57,7 @@ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.pmsh:2.0.0 +image: onap/org.onap.dcaegen2.services.pmsh:2.2.2 pullPolicy: Always # Log directory where logging sidecar should look for log files diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/Chart.yaml index 14e5e87b89..54d1fce96a 100644 --- a/kubernetes/dcaegen2-services/components/dcae-prh/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-prh/Chart.yaml @@ -18,24 +18,24 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE PRH name: dcae-prh -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml index cac362a3a8..ddb0b08833 100644 --- a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml @@ -99,10 +99,6 @@ credentials: uid: *aaiCredsUID key: password -customEnvVars: -- name: AUTH_HDR - value: "Basic `echo -n ${AAI_USER}:${AAI_PASSWORD} | base64`" - # initial application configuration applicationConfig: dmaap.dmaapConsumerConfiguration.dmaapContentType: "application/json" @@ -127,7 +123,7 @@ applicationConfig: X-TransactionId: "9999" Accept: "application/json" Real-Time: "true" - Authorization: $AUTH_HDR + Authorization: ${AUTH_HDR} security.trustStorePath: "/opt/app/prh/etc/cert/trust.jks" security.trustStorePasswordPath: "/opt/app/prh/etc/cert/trust.pass" security.keyStorePath: "/opt/app/prh/etc/cert/cert.jks" @@ -151,6 +147,7 @@ applicationConfig: applicationEnv: CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml' + AUTH_HDR: '{{ printf "Basic %s" (print .Values.aaiCreds.user ":" .Values.aaiCreds.password | b64enc) }}' # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/Chart.yaml index cec9575e9b..e78d480a2f 100644 --- a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/Chart.yaml @@ -18,24 +18,24 @@ # ================================= LICENSE_END ============================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE RESTConf Collector name: dcae-restconf-collector -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml index 41b671d66d..ecbfb72661 100644 --- a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml @@ -139,7 +139,10 @@ applicationConfig: topic_url: http://message-router:3904/events/unauthenticated.DCAE_RCC_OUTPUT type: message_router #rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"${CONTROLLER_IP}:{CONTROLLER_PORT}","controller_restapiUser":"${CONTROLLER_USERNAME}","controller_restapiPassword":"${CONTROLLER_PASSWORD}","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]' - rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"172.30.0.55:26335","controller_restapiUser":"${CONTROLLER_USERNAME}","controller_restapiPassword":"${CONTROLLER_PASSWORD}","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]' + # Workaround while DCAEGEN2-3234 is being resolved--hardcording the ${CONTROLLER_USERNAME} and ${CONTROLLER_PASSWORD} until the restconf-collector uses the latest CBS client SDK that can handle multiple substitutions in a string. + # The line immediately below this one should be used once DCAEGEN-3234 is resolved. + #rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"172.30.0.55:26335","controller_restapiUser":"${CONTROLLER_USERNAME}","controller_restapiPassword":"${CONTROLLER_PASSWORD}","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]' + rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"172.30.0.55:26335","controller_restapiUser":"access","controller_restapiPassword":"Huawei@123","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]' #applicationEnv: # CONTROLLER_IP: "172.30.0.55" diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml index bee29cd923..8dbed7c646 100644 --- a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml @@ -18,27 +18,27 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE SliceAnalysis MS charts name: dcae-slice-analysis-ms -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml index 9261b8ebe0..b5959ae765 100644 --- a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml @@ -2,6 +2,7 @@ # ============================================================================ # Copyright (C) 2021-2022 Wipro Limited. # Copyright (c) 2022 J. F. Lucas. All rights reserved. +# Copyright (C) 2022 Huawei Canada Limited. # ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -57,7 +58,7 @@ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.0.7 +image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.1.3 # Log directory where logging sidecar should look for log files # if path is set to null sidecar won't be deployed in spite of @@ -144,32 +145,48 @@ applicationConfig: sliceanalysisms.rannfnssiDetailsTemplateId: get-rannfnssiid-details sliceanalysisms.desUrl: http://dl-des:1681/datalake/v1/exposure/pm_data sliceanalysisms.pmDataDurationInWeeks: 4 + sliceanalysisms.vesNotifPollingInterval: 15 + sliceanalysisms.vesNotifChangeIdentifier: PM_BW_UPDATE + sliceanalysisms.vesNotifChangeType: BandwidthChanged + sliceanalysisms.aaiNotif.targetAction: UPDATE + sliceanalysisms.aaiNotif.targetSource: UUI + sliceanalysisms.aaiNotif.targetEntity: service-instance + sliceanalysisms.ccvpnEvalInterval: 15 + sliceanalysisms.ccvpnEvalThreshold: 0.8 + sliceanalysisms.ccvpnEvalPrecision: 100.0 + sliceanalysisms.ccvpnEvalPeriodicCheckOn: true + sliceanalysisms.ccvpnEvalOnDemandCheckOn: true streams_publishes: CL_topic: type: message-router - aaf_username: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} dmaap_info: topic_url: http://message-router:3904/events/unauthenticated.DCAE_CL_OUTPUT streams_subscribes: performance_management_topic: type: message-router - aaf_username: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} dmaap_info: topic_url: http://message-router:3904/events/unauthenticated.PERFORMANCE_MEASUREMENTS intelligent_slicing_topic: type: message-router - aaf_username: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} dmaap_info: topic_url: http://message-router:3904/events/unauthenticated.ML_RESPONSE_TOPIC dcae_cl_response_topic: type: message-router - aaf_username: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} dmaap_info: topic_url: http://message-router:3904/events/DCAE_CL_RSP + ves_ccvpn_notification_topic: + type: message-router + dmaap_info: + topic_url: http://message-router:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT + aai_subscriber: + type: message-router + servers : ["message-router:3904"] + consumer_group: dcae_ccvpn_cl + consumer_instance: dcae_ccvpn_cl_aaievent + fetch_timeout: 15000 + fetch_limit: 100 + dmaap_info: + topic_url: http://message-router:3904/events/AAI-EVENT applicationEnv: STANDALONE: 'false' diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/Chart.yaml index 3cd71a357e..b05f35f660 100644 --- a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/Chart.yaml @@ -18,24 +18,24 @@ # ================================= LICENSE_END ============================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE SNMPTrap Collector name: dcae-snmptrap-collector -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml index 895f642283..edc2efc0fe 100644 --- a/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml @@ -18,27 +18,27 @@ # ============= LICENSE_END ================================================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE Son-handler helm chart name: dcae-son-handler -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml index 88ceac0e8d..e8a9403a1c 100644 --- a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml @@ -62,7 +62,7 @@ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.son-handler:2.1.6 +image: onap/org.onap.dcaegen2.services.son-handler:2.1.7 pullPolicy: Always # Log directory where logging sidecar should look for log files @@ -81,12 +81,12 @@ certDirectory: /opt/app/sonhms/etc/certs # and key from AAF and mount them in certDirectory. tlsServer: false -# Policy configuraiton properties +# Optional Policy configuration properties # if present, policy-sync side car will be deployed -dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 -policies: - policyID: | - '["com.Config_PCIMS_CONFIG_POLICY"]' +#dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 +#policies: +# policyID: | +# '["com.Config_PCIMS_CONFIG_POLICY"]' # Dependencies readinessCheck: @@ -186,33 +186,23 @@ applicationConfig: streams_publishes: CL_topic: type: message-router - aaf_username: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} dmaap_info: topic_url: http://message-router:3904/events/unauthenticated.DCAE_CL_OUTPUT streams_subscribes: performance_management_topic: type: message-router - aaf_username: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} dmaap_info: topic_url: http://message-router:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT fault_management_topic: type: message-router - aaf_username: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} dmaap_info: topic_url: http://message-router:3904/events/unauthenticated.SEC_FAULT_OUTPUT nbr_list_change_topic: type: message-router - aaf_username: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} dmaap_info: topic_url: http://message-router:3904/events/PCI-NOTIF-TOPIC-NGHBR-LIST-CHANGE-INFO dcae_cl_response_topic: type: message-router - aaf_username: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} dmaap_info: topic_url: http://message-router:3904/events/DCAE_CL_RSP service_calls: diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/Chart.yaml index c5f4efea11..6eb8528e76 100644 --- a/kubernetes/dcaegen2-services/components/dcae-tcagen2/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/Chart.yaml @@ -18,30 +18,30 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE TCA (Gen 2) name: dcae-tcagen2 -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mongo - version: ~10.x-0 + version: ~11.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/Chart.yaml index 8022b79365..ac1b8128df 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/Chart.yaml @@ -18,27 +18,27 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE VES Collector name: dcae-ves-collector -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certManagerCertificate - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/Chart.yaml index 2097a9723d..82f4881220 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/Chart.yaml @@ -18,24 +18,24 @@ # ================================= LICENSE_END ============================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE VES-Mapper Microservice name: dcae-ves-mapper -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/Chart.yaml index 3065b57a85..74fd5578c7 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/Chart.yaml @@ -20,18 +20,18 @@ apiVersion: v2 description: ONAP DCAE VES OpenApi Manager name: dcae-ves-openapi-manager -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/values.yaml b/kubernetes/dcaegen2-services/values.yaml index 5334caced0..1652f04f0f 100644 --- a/kubernetes/dcaegen2-services/values.yaml +++ b/kubernetes/dcaegen2-services/values.yaml @@ -16,6 +16,7 @@ global: centralizedLoggingEnabled: true + hvVesKafkaUser: dcae-hv-ves-kafka-user ################################################################# # Filebeat Configuration Defaults. @@ -28,9 +29,6 @@ filebeatConfig: # Control deployment of DCAE microservices at ONAP installation time dcae-ves-openapi-manager: enabled: true -dcae-bbs-eventprocessor-ms: - enabled: false - logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services' dcae-datafile-collector: enabled: false logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services' @@ -49,6 +47,8 @@ dcae-heartbeat: dcae-hv-ves-collector: enabled: true logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services' + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.hvVesKafkaUser }}' dcae-kpi-ms: enabled: false logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services' diff --git a/kubernetes/dcaegen2/Chart.yaml b/kubernetes/dcaegen2/Chart.yaml index eb69410121..ba1e47a353 100644 --- a/kubernetes/dcaegen2/Chart.yaml +++ b/kubernetes/dcaegen2/Chart.yaml @@ -17,46 +17,46 @@ apiVersion: v2 description: ONAP DCAE Gen2 name: dcaegen2 -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcae-bootstrap - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-bootstrap' condition: dcae-bootstrap.enabled - name: dcae-cloudify-manager - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-cloudify-manager' condition: dcae-cloudify-manager.enabled - name: dcae-config-binding-service - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-config-binding-service' condition: dcae-config-binding-service.enabled - name: dcae-healthcheck - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-healthcheck' condition: dcae-healthcheck.enabled - name: dcae-servicechange-handler - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-servicechange-handler' condition: dcae-servicechange-handler.enabled - name: dcae-inventory-api - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-inventory-api' condition: dcae-inventory-api.enabled - name: dcae-deployment-handler - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-deployment-handler' condition: dcae-deployment-handler.enabled - name: dcae-policy-handler - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-policy-handler' condition: dcae-policy-handler.enabled - name: dcae-dashboard - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-dashboard' condition: dcae-dashboard.enabled diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/Chart.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/Chart.yaml index d4f797bcbc..21e685008c 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/Chart.yaml @@ -21,19 +21,19 @@ apiVersion: v2 description: ONAP DCAE Bootstrap name: dcae-bootstrap -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' alias: postgres - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/Chart.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/Chart.yaml index 09b3684619..b268ca8bc9 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/Chart.yaml @@ -21,18 +21,18 @@ apiVersion: v2 description: ONAP DCAE Cloudify Manager name: dcae-cloudify-manager -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: cmpv2Config - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dcaegen2/components/dcae-config-binding-service/Chart.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/Chart.yaml index d5fb997a23..9ffacf422d 100644 --- a/kubernetes/dcaegen2/components/dcae-config-binding-service/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-config-binding-service/Chart.yaml @@ -20,15 +20,15 @@ apiVersion: v2 description: ONAP DCAE Config Binding Service name: dcae-config-binding-service -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/Chart.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/Chart.yaml index e0b2976e23..3b1bcdd271 100644 --- a/kubernetes/dcaegen2/components/dcae-dashboard/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/Chart.yaml @@ -20,18 +20,18 @@ apiVersion: v2 appVersion: "1.0" description: DCAE Dashboard name: dcae-dashboard -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-deployment-handler/Chart.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/Chart.yaml index a11cdf95de..e8193ab3c0 100644 --- a/kubernetes/dcaegen2/components/dcae-deployment-handler/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/Chart.yaml @@ -20,15 +20,15 @@ apiVersion: v2 description: ONAP DCAE Deployment Handler name: dcae-deployment-handler -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-healthcheck/Chart.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/Chart.yaml index 8954e72f1d..29693c4d28 100644 --- a/kubernetes/dcaegen2/components/dcae-healthcheck/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-healthcheck/Chart.yaml @@ -21,15 +21,15 @@ apiVersion: v2 description: ONAP DCAE Health Check name: dcae-healthcheck -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/Chart.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/Chart.yaml index 32ba74e640..7d69c019ed 100644 --- a/kubernetes/dcaegen2/components/dcae-inventory-api/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/Chart.yaml @@ -20,18 +20,18 @@ apiVersion: v2 description: ONAP DCAE Inventory API Service name: dcae-inventory-api -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/Chart.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/Chart.yaml index 4c3ababdea..b15740b906 100644 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/Chart.yaml @@ -20,15 +20,15 @@ apiVersion: v2 description: ONAP DCAE Policy Handler name: dcae-policy-handler -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-servicechange-handler/Chart.yaml b/kubernetes/dcaegen2/components/dcae-servicechange-handler/Chart.yaml index af78d79445..7f3a04ab78 100644 --- a/kubernetes/dcaegen2/components/dcae-servicechange-handler/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-servicechange-handler/Chart.yaml @@ -20,15 +20,15 @@ apiVersion: v2 description: ONAP DCAE Service Change Handler name: dcae-servicechange-handler -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaemod/Chart.yaml b/kubernetes/dcaemod/Chart.yaml index 8bf2ddfbc0..60a57653ce 100644 --- a/kubernetes/dcaemod/Chart.yaml +++ b/kubernetes/dcaemod/Chart.yaml @@ -20,37 +20,37 @@ apiVersion: v2 description: ONAP DCAE MOD name: dcaemod -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaemod-genprocessor - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcaemod-genprocessor' condition: dcaemod-genprocessor.enabled - name: dcaemod-distributor-api - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcaemod-distributor-api' condition: dcaemod-distributor-api.enabled - name: dcaemod-designtool - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcaemod-designtool' condition: dcaemod-designtool.enabled - name: dcaemod-onboarding-api - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcaemod-onboarding-api' condition: dcaemod-onboarding-api.enabled - name: dcaemod-runtime-api - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcaemod-runtime-api' condition: dcaemod-runtime-api.enabled - name: dcaemod-nifi-registry - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcaemod-nifi-registry' condition: dcaemod-nifi-registry.enabled - name: dcaemod-healthcheck - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcaemod-healthcheck' condition: dcaemod-healthcheck.enabled diff --git a/kubernetes/dcaemod/components/dcaemod-designtool/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-designtool/Chart.yaml index cf27ca45ca..d5f61a3e0b 100644 --- a/kubernetes/dcaemod/components/dcaemod-designtool/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-designtool/Chart.yaml @@ -19,15 +19,15 @@ apiVersion: v2 description: ONAP DCAE MOD Design Tool name: dcaemod-designtool -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaemod/components/dcaemod-distributor-api/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-distributor-api/Chart.yaml index 2cdab6b52e..0643257eb8 100644 --- a/kubernetes/dcaemod/components/dcaemod-distributor-api/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-distributor-api/Chart.yaml @@ -20,15 +20,15 @@ apiVersion: v2 description: ONAP DCAE MOD Distributor API name: dcaemod-distributor-api -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaemod/components/dcaemod-genprocessor/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-genprocessor/Chart.yaml index 7bb4a644bf..864ac0d8a3 100644 --- a/kubernetes/dcaemod/components/dcaemod-genprocessor/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-genprocessor/Chart.yaml @@ -20,15 +20,15 @@ apiVersion: v2 description: ONAP DCAE MOD Genprocessor name: dcaemod-genprocessor -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaemod/components/dcaemod-healthcheck/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-healthcheck/Chart.yaml index 5363412f59..55dbc3306c 100644 --- a/kubernetes/dcaemod/components/dcaemod-healthcheck/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-healthcheck/Chart.yaml @@ -21,15 +21,15 @@ apiVersion: v2 description: ONAP DCAE MOD Health Check name: dcaemod-healthcheck -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaemod/components/dcaemod-nifi-registry/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-nifi-registry/Chart.yaml index bb717a54f9..ce3d0430be 100644 --- a/kubernetes/dcaemod/components/dcaemod-nifi-registry/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-nifi-registry/Chart.yaml @@ -20,15 +20,15 @@ apiVersion: v2 description: ONAP DCAE MOD Nifi Registry name: dcaemod-nifi-registry -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaemod/components/dcaemod-onboarding-api/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-onboarding-api/Chart.yaml index ae68dbe825..73bade4ac0 100644 --- a/kubernetes/dcaemod/components/dcaemod-onboarding-api/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-onboarding-api/Chart.yaml @@ -20,18 +20,18 @@ apiVersion: v2 description: ONAP DCAE MOD Onboarding API name: dcaemod-onboarding-api -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/Chart.yaml index 1714d77bff..4e1c94020d 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/Chart.yaml @@ -20,18 +20,18 @@ apiVersion: v2 description: ONAP DCAE MOD Runtime API name: dcaemod-runtime-api -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml index 555e63767e..db16451688 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml @@ -16,32 +16,32 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: TBD name: TBD version: TBD dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: postgres.enabled - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mongo - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: mongo.enabled diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml index 7609ba6568..99160210d0 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml @@ -22,13 +22,6 @@ global: nodePortPrefixExt: 304 ################################################################# -# Filebeat configuration defaults. -################################################################# -filebeatConfig: - logstashServiceName: log-ls - logstashPort: 5044 - -################################################################# # initContainer images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 @@ -66,12 +59,8 @@ mongo: # log directory where logging sidecar should look for log files # if absent, no sidecar will be deployed -#logDirectory: TBD #/opt/app/VESCollector/logs #DONE - -# Following requires manual override until fix for DCAEGEN2-3087 -# is available to switch logDirectory setting to log.path -log: - path: /opt/app/ +#log: +# path: TBD #/opt/app/VESCollector/logs #DONE logConfigMapNamePrefix: '{{ include "common.fullname" . }}' # directory where TLS certs should be stored diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml index 5c50381309..64d196d908 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml @@ -93,7 +93,7 @@ readiness: # application image -image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.3.2 +image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.3.3 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dmaap/Chart.yaml b/kubernetes/dmaap/Chart.yaml index 7ae20adaf9..d8cb1d5b60 100644 --- a/kubernetes/dmaap/Chart.yaml +++ b/kubernetes/dmaap/Chart.yaml @@ -1,7 +1,7 @@ # Copyright © 2018 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs,Bell Canada # Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation +# Modifications Copyright © 2021-2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,28 +18,32 @@ apiVersion: v2 description: ONAP DMaaP components name: dmaap -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' + - name: dmaap-strimzi + version: ~11.x-0 + repository: 'file://components/dmaap-strimzi' + condition: dmaap-strimzi.enabled - name: message-router - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/message-router' condition: message-router.enabled - name: dmaap-bc - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dmaap-bc' condition: dmaap-bc.enabled - name: dmaap-dr-node - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dmaap-dr-node' condition: dmaap-dr-node.enabled - name: dmaap-dr-prov - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dmaap-dr-prov' condition: dmaap-dr-prov.enabled - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-bc/Chart.yaml b/kubernetes/dmaap/components/dmaap-bc/Chart.yaml index 3903c5dbea..5ed50ca7e9 100644 --- a/kubernetes/dmaap/components/dmaap-bc/Chart.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/Chart.yaml @@ -18,22 +18,22 @@ apiVersion: v2 description: a Helm chart to deploy ONAP DMaaP Bus Controller (aka dmaap-bc) in Kubernetes name: dmaap-bc -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: PG.enabled - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-dr-node/Chart.yaml b/kubernetes/dmaap/components/dmaap-dr-node/Chart.yaml index 4c65198ecc..59ea16b804 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/Chart.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: ONAP DMaaP Data Router Node Server name: dmaap-dr-node -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/Chart.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/Chart.yaml index 74c984b7cf..72e75c47d6 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/Chart.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/Chart.yaml @@ -16,25 +16,25 @@ apiVersion: v2 description: ONAP DMaaP Data Router Provisioning Server name: dmaap-dr-prov -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.mariadbGalera.localCluster - name: mariadb-init - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/.helmignore b/kubernetes/dmaap/components/dmaap-strimzi/.helmignore index f0c1319444..0f976e9ff3 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/.helmignore +++ b/kubernetes/dmaap/components/dmaap-strimzi/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +Chart.lock diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/Chart.yaml b/kubernetes/dmaap/components/dmaap-strimzi/Chart.yaml index 699722c6e0..d62aebeb4b 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/Chart.yaml +++ b/kubernetes/dmaap/components/dmaap-strimzi/Chart.yaml @@ -1,7 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation +# Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,20 +13,20 @@ # limitations under the License. apiVersion: v2 -description: ONAP Dmaap Message Router Zookeeper Service -name: message-router-zookeeper -version: 10.0.0 +description: ONAP Dmaap Strimzi Kafka Bridge +name: dmaap-strimzi +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/Makefile b/kubernetes/dmaap/components/dmaap-strimzi/Makefile index f4c9784bc4..51d7de122c 100644 --- a/kubernetes/dmaap/components/message-router/components/Makefile +++ b/kubernetes/dmaap/components/dmaap-strimzi/Makefile @@ -13,11 +13,11 @@ # limitations under the License. ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) -OUTPUT_DIR := $(ROOT_DIR)/../../dist +OUTPUT_DIR := $(ROOT_DIR)/../dist PACKAGE_DIR := $(OUTPUT_DIR)/packages SECRET_DIR := $(OUTPUT_DIR)/secrets -EXCLUDES := +EXCLUDES := dist resources templates charts docker HELM_BIN := helm HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service-hs.yaml b/kubernetes/dmaap/components/dmaap-strimzi/templates/dmaap-strimzi-kb.yaml index 60e4df90f5..8dd7eb97cb 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service-hs.yaml +++ b/kubernetes/dmaap/components/dmaap-strimzi/templates/dmaap-strimzi-kb.yaml @@ -1,6 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,11 +13,10 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -apiVersion: v1 -kind: Service +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaBridge metadata: - name: {{ .Values.service.name }} + name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -26,11 +24,14 @@ metadata: release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - clusterIP: None - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - + replicas: {{ .Values.kafkaBridgeReplicaCount }} + enableMetrics: false + bootstrapServers: {{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}:{{ .Values.global.kafkaInternalPort }} + authentication: + type: {{ .Values.global.saslMechanism }} + username: {{ .Values.global.kafkaStrimziAdminUser }} + passwordSecret: + secretName: {{ .Values.global.kafkaStrimziAdminUser }} + password: password + http: + port: {{ .Values.kafkaBridgePort }} diff --git a/kubernetes/dmaap/components/dmaap-strimzi/values.yaml b/kubernetes/dmaap/components/dmaap-strimzi/values.yaml new file mode 100644 index 0000000000..8e8802d8c5 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-strimzi/values.yaml @@ -0,0 +1,37 @@ +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + kafkaBootstrap: strimzi-kafka-bootstrap + kafkaStrimziAdminUser: strimzi-kafka-admin + kafkaInternalPort: 9092 + saslMechanism: scram-sha-512 + +################################################################# +# Application configuration defaults. +################################################################# +kafkaBridgeReplicaCount: 1 +kafkaBridgePort: 8080 + +ingress: + enabled: false + +#Pods Service Account +serviceAccount: + nameOverride: dmaap-strimzi + roles: + - read diff --git a/kubernetes/dmaap/components/message-router/Chart.yaml b/kubernetes/dmaap/components/message-router/Chart.yaml index 7ecad8b222..74700ff1d5 100644 --- a/kubernetes/dmaap/components/message-router/Chart.yaml +++ b/kubernetes/dmaap/components/message-router/Chart.yaml @@ -1,7 +1,7 @@ # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T # Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation +# Modifications Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,27 +18,21 @@ apiVersion: v2 description: ONAP Message Router name: message-router -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - - name: message-router-kafka - version: ~10.x-0 - repository: 'file://components/message-router-kafka' - - name: message-router-zookeeper - version: ~10.x-0 - repository: 'file://components/message-router-zookeeper' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/Chart.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/Chart.yaml deleted file mode 100644 index 2a24b7dbd9..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/Chart.yaml +++ /dev/null @@ -1,38 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v2 -description: ONAP Message Router Kafka Service -name: message-router-kafka -version: 10.0.0 - -dependencies: - - name: common - version: ~10.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' - - name: certInitializer - version: ~10.x-0 - repository: '@local' - - name: repositoryGenerator - version: ~10.x-0 - repository: '@local' - - name: serviceAccount - version: ~10.x-0 - repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/config/jmx-kafka-prometheus.yml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/config/jmx-kafka-prometheus.yml deleted file mode 100644 index 2ab713e789..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/config/jmx-kafka-prometheus.yml +++ /dev/null @@ -1,23 +0,0 @@ -jmxUrl: service:jmx:rmi:///jndi/rmi://localhost:{{ .Values.jmx.port }}/jmxrmi -lowercaseOutputName: true -lowercaseOutputLabelNames: true -ssl: false -rules: -- pattern : kafka.server<type=ReplicaManager, name=(.+)><>(Value|OneMinuteRate) - name: "cp_kafka_server_replicamanager_$1" -- pattern : kafka.controller<type=KafkaController, name=(.+)><>Value - name: "cp_kafka_controller_kafkacontroller_$1" -- pattern : kafka.server<type=BrokerTopicMetrics, name=(.+)><>OneMinuteRate - name: "cp_kafka_server_brokertopicmetrics_$1" -- pattern : kafka.network<type=RequestMetrics, name=RequestsPerSec, request=(.+)><>OneMinuteRate - name: "cp_kafka_network_requestmetrics_requestspersec_$1" -- pattern : kafka.network<type=SocketServer, name=NetworkProcessorAvgIdlePercent><>Value - name: "cp_kafka_network_socketserver_networkprocessoravgidlepercent" -- pattern : kafka.server<type=ReplicaFetcherManager, name=MaxLag, clientId=(.+)><>Value - name: "cp_kafka_server_replicafetchermanager_maxlag_$1" -- pattern : kafka.server<type=KafkaRequestHandlerPool, name=RequestHandlerAvgIdlePercent><>OneMinuteRate - name: "cp_kafka_kafkarequesthandlerpool_requesthandleravgidlepercent" -- pattern : kafka.controller<type=ControllerStats, name=(.+)><>OneMinuteRate - name: "cp_kafka_controller_controllerstats_$1" -- pattern : kafka.server<type=SessionExpireListener, name=(.+)><>OneMinuteRate - name: "cp_kafka_server_sessionexpirelistener_$1" diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/jaas/kafka_server_jaas.conf b/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/jaas/kafka_server_jaas.conf deleted file mode 100644 index ff43fbb141..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/jaas/kafka_server_jaas.conf +++ /dev/null @@ -1,11 +0,0 @@ -KafkaServer { - org.onap.dmaap.kafkaAuthorize.PlainLoginModule1 required - username="${KAFKA_ADMIN}" - password="${KAFKA_PSWD}" - user_${KAFKA_ADMIN}="${KAFKA_PSWD}"; -}; -Client { - org.apache.zookeeper.server.auth.DigestLoginModule required - username="${ZK_ADMIN}" - password="${ZK_PSWD}"; - }; diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/jaas/zk_client_jaas.conf b/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/jaas/zk_client_jaas.conf deleted file mode 100644 index 0755c1e2b7..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/jaas/zk_client_jaas.conf +++ /dev/null @@ -1,5 +0,0 @@ -Client { - org.apache.zookeeper.server.auth.DigestLoginModule required - username="${ZK_ADMIN}" - password="${ZK_PSWD}"; - };
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/NOTES.txt b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/NOTES.txt deleted file mode 100644 index a44d0f76ee..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/NOTES.txt +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/configmap.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/configmap.yaml deleted file mode 100644 index d881fef128..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/configmap.yaml +++ /dev/null @@ -1,61 +0,0 @@ -{{/* -# Copyright © 2019 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if .Values.global.aafEnabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-jaas-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/jaas/kafka_server_jaas.conf").AsConfig . | indent 2 }} ---- -{{- else }} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-jaas-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/jaas/zk_client_jaas.conf").AsConfig . | indent 2 }} ---- -{{- end }} -{{- if .Values.prometheus.jmx.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-prometheus-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/jmx-kafka-prometheus.yml").AsConfig . | indent 2 }} ---- -{{- end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/pv.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/pv.yaml deleted file mode 100644 index c386163735..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/pv.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- $global := . -}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if eq "True" (include "common.needPV" .) -}} -{{ range $i, $e := until (int $global.Values.replicaCount) }} ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: {{ include "common.release" $global }}-{{ $global.Values.service.name }}-{{ $i }} - namespace: {{ include "common.namespace" $global }} - labels: - app: {{ $global.Values.service.name }} - chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }} - release: {{ include "common.release" $global }} - heritage: {{ $global.Release.Service }} -spec: - capacity: - storage: {{ $global.Values.persistence.size }} - accessModes: - - {{ $global.Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" $global }}-data" - hostPath: - path: {{ $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }} - persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} -{{ end }} -{{ end }} -{{ end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/secrets.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/secrets.yaml deleted file mode 100644 index 033d8d5441..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/secrets.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{/* -# Copyright © 2020 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.secretFast" . }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service.yaml deleted file mode 100644 index 9a20f9c517..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{/* -# Copyright © 2019 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- $root := . -}} -{{ range $i, $e := until (int $root.Values.replicaCount) }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ $root.Values.service.name }}-{{ $i }} - namespace: {{ include "common.namespace" $root }} - labels: - app: {{ $root.Values.service.name }} - chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} - release: {{ include "common.release" $root }} - heritage: {{ $root.Release.Service }} - -spec: - type: {{ $root.Values.service.type }} - externalTrafficPolicy: Local - selector: - statefulset.kubernetes.io/pod-name: {{ include "common.release" $root }}-{{ $root.Values.service.name }}-{{ $i }} - ports: - - port: {{ $root.Values.service.externalPort }} - targetPort: {{ $root.Values.service.externalPort }} - nodePort: {{ $root.Values.service.baseNodePort | add $i }} - name: {{ $root.Values.service.name }}-{{ $i }} -{{ end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml deleted file mode 100644 index ebb5f7e392..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml +++ /dev/null @@ -1,267 +0,0 @@ -{{/* -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - serviceName: {{ .Values.service.name }} - replicas: {{ .Values.replicaCount }} - podManagementPolicy: Parallel - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - {{- if .Values.prometheus.jmx.enabled }} - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: {{ .Values.prometheus.jmx.port | quote }} - {{- end }} - spec: - {{- if .Values.nodeAffinity }} - nodeAffinity: - {{ toYaml .Values.nodeAffinity | indent 10 }} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" - initContainers: - - command: - - /app/ready.py - args: - - --container-name - - {{ .Values.zookeeper.name }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - - command: - - sh - - -exec - - | - rm -rf '/var/lib/kafka/data/lost+found'; - chown -R 1000:0 /var/lib/kafka/data; - image: {{ include "repositoryGenerator.image.busybox" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /var/lib/kafka/data - name: kafka-data - name: {{ include "common.name" . }}-permission-fixer - - command: - - sh - args: - - -c - - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/etc/kafka/secrets/jaas/${PFILE}; done" - env: - - name: ZK_ADMIN - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-client" "key" "login") | indent 10 }} - - name: ZK_PSWD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-client" "key" "password") | indent 10 }} - - name: KAFKA_ADMIN - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "kafka-admin" "key" "login") | indent 10 }} - - name: KAFKA_PSWD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "kafka-admin" "key" "password") | indent 10 }} - volumeMounts: - - mountPath: /etc/kafka/secrets/jaas - name: jaas-config - - mountPath: /config-input - name: jaas - image: {{ include "repositoryGenerator.image.envsubst" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-update-config - {{ include "common.certInitializer.initContainer" . | indent 6 | trim }} - containers: - {{- if .Values.prometheus.jmx.enabled }} - - name: prometheus-jmx-exporter - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.prometheus.jmx.image }}:{{ .Values.prometheus.jmx.imageTag }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - java - - -XX:+UnlockExperimentalVMOptions - - -XX:+UseCGroupMemoryLimitForHeap - - -XX:MaxRAMFraction=1 - - -XshowSettings:vm - - -jar - - jmx_prometheus_httpserver.jar - - {{ .Values.prometheus.jmx.port | quote }} - - /etc/jmx-kafka/jmx-kafka-prometheus.yml - ports: - - containerPort: {{ .Values.prometheus.jmx.port }} - resources: -{{ toYaml .Values.prometheus.jmx.resources | indent 10 }} - volumeMounts: - - name: jmx-config - mountPath: /etc/jmx-kafka - {{- end }} - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - sh - - -exc - - | - export KAFKA_BROKER_ID=${HOSTNAME##*-} && \ - {{- if .Values.global.aafEnabled }} - cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.final_cadi_files }} /etc/kafka/data/{{ .Values.certInitializer.final_cadi_files }} && \ - export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_SASL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_SASL_PLAINTEXT://:{{ .Values.service.internalPort }} && \ - {{ else }} - export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_PLAINTEXT://:{{ .Values.service.internalPort }} && \ - {{- end }} - exec /etc/confluent/docker/run - resources: -{{ include "common.resources" . | indent 12 }} - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.externalPort }} - {{- if .Values.prometheus.jmx.enabled }} - - containerPort: {{ .Values.jmx.port }} - name: jmx - {{- end }} - {{ if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - {{ end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} - env: - - name: HOST_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.hostIP - - name: KAFKA_ZOOKEEPER_CONNECT - value: "{{ include "common.kafkaNodes" (dict "dot" . "replicaCount" .Values.zookeeper.replicaCount "componentName" .Values.zookeeper.name "port" .Values.zookeeper.port ) }}" - - name: KAFKA_CONFLUENT_SUPPORT_METRICS_ENABLE - value: "{{ .Values.kafka.enableSupport }}" - - name: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR - value: "{{ .Values.config.offsets_topic_replication_factor | default .Values.replicaCount }}" - - name: KAFKA_NUM_PARTITIONS - value: "{{ .Values.config.num_partition | default .Values.replicaCount }}" - - name: KAFKA_DEFAULT_REPLICATION_FACTOR - value: "{{ .Values.config.default_replication_factor | default .Values.replicaCount }}" - {{- if .Values.global.aafEnabled }} - - name: KAFKA_OPTS - value: "{{ .Values.kafka.jaasOptionsAaf }}" - - name: aaf_locate_url - value: https://aaf-locate.{{ include "common.namespace" . }}:8095 - - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP - value: "{{ .Values.kafka.protocolMapAaf }}" - - name: KAFKA_LISTENERS - value: "{{ .Values.kafka.listenersAaf }}" - - name: KAFKA_SASL_ENABLED_MECHANISMS - value: "{{ .Values.kafka.saslMech }}" - - name: KAFKA_INTER_BROKER_LISTENER_NAME - value: "{{ .Values.kafka.interBrokerListernerAaf }}" - - name: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL - value: "{{ .Values.kafka.saslInterBrokerProtocol }}" - - name: KAFKA_AUTHORIZER_CLASS_NAME - value: "{{ .Values.kafka.authorizer }}" - {{ else }} - - name: KAFKA_OPTS - value: "{{ .Values.kafka.jaasOptions }}" - - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP - value: "{{ .Values.kafka.protocolMap }}" - - name: KAFKA_LISTENERS - value: "{{ .Values.kafka.listeners }}" - - name: KAFKA_INTER_BROKER_LISTENER_NAME - value: "{{ .Values.kafka.interBrokerListerner }}" - {{- end }} - {{- range $key, $value := .Values.configurationOverrides }} - - name: {{ printf "KAFKA_%s" $key | replace "." "_" | upper | quote }} - value: {{ $value | quote }} - {{- end }} - {{- if .Values.jmx.port }} - - name: KAFKA_JMX_PORT - value: "{{ .Values.jmx.port }}" - {{- end }} - - name: enableCadi - value: "{{ .Values.global.aafEnabled }}" - volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /var/run/docker.sock - name: docker-socket - - name: jaas-config - mountPath: /etc/kafka/secrets/jaas - - mountPath: /var/lib/kafka/data - name: kafka-data - {{- if .Values.tolerations }} - tolerations: - {{ toYaml .Values.tolerations | indent 10 }} - {{- end }} - serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - - name: localtime - hostPath: - path: /etc/localtime - - name: jaas-config - emptyDir: - medium: Memory - - name: docker-socket - hostPath: - path: /var/run/docker.sock - - name: jaas - configMap: - name: {{ include "common.fullname" . }}-jaas-configmap - {{- if .Values.prometheus.jmx.enabled }} - - name: jmx-config - configMap: - name: {{ include "common.fullname" . }}-prometheus-configmap - {{- end }} -{{ if not .Values.persistence.enabled }} - - name: kafka-data - emptyDir: {} -{{ else }} - volumeClaimTemplates: - - metadata: - name: kafka-data - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - storageClassName: {{ include "common.storageClass" . }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} -{{ end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml deleted file mode 100644 index c998e9ec67..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml +++ /dev/null @@ -1,226 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - persistence: {} - - -################################################################# -# AAF part -################################################################# -certInitializer: - nameOverride: dmaap-mr-kafka-cert-initializer - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - # aafDeployCredsExternalSecret: some secret - fqdn: dmaap-mr - fqi: dmaapmr@mr.dmaap.onap.org - public_fqdn: mr.dmaap.onap.org - cadi_longitude: "-122.26147" - cadi_latitude: "37.78187" - app_ns: org.osaaf.aaf - credsPath: /opt/app/osaaf/local - fqi_namespace: org.onap.dmaap.mr - final_cadi_files: cadi.properties - aaf_add_config: | - echo "*** concat the three prop files" - cd {{ .Values.credsPath }} - cat {{ .Values.fqi_namespace }}.props > {{ .Values.final_cadi_files }} - cat {{ .Values.fqi_namespace }}.cred.props >> {{ .Values.final_cadi_files }} - cat {{ .Values.fqi_namespace }}.location.props >> {{ .Values.final_cadi_files }} - echo "*** configuration result:" - cat {{ .Values.final_cadi_files }} - chown -R 1000 . - - -################################################################# -# Application configuration defaults. -################################################################# -# application image -image: onap/dmaap/kafka111:1.1.1 -pullPolicy: Always - - -zookeeper: - name: message-router-zookeeper - port: 2181 - replicaCount: 1 - -kafka: - heapOptions: -Xmx5G -Xms1G - jaasOptions: -Djava.security.auth.login.config=/etc/kafka/secrets/jaas/zk_client_jaas.conf - jaasOptionsAaf: -Djava.security.auth.login.config=/etc/kafka/secrets/jaas/kafka_server_jaas.conf - enableSupport: false - protocolMapAaf: INTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT,EXTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT - protocolMap: INTERNAL_PLAINTEXT:PLAINTEXT,EXTERNAL_PLAINTEXT:PLAINTEXT - listenersAaf: EXTERNAL_SASL_PLAINTEXT://0.0.0.0:9091,INTERNAL_SASL_PLAINTEXT://0.0.0.0:9092 - listeners: EXTERNAL_PLAINTEXT://0.0.0.0:9091,INTERNAL_PLAINTEXT://0.0.0.0:9092 - authorizer: org.onap.dmaap.kafkaAuthorize.KafkaCustomAuthorizer - saslInterBrokerProtocol: PLAIN - saslMech: PLAIN - interBrokerListernerAaf: INTERNAL_SASL_PLAINTEXT - interBrokerListerner: INTERNAL_PLAINTEXT - -config: {} - # offsets_topic_replication_factor: - # num_partition: - # default_replication_factor: - -configurationOverrides: - "log.dirs": "/var/lib/kafka/data" - "log.retention.hours": "168" - "transaction.state.log.replication.factor": "1" - "transaction.state.log.min.isr": "1" - "num.recovery.threads.per.data.dir": "5" - "zookeeper.connection.timeout.ms": "6000" - "zookeeper.set.acl": "true" - -jmx: - port: 5555 - -prometheus: - jmx: - enabled: false - image: solsson/kafka-prometheus-jmx-exporter@sha256 - imageTag: 6f82e2b0464f50da8104acd7363fb9b995001ddff77d248379f8788e78946143 - port: 5556 - -jaas: - config: - zkClient: kafka - zkClientPassword: kafka_secret - kafkaAdminUser: admin - kafkaAdminPassword: admin_secret - #kafkaAdminUserExternal: some secret - #zkClientPasswordExternal: some secret - - -secrets: - - uid: zk-client - type: basicAuth - externalSecret: '{{ .Values.jaas.config.zkClientPasswordExternal}}' - login: '{{ .Values.jaas.config.zkClient }}' - password: '{{ .Values.jaas.config.zkClientPassword }}' - passwordPolicy: required - - uid: kafka-admin - type: basicAuth - externalSecret: '{{ .Values.jaas.config.kafkaAdminUserExternal}}' - login: '{{ .Values.jaas.config.kafkaAdminUser }}' - password: '{{ .Values.jaas.config.kafkaAdminPassword }}' - passwordPolicy: required - -# flag to enable debugging - application support required -debugEnabled: false - -# default number of instances -replicaCount: 1 - - -# To access Kafka outside cluster, this value must be set to hard and the number of nodes in K8S cluster must be equal or greater then replica count -podAntiAffinityType: soft - -# defult partitions -defaultpartitions: 3 - -nodeSelector: {} - -nodeAffinity: {} - -affinity: {} - -tolerations: {} - - - -# probe configuration parameters -liveness: - initialDelaySeconds: 90 - periodSeconds: 20 - timeoutSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 90 - periodSeconds: 20 - timeoutSeconds: 100 - -## Persist data to a persitent volume -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: <storageClass> - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessMode: ReadWriteOnce - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: message-router/data-kafka - -service: - type: NodePort - name: message-router-kafka - portName: tcp-message-router-kafka - internalPort: 9092 - internalSSLPort: 9093 - externalPort: 9091 - baseNodePort: 30490 - - - -ingress: - enabled: false - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 2000m - memory: 4Gi - requests: - cpu: 500m - memory: 1Gi - large: - limits: - cpu: 4000m - memory: 8Gi - requests: - cpu: 1000m - memory: 2Gi - unlimited: {} - -#Pods Service Account -serviceAccount: - nameOverride: message-router-kafka - roles: - - read diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/.helmignore b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/.helmignore deleted file mode 100644 index f0c1319444..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/resources/config/jmx-zookeeper-prometheus.yml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/resources/config/jmx-zookeeper-prometheus.yml deleted file mode 100644 index a75b644c5f..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/resources/config/jmx-zookeeper-prometheus.yml +++ /dev/null @@ -1,21 +0,0 @@ -jmxUrl: service:jmx:rmi:///jndi/rmi://localhost:{{ .Values.jmx.port }}/jmxrmi -lowercaseOutputName: true -lowercaseOutputLabelNames: true -ssl: false -rules: -- pattern: "org.apache.ZooKeeperService<name0=ReplicatedServer_id(\\d+)><>(\\w+)" - name: "message-router-zookeeper_$2" -- pattern: "org.apache.ZooKeeperService<name0=ReplicatedServer_id(\\d+), name1=replica.(\\d+)><>(\\w+)" - name: "message-router-zookeeper_$3" - labels: - replicaId: "$2" -- pattern: "org.apache.ZooKeeperService<name0=ReplicatedServer_id(\\d+), name1=replica.(\\d+), name2=(\\w+)><>(\\w+)" - name: "message-router-zookeeper_$4" - labels: - replicaId: "$2" - memberType: "$3" -- pattern: "org.apache.ZooKeeperService<name0=ReplicatedServer_id(\\d+), name1=replica.(\\d+), name2=(\\w+), name3=(\\w+)><>(\\w+)" - name: "message-router-zookeeper_$4_$5" - labels: - replicaId: "$2" - memberType: "$3" diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/resources/config/zk_server_jaas.conf b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/resources/config/zk_server_jaas.conf deleted file mode 100644 index 8266f6b2c6..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/resources/config/zk_server_jaas.conf +++ /dev/null @@ -1,4 +0,0 @@ -Server { - org.apache.zookeeper.server.auth.DigestLoginModule required - user_${ZK_ADMIN}="${ZK_PSWD}"; -};
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/NOTES.txt b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/NOTES.txt deleted file mode 100644 index a44d0f76ee..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/NOTES.txt +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/_zkquorum.tpl b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/_zkquorum.tpl deleted file mode 100644 index 9af910eb89..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/_zkquorum.tpl +++ /dev/null @@ -1,34 +0,0 @@ -{{/* -# Copyright © 2019 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- /* - Calculate the maximum number of zk server down in order to guarantee ZK quorum. - For guaranteeing ZK quorum we need half of the server + 1 up. - - div in go template cast return an int64 - so we need to know if it is an even number or an odd. - For this we are doing (n/2)*2=n? - if true it is even else it is even -*/ -}} -{{- define "zk.maxUnavailable" -}} -{{- $halfReplica := div .Values.replicaCount 2 -}} - {{/* divide by 2 and multiply by 2 in order to know if it is an even number*/}} - {{if eq (mul $halfReplica 2) (int .Values.replicaCount) }} - {{- toYaml (sub $halfReplica 1) -}} - {{else}} - {{- toYaml $halfReplica -}} - {{end}} -{{- end -}} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/_zkservers.tpl b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/_zkservers.tpl deleted file mode 100644 index 8b88d7bb36..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/_zkservers.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{/* -Create a server list string based on fullname, namespace, # of zookeeperServers -in a format like "zkhost1:port:port;zkhost2:port:port" -*/}} -{{- define "zookeeper.serverlist" -}} -{{- $namespace := include "common.namespace" . }} -{{- $fullname := include "common.fullname" . -}} -{{- $name := include "common.name" . -}} -{{- $serverPort := .Values.service.serverPort -}} -{{- $leaderElectionPort := .Values.service.leaderElectionPort -}} -{{- $zk := dict "zookeeperServers" (list) -}} -{{- range $idx, $v := until (int .Values.zookeeperServers) }} -{{- $noop := printf "%s-%d.%s.%s.svc.cluster.local:%d:%d" $fullname $idx $name $namespace (int $serverPort) (int $leaderElectionPort) | append $zk.zookeeperServers | set $zk "zookeeperServers" -}} -{{- end }} -{{- printf "%s" (join ";" $zk.zookeeperServers) | quote -}} -{{- end -}}
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/configmap.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/configmap.yaml deleted file mode 100644 index 7a26053d11..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/configmap.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{/* -# Copyright © 2020 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if .Values.prometheus.jmx.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-prometheus-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/jmx-zookeeper-prometheus.yml").AsConfig . | indent 2 }} ---- -{{ end }} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-jaas-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ (.Files.Glob "resources/config/zk_server_jaas.conf").AsConfig | indent 2 }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/pv.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/pv.yaml deleted file mode 100644 index c386163735..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/pv.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- $global := . -}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if eq "True" (include "common.needPV" .) -}} -{{ range $i, $e := until (int $global.Values.replicaCount) }} ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: {{ include "common.release" $global }}-{{ $global.Values.service.name }}-{{ $i }} - namespace: {{ include "common.namespace" $global }} - labels: - app: {{ $global.Values.service.name }} - chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }} - release: {{ include "common.release" $global }} - heritage: {{ $global.Release.Service }} -spec: - capacity: - storage: {{ $global.Values.persistence.size }} - accessModes: - - {{ $global.Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" $global }}-data" - hostPath: - path: {{ $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }} - persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} -{{ end }} -{{ end }} -{{ end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/service.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/service.yaml deleted file mode 100644 index 6bd13f0594..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/service.yaml +++ /dev/null @@ -1,40 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.clientPort }} - name: {{ .Values.service.clientPortName }} - - port: {{ .Values.service.serverPort }} - name: {{ .Values.service.serverPortName }} - - port: {{ .Values.service.leaderElectionPort }} - name: {{ .Values.service.leaderElectionPortName }} - clusterIP: None - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml deleted file mode 100644 index cac75b1565..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml +++ /dev/null @@ -1,230 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - serviceName: {{ .Values.service.name }} - replicas: {{ .Values.replicaCount }} - updateStrategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: {{ .Values.maxUnavailable }} - podManagementPolicy: Parallel - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - {{- if .Values.prometheus.jmx.enabled }} - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: {{ .Values.prometheus.jmx.port | quote }} - {{- end }} - spec: - {{- if .Values.nodeAffinity }} - nodeAffinity: - {{ toYaml .Values.nodeAffinity | indent 10 }} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" - initContainers: - - name: {{ include "common.name" . }}-permission-fixer - command: - - sh - - -exec - - > - chown -R 1000:0 /tmp/zookeeper/apikeys; - image: {{ include "repositoryGenerator.image.busybox" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /tmp/zookeeper/apikeys - name: zookeeper-data - - command: - - sh - args: - - -c - - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/etc/zookeeper/secrets/jaas/${PFILE}; done" - env: - - name: ZK_ADMIN - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-admin" "key" "login") | indent 10 }} - - name: ZK_PSWD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-admin" "key" "password") | indent 10 }} - volumeMounts: - - mountPath: /etc/zookeeper/secrets/jaas - name: jaas-config - - mountPath: /config-input - name: jaas - image: {{ include "repositoryGenerator.image.envsubst" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-update-config - containers: - {{- if .Values.prometheus.jmx.enabled }} - - name: prometheus-jmx-exporter - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.prometheus.jmx.image }}:{{ .Values.prometheus.jmx.imageTag }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - java - - -XX:+UnlockExperimentalVMOptions - - -XX:+UseCGroupMemoryLimitForHeap - - -XX:MaxRAMFraction=1 - - -XshowSettings:vm - - -jar - - jmx_prometheus_httpserver.jar - - {{ .Values.prometheus.jmx.port | quote }} - - /etc/jmx-zookeeper/jmx-zookeeper-prometheus.yml - ports: - - containerPort: {{ .Values.prometheus.jmx.port }} - resources: -{{ toYaml .Values.prometheus.jmx.resources | indent 10 }} - volumeMounts: - - name: jmx-config - mountPath: /etc/jmx-zookeeper - {{- end }} - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - resources: -{{ include "common.resources" . | indent 12 }} - ports: - - containerPort: {{ .Values.service.clientPort }} - name: {{ .Values.service.clientPortName }} - - containerPort: {{ .Values.service.serverPort }} - name: {{ .Values.service.serverPortName }} - - containerPort: {{ .Values.service.leaderElectionPort }} - name: {{ .Values.service.leaderElectionPortName }} - {{- if .Values.prometheus.jmx.enabled }} - - containerPort: {{ .Values.jmx.port }} - name: jmx - {{- end }} - {{ if eq .Values.liveness.enabled true }} - livenessProbe: - exec: - command: ['/bin/bash', '-c', 'echo "ruok" | nc -w 2 localhost 2181 | grep imok'] - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - {{ end }} - readinessProbe: - exec: - command: ['/bin/bash', '-c', 'echo "ruok" | nc -w 2 localhost 2181 | grep imok'] - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} - resources: -{{ include "common.resources" . | indent 10 }} - env: - - name : KAFKA_HEAP_OPTS - value: "{{ .Values.zkConfig.heapOptions }}" - {{- if .Values.jmx.port }} - - name : KAFKA_JMX_PORT - value: "{{ .Values.jmx.port }}" - {{- end }} - - name : ZOOKEEPER_REPLICAS - value: "{{ .Values.replicaCount }}" - - name : ZOOKEEPER_TICK_TIME - value: "{{ .Values.zkConfig.tickTime }}" - - name : ZOOKEEPER_SYNC_LIMIT - value: "{{ .Values.zkConfig.syncLimit }}" - - name : ZOOKEEPER_INIT_LIMIT - value: "{{ .Values.zkConfig.initLimit }}" - - name : ZOOKEEPER_MAX_CLIENT_CNXNS - value: "{{ .Values.zkConfig.maxClientCnxns }}" - - name : ZOOKEEPER_AUTOPURGE_SNAP_RETAIN_COUNT - value: "{{ .Values.zkConfig.autoPurgeSnapRetainCount}}" - - name : ZOOKEEPER_AUTOPURGE_PURGE_INTERVAL - value: "{{ .Values.zkConfig.autoPurgePurgeInterval}}" - - name: ZOOKEEPER_CLIENT_PORT - value: "{{ .Values.zkConfig.clientPort }}" - - name: KAFKA_OPTS - value: "{{ .Values.zkConfig.kafkaOpts }}" - - name: ZOOKEEPER_QUORUM_LISTEN_ON_ALL_IPS - value: "true" - - name: ZOOKEEPER_SERVERS - value: {{ template "zookeeper.serverlist" . }} - - name: ZOOKEEPER_SERVER_ID - valueFrom: - fieldRef: - fieldPath: metadata.name - command: - - "bash" - - "-c" - - | - ZOOKEEPER_SERVER_ID=$((${HOSTNAME##*-}+1)) \ - /etc/confluent/docker/run - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /var/lib/zookeeper/data - name: zookeeper-data - - name: jaas-config - mountPath: /etc/zookeeper/secrets/jaas - {{- if .Values.tolerations }} - tolerations: - {{ toYaml .Values.tolerations | indent 10 }} - {{- end }} - serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: jaas-config - emptyDir: - medium: Memory - - name: docker-socket - hostPath: - path: /var/run/docker.sock - - name: jaas - configMap: - name: {{ include "common.fullname" . }}-jaas-configmap - {{- if .Values.prometheus.jmx.enabled }} - - name: jmx-config - configMap: - name: {{ include "common.fullname" . }}-prometheus-configmap - {{- end }} -{{ if not .Values.persistence.enabled }} - - name: zookeeper-data - emptyDir: {} -{{ else }} - volumeClaimTemplates: - - metadata: - name: zookeeper-data - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - storageClassName: {{ include "common.storageClass" . }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} -{{ end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml deleted file mode 100644 index 79ced4dde2..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml +++ /dev/null @@ -1,161 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - persistence: {} - -################################################################# -# Application configuration defaults. -################################################################# -# application image -image: onap/dmaap/zookeeper:6.1.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - - -# default number of instances -replicaCount: 1 - -zookeeperServers: 1 - -nodeSelector: {} - -nodeAffinity: {} - -affinity: {} - -tolerations: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 60 - periodSeconds: 20 - timeoutSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 60 - periodSeconds: 20 - timeoutSeconds: 10 - -#Zookeeper properties -zkConfig: - tickTime: 2000 - syncLimit: 5 - initLimit: 20 - maxClientCnxns: 200 - autoPurgeSnapRetainCount: 3 - autoPurgePurgeInterval: 24 - heapOptions: -Xmx2G -Xms2G - kafkaOpts: -Djava.security.auth.login.config=/etc/zookeeper/secrets/jaas/zk_server_jaas.conf -Dzookeeper.kerberos.removeHostFromPrincipal=true -Dzookeeper.kerberos.removeRealmFromPrincipal=true -Dzookeeper.authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider -Dzookeeper.requireClientAuthScheme=sasl -Dzookeeper.4lw.commands.whitelist=* - clientPort: 2181 - -jmx: - port: 5555 - -prometheus: - jmx: - enabled: false - image: solsson/kafka-prometheus-jmx-exporter@sha256 - imageTag: 6f82e2b0464f50da8104acd7363fb9b995001ddff77d248379f8788e78946143 - port: 5556 - -jaas: - config: - zkAdminUser: kafka - zkAdminPassword: kafka_secret - #zkAdminPasswordExternal= some password - -secrets: - - uid: zk-admin - type: basicAuth - externalSecret: '{{ .Values.jaas.config.zkAdminPasswordExternal}}' - login: '{{ .Values.jaas.config.zkAdminUser }}' - password: '{{ .Values.jaas.config.zkAdminPassword }}' - passwordPolicy: required - -## Persist data to a persitent volume -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: <storageClass> - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessMode: ReadWriteOnce - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: message-router/data-zookeeper - - -rollingUpdate: - maxUnavailable: 1 -service: - type: ClusterIP - name: message-router-zookeeper - portName: message-router-zookeeper - clientPortName: tcp-client - clientPort: 2181 - serverPortName: tcp-server - serverPort: 2888 - leaderElectionPortName: tcp-leader - leaderElectionPort: 3888 - -ingress: - enabled: false - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 2000m - memory: 4Gi - requests: - cpu: 500m - memory: 1Gi - large: - limits: - cpu: 4000m - memory: 8Gi - requests: - cpu: 1000m - memory: 2Gi - unlimited: {} - -#Pods Service Account -serviceAccount: - nameOverride: message-router-zookeeper - roles: - - read diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties index 4256b3b723..d2ee8356d7 100755 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties @@ -3,6 +3,7 @@ # org.onap.dmaap # ================================================================================ # Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2021-2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -20,41 +21,16 @@ # ############################################################################### ############################################################################### -## -## Cambria API Server config -## -## Default values are shown as commented settings. -## -############################################################################### -## -## HTTP service -## -## 3904 is standard as of 7/29/14. -# -## Zookeeper Connection -## -## Both Cambria and Kafka make use of Zookeeper. -## -#config.zk.servers=172.18.1.1 -#config.zk.servers={{.Values.zookeeper.name}}:{{.Values.zookeeper.port}} */}} -config.zk.servers={{ include "common.kafkaNodes" (dict "dot" . "replicaCount" (index .Values "message-router-zookeeper" "replicaCount") "componentName" .Values.zookeeper.name "port" .Values.zookeeper.port ) }} -#config.zk.root=/fe3c/cambria/config - - -############################################################################### ## ## Kafka Connection ## ## Items below are passed through to Kafka's producer and consumer ## configurations (after removing "kafka.") ## if you want to change request.required.acks it can take this one value -#kafka.metadata.broker.list=localhost:9092,localhost:9093 -#kafka.metadata.broker.list={{.Values.kafka.name}}:{{.Values.kafka.port}} -kafka.metadata.broker.list={{ include "common.kafkaNodes" (dict "dot" . "replicaCount" (index .Values "message-router-kafka" "replicaCount") "componentName" .Values.kafka.name "port" .Values.kafka.port ) }} - -##kafka.request.required.acks=-1 -#kafka.client.zookeeper=${config.zk.servers} +kafka.metadata.broker.list={{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}:{{ .Values.global.kafkaInternalPort }} +config.zk.servers=127.0.0.1:{{ .Values.global.zkTunnelService.internalPort }} +#kafka.request.required.acks=-1 consumer.timeout.ms=100 zookeeper.connection.timeout.ms=6000 zookeeper.session.timeout.ms=20000 @@ -143,7 +119,7 @@ cambria.consumer.cache.touchFreqMs=120000 cambria.consumer.cache.zkBasePath=/fe3c/cambria/consumerCache consumer.timeout=17 default.partitions=3 -default.replicas={{ index .Values "message-router-kafka" "replicaCount" }} +default.replicas=3 ############################################################################## #100mb maxcontentlength=10000 diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml b/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml index ad2ce2b92a..949a893197 100644 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml @@ -1,6 +1,7 @@ <!-- ============LICENSE_START======================================================= Copyright © 2019 AT&T Intellectual Property. All rights reserved. + Modifications Copyright © 2021-2022 Nordix Foundation ================================================================================ Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -15,7 +16,7 @@ ============LICENSE_END========================================================= --> -<configuration scan="true" scanPeriod="3 seconds" debug="false"> +<configuration scan="true" scanPeriod="3 seconds" debug="true"> <contextName>${module.ajsc.namespace.name}</contextName> <jmxConfigurator /> <property name="logDirectory" value="${AJSC_HOME}/log" /> @@ -41,7 +42,7 @@ </encoder> </appender> - <appender name="ERROR" class="ch.qos.logback.core.ConsoleAppender"> class="ch.qos.logback.core.ConsoleAppender"> + <appender name="ERROR" class="ch.qos.logback.core.ConsoleAppender"> <filter class="ch.qos.logback.classic.filter.LevelFilter"> <level>ERROR</level> <onMatch>ACCEPT</onMatch> @@ -54,105 +55,105 @@ <!-- Msgrtr related loggers --> - <logger name="org.onap.dmaap.dmf.mr.service" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.service.impl" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.service" level="TRACE" /> + <logger name="org.onap.dmaap.dmf.mr.service.impl" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.resources" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.resources.streamReaders" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.resources" level="TRACE" /> + <logger name="org.onap.dmaap.dmf.mr.resources.streamReaders" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.backends" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.backends.kafka" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.backends.memory" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.backends" level="TRACE" /> + <logger name="org.onap.dmaap.dmf.mr.backends.kafka" level="TRACE" /> + <logger name="org.onap.dmaap.dmf.mr.backends.memory" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.beans" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.beans" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.constants" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.constants" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.exception" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.exception" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.listener" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.listener" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.metabroker" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.metrics.publisher" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.metrics.publisher.impl" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.metrics.publisher" level="TRACE" /> + <logger name="org.onap.dmaap.dmf.mr.metrics.publisher.impl" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.security" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.security.impl" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.security" level="TRACE" /> + <logger name="org.onap.dmaap.dmf.mr.security.impl" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.transaction" level="INFO" /> - <logger name="com.att.dmf.mr.transaction.impl" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.transaction" level="TRACE" /> + <logger name="com.att.dmf.mr.transaction.impl" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.metabroker" level="TRACE" /> + <logger name="org.onap.dmaap.dmf.mr.metabroker" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.utils" level="INFO" /> - <logger name="org.onap.dmaap.mr.filter" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.utils" level="TRACE" /> + <logger name="org.onap.dmaap.mr.filter" level="TRACE" /> - <!--<logger name="com.att.nsa.cambria.*" level="INFO" />--> + <!--<logger name="com.att.nsa.cambria.*" level="TRACE" />--> <!-- Msgrtr loggers in ajsc --> - <logger name="org.onap.dmaap.service" level="INFO" /> - <logger name="org.onap.dmaap" level="INFO" /> + <logger name="org.onap.dmaap.service" level="TRACE" /> + <logger name="org.onap.dmaap" level="TRACE" /> <!-- Spring related loggers --> - <logger name="org.springframework" level="WARN" additivity="false"/> - <logger name="org.springframework.beans" level="WARN" additivity="false"/> - <logger name="org.springframework.web" level="WARN" additivity="false" /> - <logger name="com.blog.spring.jms" level="WARN" additivity="false" /> + <logger name="org.springframework" level="TRACE" additivity="false"/> + <logger name="org.springframework.beans" level="TRACE" additivity="false"/> + <logger name="org.springframework.web" level="TRACE" additivity="false" /> + <logger name="com.blog.spring.jms" level="TRACE" additivity="false" /> <!-- AJSC Services (bootstrap services) --> - <logger name="ajsc" level="WARN" additivity="false"/> - <logger name="ajsc.RouteMgmtService" level="INFO" additivity="false"/> - <logger name="ajsc.ComputeService" level="INFO" additivity="false" /> - <logger name="ajsc.VandelayService" level="WARN" additivity="false"/> - <logger name="ajsc.FilePersistenceService" level="WARN" additivity="false"/> - <logger name="ajsc.UserDefinedJarService" level="WARN" additivity="false" /> - <logger name="ajsc.UserDefinedBeansDefService" level="WARN" additivity="false" /> - <logger name="ajsc.LoggingConfigurationService" level="WARN" additivity="false" /> + <logger name="ajsc" level="TRACE" additivity="false"/> + <logger name="ajsc.RouteMgmtService" level="TRACE" additivity="false"/> + <logger name="ajsc.ComputeService" level="TRACE" additivity="false" /> + <logger name="ajsc.VandelayService" level="TRACE" additivity="false"/> + <logger name="ajsc.FilePersistenceService" level="TRACE" additivity="false"/> + <logger name="ajsc.UserDefinedJarService" level="TRACE" additivity="false" /> + <logger name="ajsc.UserDefinedBeansDefService" level="TRACE" additivity="false" /> + <logger name="ajsc.LoggingConfigurationService" level="TRACE" additivity="false" /> <!-- AJSC related loggers (DME2 Registration, csi logging, restlet, servlet logging) --> - <logger name="ajsc.utils" level="WARN" additivity="false"/> - <logger name="ajsc.utils.DME2Helper" level="INFO" additivity="false" /> - <logger name="ajsc.filters" level="DEBUG" additivity="false" /> - <logger name="ajsc.beans.interceptors" level="DEBUG" additivity="false" /> - <logger name="ajsc.restlet" level="DEBUG" additivity="false" /> - <logger name="ajsc.servlet" level="DEBUG" additivity="false" /> - <logger name="com.att" level="WARN" additivity="false" /> - <logger name="com.att.ajsc.csi.logging" level="WARN" additivity="false" /> - <logger name="com.att.ajsc.filemonitor" level="WARN" additivity="false"/> + <logger name="ajsc.utils" level="TRACE" additivity="false"/> + <logger name="ajsc.utils.DME2Helper" level="TRACE" additivity="false" /> + <logger name="ajsc.filters" level="TRACE" additivity="false" /> + <logger name="ajsc.beans.interceptors" level="TRACE" additivity="false" /> + <logger name="ajsc.restlet" level="TRACE" additivity="false" /> + <logger name="ajsc.servlet" level="TRACE" additivity="false" /> + <logger name="com.att" level="TRACE" additivity="false" /> + <logger name="com.att.ajsc.csi.logging" level="TRACE" additivity="false" /> + <logger name="com.att.ajsc.filemonitor" level="TRACE" additivity="false"/> - <logger name="com.att.nsa.dmaap.util" level="INFO" additivity="false"/> - <logger name="com.att.cadi.filter" level="INFO" additivity="false" /> + <logger name="com.att.nsa.dmaap.util" level="TRACE" additivity="false"/> + <logger name="com.att.cadi.filter" level="TRACE" additivity="false" /> <!-- Other Loggers that may help troubleshoot --> - <logger name="net.sf" level="WARN" additivity="false" /> - <logger name="org.apache.commons.httpclient" level="WARN" additivity="false"/> - <logger name="org.apache.commons" level="WARN" additivity="false" /> - <logger name="org.apache.coyote" level="WARN" additivity="false"/> - <logger name="org.apache.jasper" level="WARN" additivity="false"/> + <logger name="net.sf" level="TRACE" additivity="false" /> + <logger name="org.apache.commons.httpclient" level="TRACE" additivity="false"/> + <logger name="org.apache.commons" level="TRACE" additivity="false" /> + <logger name="org.apache.coyote" level="TRACE" additivity="false"/> + <logger name="org.apache.jasper" level="TRACE" additivity="false"/> <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging. May aid in troubleshooting) --> - <logger name="org.apache.camel" level="WARN" additivity="false" /> - <logger name="org.apache.cxf" level="WARN" additivity="false" /> - <logger name="org.apache.camel.processor.interceptor" level="WARN" additivity="false"/> - <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" additivity="false" /> - <logger name="org.apache.cxf.service" level="WARN" additivity="false" /> - <logger name="org.restlet" level="DEBUG" additivity="false" /> - <logger name="org.apache.camel.component.restlet" level="DEBUG" additivity="false" /> - <logger name="org.apache.kafka" level="DEBUG" additivity="false" /> - <logger name="org.apache.zookeeper" level="INFO" additivity="false" /> - <logger name="org.I0Itec.zkclient" level="DEBUG" additivity="false" /> + <logger name="org.apache.camel" level="TRACE" additivity="false" /> + <logger name="org.apache.cxf" level="TRACE" additivity="false" /> + <logger name="org.apache.camel.processor.interceptor" level="TRACE" additivity="false"/> + <logger name="org.apache.cxf.jaxrs.interceptor" level="TRACE" additivity="false" /> + <logger name="org.apache.cxf.service" level="TRACE" additivity="false" /> + <logger name="org.restlet" level="TRACE" additivity="false" /> + <logger name="org.apache.camel.component.restlet" level="TRACE" additivity="false" /> + <logger name="org.apache.kafka" level="TRACE" additivity="false" /> + <logger name="org.apache.zookeeper" level="TRACE" additivity="false" /> + <logger name="org.I0Itec.zkclient" level="TRACE" additivity="false" /> <!-- logback internals logging --> - <logger name="ch.qos.logback.classic" level="INFO" additivity="false"/> - <logger name="ch.qos.logback.core" level="INFO" additivity="false" /> + <logger name="ch.qos.logback.classic" level="TRACE" additivity="false"/> + <logger name="ch.qos.logback.core" level="TRACE" additivity="false" /> <!-- logback jms appenders & loggers definition starts here --> <!-- logback jms appenders & loggers definition starts here --> @@ -176,10 +177,10 @@ <appender-ref ref="Audit-Record-Queue" /> </appender> - <logger name="AuditRecord" level="INFO" additivity="FALSE"> + <logger name="AuditRecord" level="TRACE" additivity="FALSE"> <appender-ref ref="STDOUT" /> </logger> - <logger name="AuditRecord_DirectCall" level="INFO" additivity="FALSE"> + <logger name="AuditRecord_DirectCall" level="TRACE" additivity="FALSE"> <appender-ref ref="STDOUT" /> </logger> <appender name="ASYNC-perf" class="ch.qos.logback.classic.AsyncAppender"> @@ -187,13 +188,13 @@ <discardingThreshold>0</discardingThreshold> <appender-ref ref="Performance-Tracker-Queue" /> </appender> - <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE"> + <logger name="PerfTrackerRecord" level="TRACE" additivity="FALSE"> <appender-ref ref="ASYNC-perf" /> <appender-ref ref="perfLogs" /> </logger> <!-- logback jms appenders & loggers definition ends here --> - <root level="DEBUG"> + <root level="TRACE"> <appender-ref ref="DEBUG" /> <appender-ref ref="ERROR" /> <appender-ref ref="INFO" /> diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/mykey b/kubernetes/dmaap/components/message-router/resources/config/dmaap/mykey deleted file mode 100755 index c2b8b8779b..0000000000 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/mykey +++ /dev/null @@ -1,27 +0,0 @@ -_sNOLphPzrU7L0L3oWv0pYwgV_ddGF1XoBsQEIAp34jfP-fGJFPfFYaMpDEZ3gwH59rNw6qyMZHk -k-4irklvVcWk36lC3twNvc0DueRCVrws1bkuhOLCXdxHJx-YG-1xM8EJfRmzh79WPlPkbAdyPmFF -Ah44V0GjAnInPOFZA6MHP9rNx9B9qECHRfmvzU13vJCcgTsrmOr-CEiWfRsnzPjsICxpq9OaVT_D -zn6rNaroGm1OiZNCrCgvRkCUHPOOCw3j9G1GeaImoZNYtozbz9u4sj13PU-MxIIAa64b1bMMMjpz -Upc8lVPI4FnJKg6axMmEGn5zJ6JUq9mtOVyPj__2GEuDgpx5H4AwodXXVjFsVgR8UJwI_BvS2JVp -JoQk0J1RqXmAXVamlsMAfzmmbARXgmrBfnuhveZnh9ymFVU-YZeujdANniXAwBGI7c6hG_BXkH7i -Eyf4Fn41_SV78PskP6qgqJahr9r3bqdjNbKBztIKCOEVrE_w3IM5r02l-iStk_NBRkj6cq_7VCpG -afxZ2CtZMwuZMiypO_wOgbdpCSKNzsL-NH2b4b08OlKiWb263gz634KJmV5WEfCl-6eH-JUFbWOS -JwQfActLNT2ZQPl2MyZQNBzJEWoJRgS6k7tPRO-zqeUtYYHGHVMCxMuMHGQcoilNNHEFeBCG_fBh -yAKb9g9F86Cbx9voMLiyTX2T3rwVHiSJFOzfNxGmfN5JWOthIun_c5hEY1tLQ15BomzkDwk7BAj7 -VbRCrVD45B6xrmSTMBSWYmLyr6mnQxQqeh9cMbD-0ZAncE3roxRnRvPKjFFa208ykYUp2V83r_PJ -fV5I9ZPKSjk9DwFyrjkcQQEYDhdK6IFqcd6nEthjYVkmunu2fsX0bIOm9GGdIbKGqBnpdgBO5hyT -rBr9HSlZrHcGdti1R823ckDF0Ekcl6kioDr5NLIpLtg9zUEDRm3QrbX2mv5Zs8W0pYnOqglxy3lz -bJZTN7oR7VasHUtjmp0RT9nLZkUs5TZ6MHhlIq3ZsQ6w_Q9Rv1-ofxfwfCC4EBrWKbWAGCf6By4K -Ew8321-2YnodhmsK5BrT4zQ1DZlmUvK8BmYjZe7wTljKjgYcsLTBfX4eMhJ7MIW1kpnl8AbiBfXh -QzN56Mki51Q8PSQWHm0W9tnQ0z6wKdck6zBJ8JyNzewZahFKueDTn-9DOqIDfr3YHvQLLzeXyJ8e -h4AgjW-hvlLzRGtkCknjLIgXVa3rMTycseAwbW-mgdCqqkw3SdEG8feAcyntmvE8j2jbtSDStQMB -9JdvyNLuQdNG4pxpusgvVso0-8NQF0YVa9VFwg9U6IPSx5p8FcW68OAHt_fEgT4ZtiH7o9aur4o9 -oYqUh2lALCY-__9QLq1KkNjMKs33Jz9E8LbRerG9PLclkTrxCjYAeUWBjCwSI7OB7xkuaYDSjkjj -a46NLpdBN1GNcsFFcZ79GFAK0_DsyxGLX8Tq6q0Bvhs8whD8wlSxpTGxYkyqNX-vcb7SDN_0WkCE -XSdZWkqTHXcYbOvoCOb_e6SFAztuMenuHWY0utX0gBfx_X5lPDFyoYXErxFQHiA7t27keshXNa6R -ukQRRS8kMjre1U74sc-fRNXkXpl57rG4rgxaEX0eBeowa53KAsVvUAoSac2aC_nfzXrDvoyf9Xi3 -JpEZNhUDLpFCEycV4I7jGQ9wo9qNaosvlsr6kbLDNdb_1xrGVgjT3xEvRNJNPqslSAu-yD-UFhC3 -AmCdYUnugw_eEFqXCHTARcRkdPPvl2XsmEKY2IqEeO5tz4DyXQFaL-5hEVh6lYEU1EOWHk3UGIXe -Vc5_Ttp82qNLmlJPbZvgmNTJzYTHDQ_27KBcp7IVVZgPDjVKdWqQvZ18KhxvfF3Idgy82LBZniFV -IbtxllXiPRxoPQriSXMnXjh3XkvSDI2pFxXfEvLRn1tvcFOwPNCz3QfPIzYg8uYXN5bRt3ZOrR_g -ZhIlrc7HO0VbNbeqEVPKMZ-cjkqGj4VAuDKoQc0eQ6X_wCoAGO78nPpLeIvZPx1X3z5YoqNA
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/templates/configmap.yaml b/kubernetes/dmaap/components/message-router/templates/configmap.yaml index 75a5e22d40..c999b79183 100644 --- a/kubernetes/dmaap/components/message-router/templates/configmap.yaml +++ b/kubernetes/dmaap/components/message-router/templates/configmap.yaml @@ -1,6 +1,7 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2021-2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -56,32 +57,6 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-dbc-mrclusters - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/mr_clusters/*.json").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-dbc-topics - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/topics/*.json").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: name: {{ include "common.fullname" . }}-sys-props namespace: {{ include "common.namespace" . }} labels: diff --git a/kubernetes/dmaap/components/message-router/templates/secrets.yaml b/kubernetes/dmaap/components/message-router/templates/secrets.yaml index 9456c15994..50dda8a8f9 100644 --- a/kubernetes/dmaap/components/message-router/templates/secrets.yaml +++ b/kubernetes/dmaap/components/message-router/templates/secrets.yaml @@ -1,6 +1,7 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2021-2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -28,3 +29,5 @@ metadata: data: {{ (.Files.Glob "resources/config/dmaap/mykey").AsSecrets | indent 2 }} type: Opaque +--- +{{ include "common.secretFast" . }} diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index f0832add80..174eb2c3a9 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -1,6 +1,7 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2021-2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -26,22 +27,6 @@ spec: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - - command: - - /app/ready.py - args: - - --container-name - - {{ .Values.kafka.name }} - - --container-name - - {{ .Values.zookeeper.name }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness {{ include "common.certInitializer.initContainer" . | indent 6 | trim }} {{- if .Values.global.aafEnabled }} - name: {{ include "common.name" . }}-update-config @@ -82,6 +67,45 @@ spec: - name: jmx-config mountPath: /etc/jmx-kafka {{- end }} + - name: srimzi-zk-entrance + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.zookeeper.entrance.image }} + command: + - /opt/stunnel/stunnel_run.sh + ports: + - containerPort: {{ .Values.global.zkTunnelService.internalPort }} + name: zoo + protocol: TCP + env: + - name: LOG_LEVEL + value: debug + - name: STRIMZI_ZOOKEEPER_CONNECT + value: '{{ include "common.release" . }}-strimzi-zookeeper-client:{{ .Values.global.zkTunnelService.internalPort }}' + imagePullPolicy: Always + livenessProbe: + exec: + command: + - /opt/stunnel/stunnel_healthcheck.sh + - '{{ .Values.global.zkTunnelService.internalPort }}' + failureThreshold: 3 + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + readinessProbe: + exec: + command: + - /opt/stunnel/stunnel_healthcheck.sh + - '{{ .Values.global.zkTunnelService.internalPort }}' + failureThreshold: 3 + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + volumeMounts: + - mountPath: /etc/cluster-operator-certs/ + name: cluster-operator-certs + - mountPath: /etc/cluster-ca-certs/ + name: cluster-ca-certs - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -123,6 +147,10 @@ spec: successThreshold: {{ .Values.startup.successThreshold }} failureThreshold: {{ .Values.startup.failureThreshold }} env: + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "mr-kafka-admin-secret" "key" "sasl.jaas.config") | indent 12 }} + - name: SASLMECH + value: {{ .Values.global.saslMechanism }} - name: enableCadi value: "{{ .Values.global.aafEnabled }}" volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} @@ -135,9 +163,6 @@ spec: - mountPath: /appl/dmaapMR1/bundleconfig/etc/logback.xml subPath: logback.xml name: logback - - mountPath: /appl/dmaapMR1/etc/keyfile - subPath: mykey - name: mykey {{- if .Values.global.aafEnabled }} - mountPath: /appl/dmaapMR1/etc/runner-web.xml subPath: runner-web.xml @@ -168,13 +193,38 @@ spec: configMap: name: {{ include "common.fullname" . }}-prometheus-configmap {{- end }} - - name: mykey - secret: - secretName: {{ include "common.fullname" . }}-secret - name: sys-props configMap: name: {{ include "common.fullname" . }}-sys-props - name: jetty emptyDir: {} + - name: cluster-operator-certs + secret: + defaultMode: 288 + secretName: {{ include "common.release" . }}-strimzi-cluster-operator-certs + - name: cluster-ca-certs + secret: + defaultMode: 288 + secretName: {{ include "common.release" . }}-strimzi-cluster-ca-cert imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "common.fullname" . }}-zk-network-policy + namespace: {{ include "common.namespace" . }} +spec: + podSelector: + matchLabels: + strimzi.io/name: {{ include "common.release" . }}-strimzi-zookeeper + ingress: + - from: + - podSelector: + matchLabels: + app.kubernetes.io/name: {{ include "common.name" . }} + ports: + - port: {{ .Values.global.zkTunnelService.internalPort }} + protocol: TCP + policyTypes: + - Ingress diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index 34b7a8822a..11daae0de8 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -1,5 +1,6 @@ # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2021-2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,7 +19,14 @@ ################################################################# global: nodePortPrefix: 302 - + kafkaBootstrap: strimzi-kafka-bootstrap + saslMechanism: scram-sha-512 + kafkaInternalPort: 9092 + zkTunnelService: + type: ClusterIP + name: zk-tunnel-svc + portName: tcp-zk-tunnel + internalPort: 2181 ################################################################# # AAF part @@ -63,18 +71,25 @@ certInitializer: image: onap/dmaap/dmaap-mr:1.3.2 pullPolicy: Always -kafka: - name: message-router-kafka - port: 9092 zookeeper: - name: message-router-zookeeper - port: 2181 + entrance: + image: scholzj/zoo-entrance:latest + +secrets: + - uid: mr-kafka-admin-secret + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate # flag to enable debugging - application support required debugEnabled: false # application configuration -config: {} +config: + someConfig: blah # default number of instances replicaCount: 1 diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index b7f0735c8d..d34efae312 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -1,5 +1,6 @@ # Copyright © 2018 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs,Bell Canada +# Modifications Copyright © 2021-2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -45,15 +46,25 @@ global: aafAppNs: org.osaaf.aaf aafLocatorContainer: oom + #Strimzi config + kafkaBootstrap: strimzi-kafka-bootstrap + kafkaStrimziAdminUser: strimzi-kafka-admin + kafkaInternalPort: 9092 + saslMechanism: scram-sha-512 + #Component overrides message-router: enabled: true + config: + jaasConfExternalSecret: '{{ .Values.global.kafkaStrimziAdminUser }}' dmaap-bc: enabled: true dmaap-dr-node: enabled: true dmaap-dr-prov: enabled: true +dmaap-strimzi: + enabled: true #Pods Service Account serviceAccount: diff --git a/kubernetes/helm/plugins/deploy/deploy.sh b/kubernetes/helm/plugins/deploy/deploy.sh index 36853baa1f..347c7689e4 100755 --- a/kubernetes/helm/plugins/deploy/deploy.sh +++ b/kubernetes/helm/plugins/deploy/deploy.sh @@ -70,21 +70,21 @@ generate_overrides() { resolve_deploy_flags() { - flags=($1) - n=${#flags[*]} - i=0 ; while [ "$i" -lt "$n" ]; do - PARAM=${flags[i]} - if [ "$PARAM" = "-f" ] || \ - [ "$PARAM" = "--values" ] || \ - [ "$PARAM" = "--set" ] || \ - [ "$PARAM" = "--set-string" ] || \ - [ "$PARAM" = "--version" ]; then - # skip param and its value - i=$((i + 1)) + skip="false" + for param in $1; do + if [ "$skip" = "false" ]; then + if [ "$param" = "-f" ] || \ + [ "$param" = "--values" ] || \ + [ "$param" = "--set" ] || \ + [ "$param" = "--set-string" ] || \ + [ "$param" = "--version" ]; then + skip="true" + else + DEPLOY_FLAGS="$DEPLOY_FLAGS $param" + fi else - DEPLOY_FLAGS="$DEPLOY_FLAGS $PARAM" + skip="false" fi - i=$((i+1)) done echo "$DEPLOY_FLAGS" } @@ -93,8 +93,9 @@ resolve_deploy_flags() { check_for_dep() { try=0 retries=60 - until (kubectl get deployment -n $HELM_NAMESPACE | grep -P "\b$1\b") &>/dev/null; do - (( ++try > retries )) && exit 1 + until (kubectl get deployment -n $HELM_NAMESPACE | grep -P "\b$1\b") >/dev/null 2>&1; do + try=$(($try + 1)) + [ $try -gt $retries ] && exit 1 echo "$1 not found. Retry $try/$retries" sleep 10 done @@ -284,14 +285,19 @@ deploy() { if [ $SUBCHART_ENABLED -eq 1 ]; then deploy_subchart else - array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}")) - n=${#array[*]} - for i in $(seq $(($n-1)) -1 0); do - helm del "${array[i]}" + reverse_list= + for item in $(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}") + do + reverse_list="$item $reverse_list" + done + for item in $reverse_list + do + helm del $item done fi done + for subchart in * ; do SUBCHART_OVERRIDES=$CACHE_SUBCHART_DIR/$subchart/subchart-overrides.yaml @@ -306,10 +312,14 @@ deploy() { if [ $SUBCHART_ENABLED -eq 1 ]; then deploy_subchart else - array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}")) - n=${#array[*]} - for i in $(seq $(($n-1)) -1 0); do - helm del "${array[i]}" + reverse_list= + for item in $(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}") + do + reverse_list="$item $reverse_list" + done + for item in $reverse_list + do + helm del $item done fi done diff --git a/kubernetes/helm/starters/onap-app/Chart.yaml b/kubernetes/helm/starters/onap-app/Chart.yaml index 6782264007..2f8c678e40 100644 --- a/kubernetes/helm/starters/onap-app/Chart.yaml +++ b/kubernetes/helm/starters/onap-app/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: <Short application description - this is visible via 'helm search'> name: <onap-app> -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/holmes/Chart.yaml b/kubernetes/holmes/Chart.yaml index 5b80bf880a..10268d4c81 100644 --- a/kubernetes/holmes/Chart.yaml +++ b/kubernetes/holmes/Chart.yaml @@ -18,26 +18,26 @@ apiVersion: v2 description: ONAP DCAE HOLMES name: holmes -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.postgres.localCluster - name: postgres-init - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: not global.postgres.localCluster - name: holmes-rule-mgmt - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/holmes-rule-mgmt' - name: holmes-engine-mgmt - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/holmes-engine-mgmt' diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml index 455996b063..5169d6510a 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 appVersion: "2.0" description: Holmes Engine Management name: holmes-engine-mgmt -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/engine-d.yml b/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/engine-d.yml index 7475a4d2bf..9e62ccf2f7 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/engine-d.yml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/engine-d.yml @@ -31,7 +31,7 @@ server: logging: # The default level of all loggers. Can be OFF, ERROR, WARN, INFO, DEBUG, TRACE, or ALL. - level: ALL + level: INFO # Logger-specific levels. loggers: @@ -41,7 +41,7 @@ logging: appenders: - type: console - threshold: ALL + threshold: INFO timeZone: UTC logFormat: "%d{yyyy-MM-dd HH:mm:ss SSS} %-5p [%c][%t] invocationID:{InvocationID} - %m%n" - type: file @@ -51,7 +51,7 @@ logging: archivedLogFilenamePattern: /var/log/ONAP/holmes/zip/engine-d-error-%d{yyyy-MM-dd}.log.gz archivedFileCount: 7 - type: file - threshold: DEBUG + threshold: INFO logFormat: "%d{yyyy-MM-dd HH:mm:ss SSS} %-5p [%c][%t] invocationID:{InvocationID} - %m%n" currentLogFilename: /var/log/ONAP/holmes/engine-d-debug.log archivedLogFilenamePattern: /var/log/ONAP/holmes/zip/engine-d-debug-%d{yyyy-MM-dd}.log.gz diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml index c8ec225545..50df26f946 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml @@ -28,7 +28,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/holmes/engine-management:10.0.2 +image: onap/holmes/engine-management:10.0.5 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 ################################################################# diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml index 97d7fe3eea..08eb19df74 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 appVersion: "2.0" description: Holmes Rule Management name: holmes-rule-mgmt -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/rulemgt.yml b/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/rulemgt.yml index 43a83d09b0..89269dede8 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/rulemgt.yml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/rulemgt.yml @@ -24,7 +24,7 @@ server: logging: # The default level of all loggers. Can be OFF, ERROR, WARN, INFO, DEBUG, TRACE, or ALL. - level: ALL + level: INFO # Logger-specific levels. loggers: @@ -34,7 +34,7 @@ logging: appenders: - type: console - threshold: ALL + threshold: INFO timeZone: UTC logFormat: "%d{yyyy-MM-dd HH:mm:ss SSS} %-5p [%c][%t] invocationID:{InvocationID} - %m%n" - type: file @@ -45,7 +45,7 @@ logging: archivedLogFilenamePattern: /var/log/ONAP/holmes/zip/rulemgt-relation-error-%d{yyyy-MM-dd}.log.gz archivedFileCount: 7 - type: file - threshold: DEBUG + threshold: INFO logFormat: "%d{yyyy-MM-dd HH:mm:ss SSS} %-5p [%c][%t] invocationID:{InvocationID} - %m%n" currentLogFilename: /var/log/ONAP/holmes/rulemgt-relation-debug.log archivedLogFilenamePattern: /var/log/ONAP/holmes/zip/rulemgt-relation-debug-%d{yyyy-MM-dd}.log.gz diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml index 94076194e0..84c2108521 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml @@ -28,7 +28,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/holmes/rule-management:10.0.2 +image: onap/holmes/rule-management:10.0.5 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 ################################################################# diff --git a/kubernetes/log/Chart.yaml b/kubernetes/log/Chart.yaml index 7046188fbd..891566c781 100644 --- a/kubernetes/log/Chart.yaml +++ b/kubernetes/log/Chart.yaml @@ -18,21 +18,21 @@ apiVersion: v2 description: ONAP Logging ElasticStack name: log -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: log-elasticsearch - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/log-elasticsearch' - name: log-kibana - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/log-kibana' - name: log-logstash - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/log-logstash' diff --git a/kubernetes/log/components/log-elasticsearch/Chart.yaml b/kubernetes/log/components/log-elasticsearch/Chart.yaml index 39cd8ebfa5..7783eb1e9a 100644 --- a/kubernetes/log/components/log-elasticsearch/Chart.yaml +++ b/kubernetes/log/components/log-elasticsearch/Chart.yaml @@ -18,12 +18,12 @@ apiVersion: v2 description: ONAP Logging Elasticsearch name: log-elasticsearch -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/log/components/log-kibana/Chart.yaml b/kubernetes/log/components/log-kibana/Chart.yaml index 53233a0691..0df19a6d39 100644 --- a/kubernetes/log/components/log-kibana/Chart.yaml +++ b/kubernetes/log/components/log-kibana/Chart.yaml @@ -18,12 +18,12 @@ apiVersion: v2 description: ONAP Logging Kibana name: log-kibana -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/log/components/log-logstash/Chart.yaml b/kubernetes/log/components/log-logstash/Chart.yaml index 143ee1adba..b8a0d8e2c5 100644 --- a/kubernetes/log/components/log-logstash/Chart.yaml +++ b/kubernetes/log/components/log-logstash/Chart.yaml @@ -18,12 +18,12 @@ apiVersion: v2 description: ONAP Logging Logstash name: log-logstash -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/modeling/Chart.yaml b/kubernetes/modeling/Chart.yaml index 13b398b97f..fdb4031609 100644 --- a/kubernetes/modeling/Chart.yaml +++ b/kubernetes/modeling/Chart.yaml @@ -17,9 +17,9 @@ apiVersion: v2 description: ONAP Modeling (Modeling) name: modeling -version: 10.0.0 +version: 11.0.0 dependencies: - name: modeling-etsicatalog - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/modeling-etsicatalog' diff --git a/kubernetes/modeling/components/modeling-etsicatalog/Chart.yaml b/kubernetes/modeling/components/modeling-etsicatalog/Chart.yaml index 8825c6fe67..0c6dc78100 100644 --- a/kubernetes/modeling/components/modeling-etsicatalog/Chart.yaml +++ b/kubernetes/modeling/components/modeling-etsicatalog/Chart.yaml @@ -17,26 +17,26 @@ apiVersion: v2 description: ONAP Modeling - Etsicatalog name: modeling-etsicatalog -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.mariadbGalera.localCluster - name: mariadb-init - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: not global.mariadbGalera.localCluster - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/modeling/components/modeling-etsicatalog/values.yaml b/kubernetes/modeling/components/modeling-etsicatalog/values.yaml index 1b1bb387b9..61df057fdb 100644 --- a/kubernetes/modeling/components/modeling-etsicatalog/values.yaml +++ b/kubernetes/modeling/components/modeling-etsicatalog/values.yaml @@ -102,7 +102,7 @@ config: # application image flavor: small -image: onap/modeling/etsicatalog:1.0.13 +image: onap/modeling/etsicatalog:1.0.14 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/msb/Chart.yaml b/kubernetes/msb/Chart.yaml index d21fdf868c..0ca765779c 100644 --- a/kubernetes/msb/Chart.yaml +++ b/kubernetes/msb/Chart.yaml @@ -18,28 +18,28 @@ apiVersion: v2 description: ONAP MicroServices Bus name: msb -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: kube2msb - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/kube2msb' - name: msb-consul - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/msb-consul' - name: msb-discovery - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/msb-discovery' - name: msb-eag - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/msb-eag' - name: msb-iag - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/msb-iag' diff --git a/kubernetes/msb/components/kube2msb/Chart.yaml b/kubernetes/msb/components/kube2msb/Chart.yaml index c196848dab..ec63e0565f 100644 --- a/kubernetes/msb/components/kube2msb/Chart.yaml +++ b/kubernetes/msb/components/kube2msb/Chart.yaml @@ -16,12 +16,12 @@ apiVersion: v2 description: ONAP MicroServices Bus Kube2MSB Registrator name: kube2msb -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/msb/components/msb-consul/Chart.yaml b/kubernetes/msb/components/msb-consul/Chart.yaml index 487b5d989c..830023b046 100644 --- a/kubernetes/msb/components/msb-consul/Chart.yaml +++ b/kubernetes/msb/components/msb-consul/Chart.yaml @@ -16,15 +16,15 @@ apiVersion: v2 description: ONAP MicroServices Bus Consul name: msb-consul -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/msb/components/msb-discovery/Chart.yaml b/kubernetes/msb/components/msb-discovery/Chart.yaml index cece1823d4..8d0c9a1ea4 100644 --- a/kubernetes/msb/components/msb-discovery/Chart.yaml +++ b/kubernetes/msb/components/msb-discovery/Chart.yaml @@ -16,15 +16,15 @@ apiVersion: v2 description: ONAP MicroServices Bus Discovery name: msb-discovery -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/msb/components/msb-eag/Chart.yaml b/kubernetes/msb/components/msb-eag/Chart.yaml index 7a8d65e651..1348eaa3d9 100644 --- a/kubernetes/msb/components/msb-eag/Chart.yaml +++ b/kubernetes/msb/components/msb-eag/Chart.yaml @@ -16,18 +16,18 @@ apiVersion: v2 description: ONAP MicroServices Bus Internal API Gateway name: msb-eag -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/msb/components/msb-iag/Chart.yaml b/kubernetes/msb/components/msb-iag/Chart.yaml index 80f5794411..38084154c6 100644 --- a/kubernetes/msb/components/msb-iag/Chart.yaml +++ b/kubernetes/msb/components/msb-iag/Chart.yaml @@ -16,18 +16,18 @@ apiVersion: v2 description: ONAP MicroServices Bus Internal API Gateway name: msb-iag -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/multicloud/Chart.yaml b/kubernetes/multicloud/Chart.yaml index 07fac6038e..7bc5f17613 100644 --- a/kubernetes/multicloud/Chart.yaml +++ b/kubernetes/multicloud/Chart.yaml @@ -18,43 +18,43 @@ apiVersion: v2 description: ONAP multicloud broker name: multicloud -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: multicloud-fcaps - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/multicloud-fcaps' condition: multicloud-fcaps.enabled - name: multicloud-k8s - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/multicloud-k8s' condition: multicloud-k8s.enabled - name: multicloud-pike - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/multicloud-pike' condition: multicloud-pike.enabled - name: multicloud-prometheus - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/multicloud-prometheus' condition: multicloud-prometheus.enabled - name: multicloud-starlingx - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/multicloud-starlingx' condition: multicloud-starlingx.enabled - name: multicloud-vio - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/multicloud-vio' condition: multicloud-vio.enabled - name: multicloud-windriver - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/multicloud-windriver' condition: multicloud-windriver.enabled - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/multicloud/components/multicloud-fcaps/Chart.yaml b/kubernetes/multicloud/components/multicloud-fcaps/Chart.yaml index 7a49ed33a7..c8fdd60d11 100644 --- a/kubernetes/multicloud/components/multicloud-fcaps/Chart.yaml +++ b/kubernetes/multicloud/components/multicloud-fcaps/Chart.yaml @@ -16,15 +16,15 @@ apiVersion: v2 description: ONAP multicloud OpenStack fcaps Plugin name: multicloud-fcaps -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/multicloud/components/multicloud-k8s/Chart.yaml b/kubernetes/multicloud/components/multicloud-k8s/Chart.yaml index 278f9d05d3..c6645db05c 100644 --- a/kubernetes/multicloud/components/multicloud-k8s/Chart.yaml +++ b/kubernetes/multicloud/components/multicloud-k8s/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 description: ONAP Multicloud Kubernetes Plugin name: multicloud-k8s -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: mongo - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: etcd - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/multicloud/components/multicloud-k8s/values.yaml b/kubernetes/multicloud/components/multicloud-k8s/values.yaml index 844ac5e58d..b152af282e 100644 --- a/kubernetes/multicloud/components/multicloud-k8s/values.yaml +++ b/kubernetes/multicloud/components/multicloud-k8s/values.yaml @@ -24,7 +24,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/multicloud/k8s:0.10.0 +image: onap/multicloud/k8s:0.10.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/multicloud/components/multicloud-pike/Chart.yaml b/kubernetes/multicloud/components/multicloud-pike/Chart.yaml index 3bf3a95c94..45dd8e5668 100644 --- a/kubernetes/multicloud/components/multicloud-pike/Chart.yaml +++ b/kubernetes/multicloud/components/multicloud-pike/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP multicloud OpenStack Pike Plugin name: multicloud-pike -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/multicloud/components/multicloud-prometheus/Chart.yaml b/kubernetes/multicloud/components/multicloud-prometheus/Chart.yaml index 7af1a67d9a..1fbfcd4a36 100644 --- a/kubernetes/multicloud/components/multicloud-prometheus/Chart.yaml +++ b/kubernetes/multicloud/components/multicloud-prometheus/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 description: ONAP Multicloud Prometheus name: multicloud-prometheus -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: prometheus-alertmanager - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/prometheus-alertmanager' - name: prometheus-grafana - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/prometheus-grafana' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/multicloud/components/multicloud-prometheus/components/prometheus-alertmanager/Chart.yaml b/kubernetes/multicloud/components/multicloud-prometheus/components/prometheus-alertmanager/Chart.yaml index e2b3a265c7..7734428db2 100644 --- a/kubernetes/multicloud/components/multicloud-prometheus/components/prometheus-alertmanager/Chart.yaml +++ b/kubernetes/multicloud/components/multicloud-prometheus/components/prometheus-alertmanager/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v2 description: ONAP Multicloud Prometheus Alert Manager name: prometheus-alertmanager -version: 10.0.0 +version: 11.0.0 diff --git a/kubernetes/multicloud/components/multicloud-prometheus/components/prometheus-grafana/Chart.yaml b/kubernetes/multicloud/components/multicloud-prometheus/components/prometheus-grafana/Chart.yaml index cf8cfc5633..b72890c141 100644 --- a/kubernetes/multicloud/components/multicloud-prometheus/components/prometheus-grafana/Chart.yaml +++ b/kubernetes/multicloud/components/multicloud-prometheus/components/prometheus-grafana/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v2 description: ONAP Multicloud Grafana for Prometheus name: prometheus-grafana -version: 10.0.0 +version: 11.0.0 diff --git a/kubernetes/multicloud/components/multicloud-starlingx/Chart.yaml b/kubernetes/multicloud/components/multicloud-starlingx/Chart.yaml index 9b49b71c63..79e0831141 100644 --- a/kubernetes/multicloud/components/multicloud-starlingx/Chart.yaml +++ b/kubernetes/multicloud/components/multicloud-starlingx/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP multicloud OpenStack Starlingx Plugin name: multicloud-starlingx -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/multicloud/components/multicloud-vio/Chart.yaml b/kubernetes/multicloud/components/multicloud-vio/Chart.yaml index 90a5c94757..0c444fb15b 100644 --- a/kubernetes/multicloud/components/multicloud-vio/Chart.yaml +++ b/kubernetes/multicloud/components/multicloud-vio/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: ONAP multicloud VIO plugin name: multicloud-vio -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/multicloud/components/multicloud-windriver/Chart.yaml b/kubernetes/multicloud/components/multicloud-windriver/Chart.yaml index 79df2005c8..d161db51ef 100644 --- a/kubernetes/multicloud/components/multicloud-windriver/Chart.yaml +++ b/kubernetes/multicloud/components/multicloud-windriver/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: ONAP multicloud OpenStack WindRiver Plugin name: multicloud-windriver -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/nbi/Chart.yaml b/kubernetes/nbi/Chart.yaml index fee022a491..93a05d34b0 100644 --- a/kubernetes/nbi/Chart.yaml +++ b/kubernetes/nbi/Chart.yaml @@ -17,32 +17,32 @@ apiVersion: v2 description: ONAP Northbound Interface name: nbi -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mongo - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.mariadbGalera.localCluster - name: mariadb-init - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: not global.mariadbGalera.localCluster - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index 92788e430f..9b69a4356f 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -65,7 +65,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/externalapi/nbi:8.0.1 +image: onap/externalapi/nbi:10.0.0 pullPolicy: IfNotPresent sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU= aai_authorization: Basic QUFJOkFBSQ== diff --git a/kubernetes/onap/Chart.yaml b/kubernetes/onap/Chart.yaml index 371bc7167e..3113fda8d1 100644 --- a/kubernetes/onap/Chart.yaml +++ b/kubernetes/onap/Chart.yaml @@ -15,8 +15,8 @@ apiVersion: v2 name: onap -version: 10.0.0 -appVersion: Jakarta +version: 11.0.0 +appVersion: Kohn description: Open Network Automation Platform (ONAP) home: https://www.onap.org/ sources: @@ -26,160 +26,160 @@ kubeVersion: ">=1.19.11-0" dependencies: - name: aaf - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: aaf.enabled - name: aai - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: aai.enabled - name: appc - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: appc.enabled - name: cassandra - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: cassandra.enabled - name: cds - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: cds.enabled - name: cli - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: cli.enabled - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: consul - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: consul.enabled - name: contrib - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.addTestingComponents - name: cps - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: cps.enabled - name: dcaegen2 - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcaegen2.enabled - name: dcaegen2-services - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcaegen2-services.enabled - name: dcaemod - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcaemod.enabled - name: holmes - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: holmes.enabled - name: dmaap - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dmaap.enabled - name: log - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: log.enabled - name: sniro-emulator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: sniro-emulator.enabled - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: mariadb-galera.enabled - name: msb - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: msb.enabled - name: multicloud - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: multicloud.enabled - name: nbi - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: nbi.enabled - name: policy - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: policy.enabled - name: portal - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: portal.enabled - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: postgres.enabled - name: oof - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: oof.enabled - name: repository-wrapper - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: robot - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: robot.enabled - name: sdc - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: sdc.enabled - name: sdnc - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: sdnc.enabled - name: so - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: so.enabled - name: strimzi - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: strimzi.enabled - name: uui - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: uui.enabled - name: vfc - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: vfc.enabled - name: vid - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: vid.enabled - name: vnfsdk - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: vnfsdk.enabled - name: modeling - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: modeling.enabled - name: platform - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: platform.enabled - name: a1policymanagement - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: a1policymanagement.enabled - name: cert-wrapper - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: cert-wrapper.enabled - name: roles-wrapper - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: roles-wrapper.enabled diff --git a/kubernetes/onap/resources/overrides/environment.yaml b/kubernetes/onap/resources/overrides/environment.yaml index 50703fbf4a..c9ae94a136 100644 --- a/kubernetes/onap/resources/overrides/environment.yaml +++ b/kubernetes/onap/resources/overrides/environment.yaml @@ -136,7 +136,7 @@ dmaap: initialDelaySeconds: 120 mariadb-galera: liveness: - initialDelaySeconds: 180 + initialDelaySeconds: 30 periodSeconds: 60 mariadb-galera-server: liveness: diff --git a/kubernetes/onap/resources/overrides/onap-all.yaml b/kubernetes/onap/resources/overrides/onap-all.yaml index f16813fc97..f8f1b4cd81 100644 --- a/kubernetes/onap/resources/overrides/onap-all.yaml +++ b/kubernetes/onap/resources/overrides/onap-all.yaml @@ -2,6 +2,7 @@ # Copyright (c) 2020 Nordix Foundation, Modifications # Modifications Copyright © 2020 Nokia # Modifications Copyright © 2021 Orange +# Modifications Copyright © 2022 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -56,6 +57,44 @@ dcaegen2: enabled: true dcaegen2-services: enabled: true + dcae-datafile-collector: + enabled: true + dcae-datalake-admin-ui: + enabled: true + dcae-datalake-des: + enabled: true + dcae-datalake-feeder: + enabled: true + dcae-heartbeat: + enabled: true + dcae-hv-ves-collector: + enabled: true + dcae-kpi-ms: + enabled: true + dcae-ms-healthcheck: + enabled: true + dcae-pm-mapper: + enabled: true + dcae-pmsh: + enabled: true + dcae-prh: + enabled: true + dcae-restconf-collector: + enabled: true + dcae-slice-analysis-ms: + enabled: true + dcae-snmptrap-collector: + enabled: true + dcae-son-handler: + enabled: true + dcae-tcagen2: + enabled: true + dcae-ves-collector: + enabled: true + dcae-ves-mapper: + enabled: true + dcae-ves-openapi-manager: + enabled: true dcaemod: enabled: true holmes: diff --git a/kubernetes/onap/resources/overrides/sm-onap.yaml b/kubernetes/onap/resources/overrides/sm-onap.yaml index 37080b8290..2af6e2147b 100644 --- a/kubernetes/onap/resources/overrides/sm-onap.yaml +++ b/kubernetes/onap/resources/overrides/sm-onap.yaml @@ -135,7 +135,7 @@ so: openStackServiceTenantName: "$OPENSTACK_TENANT_NAME" openStackEncryptedPasswordHere: "$OPENSTACK_ENCRYPTED_PASSWORD" strimzi: - enabled: false + enabled: true uui: enabled: false vid: diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 0e8dd21994..6939a87f21 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -97,7 +97,7 @@ global: loggingImage: beats/filebeat:5.5.0 # mariadb client image - mariadbImage: bitnami/mariadb:10.6.5-debian-10-r28 + mariadbImage: bitnami/mariadb:10.5.8 # nginx server image nginxImage: bitnami/nginx:1.21.4 diff --git a/kubernetes/oof/Chart.yaml b/kubernetes/oof/Chart.yaml index 0bc7dd9d59..7602afdb96 100755 --- a/kubernetes/oof/Chart.yaml +++ b/kubernetes/oof/Chart.yaml @@ -18,25 +18,25 @@ apiVersion: v2 description: ONAP Optimization Framework name: oof -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: oof-has - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/oof-has' condition: oof-has.enabled - name: oof-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/oof-templates' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/oof/components/oof-has/Chart.yaml b/kubernetes/oof/components/oof-has/Chart.yaml index ad129e0cc2..85613895f1 100755 --- a/kubernetes/oof/components/oof-has/Chart.yaml +++ b/kubernetes/oof/components/oof-has/Chart.yaml @@ -18,45 +18,45 @@ apiVersion: v2 description: ONAP Homing and Allocation Service name: oof-has -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: music - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: music.enabled - name: etcd - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: etcd.enabled - name: etcd-init - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: etcd-init.enabled - name: oof-has-api - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/oof-has-api' condition: oof-has-api.enabled - name: oof-has-controller - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/oof-has-controller' condition: oof-has-controller.enabled - name: oof-has-data - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/oof-has-data' condition: oof-has-data.enabled - name: oof-has-reservation - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/oof-has-reservation' condition: oof-has-reservation.enabled - name: oof-has-solver - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/oof-has-solver' condition: oof-has-solver.enabled - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml index 3026110fef..a1558114d8 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml @@ -18,21 +18,21 @@ apiVersion: v2 description: ONAP Homing and Allocation Servicei - API name: oof-has-api -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: oof-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../oof-templates' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml index 72c5ddc9c2..228302fed4 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml @@ -16,7 +16,7 @@ global: # global defaults nodePortPrefix: 302 image: - optf_has: onap/optf-has:2.2.1 + optf_has: onap/optf-has:2.3.0 ################################################################# # secrets metaconfig diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/Chart.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/Chart.yaml index b59f49a054..e8f510bf5f 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-controller/Chart.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 description: ONAP Homing and Allocation Sservice - Controller name: oof-has-controller -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: oof-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../oof-templates' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml index 0157c569a0..a8c5dd216a 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.2.1 + optf_has: onap/optf-has:2.3.0 ################################################################# # Secrets metaconfig diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/Chart.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/Chart.yaml index f1757ecb6d..3bcfd08b41 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-data/Chart.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-data/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 description: ONAP Homing and Allocation Service - Data Component name: oof-has-data -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: oof-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../oof-templates' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml index 5623cde904..0aaf4286cd 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.2.1 + optf_has: onap/optf-has:2.3.0 ################################################################# # secrets metaconfig diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/Chart.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/Chart.yaml index 87a2417810..ba2733ef9f 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/Chart.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 description: ONAP Homing and Allocation Sevice - Reservation Component name: oof-has-reservation -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: oof-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../oof-templates' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml index fa8bdd97ed..fd88273dce 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.2.1 + optf_has: onap/optf-has:2.3.0 ################################################################# # secrets metaconfig diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/Chart.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/Chart.yaml index 663d863bfc..3ec7d88fe7 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-solver/Chart.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 description: ONAP Homing and Allocation Service - Solver Component name: oof-has-solver -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: oof-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../oof-templates' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml index e7ceddd9a4..36c1945835 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.2.1 + optf_has: onap/optf-has:2.3.0 ################################################################# # secrets metaconfig diff --git a/kubernetes/oof/components/oof-has/resources/config/conductor.conf b/kubernetes/oof/components/oof-has/resources/config/conductor.conf index 7d724a593d..22a20fe64e 100755 --- a/kubernetes/oof/components/oof-has/resources/config/conductor.conf +++ b/kubernetes/oof/components/oof-has/resources/config/conductor.conf @@ -753,3 +753,47 @@ certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer #password = get_ta_list_url = "/api/v1/execute/ran-coverage-area/get_ta_list" + +[dcae] + +# +# From conductor +# +# +# Data Store table prefix. (string value) +#table_prefix = dcae + +# Base URL for DCAE, up to and not including the version, and without a +# trailing slash. (string value) +server_url = https://{{.Values.config.dcae.service}}.{{ include "common.namespace" . }}:{{.Values.config.dcae.port}} + +# Timeout for DCAE Rest Call (string value) +#dcae_rest_timeout = 30 + +# Number of retry for DCAE Rest Call (string value) +#dcae_retries = 3 + +# The version of A&AI in v# format. (string value) +server_url_version = v1 + +# SSL/TLS certificate file in pem format. This certificate must be registered +# with the SDC endpoint. (string value) +#certificate_file = certificate.pem +certificate_file = + +# Private Certificate Key file in pem format. (string value) +#certificate_key_file = certificate_key.pem +certificate_key_file = + +# Certificate Authority Bundle file in pem format. Must contain the appropriate +# trust chain for the Certificate file. (string value) +#certificate_authority_bundle_file = certificate_authority_bundle.pem +certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer + +# Username for DCAE. (string value) +#username = + +# Password for DCAE. (string value) +#password = + +get_slice_config_url = "/api/v1/slices-config"
\ No newline at end of file diff --git a/kubernetes/oof/components/oof-has/values.yaml b/kubernetes/oof/components/oof-has/values.yaml index bc129beb3e..8a146a90b8 100755 --- a/kubernetes/oof/components/oof-has/values.yaml +++ b/kubernetes/oof/components/oof-has/values.yaml @@ -19,7 +19,7 @@ global: commonConfigPrefix: onap-oof-has image: - optf_has: onap/optf-has:2.2.1 + optf_has: onap/optf-has:2.3.0 persistence: enabled: true @@ -71,6 +71,9 @@ config: cps: service: cps-tbdmt port: 8080 + dcae: + service: dcae-slice-analysis-ms + port: 8080 etcd: serviceName: &etcd-service oof-has-etcd port: 2379 diff --git a/kubernetes/oof/components/oof-templates/Chart.yaml b/kubernetes/oof/components/oof-templates/Chart.yaml index 18f233b75d..a59f751611 100755 --- a/kubernetes/oof/components/oof-templates/Chart.yaml +++ b/kubernetes/oof/components/oof-templates/Chart.yaml @@ -18,10 +18,10 @@ apiVersion: v2 description: ONAP OOF helm templates name: oof-templates -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/oof/resources/config/conf/common_config.yaml b/kubernetes/oof/resources/config/conf/common_config.yaml index 8f00ac72da..57e8e27a19 100644 --- a/kubernetes/oof/resources/config/conf/common_config.yaml +++ b/kubernetes/oof/resources/config/conf/common_config.yaml @@ -162,4 +162,5 @@ nxi_termination: - "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'AN') > service-instance*('service-role','nsi')" - "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'AN_NF') > service-instance*('workload-context','AN')" - "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'TN_MH') > service-instance*('workload-context','AN')" + - "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'TN_FH') > service-instance*('workload-context','AN')" - "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'AN_NF') > service-instance*('workload-context','AN')" diff --git a/kubernetes/platform/Chart.yaml b/kubernetes/platform/Chart.yaml index 5869d7401c..559e5fe383 100644 --- a/kubernetes/platform/Chart.yaml +++ b/kubernetes/platform/Chart.yaml @@ -19,15 +19,15 @@ apiVersion: v2 description: ONAP platform components name: platform -version: 10.0.0 +version: 11.0.0 dependencies: - name: oom-cert-service - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/oom-cert-service' - name: cmpv2-cert-provider - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/cmpv2-cert-provider' - name: chartmuseum - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/chartmuseum' diff --git a/kubernetes/platform/components/chartmuseum/Chart.yaml b/kubernetes/platform/components/chartmuseum/Chart.yaml index 16b504b1c3..e8a5b839a5 100644 --- a/kubernetes/platform/components/chartmuseum/Chart.yaml +++ b/kubernetes/platform/components/chartmuseum/Chart.yaml @@ -20,18 +20,18 @@ apiVersion: v2 description: ONAP Chart Museum name: chartmuseum -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/platform/components/cmpv2-cert-provider/Chart.yaml b/kubernetes/platform/components/cmpv2-cert-provider/Chart.yaml index b468412e55..1c6cb71630 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/Chart.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP CMPv2 certificate external provider for cert-manager name: cmpv2-cert-provider -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml b/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml index c49762202b..ce5e410abe 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml @@ -32,6 +32,16 @@ spec: metadata: labels: control-plane: controller-manager + {{- if (include "common.onServiceMesh" . | nindent 6 ) }} + annotations: + {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }} + linkerd.io/inject: disabled + {{- end }} + {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }} + traffic.sidecar.istio.io/excludeInboundPorts: "8080,8443" + traffic.sidecar.istio.io/includeInboundPorts: '*' + {{- end }} + {{- end }} spec: imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/platform/components/oom-cert-service/Chart.yaml b/kubernetes/platform/components/oom-cert-service/Chart.yaml index de3b9eb7a9..30da403445 100644 --- a/kubernetes/platform/components/oom-cert-service/Chart.yaml +++ b/kubernetes/platform/components/oom-cert-service/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: ONAP Cert Service name: oom-cert-service -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certManagerCertificate - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: cmpv2Config - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml b/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml index 8215ed949e..5f80a7dc75 100644 --- a/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml +++ b/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml @@ -22,6 +22,16 @@ spec: selector: {{- include "common.selectors" . | nindent 4 }} template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} + {{- if (include "common.onServiceMesh" . ) }} + annotations: + {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }} + linkerd.io/inject: disabled + {{- end }} + {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }} + traffic.sidecar.istio.io/excludeInboundPorts: "8080,8443" + traffic.sidecar.istio.io/includeInboundPorts: '*' + {{- end }} + {{- end }} spec: imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/Chart.yaml b/kubernetes/policy/Chart.yaml index 677271c241..803298aadc 100755 --- a/kubernetes/policy/Chart.yaml +++ b/kubernetes/policy/Chart.yaml @@ -18,70 +18,77 @@ apiVersion: v2 description: ONAP Policy name: policy -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: policy-nexus - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-nexus' condition: policy-nexus.enabled - name: policy-api - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-api' condition: policy-api.enabled - name: policy-pap - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-pap' condition: policy-pap.enabled - name: policy-xacml-pdp - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-xacml-pdp' condition: policy-xacml-pdp.enabled - name: policy-apex-pdp - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-apex-pdp' condition: policy-apex-pdp.enabled - name: policy-drools-pdp - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-drools-pdp' condition: policy-drools-pdp.enabled - name: policy-distribution - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-distribution' condition: policy-distribution.enabled - name: policy-clamp-be - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-clamp-be' condition: policy-clamp-be.enabled - name: policy-clamp-ac-k8s-ppnt - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-clamp-ac-k8s-ppnt' condition: policy-clamp-ac-k8s-ppnt.enabled - name: policy-clamp-ac-http-ppnt - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-clamp-ac-http-ppnt' condition: policy-clamp-ac-http-ppnt.enabled - name: policy-clamp-ac-pf-ppnt - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-clamp-ac-pf-ppnt' condition: policy-clamp-ac-pf-ppnt.enabled - name: policy-clamp-runtime-acm - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-clamp-runtime-acm' condition: policy-clamp-runtime-acm.enabled - name: policy-gui - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-gui' condition: policy-gui.enabled - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' + - name: readinessCheck + version: ~11.x-0 + repository: '@local' + - name: postgres + version: ~11.x-0 + repository: '@local' + condition: global.postgres.localCluster diff --git a/kubernetes/policy/components/policy-apex-pdp/Chart.yaml b/kubernetes/policy/components/policy-apex-pdp/Chart.yaml index 7f22e9fd0e..92af552fac 100755 --- a/kubernetes/policy/components/policy-apex-pdp/Chart.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/Chart.yaml @@ -21,18 +21,18 @@ apiVersion: v2 description: ONAP Policy APEX PDP name: policy-apex-pdp -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-apex-pdp/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-apex-pdp/templates/serviceMonitor.yaml index dbf6a7cd6a..8284c73ed1 100644 --- a/kubernetes/policy/components/policy-apex-pdp/templates/serviceMonitor.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/templates/serviceMonitor.yaml @@ -18,6 +18,6 @@ # ============LICENSE_END========================================================= */}} -{{- if .Values.prometheus.enabled }} +{{- if .Values.global.prometheusEnabled }} {{ include "common.serviceMonitor" . }} -{{- end }}
\ No newline at end of file +{{- end }} diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml index 6adf0e6609..db5251913e 100755 --- a/kubernetes/policy/components/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-apex-pdp:2.7.1 +image: onap/policy-apex-pdp:2.7.3 pullPolicy: Always # flag to enable debugging - application support required @@ -140,9 +140,6 @@ serviceAccount: roles: - read -prometheus: - enabled: true - metrics: serviceMonitor: # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. diff --git a/kubernetes/policy/components/policy-api/Chart.yaml b/kubernetes/policy/components/policy-api/Chart.yaml index 82a0f48240..d317b9e513 100755 --- a/kubernetes/policy/components/policy-api/Chart.yaml +++ b/kubernetes/policy/components/policy-api/Chart.yaml @@ -21,18 +21,18 @@ apiVersion: v2 description: ONAP Policy Design API name: policy-api -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml b/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml index c08b035d53..e6cf2b3571 100644 --- a/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml +++ b/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml @@ -29,6 +29,8 @@ spring: driverClassName: org.mariadb.jdbc.Driver username: "${SQL_USER}" password: "${SQL_PASSWORD}" + hikari: + maximumPoolSize: 20 jpa: properties: hibernate: diff --git a/kubernetes/policy/components/policy-api/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-api/templates/serviceMonitor.yaml index dbf6a7cd6a..8284c73ed1 100644 --- a/kubernetes/policy/components/policy-api/templates/serviceMonitor.yaml +++ b/kubernetes/policy/components/policy-api/templates/serviceMonitor.yaml @@ -18,6 +18,6 @@ # ============LICENSE_END========================================================= */}} -{{- if .Values.prometheus.enabled }} +{{- if .Values.global.prometheusEnabled }} {{ include "common.serviceMonitor" . }} -{{- end }}
\ No newline at end of file +{{- end }} diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml index 89608cfb6f..0e3ada8956 100755 --- a/kubernetes/policy/components/policy-api/values.yaml +++ b/kubernetes/policy/components/policy-api/values.yaml @@ -79,7 +79,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-api:2.6.1 +image: onap/policy-api:2.6.3 pullPolicy: Always # flag to enable debugging - application support required @@ -156,9 +156,6 @@ serviceAccount: roles: - read -prometheus: - enabled: true - metrics: serviceMonitor: # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/Chart.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/Chart.yaml index 00cbd28181..2fa60d513d 100644 --- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/Chart.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/Chart.yaml @@ -19,18 +19,18 @@ apiVersion: v2 description: ONAP Policy Clamp Controlloop Http Participant name: policy-clamp-ac-http-ppnt -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml index 249aaaebda..406b59c545 100644 --- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml @@ -21,6 +21,20 @@ spring: user: name: ${RESTSERVER_USER} password: ${RESTSERVER_PASSWORD} +{{- if .Values.config.useStrimziKafka }} + kafka: + bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 + security.protocol: SASL_PLAINTEXT + properties.sasl: + mechanism: SCRAM-SHA-512 + jaas.config: ${JAASLOGIN} +{{ else }} +{{ toYaml .Values.config.eventPublisher | nindent 2 }} +{{- end }} + +{{- if .Values.config.additional }} +{{ toYaml .Values.config.additional | nindent 2 }} +{{- end }} security: enable-csrf: false diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/deployment.yaml index 3a5b8b199f..044be0ff70 100644 --- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/deployment.yaml @@ -38,6 +38,10 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }} - name: RESTSERVER_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }} +{{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }} +{{- end }} volumeMounts: - mountPath: /config-input name: ac-http-ppnt-config diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml index 8eafa463c5..5f8aa3b5a1 100644 --- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml @@ -43,6 +43,13 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}' password: '{{ .Values.certStores.trustStorePassword }}' passwordPolicy: required + - uid: policy-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate certStores: keyStorePassword: Pol1cy_0nap @@ -71,7 +78,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-http-ppnt:6.2.1 +image: onap/policy-clamp-ac-http-ppnt:6.2.3 pullPolicy: Always # application configuration @@ -137,3 +144,29 @@ serviceAccount: nameOverride: policy-clamp-ac-http-ppnt roles: - read + +config: +# Event consumption (kafka) properties + useStrimziKafka: true + kafkaBootstrap: strimzi-kafka-bootstrap + kafka: + consumer: + groupId: policy-group + app: + listener: + acRuntimeTopic: policy-acruntime-participant +# If targeting a custom kafka cluster, ie useStrimziKakfa: false +# uncomment below config and target your kafka bootstrap servers, +# along with any other security config. +# +# eventConsumption: +# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092 +# spring.kafka.security.protocol: PLAINTEXT +# spring.kafka.consumer.group-id: policy-group +# +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format instead of yaml. +# additional: +# spring.config.max-size: 200 +# spring.config.min-size: 10 + diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/Chart.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/Chart.yaml index b55cb35649..2ca3762603 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/Chart.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/Chart.yaml @@ -21,18 +21,18 @@ apiVersion: v2 description: ONAP Policy Clamp Controlloop K8s Participant name: policy-clamp-ac-k8s-ppnt -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml index 0b7e2ab22d..6c14fd2207 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml @@ -21,6 +21,20 @@ spring: user: name: ${RESTSERVER_USER} password: ${RESTSERVER_PASSWORD} +{{- if .Values.config.useStrimziKafka }} + kafka: + bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 + security.protocol: SASL_PLAINTEXT + properties.sasl: + mechanism: SCRAM-SHA-512 + jaas.config: ${JAASLOGIN} +{{ else }} +{{ toYaml .Values.config.eventPublisher | nindent 2 }} +{{- end }} + +{{- if .Values.config.additional }} +{{ toYaml .Values.config.additional | nindent 2 }} +{{- end }} security: enable-csrf: false @@ -82,10 +96,4 @@ chart: api: enabled: false -# Sample Permitted list of helm repositories. Before deployment update the repositories where the helm charts are located. -# The Kubernetes participant accept only HTTPS Address -helm: - repos: - - - repoName: bitnami - address: https://charts.bitnami.com/bitnami +# Permitted list of helm repositories. Values are updated from values.yaml diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/configmap.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/configmap.yaml index 09cc8cd48f..54c595cc8f 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/configmap.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/configmap.yaml @@ -30,3 +30,8 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/*.{xml,yaml}").AsConfig . | indent 2 }} +{{- if .Values.repoList }} +{{ tpl (.Files.Glob "resources/config/KubernetesParticipantParameters.yaml").AsConfig . | indent 2 }} +{{ toYaml .Values.repoList | indent 4 }} +{{ tpl (.Files.Glob "resources/config/*.{json,xml,sh}").AsConfig . | indent 2 }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml index 14cb6d3f4e..e8650fe350 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml @@ -38,6 +38,10 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }} - name: RESTSERVER_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }} +{{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }} +{{- end }} volumeMounts: - mountPath: /config-input name: ac-k8s-ppnt-config diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/service.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/service.yaml index 73381c9e3b..2439223192 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/service.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/service.yaml @@ -18,16 +18,10 @@ # ============LICENSE_END========================================================= */}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: policy-clamp-cl-k8s-ppnt - namespace: {{ include "common.namespace" . }} ---- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ include "common.namespace" . }}-policy-clamp-cl-k8s-ppnt-binding + name: {{ include "common.namespace" . }}-policy-clamp-ac-k8s-ppnt-binding namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -40,6 +34,6 @@ roleRef: name: cluster-admin subjects: - kind: ServiceAccount - name: policy-clamp-cl-k8s-ppnt + name: {{ include "common.fullname" (dict "suffix" "create" "dot" . )}} namespace: {{ include "common.namespace" . }} diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml index a3fb19f1bc..2cf8d2d723 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml @@ -44,6 +44,13 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}' password: '{{ .Values.certStores.trustStorePassword }}' passwordPolicy: required + - uid: policy-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate certStores: keyStorePassword: Pol1cy_0nap @@ -72,7 +79,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-k8s-ppnt:6.2.1 +image: onap/policy-clamp-ac-k8s-ppnt:6.2.3 pullPolicy: Always # flag to enable debugging - application support required @@ -138,3 +145,42 @@ serviceAccount: nameOverride: policy-clamp-ac-k8s-ppnt roles: - create +# Update the config here for permitting repositories and protocols +repoList: + helm: + repos: + - + repoName: kong + address: https://charts.konghq.com + - + repoName: bitnami + address: https://charts.bitnami.com/bitnami + + protocols: + - http + - https + +config: +# Event consumption (kafka) properties + useStrimziKafka: true + kafkaBootstrap: strimzi-kafka-bootstrap + kafka: + consumer: + groupId: policy-group + app: + listener: + acRuntimeTopic: policy-acruntime-participant +# If targeting a custom kafka cluster, ie useStrimziKakfa: false +# uncomment below config and target your kafka bootstrap servers, +# along with any other security config. +# +# eventConsumption: +# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092 +# spring.kafka.security.protocol: PLAINTEXT +# spring.kafka.consumer.group-id: policy-group +# +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format instead of yaml. +# additional: +# spring.config.max-size: 200 +# spring.config.min-size: 10 diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/Chart.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/Chart.yaml index ae8d03bc13..fc9d432047 100644 --- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/Chart.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/Chart.yaml @@ -19,18 +19,18 @@ apiVersion: v2 description: ONAP Policy Clamp Controlloop Policy Participant name: policy-clamp-ac-pf-ppnt -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml index 0160ff45df..856b16d91d 100644 --- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml @@ -21,6 +21,20 @@ spring: user: name: ${RESTSERVER_USER} password: ${RESTSERVER_PASSWORD} +{{- if .Values.config.useStrimziKafka }} + kafka: + bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 + security.protocol: SASL_PLAINTEXT + properties.sasl: + mechanism: SCRAM-SHA-512 + jaas.config: ${JAASLOGIN} +{{ else }} +{{ toYaml .Values.config.eventPublisher | nindent 2 }} +{{- end }} + +{{- if .Values.config.additional }} +{{ toYaml .Values.config.additional | nindent 2 }} +{{- end }} security: enable-csrf: false diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml index b13e013f47..a127885cce 100644 --- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml @@ -46,6 +46,10 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }} - name: RESTSERVER_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }} +{{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }} +{{- end }} volumeMounts: - mountPath: /config-input name: ac-pf-ppnt-config diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml index c825ab1a0c..6fefa02783 100644 --- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml @@ -55,6 +55,13 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}' password: '{{ .Values.certStores.trustStorePassword }}' passwordPolicy: required + - uid: policy-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate certStores: keyStorePassword: Pol1cy_0nap @@ -83,7 +90,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-pf-ppnt:6.2.1 +image: onap/policy-clamp-ac-pf-ppnt:6.2.3 pullPolicy: Always # flag to enable debugging - application support required @@ -155,3 +162,28 @@ serviceAccount: nameOverride: policy-clamp-ac-pf-ppnt roles: - read + +config: +# Event consumption (kafka) properties + useStrimziKafka: true + kafkaBootstrap: strimzi-kafka-bootstrap + kafka: + consumer: + groupId: policy-group + app: + listener: + acRuntimeTopic: policy-acruntime-participant +# If targeting a custom kafka cluster, ie useStrimziKakfa: false +# uncomment below config and target your kafka bootstrap servers, +# along with any other security config. +# +# eventConsumption: +# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092 +# spring.kafka.security.protocol: PLAINTEXT +# spring.kafka.consumer.group-id: policy-group +# +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format instead of yaml. +# additional: +# spring.config.max-size: 200 +# spring.config.min-size: 10 diff --git a/kubernetes/policy/components/policy-clamp-be/Chart.yaml b/kubernetes/policy/components/policy-clamp-be/Chart.yaml index e52eb76020..9b0cdf6a87 100644 --- a/kubernetes/policy/components/policy-clamp-be/Chart.yaml +++ b/kubernetes/policy/components/policy-clamp-be/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: ONAP Policy Clamp Backend name: policy-clamp-be -version: 10.0.0 +version: 11.0.0 dependencies: - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-clamp-be/values.yaml b/kubernetes/policy/components/policy-clamp-be/values.yaml index 2016b14043..c23657c421 100644 --- a/kubernetes/policy/components/policy-clamp-be/values.yaml +++ b/kubernetes/policy/components/policy-clamp-be/values.yaml @@ -71,7 +71,7 @@ secrets: flavor: small # application image -image: onap/policy-clamp-backend:6.2.1 +image: onap/policy-clamp-backend:6.2.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/Chart.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/Chart.yaml index 90e9293f56..42e02efb8d 100644 --- a/kubernetes/policy/components/policy-clamp-runtime-acm/Chart.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/Chart.yaml @@ -21,18 +21,18 @@ apiVersion: v2 description: ONAP Policy Clamp Controlloop Runtime name: policy-clamp-runtime-acm -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml index 2b52a2b892..219be24079 100644 --- a/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml @@ -44,6 +44,20 @@ spring: hibernate: dialect: org.hibernate.dialect.MariaDB103Dialect format_sql: true +{{- if .Values.config.useStrimziKafka }} + kafka: + bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 + security.protocol: SASL_PLAINTEXT + properties.sasl: + mechanism: SCRAM-SHA-512 + jaas.config: ${JAASLOGIN} +{{ else }} +{{ toYaml .Values.config.eventPublisher | nindent 2 }} +{{- end }} + +{{- if .Values.config.additional }} +{{ toYaml .Values.config.additional | nindent 2 }} +{{- end }} security: enable-csrf: false diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml index e302704201..361045af94 100644 --- a/kubernetes/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml @@ -56,6 +56,10 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "runtime-secret" "key" "login") | indent 10 }} - name: RUNTIME_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "runtime-secret" "key" "password") | indent 10 }} +{{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }} +{{- end }} volumeMounts: - mountPath: /config-input name: ac-runtime-config diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml index 1b571fc502..d224aa6bc4 100644 --- a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml @@ -50,6 +50,13 @@ secrets: login: '{{ .Values.config.policyAppUserName }}' password: '{{ .Values.config.policyAppUserPassword }}' passwordPolicy: required + - uid: policy-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate certStores: keyStorePassword: Pol1cy_0nap @@ -78,7 +85,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-runtime-acm:6.2.1 +image: onap/policy-clamp-runtime-acm:6.2.3 pullPolicy: Always # flag to enable debugging - application support required @@ -89,6 +96,30 @@ config: policyAppUserName: runtimeUser policyAppUserPassword: none +# Event consumption (kafka) properties + useStrimziKafka: true + kafkaBootstrap: strimzi-kafka-bootstrap + kafka: + consumer: + groupId: policy-group + app: + listener: + acRuntimeTopic: policy.policy-acruntime-participant +# If targeting a custom kafka cluster, ie useStrimziKakfa: false +# uncomment below config and target your kafka bootstrap servers, +# along with any other security config. +# +# eventConsumption: +# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092 +# spring.kafka.security.protocol: PLAINTEXT +# spring.kafka.consumer.group-id: policy-group +# +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format instead of yaml. +# additional: +# spring.config.max-size: 200 +# spring.config.min-size: 10 + db: user: policy_user password: policy_user diff --git a/kubernetes/policy/components/policy-distribution/Chart.yaml b/kubernetes/policy/components/policy-distribution/Chart.yaml index b1758e53ba..6a5222f087 100755 --- a/kubernetes/policy/components/policy-distribution/Chart.yaml +++ b/kubernetes/policy/components/policy-distribution/Chart.yaml @@ -21,18 +21,18 @@ apiVersion: v2 description: ONAP Policy Distribution name: policy-distribution -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-distribution/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-distribution/templates/serviceMonitor.yaml index dbf6a7cd6a..8284c73ed1 100644 --- a/kubernetes/policy/components/policy-distribution/templates/serviceMonitor.yaml +++ b/kubernetes/policy/components/policy-distribution/templates/serviceMonitor.yaml @@ -18,6 +18,6 @@ # ============LICENSE_END========================================================= */}} -{{- if .Values.prometheus.enabled }} +{{- if .Values.global.prometheusEnabled }} {{ include "common.serviceMonitor" . }} -{{- end }}
\ No newline at end of file +{{- end }} diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml index db271a9c3f..d36f1c2275 100755 --- a/kubernetes/policy/components/policy-distribution/values.yaml +++ b/kubernetes/policy/components/policy-distribution/values.yaml @@ -67,7 +67,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/policy-distribution:2.7.1 +image: onap/policy-distribution:2.7.3 pullPolicy: Always # flag to enable debugging - application support required @@ -162,9 +162,6 @@ serviceAccount: roles: - read -prometheus: - enabled: true - metrics: serviceMonitor: # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. diff --git a/kubernetes/policy/components/policy-drools-pdp/Chart.yaml b/kubernetes/policy/components/policy-drools-pdp/Chart.yaml index c8cc5523a4..1c9c73d340 100755 --- a/kubernetes/policy/components/policy-drools-pdp/Chart.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 description: ONAP Drools Policy Engine (PDP-D) name: policy-drools-pdp -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-drools-pdp/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-drools-pdp/templates/serviceMonitor.yaml index 1c04296e4f..f8c450cb7e 100644 --- a/kubernetes/policy/components/policy-drools-pdp/templates/serviceMonitor.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/templates/serviceMonitor.yaml @@ -18,6 +18,6 @@ # ============LICENSE_END========================================================= */}} -{{- if .Values.prometheus.enabled }} +{{- if .Values.global.prometheusEnabled }} {{ include "common.serviceMonitor" . }} {{- end }} diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml index 344a600afe..74c743cb2b 100755 --- a/kubernetes/policy/components/policy-drools-pdp/values.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml @@ -41,7 +41,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pdpd-cl:1.10.2 +image: onap/policy-pdpd-cl:1.10.3 pullPolicy: Always # flag to enable debugging - application support required @@ -203,9 +203,6 @@ serviceAccount: roles: - read -prometheus: - enabled: true - metrics: serviceMonitor: # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. diff --git a/kubernetes/policy/components/policy-gui/Chart.yaml b/kubernetes/policy/components/policy-gui/Chart.yaml index af1adbe3c7..fed1af9895 100644 --- a/kubernetes/policy/components/policy-gui/Chart.yaml +++ b/kubernetes/policy/components/policy-gui/Chart.yaml @@ -21,15 +21,15 @@ apiVersion: v2 description: ONAP Policy GUI name: policy-gui -version: 10.0.0 +version: 11.0.0 dependencies: - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-gui/resources/config/default.conf b/kubernetes/policy/components/policy-gui/resources/config/default.conf deleted file mode 100644 index 98417cd822..0000000000 --- a/kubernetes/policy/components/policy-gui/resources/config/default.conf +++ /dev/null @@ -1,32 +0,0 @@ -server { - - listen 2443 default ssl; - ssl_protocols TLSv1.2; - {{ if .Values.global.aafEnabled }} - ssl_certificate {{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.clamp_pem}}; - ssl_certificate_key {{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.clamp_key}}; - {{ else }} - ssl_certificate /etc/ssl/clamp.pem; - ssl_certificate_key /etc/ssl/clamp.key; - {{ end }} - - ssl_verify_client optional_no_ca; - absolute_redirect off; - - location / { - root /usr/share/nginx/html; - index index.html index.htm; - try_files $uri $uri/ =404; - } - - location /clamp/restservices/clds/ { - proxy_pass https://policy-clamp-be:8443/restservices/clds/; - proxy_set_header X-SSL-Cert $ssl_client_escaped_cert; - } - - location = /50x.html { - root /var/lib/nginx/html; - } - error_page 500 502 503 504 /50x.html; - error_log /var/log/nginx/error.log warn; -} diff --git a/kubernetes/policy/components/policy-gui/templates/deployment.yaml b/kubernetes/policy/components/policy-gui/templates/deployment.yaml index b67fa273de..a155715580 100644 --- a/kubernetes/policy/components/policy-gui/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-gui/templates/deployment.yaml @@ -1,6 +1,6 @@ {{/* # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -62,6 +62,20 @@ spec: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} +{{- if .Values.global.aafEnabled }} + command: ["sh","-c"] + args: ["source {{ .Values.certInitializer.credsPath }}/.ci;/opt/app/policy/gui/bin/policy-gui.sh"] + env: +{{- else }} + command: ["/opt/app/policy/gui/bin/policy-gui.sh"] + env: + - name: KEYSTORE_PASSWD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }} + - name: TRUSTSTORE_PASSWD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }} +{{- end }} + - name: CLAMP_URL + value: https://policy-clamp-be:8443 ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger @@ -81,9 +95,6 @@ spec: volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - name: logs mountPath: {{ .Values.log.path }} - - mountPath: /etc/nginx/conf.d/default.conf - name: {{ include "common.fullname" . }}-config - subPath: default.conf resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -99,9 +110,6 @@ spec: - name: {{ include "common.fullname" . }}-config configMap: name: {{ include "common.fullname" . }} - items: - - key: default.conf - path: default.conf - name: logs emptyDir: {} {{ if .Values.global.centralizedLoggingEnabled }}{{ include "common.log.volumes" . | nindent 8 }}{{ end }} diff --git a/kubernetes/policy/components/policy-gui/values.yaml b/kubernetes/policy/components/policy-gui/values.yaml index 6ee7715678..60a6ce38c4 100644 --- a/kubernetes/policy/components/policy-gui/values.yaml +++ b/kubernetes/policy/components/policy-gui/values.yaml @@ -1,5 +1,5 @@ # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -26,36 +26,46 @@ global: # global defaults aafEnabled: true ################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: keystore-password + type: password + externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}' + password: '{{ .Values.certStores.keyStorePassword }}' + passwordPolicy: required + - uid: truststore-password + type: password + externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}' + password: '{{ .Values.certStores.trustStorePassword }}' + passwordPolicy: required + +certStores: + keyStorePassword: Pol1cy_0nap + trustStorePassword: Pol1cy_0nap + +################################################################# # AAF part ################################################################# certInitializer: - permission_user: 1000 - permission_group: 999 - addconfig: true - keystoreFile: "org.onap.clamp.p12" - truststoreFile: "org.onap.clamp.trust.jks" - keyFile: "org.onap.clamp.keyfile" - truststoreFileONAP: "truststoreONAPall.jks" - clamp_key: "clamp.key" - clamp_pem: "clamp.pem" - clamp_ca_certs_pem: "clamp-ca-certs.pem" nameOverride: policy-gui-cert-initializer aafDeployFqi: deployer@people.osaaf.org aafDeployPass: demo123456! - # aafDeployCredsExternalSecret: some secret - fqdn: clamp - fqi: clamp@clamp.onap.org - public_fqdn: clamp.onap.org - cadi_longitude: "0.0" + fqdn: policy + fqi: policy@policy.onap.org + public_fqdn: policy.onap.org cadi_latitude: "0.0" - app_ns: org.osaaf.aaf + cadi_longitude: "0.0" credsPath: /opt/app/osaaf/local + app_ns: org.osaaf.aaf + uid: 100 + gid: 101 aaf_add_config: > - cd {{ .Values.credsPath }}; - openssl pkcs12 -in {{ .Values.keystoreFile }} -nocerts -nodes -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_key }}; - openssl pkcs12 -in {{ .Values.keystoreFile }} -clcerts -nokeys -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_pem }}; - openssl pkcs12 -in {{ .Values.keystoreFile }} -cacerts -nokeys -chain -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_ca_certs_pem }}; - chmod a+rx *; + echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci; + echo "export TRUSTSTORE='{{ .Values.credsPath }}/org.onap.policy.trust.jks'" >> {{ .Values.credsPath }}/.ci; + echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci; + echo "export TRUSTSTORE_PASSWD='${cadi_truststore_password}'" >> {{ .Values.credsPath }}/.ci; + chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }}); subChartsOnly: enabled: true @@ -63,7 +73,7 @@ subChartsOnly: flavor: small # application image -image: onap/policy-gui:2.2.0 +image: onap/policy-gui:2.2.3 pullPolicy: Always # flag to enable debugging - application support required @@ -71,7 +81,7 @@ debugEnabled: false # log configuration log: - path: /var/log/nginx/ + path: /var/log/onap/policy/gui ################################################################# # Application configuration defaults. diff --git a/kubernetes/policy/components/policy-nexus/Chart.yaml b/kubernetes/policy/components/policy-nexus/Chart.yaml index 48497f2c8d..e8ba92a81c 100755 --- a/kubernetes/policy/components/policy-nexus/Chart.yaml +++ b/kubernetes/policy/components/policy-nexus/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 description: ONAP Policy Nexus name: policy-nexus -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-pap/Chart.yaml b/kubernetes/policy/components/policy-pap/Chart.yaml index c10d636a5d..27358908e2 100755 --- a/kubernetes/policy/components/policy-pap/Chart.yaml +++ b/kubernetes/policy/components/policy-pap/Chart.yaml @@ -22,18 +22,18 @@ apiVersion: v2 description: ONAP Policy Administration (PAP) name: policy-pap -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml b/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml index 6f501b8c21..195b087ff1 100644 --- a/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml +++ b/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml @@ -29,6 +29,8 @@ spring: driverClassName: org.mariadb.jdbc.Driver username: "${SQL_USER}" password: "${SQL_PASSWORD}" + hikari: + maximumPoolSize: 20 jpa: properties: hibernate: @@ -38,6 +40,20 @@ spring: naming: physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl implicit-strategy: org.onap.policy.common.spring.utils.CustomImplicitNamingStrategy +{{- if .Values.config.useStrimziKafka }} + kafka: + bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 + security.protocol: SASL_PLAINTEXT + properties.sasl: + mechanism: SCRAM-SHA-512 + jaas.config: ${JAASLOGIN} +{{ else }} +{{ toYaml .Values.config.eventPublisher | nindent 2 }} +{{- end }} + +{{- if .Values.config.additional }} +{{ toYaml .Values.config.additional | nindent 2 }} +{{- end }} server: port: 6969 diff --git a/kubernetes/policy/components/policy-pap/templates/deployment.yaml b/kubernetes/policy/components/policy-pap/templates/deployment.yaml index c33b80f4af..6f02f8e4c0 100755 --- a/kubernetes/policy/components/policy-pap/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-pap/templates/deployment.yaml @@ -65,6 +65,10 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "distribution-secret" "key" "login") | indent 10 }} - name: DISTRIBUTION_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "distribution-secret" "key" "password") | indent 10 }} +{{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }} +{{- end }} volumeMounts: - mountPath: /config-input name: papconfig diff --git a/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml index dbf6a7cd6a..8284c73ed1 100644 --- a/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml +++ b/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml @@ -18,6 +18,6 @@ # ============LICENSE_END========================================================= */}} -{{- if .Values.prometheus.enabled }} +{{- if .Values.global.prometheusEnabled }} {{ include "common.serviceMonitor" . }} -{{- end }}
\ No newline at end of file +{{- end }} diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml index 311653b860..2c240d2347 100755 --- a/kubernetes/policy/components/policy-pap/values.yaml +++ b/kubernetes/policy/components/policy-pap/values.yaml @@ -64,6 +64,13 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}' password: '{{ .Values.certStores.trustStorePassword }}' passwordPolicy: required + - uid: policy-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate certStores: keyStorePassword: Pol1cy_0nap @@ -92,7 +99,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pap:2.6.1 +image: onap/policy-pap:2.6.3 pullPolicy: Always # flag to enable debugging - application support required @@ -181,9 +188,6 @@ serviceAccount: roles: - read -prometheus: - enabled: true - metrics: serviceMonitor: # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. @@ -199,3 +203,26 @@ metrics: externalSecretNameSuffix: policy-pap-user-creds externalSecretUserKey: login externalSecretPasswordKey: password + +# application configuration +config: +# Event consumption (kafka) properties + useStrimziKafka: true + kafkaBootstrap: strimzi-kafka-bootstrap + kafka: + consumer: + groupId: poicy-group + app: + listener: + policyPdpPapTopic: policy-pdp-pap +# If targeting a custom kafka cluster, ie useStrimziKakfa: false +# uncomment below config and target your kafka bootstrap servers, +# along with any other security config. +# +# eventConsumption: +# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092 +# spring.kafka.security.protocol: PLAINTEXT +# spring.kafka.consumer.group-id: policy-group +# +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format instead of yaml. diff --git a/kubernetes/policy/components/policy-xacml-pdp/Chart.yaml b/kubernetes/policy/components/policy-xacml-pdp/Chart.yaml index 01bb146cd9..faa9d79f42 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/Chart.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/Chart.yaml @@ -21,18 +21,18 @@ apiVersion: v2 description: ONAP Policy XACML PDP (PDP-X) name: policy-xacml-pdp -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-xacml-pdp/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-xacml-pdp/templates/serviceMonitor.yaml index dbf6a7cd6a..8284c73ed1 100644 --- a/kubernetes/policy/components/policy-xacml-pdp/templates/serviceMonitor.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/templates/serviceMonitor.yaml @@ -18,6 +18,6 @@ # ============LICENSE_END========================================================= */}} -{{- if .Values.prometheus.enabled }} +{{- if .Values.global.prometheusEnabled }} {{ include "common.serviceMonitor" . }} -{{- end }}
\ No newline at end of file +{{- end }} diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml index 308b5a78af..e7e7eebefe 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml @@ -83,7 +83,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-xacml-pdp:2.6.2 +image: onap/policy-xacml-pdp:2.6.3 pullPolicy: Always # flag to enable debugging - application support required @@ -159,9 +159,6 @@ serviceAccount: roles: - read -prometheus: - enabled: true - metrics: serviceMonitor: # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. diff --git a/kubernetes/policy/resources/config/db-pg.sh b/kubernetes/policy/resources/config/db-pg.sh new file mode 100644 index 0000000000..f26a80fad7 --- /dev/null +++ b/kubernetes/policy/resources/config/db-pg.sh @@ -0,0 +1,29 @@ +#!/bin/sh +# +# ============LICENSE_START======================================================= +# Copyright (C) 2021-2022 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# + +#psql() { /usr/bin/psql -h ${PG_HOST} -p ${PG_PORT} "$@"; }; + +export PGPASSWORD=${PG_ADMIN_PASSWORD}; + +psql -h ${PG_HOST} -p ${PG_PORT} -U postgres --command "CREATE USER ${PG_USER} WITH PASSWORD '${PG_USER_PASSWORD}'" + +for db in migration pooling policyadmin policyclamp operationshistory clampacm +do + psql -h ${PG_HOST} -p ${PG_PORT} -U postgres --command "CREATE DATABASE ${db};" + psql -h ${PG_HOST} -p ${PG_PORT} -U postgres --command "GRANT ALL PRIVILEGES ON DATABASE ${db} TO ${PG_USER};" +done diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/secrets.yaml b/kubernetes/policy/resources/config/db_migrator_pg_policy_init.sh index 033d8d5441..53921ab751 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/secrets.yaml +++ b/kubernetes/policy/resources/config/db_migrator_pg_policy_init.sh @@ -1,5 +1,6 @@ +#!/bin/sh {{/* -# Copyright © 2020 AT&T +# Copyright (C) 2022 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,5 +14,8 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -{{ include "common.secretFast" . }} +/opt/app/policy/bin/prepare_upgrade.sh ${SQL_DB} +/opt/app/policy/bin/db-migrator-pg -s ${SQL_DB} -o upgrade +rc=$? +/opt/app/policy/bin/db-migrator-pg -s ${SQL_DB} -o report +exit $rc diff --git a/kubernetes/policy/templates/configmap.yaml b/kubernetes/policy/templates/configmap.yaml index 17558f86ea..c8b01ccb81 100755 --- a/kubernetes/policy/templates/configmap.yaml +++ b/kubernetes/policy/templates/configmap.yaml @@ -1,7 +1,7 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018, 2020 AT&T Intellectual Property -# Modifications Copyright (C) 2021 Nordix Foundation. +# Modifications Copyright (C) 2021-2022 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/policy/templates/job.yaml b/kubernetes/policy/templates/job.yaml index d59b5fe770..9fea669c37 100755 --- a/kubernetes/policy/templates/job.yaml +++ b/kubernetes/policy/templates/job.yaml @@ -1,7 +1,7 @@ {{/* # Copyright © 2018 Amdocs, Bell Canada # Modifications Copyright © 2020 AT&T Intellectual Property -# Modifications Copyright (C) 2021 Nordix Foundation. +# Modifications Copyright (C) 2022 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -33,9 +33,9 @@ spec: spec: imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" - initContainers: + initContainers: {{ if .Values.global.postgres.localCluster }}{{ include "common.readinessCheck.waitFor" . | nindent 6 }}{{ end }} #This container checks that all galera instances are up before initializing it. - - name: {{ include "common.name" . }}-readiness + - name: {{ include "common.name" . }}-mariadb-readiness image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: @@ -71,6 +71,33 @@ spec: value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}" resources: {{ include "common.resources" . }} + {{ if .Values.global.postgres.localCluster }} + - name: {{ include "common.release" . }}-policy-pg-config + image: {{ .Values.repository }}/{{ .Values.postgresImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: /docker-entrypoint-initdb.d/db-pg.sh + name: {{ include "common.fullname" . }}-config + subPath: db-pg.sh + command: + - /bin/sh + args: + - -x + - /docker-entrypoint-initdb.d/db-pg.sh + env: + - name: PG_ADMIN_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-root-pass" "key" "password") | indent 12 }} + - name: PG_HOST + value: "{{ .Values.postgres.service.name2 }}" + - name: PG_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "login") | indent 12 }} + - name: PG_USER_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "password") | indent 12 }} + - name: PG_PORT + value: "{{ .Values.postgres.service.internalPort }}" + resources: +{{ include "common.resources" . }} + {{ end }} containers: - name: {{ include "common.release" . }}-policy-galera-db-migrator image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.dbmigrator.image }} @@ -95,8 +122,41 @@ spec: value: {{ .Values.dbmigrator.schema }} - name: POLICY_HOME value: {{ .Values.dbmigrator.policy_home }} + - name: SCRIPT_DIRECTORY + value: "sql" resources: {{ include "common.resources" . }} + {{ if .Values.global.postgres.localCluster }} + - name: {{ include "common.release" . }}-policy-pg-db-migrator + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.dbmigrator.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: /dbcmd-config/db_migrator_pg_policy_init.sh + name: {{ include "common.fullname" . }}-config + subPath: db_migrator_pg_policy_init.sh + command: + - /bin/sh + args: + - -x + - /dbcmd-config/db_migrator_pg_policy_init.sh + env: + - name: SQL_HOST + value: "{{ .Values.postgres.service.name2 }}" + - name: SQL_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "login") | indent 10 }} + - name: SQL_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "password") | indent 10 }} + - name: SQL_DB + value: {{ .Values.dbmigrator.schema }} + - name: POLICY_HOME + value: {{ .Values.dbmigrator.policy_home }} + - name: SCRIPT_DIRECTORY + value: "postgres" + - name: PGPASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "password") | indent 10 }} + resources: +{{ include "common.resources" . }} + {{ end }} restartPolicy: Never serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: @@ -108,3 +168,8 @@ spec: path: db.sh - key: db_migrator_policy_init.sh path: db_migrator_policy_init.sh + - key: db-pg.sh + path: db-pg.sh + - key: db_migrator_pg_policy_init.sh + path: db_migrator_pg_policy_init.sh + diff --git a/kubernetes/policy/templates/policy-kafka-topics.yaml b/kubernetes/policy/templates/policy-kafka-topics.yaml new file mode 100644 index 0000000000..1894d62a42 --- /dev/null +++ b/kubernetes/policy/templates/policy-kafka-topics.yaml @@ -0,0 +1,64 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{- if .Values.config.useStrimziKafka }} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: {{ .Values.config.acRuntimeTopic.name }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + partitions: {{ .Values.config.acRuntimeTopic.partitions }} + config: + retention.ms: {{ .Values.config.acRuntimeTopic.retentionMs }} + segment.bytes: {{ .Values.config.acRuntimeTopic.segmentBytes }} +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: {{ .Values.config.policyPdpPapTopic.name }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + partitions: {{ .Values.config.policyPdpPapTopic.partitions }} + config: + retention.ms: {{ .Values.config.policyPdpPapTopic.retentionMs }} + segment.bytes: {{ .Values.config.policyPdpPapTopic.segmentBytes }} +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: {{ .Values.config.policyHeartbeatTopic.name }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + partitions: {{ .Values.config.policyHeartbeatTopic.partitions }} + config: + retention.ms: {{ .Values.config.policyHeartbeatTopic.retentionMs }} + segment.bytes: {{ .Values.config.policyHeartbeatTopic.segmentBytes }} +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: {{ .Values.config.policyNotificationTopic.name }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + partitions: {{ .Values.config.policyNotificationTopic.partitions }} + config: + retention.ms: {{ .Values.config.policyNotificationTopic.retentionMs }} + segment.bytes: {{ .Values.config.policyNotificationTopic.segmentBytes }} +{{- end }} diff --git a/kubernetes/policy/templates/policy-kafka-user.yaml b/kubernetes/policy/templates/policy-kafka-user.yaml new file mode 100644 index 0000000000..1bc7ab1d3a --- /dev/null +++ b/kubernetes/policy/templates/policy-kafka-user.yaml @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{- if .Values.config.useStrimziKafka }} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaUser +metadata: + name: {{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + authentication: + type: scram-sha-512 + authorization: + type: simple + acls: + - resource: + type: group + name: {{ .Values.config.acRuntimeTopic.consumer.groupId }} + operation: Read + - resource: + type: topic + name: {{ .Values.config.acRuntimeTopic.name }} + operation: Read + - resource: + type: topic + name: {{ .Values.config.acRuntimeTopic.name }} + operation: Write +{{- end }} diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 759ba56b02..d7d556a39f 100755 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -27,6 +27,17 @@ global: service: &mariadbService name: &policy-mariadb policy-mariadb internalPort: 3306 + prometheusEnabled: false + postgres: + localCluster: false + service: + name: pgset + name2: tcp-pgset-primary + name3: tcp-pgset-replica + container: + name: postgres + kafkaBootstrap: strimzi-kafka-bootstrap + policyKafkaUser: policy-kafka-user ################################################################# # Secrets metaconfig @@ -66,6 +77,19 @@ secrets: login: '{{ .Values.restServer.policyApiUserName }}' password: '{{ .Values.restServer.policyApiUserPassword }}' passwordPolicy: required + - uid: pg-root-pass + name: &pgRootPassSecretName '{{ include "common.release" . }}-policy-pg-root-pass' + type: password + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "policy-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}' + password: '{{ .Values.postgres.config.pgRootpassword }}' + policy: generate + - uid: pg-user-creds + name: &pgUserCredsSecretName '{{ include "common.release" . }}-policy-pg-user-creds' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "policy-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' + login: '{{ .Values.postgres.config.pgUserName }}' + password: '{{ .Values.postgres.config.pgUserPassword }}' + passwordPolicy: generate db: &dbSecretsHook credsExternalSecret: *dbSecretName @@ -75,47 +99,71 @@ policy-api: db: *dbSecretsHook restServer: apiUserExternalSecret: *policyApiCredsSecret + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-pap: enabled: true db: *dbSecretsHook restServer: papUserExternalSecret: *policyPapCredsSecret apiUserExternalSecret: *policyApiCredsSecret + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-xacml-pdp: enabled: true db: *dbSecretsHook + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-apex-pdp: enabled: true db: *dbSecretsHook + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-drools-pdp: enabled: true db: *dbSecretsHook + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-distribution: enabled: true db: *dbSecretsHook + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-clamp-be: enabled: true db: *dbSecretsHook config: appUserExternalSecret: *policyAppCredsSecret + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-clamp-ac-k8s-ppnt: enabled: true + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-clamp-ac-pf-ppnt: enabled: true restServer: apiUserExternalSecret: *policyApiCredsSecret papUserExternalSecret: *policyPapCredsSecret + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-clamp-ac-http-ppnt: enabled: true + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-nexus: enabled: false + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-clamp-runtime-acm: enabled: true db: *dbSecretsHook config: appUserExternalSecret: *policyAppCredsSecret + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-gui: enabled: true + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' ################################################################# # DB configuration defaults. @@ -128,7 +176,7 @@ mariadb: image: mariadb:10.5.8 dbmigrator: - image: onap/policy-db-migrator:2.4.1 + image: onap/policy-db-migrator:2.4.3 schema: policyadmin policy_home: "/opt/app/policy" @@ -160,6 +208,35 @@ readiness: config: policyAppUserName: runtimeUser + useStrimziKafka: true + acRuntimeTopic: + name: policy-acruntime-participant + partitions: 10 + retentionMs: 7200000 + segmentBytes: 1073741824 + consumer: + groupId: policy-group + policyPdpPapTopic: + name: policy-pdp-pap + partitions: 10 + retentionMs: 7200000 + segmentBytes: 1073741824 + consumer: + groupId: policy-group + policyHeartbeatTopic: + name: policy-heartbeat + partitions: 10 + retentionMs: 7200000 + segmentBytes: 1073741824 + consumer: + groupId: policy-group + policyNotificationTopic: + name: policy-notification + partitions: 10 + retentionMs: 7200000 + segmentBytes: 1073741824 + consumer: + groupId: policy-group mariadb-galera: # mariadb-galera.config and global.mariadb.config must be equals @@ -180,6 +257,31 @@ mariadb-galera: serviceAccount: nameOverride: *policy-mariadb +postgresImage: library/postgres:latest +# application configuration override for postgres +postgres: + nameOverride: &postgresName policy-postgres + service: + name: *postgresName + name2: policy-pg-primary + name3: policy-pg-replica + container: + name: + primary: policy-pg-primary + replica: policy-pg-replica + persistence: + mountSubPath: policy/postgres/data + mountInitPath: policy + config: + pgUserName: policy_user + pgDatabase: policyadmin + pgUserExternalSecret: *pgUserCredsSecretName + pgRootPasswordExternalSecret: *pgRootPassSecretName + +readinessCheck: + wait_for: + - '{{ ternary .Values.postgres.service.name "postgres" .Values.global.postgres.localCluster }}' + restServer: policyPapUserName: policyadmin policyPapUserPassword: zb!XztG34 diff --git a/kubernetes/portal/Chart.yaml b/kubernetes/portal/Chart.yaml index 698847338f..0f7b846607 100644 --- a/kubernetes/portal/Chart.yaml +++ b/kubernetes/portal/Chart.yaml @@ -18,24 +18,24 @@ apiVersion: v2 description: ONAP Web Portal name: portal -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: portal-app - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/portal-app' - name: portal-cassandra - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/portal-cassandra' - name: portal-mariadb - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/portal-mariadb' - name: portal-sdk - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/portal-sdk' - name: portal-widget - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/portal-widget' diff --git a/kubernetes/portal/components/portal-app/Chart.yaml b/kubernetes/portal/components/portal-app/Chart.yaml index c9c8b1b388..375b11bb7d 100644 --- a/kubernetes/portal/components/portal-app/Chart.yaml +++ b/kubernetes/portal/components/portal-app/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: ONAP Portal application name: portal-app -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/portal/components/portal-cassandra/Chart.yaml b/kubernetes/portal/components/portal-cassandra/Chart.yaml index b85fc84b94..6da2158294 100644 --- a/kubernetes/portal/components/portal-cassandra/Chart.yaml +++ b/kubernetes/portal/components/portal-cassandra/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: Portal cassandra name: portal-cassandra -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/portal/components/portal-mariadb/Chart.yaml b/kubernetes/portal/components/portal-mariadb/Chart.yaml index a152d71d89..ca58d58f18 100644 --- a/kubernetes/portal/components/portal-mariadb/Chart.yaml +++ b/kubernetes/portal/components/portal-mariadb/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: MariaDB Service name: portal-mariadb -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh index ddaf099bdf..63d266b75c 100644 --- a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh +++ b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh @@ -1,7 +1,6 @@ #!/bin/bash set -eo pipefail -shopt -s nullglob # logging functions mysql_log() { @@ -170,11 +169,20 @@ docker_init_database_dir() { mysql_note "Database files initialized" } +if [ -z "$DATADIR" ]; then + DATADIR='unknown' +fi +if [ -z "$SOCKET" ]; then + SOCKET='unknown' +fi +if [ -z "$DATABASE_ALREADY_EXISTS" ]; then + DATABASE_ALREADY_EXISTS='false' +fi + # Loads various settings that are used elsewhere in the script # This should be called after mysql_check_config, but before any other functions docker_setup_env() { # Get config - declare -g DATADIR SOCKET DATADIR="$(mysql_get_config 'datadir' "$@")" SOCKET="$(mysql_get_config 'socket' "$@")" @@ -186,7 +194,6 @@ docker_setup_env() { file_env 'MYSQL_ROOT_PASSWORD' file_env 'PORTAL_DB_TABLES' - declare -g DATABASE_ALREADY_EXISTS if [ -d "$DATADIR/mysql" ]; then DATABASE_ALREADY_EXISTS='true' fi diff --git a/kubernetes/portal/components/portal-sdk/Chart.yaml b/kubernetes/portal/components/portal-sdk/Chart.yaml index 02c17333ab..bfc41f0b73 100644 --- a/kubernetes/portal/components/portal-sdk/Chart.yaml +++ b/kubernetes/portal/components/portal-sdk/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 description: Portal software development kit name: portal-sdk -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/portal/components/portal-widget/Chart.yaml b/kubernetes/portal/components/portal-widget/Chart.yaml index 03b9344622..205922616d 100644 --- a/kubernetes/portal/components/portal-widget/Chart.yaml +++ b/kubernetes/portal/components/portal-widget/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: Portal widgets micro service application name: portal-widget -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/robot/Chart.yaml b/kubernetes/robot/Chart.yaml index 23610ddd3c..fcc3de3e47 100644 --- a/kubernetes/robot/Chart.yaml +++ b/kubernetes/robot/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: A helm Chart for kubernetes-ONAP Robot name: robot -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/robot/demo-k8s.sh b/kubernetes/robot/demo-k8s.sh index 3beef061ce..3f8ac9deec 100755 --- a/kubernetes/robot/demo-k8s.sh +++ b/kubernetes/robot/demo-k8s.sh @@ -273,7 +273,7 @@ if [ $execscript ]; then done fi -export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") +export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "ls -1q /share/logs/ | wc -l") OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_demo_$key DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90)) @@ -304,4 +304,4 @@ fi if [ -n "$TAG" ]; then VARIABLEFILES="-V /share/config/robot_properties.py" kubectl --namespace $NAMESPACE exec ${POD} -- ${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} -i ${TAG} --display $DISPLAY_NUM 2> ${TAG}.out -fi
\ No newline at end of file +fi diff --git a/kubernetes/robot/ete-k8s.sh b/kubernetes/robot/ete-k8s.sh index 4ef8f462f0..82bf836ade 100755 --- a/kubernetes/robot/ete-k8s.sh +++ b/kubernetes/robot/ete-k8s.sh @@ -82,7 +82,7 @@ if [ "${!#}" = "execscript" ]; then done fi -export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") +export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "ls -1q /share/logs/ | wc -l") OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_$2 DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90)) diff --git a/kubernetes/robot/eteHelm-k8s.sh b/kubernetes/robot/eteHelm-k8s.sh index 1b31c16e81..90bfa11c13 100755 --- a/kubernetes/robot/eteHelm-k8s.sh +++ b/kubernetes/robot/eteHelm-k8s.sh @@ -50,7 +50,7 @@ if [ "${!#}" = "execscript" ]; then done fi -export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") +export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "ls -1q /share/logs/ | wc -l") OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_helmlist DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90)) diff --git a/kubernetes/robot/instantiate-k8s.sh b/kubernetes/robot/instantiate-k8s.sh index aef812b143..94883567d6 100755 --- a/kubernetes/robot/instantiate-k8s.sh +++ b/kubernetes/robot/instantiate-k8s.sh @@ -97,7 +97,7 @@ OUTPUT_DIRECTORY=/tmp/vnfdata.${BUILDNUM} set -x POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot) -export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") +export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "ls -1q /share/logs/ | wc -l") TAGS="-i $TAG" ETEHOME=/var/opt/ONAP OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_instantiate_vnf @@ -112,19 +112,19 @@ kubectl --namespace $NAMESPACE cp $FOLDER ${POD}:/tmp/vnfdata.${BUILDNUM} echo "Executing instantiation..." if [ $POLL = 1 ]; then - kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --listener ${ETEHOME}/testsuite/eteutils/robotframework-onap/listeners/OVPListener.py --display $DISPLAY_NUM > /tmp/vnf_instantiation.$BUILDNUM.log 2>&1 &" + kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --listener ${ETEHOME}/testsuite/eteutils/robotframework-onap/listeners/OVPListener.py --display $DISPLAY_NUM > /tmp/vnf_instantiation.$BUILDNUM.log 2>&1 &" - pid=`kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "pgrep runTags.sh -n"` + pid=`kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "pgrep runTags.sh -n"` if [ -z "$pid" ]; then echo "robot testsuite unable to start" exit 1 fi - kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "while ps -p \"$pid\" --no-headers | grep -v defunct; do echo \$'\n\n'; echo \"Testsuite still running \"\`date\`; echo \"LOG FILE: \"; tail -10 /tmp/vnf_instantiation.$BUILDNUM.log; sleep 30; done" + kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "while ps -p \"$pid\" --no-headers | grep -v defunct; do echo \$'\n\n'; echo \"Testsuite still running \"\`date\`; echo \"LOG FILE: \"; tail -10 /tmp/vnf_instantiation.$BUILDNUM.log; sleep 30; done" else - kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --listener ${ETEHOME}/testsuite/eteutils/robotframework-onap/listeners/OVPListener.py --display $DISPLAY_NUM" + kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --listener ${ETEHOME}/testsuite/eteutils/robotframework-onap/listeners/OVPListener.py --display $DISPLAY_NUM" fi set +x diff --git a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py index 700b17a970..3c5f9ce73a 100644 --- a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py @@ -188,6 +188,9 @@ GLOBAL_DMAAP_KAFKA_SERVER_NAME = '{{include "robot.ingress.svchost" (dict "root" GLOBAL_DMAAP_KAFKA_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "message-router-kafka" "port" 9092) }}' GLOBAL_DMAAP_KAFKA_JAAS_USERNAME = '{{ .Values.kafkaJaasUsername }}' GLOBAL_DMAAP_KAFKA_JAAS_PASSWORD = '{{ .Values.kafkaJaasPassword }}' +# strimzi kafka +GLOBAL_KAFKA_BOOTSTRAP_SERVICE = '{{ include "common.release" . }}-strimzi-kafka-bootstrap:9092' +GLOBAL_KAFKA_USER = '{{ .Values.strimziKafkaJaasUsername }}' # DROOL server port and credentials GLOBAL_DROOLS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "policy-drools-pdp" "port" 9696) }}' GLOBAL_DROOLS_USERNAME = '{{ .Values.droolsUsername }}' diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml index d8beeedb2a..0b1aa0e71d 100644 --- a/kubernetes/robot/values.yaml +++ b/kubernetes/robot/values.yaml @@ -364,10 +364,14 @@ vidHealthPassword: "AppPassword!1" # DMAAP BC bcUsername: "dmaap-bc@dmaap-bc.onap.org" bcPassword: "demo123456!" + # DMAAP KAFKA JAAS kafkaJaasUsername: "admin" kafkaJaasPassword: "admin_secret" +# STRIMZI KAFKA JAAS +strimziKafkaJaasUsername: "strimzi-kafka-admin" + #OOF oofUsername: "oof@oof.onap.org" oofPassword: "demo123456!" diff --git a/kubernetes/sdc/Chart.yaml b/kubernetes/sdc/Chart.yaml index 7647906d75..d2acf1b392 100644 --- a/kubernetes/sdc/Chart.yaml +++ b/kubernetes/sdc/Chart.yaml @@ -18,30 +18,30 @@ apiVersion: v2 description: Service Design and Creation Umbrella Helm charts name: sdc -version: 10.0.0 +version: 11.0.0 dependencies: - name: sdc-be - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/sdc-be' - name: sdc-cs - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/sdc-cs' - name: sdc-fe - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/sdc-fe' - name: sdc-onboarding-be - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/sdc-onboarding-be' - name: sdc-wfd-be - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/sdc-wfd-be' condition: sdc-wfd.enabled - name: sdc-wfd-fe - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/sdc-wfd-fe' condition: sdc-wfd.enabled - name: sdc-helm-validator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/sdc-helm-validator' condition: sdcHelmValidator.enabled diff --git a/kubernetes/sdc/components/sdc-be/Chart.yaml b/kubernetes/sdc/components/sdc-be/Chart.yaml index 6c2254882d..4620c679bd 100644 --- a/kubernetes/sdc/components/sdc-be/Chart.yaml +++ b/kubernetes/sdc/components/sdc-be/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: ONAP Service Design and Creation Backend API name: sdc-be -version: 10.0.0 +version: 11.0.0 dependencies: - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml index b7fa714e73..fb6682bf28 100644 --- a/kubernetes/sdc/components/sdc-be/values.yaml +++ b/kubernetes/sdc/components/sdc-be/values.yaml @@ -35,8 +35,8 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-backend-all-plugins:1.10.1 -backendInitImage: onap/sdc-backend-init:1.10.1 +image: onap/sdc-backend-all-plugins:1.11.4 +backendInitImage: onap/sdc-backend-init:1.11.4 pullPolicy: Always diff --git a/kubernetes/sdc/components/sdc-cs/Chart.yaml b/kubernetes/sdc/components/sdc-cs/Chart.yaml index 0789ee32b2..1ef26a69f0 100644 --- a/kubernetes/sdc/components/sdc-cs/Chart.yaml +++ b/kubernetes/sdc/components/sdc-cs/Chart.yaml @@ -18,20 +18,20 @@ apiVersion: v2 description: ONAP Service Design and Creation Cassandra name: sdc-cs -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: cassandra - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml index 3391af7864..1e182ed3ee 100644 --- a/kubernetes/sdc/components/sdc-cs/values.yaml +++ b/kubernetes/sdc/components/sdc-cs/values.yaml @@ -51,8 +51,8 @@ cassandra: # application image repository: nexus3.onap.org:10001 -image: onap/sdc-cassandra:1.10.1 -cassandraInitImage: onap/sdc-cassandra-init:1.10.1 +image: onap/sdc-cassandra:1.11.4 +cassandraInitImage: onap/sdc-cassandra-init:1.11.4 pullPolicy: Always config: diff --git a/kubernetes/sdc/components/sdc-fe/Chart.yaml b/kubernetes/sdc/components/sdc-fe/Chart.yaml index 3db6fc794d..2250947e85 100644 --- a/kubernetes/sdc/components/sdc-fe/Chart.yaml +++ b/kubernetes/sdc/components/sdc-fe/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: ONAP Service Design and Creation Front End name: sdc-fe -version: 10.0.0 +version: 11.0.0 dependencies: - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdc/components/sdc-fe/templates/service.yaml b/kubernetes/sdc/components/sdc-fe/templates/service.yaml index f899d58971..30c3d1122f 100644 --- a/kubernetes/sdc/components/sdc-fe/templates/service.yaml +++ b/kubernetes/sdc/components/sdc-fe/templates/service.yaml @@ -39,20 +39,15 @@ metadata: spec: type: {{ .Values.service.type }} ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - targetPort: {{ .Values.service.internalPort }} - {{ if eq .Values.service.type "NodePort" -}} + {{if eq .Values.service.type "NodePort" -}} + - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - {{ end }} - {{ if (include "common.needTLS" .) }} - - port: {{ .Values.service.internalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName }}s - {{ if eq .Values.service.type "NodePort" -}} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - {{ end }} - {{ end }} + name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} + {{- else -}} + - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.externalPort2 .Values.service.externalPort }} + targetPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} + name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} + {{- end}} selector: app: {{ include "common.name" . }} release: {{ include "common.release" . }} diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml index 1dbf9ebd7a..05ac50d432 100644 --- a/kubernetes/sdc/components/sdc-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-fe/values.yaml @@ -47,7 +47,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-frontend:1.10.1 +image: onap/sdc-frontend:1.11.4 pullPolicy: Always config: @@ -112,12 +112,12 @@ service: type: NodePort name: sdc-fe portName: http - nodePort: "06" internalPort: 8181 externalPort: 8181 - nodePort2: "07" internalPort2: 9443 externalPort2: 9443 + nodePort: "07" + ingress: enabled: false diff --git a/kubernetes/sdc/components/sdc-helm-validator/Chart.yaml b/kubernetes/sdc/components/sdc-helm-validator/Chart.yaml index 5609083704..771bfbf7db 100644 --- a/kubernetes/sdc/components/sdc-helm-validator/Chart.yaml +++ b/kubernetes/sdc/components/sdc-helm-validator/Chart.yaml @@ -19,12 +19,12 @@ apiVersion: v2 description: ONAP Service Design and Creation Helm Validator name: sdc-helm-validator -version: 10.0.0 +version: 11.0.0 dependencies: - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml b/kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml index 5ed3131099..e2ff602dd6 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: ONAP Service Design and Creation Onboarding API name: sdc-onboarding-be -version: 10.0.0 +version: 11.0.0 dependencies: - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml index ff5d031510..5a1c6643e6 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml @@ -59,8 +59,8 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-onboard-backend:1.10.1 -onboardingInitImage: onap/sdc-onboard-cassandra-init:1.10.1 +image: onap/sdc-onboard-backend:1.11.4 +onboardingInitImage: onap/sdc-onboard-cassandra-init:1.11.4 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdc/components/sdc-wfd-be/Chart.yaml b/kubernetes/sdc/components/sdc-wfd-be/Chart.yaml index 132c5d21ce..6992f6b9ab 100644 --- a/kubernetes/sdc/components/sdc-wfd-be/Chart.yaml +++ b/kubernetes/sdc/components/sdc-wfd-be/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP Service Design and Creation Workflow Designer backend name: sdc-wfd-be -version: 10.0.0 +version: 11.0.0 dependencies: - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdc/components/sdc-wfd-be/values.yaml b/kubernetes/sdc/components/sdc-wfd-be/values.yaml index 6b18f47d66..828283ec76 100644 --- a/kubernetes/sdc/components/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/components/sdc-wfd-be/values.yaml @@ -59,8 +59,8 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-workflow-backend:1.7.0 -configInitImage: onap/sdc-workflow-init:1.7.0 +image: onap/sdc-workflow-backend:1.11.1 +configInitImage: onap/sdc-workflow-init:1.11.1 pullPolicy: Always initJob: diff --git a/kubernetes/sdc/components/sdc-wfd-fe/Chart.yaml b/kubernetes/sdc/components/sdc-wfd-fe/Chart.yaml index 1b7aa773c9..45f13a04b1 100644 --- a/kubernetes/sdc/components/sdc-wfd-fe/Chart.yaml +++ b/kubernetes/sdc/components/sdc-wfd-fe/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP Service Design and Creation Workflow Designer frontend name: sdc-wfd-fe -version: 10.0.0 +version: 11.0.0 dependencies: - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml index c7e680a745..fd6f713655 100644 --- a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml @@ -47,7 +47,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-workflow-frontend:1.7.0 +image: onap/sdc-workflow-frontend:1.11.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/Chart.yaml b/kubernetes/sdnc/Chart.yaml index b30efc10c1..cc2148453b 100644 --- a/kubernetes/sdnc/Chart.yaml +++ b/kubernetes/sdnc/Chart.yaml @@ -17,61 +17,61 @@ apiVersion: v2 description: SDN Controller name: sdnc -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certManagerCertificate - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: logConfiguration - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: network-name-gen - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: network-name-gen.enabled - name: dgbuilder - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dgbuilder.enabled - name: sdnc-prom - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: config.geoEnabled - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.mariadbGalera.localCluster - name: elasticsearch - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: config.sdnr.enabled # conditions for sdnc-subcharts - name: dmaap-listener - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dmaap-listener/' condition: sdnc.dmaap-listener.enabled,dmaap-listener.enabled - name: ueb-listener - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/ueb-listener/' condition: sdnc.ueb-listener.enabled,ueb-listener.enabled - name: sdnc-ansible-server - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/sdnc-ansible-server/' condition: sdnc.sdnc-ansible-server.enabled,sdnc-ansible-server.enabled - name: sdnc-web - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/sdnc-web/' condition: sdnc.sdnc-web.enabled,sdnc-web.enabled - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdnc/components/dmaap-listener/Chart.yaml b/kubernetes/sdnc/components/dmaap-listener/Chart.yaml index 1d027ee089..3737cb7d89 100644 --- a/kubernetes/sdnc/components/dmaap-listener/Chart.yaml +++ b/kubernetes/sdnc/components/dmaap-listener/Chart.yaml @@ -16,15 +16,15 @@ apiVersion: v2 description: SDNC DMaaP Listener name: dmaap-listener -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdnc/components/dmaap-listener/values.yaml b/kubernetes/sdnc/components/dmaap-listener/values.yaml index 7ef646f3e1..5094b6eb52 100644 --- a/kubernetes/sdnc/components/dmaap-listener/values.yaml +++ b/kubernetes/sdnc/components/dmaap-listener/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-dmaap-listener-image:2.3.0 +image: onap/sdnc-dmaap-listener-image:2.3.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/components/sdnc-ansible-server/Chart.yaml b/kubernetes/sdnc/components/sdnc-ansible-server/Chart.yaml index c61b4e012d..c2c119888b 100644 --- a/kubernetes/sdnc/components/sdnc-ansible-server/Chart.yaml +++ b/kubernetes/sdnc/components/sdnc-ansible-server/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: SDN-C Ansible Server name: sdnc-ansible-server -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml index 768a617b63..7689dcc5e9 100644 --- a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml +++ b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-ansible-server-image:2.3.0 +image: onap/sdnc-ansible-server-image:2.3.2 pullPolicy: Always # flag to enable debugging - application support required @@ -101,7 +101,7 @@ readiness: service: type: ClusterIP name: sdnc-ansible-server - portName: sdnc-ansible-server + portName: http internalPort: 8000 externalPort: 8000 diff --git a/kubernetes/sdnc/components/sdnc-prom/Chart.yaml b/kubernetes/sdnc/components/sdnc-prom/Chart.yaml index 956c6073dc..b7da488b7c 100644 --- a/kubernetes/sdnc/components/sdnc-prom/Chart.yaml +++ b/kubernetes/sdnc/components/sdnc-prom/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP SDNC Policy Driven Ownership Management name: sdnc-prom -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh index 099103ca79..d92a1049e3 100755 --- a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh +++ b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh {{/* # Copyright © 2018 Amdocs @@ -33,8 +33,8 @@ failover(){ debugLog "Currently running sdnc and dns failover" return fi - trap "rm -f ${lockFile}" INT TERM RETURN - echo $BASHPID > ${lockFile} + trap "rm -f ${lockFile}" INT TERM EXIT + echo $$ > ${lockFile} # perform takeover debugLog "Started executing sdnc.failover for $SITE_NAME" diff --git a/kubernetes/sdnc/components/sdnc-web/Chart.yaml b/kubernetes/sdnc/components/sdnc-web/Chart.yaml index fbb7ca0cb2..6dc772376d 100644 --- a/kubernetes/sdnc/components/sdnc-web/Chart.yaml +++ b/kubernetes/sdnc/components/sdnc-web/Chart.yaml @@ -16,18 +16,18 @@ apiVersion: v2 description: SDN-C Web Server name: sdnc-web -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml b/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml index 21416c9b5f..03432d3b63 100644 --- a/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml +++ b/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml @@ -49,32 +49,34 @@ spec: {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: WEBPROTOCOL - value: {{ .Values.config.webProtocol }} + value: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.webProtocol .Values.config.webPlainProtocol }} - name: WEBPORT - value: {{ .Values.config.webPort | quote }} + value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.webPort .Values.config.webPlainPort | quote }} - name: SDNRPROTOCOL - value: {{ .Values.config.sdnrProtocol }} + value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrProtocol .Values.config.sdnrPlainProtocol }} - name: SDNRHOST - value: {{ .Values.config.sdnrHost }}.{{ include "common.namespace" . }} + value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrHost .Values.config.sdnrPlainHost }}.{{ include "common.namespace" . }} - name: SDNRPORT - value: {{ .Values.config.sdnrPort | quote }} + value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrPort .Values.config.sdnrPlainPort | quote }} + {{ if (include "common.needTLS" .) }} - name: SSL_CERT_DIR value: {{ .Values.config.sslCertDir }} - name: SSL_CERTIFICATE value: {{ .Values.config.sslCertiticate }} - name: SSL_CERTIFICATE_KEY value: {{ .Values.config.sslCertKey }} + {{ end }} {{ if .Values.config.transportpce.enabled }} - name: TRPCEURL value: {{ .Values.config.transportpce.transportpceUrl }} diff --git a/kubernetes/sdnc/components/sdnc-web/values.yaml b/kubernetes/sdnc/components/sdnc-web/values.yaml index f75b56726c..ecc5573f28 100644 --- a/kubernetes/sdnc/components/sdnc-web/values.yaml +++ b/kubernetes/sdnc/components/sdnc-web/values.yaml @@ -23,16 +23,21 @@ global: # Application configuration defaults. ################################################################# # application image -image: "onap/sdnc-web-image:2.2.5" +image: "onap/sdnc-web-image:2.3.2" pullPolicy: Always config: sdncChartName: sdnc webProtocol: HTTPS + webPlainProtocol: HTTP webPort: 8443 + webPlainPort: 8080 sdnrProtocol: https + sdnrPlainProtocol: http sdnrHost: "sdnc" + sdnrPlainHost: "sdnc" sdnrPort: "8443" + sdnrPlainPort : "8080" sslCertDir: "/opt/app/osaaf/local/certs" sslCertiticate: "cert.pem" sslCertKey: "key.pem" @@ -100,9 +105,12 @@ service: # for liveness and readiness probe only # internalPort: internalPort: 8443 + internalPlainPort: 8080 ports: - - name: "sdnc-web" + - name: http-sdnc-web port: "8443" + plain_port: "8080" + port_protocol: http nodePort: "05" #ingress: diff --git a/kubernetes/sdnc/components/ueb-listener/Chart.yaml b/kubernetes/sdnc/components/ueb-listener/Chart.yaml index ffaa1b7cca..d9df7aff85 100644 --- a/kubernetes/sdnc/components/ueb-listener/Chart.yaml +++ b/kubernetes/sdnc/components/ueb-listener/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: SDNC UEB Listener name: ueb-listener -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdnc/components/ueb-listener/resources/config/ueb-listener.properties b/kubernetes/sdnc/components/ueb-listener/resources/config/ueb-listener.properties index 946773b18b..45a80af8a6 100644 --- a/kubernetes/sdnc/components/ueb-listener/resources/config/ueb-listener.properties +++ b/kubernetes/sdnc/components/ueb-listener/resources/config/ueb-listener.properties @@ -1,4 +1,9 @@ +{{- if (include "common.needTLS" .) }} org.onap.ccsdk.sli.northbound.uebclient.asdc-address=sdc-be.{{.Release.Namespace}}:8443 +{{- else }} +org.onap.ccsdk.sli.northbound.uebclient.asdc-address=sdc-be.{{.Release.Namespace}}:8080 +org.onap.ccsdk.sli.northbound.uebclient.use-https=false +{{- end }} org.onap.ccsdk.sli.northbound.uebclient.consumer-group=sdc-OpenSource-Env1-sdnc-dockero org.onap.ccsdk.sli.northbound.uebclient.consumer-id=sdc-COpenSource-Env11-sdnc-dockero org.onap.ccsdk.sli.northbound.uebclient.environment-name=AUTO diff --git a/kubernetes/sdnc/components/ueb-listener/values.yaml b/kubernetes/sdnc/components/ueb-listener/values.yaml index 50fee59a32..4d3cce7076 100644 --- a/kubernetes/sdnc/components/ueb-listener/values.yaml +++ b/kubernetes/sdnc/components/ueb-listener/values.yaml @@ -55,7 +55,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-ueb-listener-image:2.3.0 +image: onap/sdnc-ueb-listener-image:2.3.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/resources/config/conf/aaiclient.properties b/kubernetes/sdnc/resources/config/conf/aaiclient.properties index 7021990da0..5108a9d005 100755 --- a/kubernetes/sdnc/resources/config/conf/aaiclient.properties +++ b/kubernetes/sdnc/resources/config/conf/aaiclient.properties @@ -38,7 +38,11 @@ org.onap.ccsdk.sli.adaptors.aai.application=openECOMP # # Configuration file for A&AI Client # +{{- if (include "common.needTLS" .) }} org.onap.ccsdk.sli.adaptors.aai.uri=https://aai.{{.Release.Namespace}}:8443 +{{- else }} +org.onap.ccsdk.sli.adaptors.aai.uri=http://aai.{{.Release.Namespace}}:80 +{{- end }} connection.timeout=60000 read.timeout=60000 diff --git a/kubernetes/sdnc/resources/config/conf/oauth-provider.config.json b/kubernetes/sdnc/resources/config/conf/oauth-provider.config.json index 8d3c106bb9..7f99ed9497 100644 --- a/kubernetes/sdnc/resources/config/conf/oauth-provider.config.json +++ b/kubernetes/sdnc/resources/config/conf/oauth-provider.config.json @@ -2,7 +2,7 @@ "tokenSecret": "${OAUTH_TOKEN_SECRET}", "tokenIssuer": {{ .Values.config.sdnr.oauth.tokenIssuer | quote }}, "publicUrl": {{ .Values.config.sdnr.oauth.publicUrl | quote }}, - "redirectUri": "{{ .Values.config.sdnr.oauth.redirectUri | quote | default "null" }}", + "redirectUri": "{{ .Values.config.sdnr.oauth.redirectUri | default "null" }}", "supportOdlUsers": "{{ .Values.config.sdnr.oauth.supportOdlUsers | default "true" }}", "providers": {{ .Values.config.sdnr.oauth.providers | toJson }} -}
\ No newline at end of file +} diff --git a/kubernetes/sdnc/templates/job.yaml b/kubernetes/sdnc/templates/job.yaml index 11b1a87128..b6dc32b096 100755 --- a/kubernetes/sdnc/templates/job.yaml +++ b/kubernetes/sdnc/templates/job.yaml @@ -131,8 +131,28 @@ spec: command: - /bin/bash args: - - {{.Values.config.binDir }}/installSdncDb.sh + - -c + - | + sleep 60; {{.Values.config.binDir }}/installSdncDb.sh resources: {{ include "common.resources" . | nindent 10 }} + {{- if include "common.onServiceMesh" . }} + - name: sdnc-service-mesh-wait-for-job-container + image: {{ include "repositoryGenerator.image.quitQuit" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /bin/sh + - "-c" + args: + - | + echo "waiting 20s for istio side cars to be up"; sleep 20s; + /app/ready.py --service-mesh-check sdnc -t 45; + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + {{- end }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} {{- end }} diff --git a/kubernetes/sdnc/templates/sdnrdb-init-job.yaml b/kubernetes/sdnc/templates/sdnrdb-init-job.yaml index cb8d7574db..665e16c9f8 100755 --- a/kubernetes/sdnc/templates/sdnrdb-init-job.yaml +++ b/kubernetes/sdnc/templates/sdnrdb-init-job.yaml @@ -53,7 +53,10 @@ spec: image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/bin/bash"] - args: ["-c", "{{ .Values.config.binDir }}/startODL.sh"] + args: + - -c + - | + sleep 90; "{{ .Values.config.binDir }}/startODL.sh" env: - name: SDNC_AAF_ENABLED value: "{{ .Values.global.aafEnabled}}" @@ -76,6 +79,24 @@ spec: value: "-k" volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} resources: {{ include "common.resources" . | nindent 12 }} + {{- if include "common.onServiceMesh" . }} + - name: sdnrdb-service-mesh-wait-for-job-container + image: {{ include "repositoryGenerator.image.quitQuit" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /bin/sh + - "-c" + args: + - | + echo "waiting 30s for istio side cars to be up"; sleep 30s; + /app/ready.py --service-mesh-check sdnc-sdnrdb-init-job -t 45; + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + {{- end }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} {{- end -}} diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index d45e13eb01..83a30caadf 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -210,7 +210,7 @@ certificates: # application images pullPolicy: Always -image: onap/sdnc-image:2.3.0 +image: onap/sdnc-image:2.3.2 # flag to enable debugging - application support required debugEnabled: false @@ -543,7 +543,7 @@ readiness: service: type: NodePort name: sdnc - portName: sdnc + portName: http internalPort: 8181 internalPort2: 8101 internalPort3: 8080 diff --git a/kubernetes/sniro-emulator/Chart.yaml b/kubernetes/sniro-emulator/Chart.yaml index 5366ed9a35..d155d5e8cc 100644 --- a/kubernetes/sniro-emulator/Chart.yaml +++ b/kubernetes/sniro-emulator/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP Mock Sniro Emulator name: sniro-emulator -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sniro-emulator/values.yaml b/kubernetes/sniro-emulator/values.yaml index 81ce818a8a..8f43a4f46b 100644 --- a/kubernetes/sniro-emulator/values.yaml +++ b/kubernetes/sniro-emulator/values.yaml @@ -50,7 +50,7 @@ service: internalPort: 9999 externalPort: 80 nodePort: 88 - portName: httpd + portName: http ingress: enabled: false diff --git a/kubernetes/so/Chart.yaml b/kubernetes/so/Chart.yaml index d7466476de..acb536852d 100755 --- a/kubernetes/so/Chart.yaml +++ b/kubernetes/so/Chart.yaml @@ -16,91 +16,92 @@ apiVersion: v2 description: ONAP Service Orchestrator name: so -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' + condition: global.aafEnabled - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.mariadbGalera.localCluster - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/soHelpers' - name: so-admin-cockpit - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-admin-cockpit' condition: so-admin-cockpit.enabled - name: so-appc-orchestrator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-appc-orchestrator' condition: so-appc-orchestrator.enabled - name: so-bpmn-infra - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-bpmn-infra' - name: so-catalog-db-adapter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-catalog-db-adapter' condition: so-catalog-db-adapter.enabled - name: so-cnf-adapter - version: ~10.x-0 + version: ~11.x-0 repository: "file://components/so-cnf-adapter" condition: so-cnf-adapter.enabled - name: so-etsi-nfvo-ns-lcm - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-etsi-nfvo-ns-lcm' condition: so-etsi-nfvo-ns-lcm.enabled - name: so-etsi-sol003-adapter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-etsi-sol003-adapter' condition: so-etsi-sol003-adapter.enabled - name: so-mariadb - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-mariadb' - name: so-nssmf-adapter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-nssmf-adapter' condition: so-nssmf-adapter.enabled - name: so-oof-adapter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-oof-adapter' condition: so-oof-adapter.enabled - name: so-openstack-adapter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-openstack-adapter' condition: so-openstack-adapter.enabled - name: so-request-db-adapter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-request-db-adapter' - name: so-sdc-controller - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-sdc-controller' - name: so-sdnc-adapter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-sdnc-adapter' condition: so-sdnc-adapter.enabled - name: so-ve-vnfm-adapter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-ve-vnfm-adapter' condition: so-ve-vnfm-adapter.enabled - name: so-etsi-sol005-adapter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-etsi-sol005-adapter' condition: so-etsi-sol005-adapter.enabled - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-admin-cockpit/Chart.yaml b/kubernetes/so/components/so-admin-cockpit/Chart.yaml index f916b5c7b7..4218126d41 100644 --- a/kubernetes/so/components/so-admin-cockpit/Chart.yaml +++ b/kubernetes/so/components/so-admin-cockpit/Chart.yaml @@ -21,21 +21,21 @@ apiVersion: v2 description: A Helm chart for ONAP Service Orchestration Monitoring name: so-admin-cockpit -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml b/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml index 4b46721c2a..808c439181 100644 --- a/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml +++ b/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml @@ -116,7 +116,7 @@ spec: ports: - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} diff --git a/kubernetes/so/components/so-admin-cockpit/templates/service.yaml b/kubernetes/so/components/so-admin-cockpit/templates/service.yaml index c4439784ca..b23e5ab99e 100644 --- a/kubernetes/so/components/so-admin-cockpit/templates/service.yaml +++ b/kubernetes/so/components/so-admin-cockpit/templates/service.yaml @@ -39,14 +39,12 @@ spec: {{if and (eq .Values.service.type "NodePort") (.Values.global.aafEnabled) -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} release: {{ include "common.release" . }} - - diff --git a/kubernetes/so/components/so-appc-orchestrator/Chart.yaml b/kubernetes/so/components/so-appc-orchestrator/Chart.yaml index eae024bc53..a82663f094 100644 --- a/kubernetes/so/components/so-appc-orchestrator/Chart.yaml +++ b/kubernetes/so/components/so-appc-orchestrator/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 description: A Helm chart for so appc orchestrator name: so-appc-orchestrator -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-bpmn-infra/Chart.yaml b/kubernetes/so/components/so-bpmn-infra/Chart.yaml index 867f42956d..3a573b4245 100755 --- a/kubernetes/so/components/so-bpmn-infra/Chart.yaml +++ b/kubernetes/so/components/so-bpmn-infra/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 appVersion: "1.0" description: A Helm chart for SO Bpmn Infra name: so-bpmn-infra -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml index 360936d2ba..9feab4ddce 100755 --- a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml @@ -17,7 +17,11 @@ aai: auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.aai.auth )}} dme2: timeout: '30000' + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} workflowAaiDistributionDelay: PT30S pnfEntryNotificationTimeout: P14D cds: @@ -158,7 +162,11 @@ mso: oof: auth: {{ .Values.mso.oof.auth }} callbackEndpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage + {{ if (include "common.needTLS" .) }} endpoint: https://oof-osdf.{{ include "common.namespace" . }}:8698 + {{ else }} + endpoint: http://oof-osdf.{{ include "common.namespace" . }}:8698 + {{ end }} timeout: PT30M workflow: CreateGenericVNFV1: diff --git a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml index 57a2b2c689..2b8b827f91 100755 --- a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml +++ b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml @@ -87,7 +87,7 @@ spec: {{ include "so.helpers.livenessProbe" .| indent 8 }} ports: - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP # Filebeat sidecar container {{ include "common.log.sidecar" . | nindent 6 }} diff --git a/kubernetes/so/components/so-bpmn-infra/templates/service.yaml b/kubernetes/so/components/so-bpmn-infra/templates/service.yaml index 6eb6f27e26..5b8dee0774 100755 --- a/kubernetes/so/components/so-bpmn-infra/templates/service.yaml +++ b/kubernetes/so/components/so-bpmn-infra/templates/service.yaml @@ -29,11 +29,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/so/components/so-bpmn-infra/values.yaml b/kubernetes/so/components/so-bpmn-infra/values.yaml index d5ff829cc7..af185aeb4e 100755 --- a/kubernetes/so/components/so-bpmn-infra/values.yaml +++ b/kubernetes/so/components/so-bpmn-infra/values.yaml @@ -123,7 +123,7 @@ service: type: ClusterIP internalPort: *containerPort externalPort: 8081 - portName: so-bpmn-port + portName: http updateStrategy: type: RollingUpdate maxUnavailable: 1 diff --git a/kubernetes/so/components/so-catalog-db-adapter/Chart.yaml b/kubernetes/so/components/so-catalog-db-adapter/Chart.yaml index 64b339331e..e279432923 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/Chart.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/Chart.yaml @@ -16,24 +16,24 @@ apiVersion: v2 description: A Helm chart for so-catalog-db-adapter name: so-catalog-db-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml index 30e55511cc..fa9d3a6a4b 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml @@ -85,7 +85,7 @@ spec: {{ include "so.helpers.livenessProbe" .| indent 8 }} ports: - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} diff --git a/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml b/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml index 6eb6f27e26..5b8dee0774 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml @@ -29,11 +29,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/so/components/so-catalog-db-adapter/values.yaml b/kubernetes/so/components/so-catalog-db-adapter/values.yaml index a5961ee7dd..b4360942d2 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/values.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/values.yaml @@ -87,7 +87,7 @@ service: type: ClusterIP internalPort: *containerPort externalPort: *containerPort - portName: so-catdb-port + portName: http updateStrategy: type: RollingUpdate maxUnavailable: 1 diff --git a/kubernetes/so/components/so-cnf-adapter/Chart.yaml b/kubernetes/so/components/so-cnf-adapter/Chart.yaml index 6155a93b2a..abc14e8b3a 100755 --- a/kubernetes/so/components/so-cnf-adapter/Chart.yaml +++ b/kubernetes/so/components/so-cnf-adapter/Chart.yaml @@ -18,24 +18,24 @@ apiVersion: v2 appVersion: "1.7.1" description: A Helm chart for Kubernetes name: so-cnf-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml index c99465b690..0c2f679082 100755 --- a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml @@ -16,7 +16,11 @@ aai: auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.server.aai.auth ) }} + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} enabled: {{ .Values.global.aai.enabled }} logging: path: logs @@ -50,4 +54,3 @@ management: prometheus: enabled: true # Whether exporting of metrics to Prometheus is enabled. step: 1m # Step size (i.e. reporting frequency) to use. - diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/Chart.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/Chart.yaml index 0d1f03bfc8..4b2fd67310 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/Chart.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 description: ONAP SO ETSI NFVO NS LCM name: so-etsi-nfvo-ns-lcm -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml index 5fc28e2cc2..7c1cb1b3c4 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml @@ -17,7 +17,11 @@ aai: auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}} version: v19 + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} spring: datasource: hikari: @@ -54,7 +58,11 @@ so: etsi-catalog-manager: base: {{- if .Values.global.msbEnabled }} + {{ if (include "common.needTLS" .) }} endpoint: https://msb-iag:443/api + {{ else }} + endpoint: http://msb-iag:443/api + {{ end }} http: client: ssl: diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/Chart.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/Chart.yaml index 8d67e41577..742251a965 100755 --- a/kubernetes/so/components/so-etsi-sol003-adapter/Chart.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/Chart.yaml @@ -16,21 +16,21 @@ apiVersion: v2 description: ONAP SO ETSI SOL003 Adapter name: so-etsi-sol003-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml index e6a1d7c06e..33b38add57 100755 --- a/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml @@ -16,7 +16,11 @@ aai: auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}} version: v15 + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} spring: security: usercredentials: @@ -42,7 +46,11 @@ sdc: username: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.username "value2" .Values.sdc.username )}} password: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.password "value2" .Values.sdc.password )}} key: {{ .Values.sdc.key }} + {{ if (include "common.needTLS" .) }} endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://sdc-be.{{ include "common.namespace" . }}:8080 + {{ end }} vnfmadapter: endpoint: http://so-etsi-sol003-adapter.{{ include "common.namespace" . }}:9092 etsi-catalog-manager: diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml index 3272bfd299..7751bf4631 100755 --- a/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml @@ -76,7 +76,7 @@ spec: failureThreshold: {{ .Values.livenessProbe.failureThreshold}} ports: - containerPort: {{ .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml index 5772a89a97..96a2acd3a6 100755 --- a/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml @@ -40,11 +40,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/Chart.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/Chart.yaml index 2a511c002f..7c2645e183 100755 --- a/kubernetes/so/components/so-etsi-sol005-adapter/Chart.yaml +++ b/kubernetes/so/components/so-etsi-sol005-adapter/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 appVersion: "1.0" description: A Helm chart for Kubernetes name: so-etsi-sol005-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml index dd46da0989..e1e2fc23c6 100755 --- a/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml @@ -45,7 +45,11 @@ mso: msb-port: 80 adapters: requestDb: + {{ if (include "common.needTLS" .) }} endpoint: https://so-request-db-adapter.{{ include "common.namespace" . }}:8083 + {{ else }} + endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 + {{ end }} auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}} #Actuator management: diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml index 4f8f4d9f26..1abf21816b 100755 --- a/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml @@ -94,7 +94,7 @@ spec: failureThreshold: {{ .Values.livenessProbe.failureThreshold}} ports: - containerPort: {{ .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml index 2ecc66f233..5b8dee0774 100755 --- a/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml +++ b/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml @@ -29,12 +29,12 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} - release: {{ include "common.release" . }}
\ No newline at end of file + release: {{ include "common.release" . }} diff --git a/kubernetes/so/components/so-mariadb/Chart.yaml b/kubernetes/so/components/so-mariadb/Chart.yaml index 1b8ce4acc0..8b6d10f476 100755 --- a/kubernetes/so/components/so-mariadb/Chart.yaml +++ b/kubernetes/so/components/so-mariadb/Chart.yaml @@ -16,21 +16,21 @@ apiVersion: v2 description: MariaDB Service name: so-mariadb -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-mariadb/templates/job.yaml b/kubernetes/so/components/so-mariadb/templates/job.yaml index 2a84fac247..d9c6009c8a 100644 --- a/kubernetes/so/components/so-mariadb/templates/job.yaml +++ b/kubernetes/so/components/so-mariadb/templates/job.yaml @@ -53,13 +53,17 @@ spec: command: - /bin/bash - -c - - mysqldump -vv --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} --port=${DB_PORT} --databases --single-transaction --quick --lock-tables=false catalogdb requestdb nfvo > /var/data/mariadb/backup-`date +%s`.sql + - | + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} + mysqldump -vv --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} --port=${DB_PORT} --databases --single-transaction --quick --lock-tables=false catalogdb requestdb nfvo > /var/data/mariadb/backup-`date +%s`.sql volumeMounts: - mountPath: /etc/localtime name: localtime readOnly: true - name: backup-storage mountPath: /var/data/mariadb + {{ include "common.waitForJobContainer" . | indent 6 | trim }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime @@ -105,6 +109,8 @@ spec: - /bin/bash - -c - > + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} mysql() { /usr/bin/mysql -h ${DB_HOST} -P ${DB_PORT} "$@"; }; export -f mysql; mysql --user=root --password=${MYSQL_ROOT_PASSWORD} requestdb -e exit > /dev/null 2>&1 {{ if not .Values.global.migration.enabled }} && echo "Database already initialized!!!" && exit 0 {{ end }}; @@ -157,6 +163,7 @@ spec: {{- end }} resources: {{ include "common.resources" . | indent 12 }} + {{ include "common.waitForJobContainer" . | indent 6 | trim }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/so/components/so-mariadb/values.yaml b/kubernetes/so/components/so-mariadb/values.yaml index 58e34b78d6..13dd0868e8 100755 --- a/kubernetes/so/components/so-mariadb/values.yaml +++ b/kubernetes/so/components/so-mariadb/values.yaml @@ -21,7 +21,7 @@ global: nodePortPrefix: 302 nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 - readinessImage: onap/oom/readiness:3.0.1 + readinessImage: onap/oom/readiness:4.1.0 ubuntuInitRepository: docker.io mariadbGalera: nameOverride: &mariadbName mariadb-galera @@ -187,3 +187,7 @@ serviceAccount: nameOverride: so-mariadb roles: - read + +wait_for_job_container: + containers: + - '{{ include "common.name" . }}-config' diff --git a/kubernetes/so/components/so-nssmf-adapter/Chart.yaml b/kubernetes/so/components/so-nssmf-adapter/Chart.yaml index 525f54dfe7..ab97237dad 100755 --- a/kubernetes/so/components/so-nssmf-adapter/Chart.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 appVersion: "1.0" description: A Helm chart for Kubernetes name: so-nssmf-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml index 75db547f38..1d8a97c028 100755 --- a/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml @@ -15,7 +15,11 @@ */}} aai: auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}} + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} logging: path: logs spring: @@ -51,7 +55,11 @@ mso: msb-port: 80 adapters: requestDb: + {{ if (include "common.needTLS" .) }} endpoint: https://so-request-db-adapter.{{ include "common.namespace" . }}:8083 + {{ else }} + endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 + {{ end }} auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}} #Actuator management: diff --git a/kubernetes/so/components/so-nssmf-adapter/values.yaml b/kubernetes/so/components/so-nssmf-adapter/values.yaml index 2489ddd75e..29f9f4e24d 100755 --- a/kubernetes/so/components/so-nssmf-adapter/values.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/values.yaml @@ -107,7 +107,7 @@ app: nssmf-adapter service: type: ClusterIP ports: - - name: api + - name: http port: *containerPort updateStrategy: type: RollingUpdate diff --git a/kubernetes/so/components/so-oof-adapter/Chart.yaml b/kubernetes/so/components/so-oof-adapter/Chart.yaml index c411ef9830..d5b8bbf700 100755 --- a/kubernetes/so/components/so-oof-adapter/Chart.yaml +++ b/kubernetes/so/components/so-oof-adapter/Chart.yaml @@ -18,21 +18,21 @@ apiVersion: v2 appVersion: "1.0" description: A Helm chart for Kubernetes name: so-oof-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml index 5013c34f79..8db5d26788 100755 --- a/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml @@ -42,7 +42,11 @@ mso: endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage oof: auth: ${OOF_LOGIN}:${OOF_PASSWORD} + {{ if (include "common.needTLS" .) }} endpoint: https://oof-osdf.{{ include "common.namespace" . }}:8698 + {{ else }} + endpoint: http://oof-osdf.{{ include "common.namespace" . }}:8698 + {{ end }} #Actuator management: endpoints: diff --git a/kubernetes/so/components/so-oof-adapter/values.yaml b/kubernetes/so/components/so-oof-adapter/values.yaml index 863e0e9428..530c35afdd 100755 --- a/kubernetes/so/components/so-oof-adapter/values.yaml +++ b/kubernetes/so/components/so-oof-adapter/values.yaml @@ -89,7 +89,7 @@ app: so-oof-adapter service: type: ClusterIP ports: - - name: api + - name: http port: *containerPort updateStrategy: type: RollingUpdate diff --git a/kubernetes/so/components/so-openstack-adapter/Chart.yaml b/kubernetes/so/components/so-openstack-adapter/Chart.yaml index cd128fa921..22c473f5c1 100755 --- a/kubernetes/so/components/so-openstack-adapter/Chart.yaml +++ b/kubernetes/so/components/so-openstack-adapter/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 appVersion: "1.0" description: A Helm chart for Kubernetes name: so-openstack-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml index e332f98302..487e93132d 100755 --- a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml @@ -15,7 +15,11 @@ */}} aai: auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.aai.auth )}} + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} server: port: {{ index .Values.containerPort }} spring: diff --git a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml index f370fbd315..55493f7c42 100755 --- a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml @@ -87,7 +87,7 @@ spec: {{ include "so.helpers.livenessProbe" .| indent 8 }} ports: - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP # Filebeat sidecar container {{ include "common.log.sidecar" . | nindent 6 }} diff --git a/kubernetes/so/components/so-openstack-adapter/templates/service.yaml b/kubernetes/so/components/so-openstack-adapter/templates/service.yaml index 6eb6f27e26..5b8dee0774 100755 --- a/kubernetes/so/components/so-openstack-adapter/templates/service.yaml +++ b/kubernetes/so/components/so-openstack-adapter/templates/service.yaml @@ -29,11 +29,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/so/components/so-openstack-adapter/values.yaml b/kubernetes/so/components/so-openstack-adapter/values.yaml index 057f8a0a85..28338cfa11 100755 --- a/kubernetes/so/components/so-openstack-adapter/values.yaml +++ b/kubernetes/so/components/so-openstack-adapter/values.yaml @@ -95,7 +95,7 @@ service: type: ClusterIP internalPort: *containerPort externalPort: *containerPort - portName: so-optack-port + portName: http updateStrategy: type: RollingUpdate maxUnavailable: 1 diff --git a/kubernetes/so/components/so-request-db-adapter/Chart.yaml b/kubernetes/so/components/so-request-db-adapter/Chart.yaml index 6e65cd7f53..db6855aa63 100755 --- a/kubernetes/so/components/so-request-db-adapter/Chart.yaml +++ b/kubernetes/so/components/so-request-db-adapter/Chart.yaml @@ -16,24 +16,24 @@ apiVersion: v2 description: A Helm chart for request-db-adapter name: so-request-db-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml index 30e55511cc..fa9d3a6a4b 100755 --- a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml @@ -85,7 +85,7 @@ spec: {{ include "so.helpers.livenessProbe" .| indent 8 }} ports: - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} diff --git a/kubernetes/so/components/so-request-db-adapter/templates/service.yaml b/kubernetes/so/components/so-request-db-adapter/templates/service.yaml index 6eb6f27e26..5b8dee0774 100755 --- a/kubernetes/so/components/so-request-db-adapter/templates/service.yaml +++ b/kubernetes/so/components/so-request-db-adapter/templates/service.yaml @@ -29,11 +29,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/so/components/so-request-db-adapter/values.yaml b/kubernetes/so/components/so-request-db-adapter/values.yaml index e932a0b643..6bcd388b25 100755 --- a/kubernetes/so/components/so-request-db-adapter/values.yaml +++ b/kubernetes/so/components/so-request-db-adapter/values.yaml @@ -83,7 +83,7 @@ service: type: ClusterIP internalPort: *containerPort externalPort: *containerPort - portName: so-reqdb-port + portName: http updateStrategy: type: RollingUpdate maxUnavailable: 1 diff --git a/kubernetes/so/components/so-sdc-controller/Chart.yaml b/kubernetes/so/components/so-sdc-controller/Chart.yaml index a50e498d68..2f7cac5cf1 100755 --- a/kubernetes/so/components/so-sdc-controller/Chart.yaml +++ b/kubernetes/so/components/so-sdc-controller/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 appVersion: "1.0" description: A Helm chart for Kubernetes name: so-sdc-controller -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml index b20e33a140..ffa66e9d78 100755 --- a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml @@ -63,19 +63,28 @@ mso: endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.requestDb.auth )}} aai: + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} asdc-connections: asdc-controller1: user: mso consumerGroup: SO-OpenSource-Env11 consumerId: SO-COpenSource-Env11 environmentName: AUTO + {{ if (include "common.needTLS" .) }} asdcAddress: sdc-be.{{ include "common.namespace" . }}:8443 + {{ else }} + asdcAddress: sdc-be.{{ include "common.namespace" . }}:8080 + {{ end }} password: {{ index .Values "mso" "asdc-connections" "asdc-controller1" "password" }} pollingInterval: 60 pollingTimeout: 60 relevantArtifactTypes: HEAT,HEAT_ENV,HEAT_VOL useHttpsWithDmaap: false + useHttpsWithSdc: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }} activateServerTLSAuth: false keyStorePassword: keyStorePath: diff --git a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml index f370fbd315..55493f7c42 100755 --- a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml +++ b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml @@ -87,7 +87,7 @@ spec: {{ include "so.helpers.livenessProbe" .| indent 8 }} ports: - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP # Filebeat sidecar container {{ include "common.log.sidecar" . | nindent 6 }} diff --git a/kubernetes/so/components/so-sdc-controller/templates/service.yaml b/kubernetes/so/components/so-sdc-controller/templates/service.yaml index 6eb6f27e26..5b8dee0774 100755 --- a/kubernetes/so/components/so-sdc-controller/templates/service.yaml +++ b/kubernetes/so/components/so-sdc-controller/templates/service.yaml @@ -29,11 +29,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/so/components/so-sdc-controller/values.yaml b/kubernetes/so/components/so-sdc-controller/values.yaml index 58e93f53af..c0e3f5088f 100755 --- a/kubernetes/so/components/so-sdc-controller/values.yaml +++ b/kubernetes/so/components/so-sdc-controller/values.yaml @@ -91,7 +91,7 @@ service: type: ClusterIP internalPort: *containerPort externalPort: *containerPort - portName: so-sdc-port + portName: http updateStrategy: type: RollingUpdate maxUnavailable: 1 diff --git a/kubernetes/so/components/so-sdnc-adapter/Chart.yaml b/kubernetes/so/components/so-sdnc-adapter/Chart.yaml index 01bb209726..f75662d9d3 100755 --- a/kubernetes/so/components/so-sdnc-adapter/Chart.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 appVersion: "1.0" description: A Helm chart for Kubernetes name: so-sdnc-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml b/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml index 01e0ab7077..b95e0b58a3 100755 --- a/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml @@ -91,7 +91,7 @@ spec: {{ include "so.helpers.livenessProbe" .| indent 8 }} ports: - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP # Filebeat sidecar container {{ include "common.log.sidecar" . | nindent 6 }} diff --git a/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml b/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml index 6eb6f27e26..5b8dee0774 100755 --- a/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml @@ -29,11 +29,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/so/components/so-sdnc-adapter/values.yaml b/kubernetes/so/components/so-sdnc-adapter/values.yaml index cb9d02ae05..54fa88c7c0 100755 --- a/kubernetes/so/components/so-sdnc-adapter/values.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/values.yaml @@ -110,7 +110,7 @@ service: type: ClusterIP internalPort: *containerPort externalPort: *containerPort - portName: so-sdnc-port + portName: http updateStrategy: type: RollingUpdate maxUnavailable: 1 diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/Chart.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/Chart.yaml index 6508ca41cf..a9f3821887 100755 --- a/kubernetes/so/components/so-ve-vnfm-adapter/Chart.yaml +++ b/kubernetes/so/components/so-ve-vnfm-adapter/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 description: ONAP SO VE VNFM Adapter (SOL002) name: so-ve-vnfm-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml index f46219c6c9..8471540011 100755 --- a/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml @@ -18,10 +18,18 @@ server: port: {{ include "common.getPort" (dict "global" . "name" "http") }} vevnfmadapter: + {{ if (include "common.needTLS" .) }} endpoint: https://msb-iag:30283/api/{{ include "common.servicename" . }}/v1 + {{ else }} + endpoint: http://msb-iag:30283/api/{{ include "common.servicename" . }}/v1 + {{ end }} aai: + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} dmaap: endpoint: http://message-router.{{ include "common.namespace" . }}:3904 diff --git a/kubernetes/so/components/soHelpers/Chart.yaml b/kubernetes/so/components/soHelpers/Chart.yaml index a8415a3542..2029d4fd8c 100755 --- a/kubernetes/so/components/soHelpers/Chart.yaml +++ b/kubernetes/so/components/soHelpers/Chart.yaml @@ -16,15 +16,15 @@ apiVersion: v2 description: A Helm chart for SO helpers name: soHelpers -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml index efb3fab558..6933607827 100755 --- a/kubernetes/so/resources/config/overrides/override.yaml +++ b/kubernetes/so/resources/config/overrides/override.yaml @@ -1,5 +1,9 @@ aai: + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}} server: port: {{ index .Values.containerPort }} @@ -45,13 +49,21 @@ mso: activate: instanceid: test userid: cs0008 - endpoint: http://sdc-be.{{ include "common.namespace" . }}:8443 + {{ if (include "common.needTLS" .) }} + endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://sdc-be.{{ include "common.namespace" . }}:8080 + {{ end }} tenant: isolation: retry: count: 3 aai: + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}} extApi: diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml index 47701d89b9..99a5eff0e7 100755 --- a/kubernetes/so/templates/deployment.yaml +++ b/kubernetes/so/templates/deployment.yaml @@ -87,7 +87,7 @@ spec: {{ include "so.helpers.livenessProbe" .| indent 8 }} ports: - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP # Filebeat sidecar container {{ include "common.log.sidecar" . | nindent 6 }} diff --git a/kubernetes/so/templates/service.yaml b/kubernetes/so/templates/service.yaml index 2849edecc7..5a83d566ac 100755 --- a/kubernetes/so/templates/service.yaml +++ b/kubernetes/so/templates/service.yaml @@ -392,11 +392,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index 1f454f63df..553de8c2d9 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -213,7 +213,7 @@ service: nodePort: 77 internalPort: *containerPort externalPort: *containerPort - portName: so-apih-port + portName: http updateStrategy: type: RollingUpdate maxUnavailable: 1 diff --git a/kubernetes/strimzi/Chart.yaml b/kubernetes/strimzi/Chart.yaml index 6ce866bdeb..17da739927 100644 --- a/kubernetes/strimzi/Chart.yaml +++ b/kubernetes/strimzi/Chart.yaml @@ -15,19 +15,19 @@ apiVersion: v2 description: ONAP Strimzi kafka name: strimzi -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/poddisruptionbudget.yaml b/kubernetes/strimzi/templates/strimzi-kafka-admin-user.yaml index d12ec126f9..2653c6799c 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/poddisruptionbudget.yaml +++ b/kubernetes/strimzi/templates/strimzi-kafka-admin-user.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2018 AT&T +# Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,18 +13,19 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaUser metadata: - name: {{ include "common.fullname" . }}-pdb + name: {{ .Values.kafkaStrimziAdminUser }} labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} + strimzi.io/cluster: {{ include "common.release" . }}-strimzi spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - maxUnavailable: 1 + authentication: + type: {{ .Values.saslMechanism }} + authorization: + type: simple + acls: + - resource: + type: group + name: onap-group + operation: Read
\ No newline at end of file diff --git a/kubernetes/strimzi/templates/strimzi-kafka.yaml b/kubernetes/strimzi/templates/strimzi-kafka.yaml index a94879b8a0..4e8779d1d2 100644 --- a/kubernetes/strimzi/templates/strimzi-kafka.yaml +++ b/kubernetes/strimzi/templates/strimzi-kafka.yaml @@ -57,21 +57,22 @@ spec: authorization: type: simple superUsers: - - {{ include "common.release" . }}-{{ .Values.kafkaStrimziAdminUser }} + - {{ .Values.kafkaStrimziAdminUser }} template: pod: securityContext: runAsUser: 0 fsGroup: 0 config: + default.replication.factor: {{ .Values.replicaCount }} + min.insync.replicas: {{ .Values.replicaCount }} offsets.topic.replication.factor: {{ .Values.replicaCount }} transaction.state.log.replication.factor: {{ .Values.replicaCount }} - transaction.state.log.min.isr: 2 + transaction.state.log.min.isr: {{ .Values.replicaCount }} log.message.format.version: "3.0" inter.broker.protocol.version: "3.0" storage: type: jbod - class: {{ include "common.storageClass" (dict "dot" . "suffix" "kafka" "persistenceInfos" .Values.persistenceKafka) }} volumes: - id: 0 type: persistent-claim @@ -87,6 +88,10 @@ spec: replicas: {{ .Values.replicaCount }} config: ssl.hostnameVerification: false + ssl.quorum.hostnameVerification: false + {{- if (include "common.onServiceMesh" .) }} + sslQuorum: false + {{- end }} storage: type: persistent-claim size: {{ .Values.persistenceZk.size }} diff --git a/kubernetes/strimzi/values.yaml b/kubernetes/strimzi/values.yaml index 9e63c2c131..26b714a342 100644 --- a/kubernetes/strimzi/values.yaml +++ b/kubernetes/strimzi/values.yaml @@ -23,7 +23,7 @@ global: ################################################################# # Application configuration defaults. ################################################################# -replicaCount: 2 +replicaCount: 3 kafkaInternalPort: 9092 saslMechanism: scram-sha-512 version: 3.0.0 diff --git a/kubernetes/uui/Chart.yaml b/kubernetes/uui/Chart.yaml index dab69dd3e3..6a0b0c996d 100644 --- a/kubernetes/uui/Chart.yaml +++ b/kubernetes/uui/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 description: ONAP uui name: uui -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: uui-server - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/uui-server' - name: uui-nlp - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/uui-nlp' diff --git a/kubernetes/uui/components/uui-nlp/Chart.yaml b/kubernetes/uui/components/uui-nlp/Chart.yaml index d748aad543..84664dcfb5 100644 --- a/kubernetes/uui/components/uui-nlp/Chart.yaml +++ b/kubernetes/uui/components/uui-nlp/Chart.yaml @@ -20,15 +20,15 @@ apiVersion: v2 description: ONAP UUI NLP name: uui-nlp -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/uui/components/uui-server/Chart.yaml b/kubernetes/uui/components/uui-server/Chart.yaml index d6cc6f0697..133ebc5bf6 100644 --- a/kubernetes/uui/components/uui-server/Chart.yaml +++ b/kubernetes/uui/components/uui-server/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: ONAP uui server name: uui-server -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/uui/components/uui-server/resources/entrypoint/run.sh b/kubernetes/uui/components/uui-server/resources/entrypoint/run.sh index f96dd74bd3..283d55b741 100644 --- a/kubernetes/uui/components/uui-server/resources/entrypoint/run.sh +++ b/kubernetes/uui/components/uui-server/resources/entrypoint/run.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh {{/* # # Copyright 2016-2017 ZTE Corporation. @@ -28,7 +28,7 @@ sleep 10 echo "usecase-ui database init script start..." dbScript="$main_path/resources/bin/initDB.sh" -source $dbScript 127.0.0.1 5432 postgres uui +$dbScript 127.0.0.1 5432 postgres uui echo "usecase-ui database init script finished normally..." JAVA_PATH="$JAVA_HOME/bin/java" @@ -40,4 +40,4 @@ jar_path="$main_path/usecase-ui-server.jar" echo @jar_path@ $jar_path echo "Starting usecase-ui-server..." -$JAVA_PATH $JAVA_OPTS -classpath $jar_path -jar $jar_path $SPRING_OPTS
\ No newline at end of file +$JAVA_PATH $JAVA_OPTS -classpath $jar_path -jar $jar_path $SPRING_OPTS diff --git a/kubernetes/uui/components/uui-server/values.yaml b/kubernetes/uui/components/uui-server/values.yaml index 5bd781eb2d..d279163690 100644 --- a/kubernetes/uui/components/uui-server/values.yaml +++ b/kubernetes/uui/components/uui-server/values.yaml @@ -63,7 +63,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/usecase-ui-server:4.0.6 +image: onap/usecase-ui-server:4.0.7 pullPolicy: Always # application configuration diff --git a/kubernetes/uui/values.yaml b/kubernetes/uui/values.yaml index 1ed9b470d2..f133ad5a27 100644 --- a/kubernetes/uui/values.yaml +++ b/kubernetes/uui/values.yaml @@ -57,7 +57,7 @@ subChartsOnly: flavor: small # application image -image: onap/usecase-ui:4.0.6 +image: onap/usecase-ui:4.0.7 pullPolicy: Always # application configuration diff --git a/kubernetes/vfc/Chart.yaml b/kubernetes/vfc/Chart.yaml index aecd278778..26c9747d35 100644 --- a/kubernetes/vfc/Chart.yaml +++ b/kubernetes/vfc/Chart.yaml @@ -17,48 +17,48 @@ apiVersion: v2 description: ONAP Virtual Function Controller (VF-C) name: vfc -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.mariadbGalera.localCluster - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: vfc-generic-vnfm-driver - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/vfc-generic-vnfm-driver' condition: vfc-generic-vnfm-driver.enabled - name: vfc-huawei-vnfm-driver - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/vfc-huawei-vnfm-driver' condition: vfc-huawei-vnfm-driver.enabled - name: vfc-nslcm - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/vfc-nslcm' condition: vfc-nslcm.enabled - name: vfc-redis - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/vfc-redis' condition: vfc-redis.enabled - name: vfc-vnflcm - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/vfc-vnflcm' condition: vfc-vnflcm.enabled - name: vfc-vnfmgr - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/vfc-vnfmgr' condition: vfc-vnfmgr.enabled - name: vfc-vnfres - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/vfc-vnfres' condition: vfc-vnfres.enabled - name: vfc-zte-vnfm-driver - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/vfc-zte-vnfm-driver' condition: vfc-zte-vnfm-driver.enabled diff --git a/kubernetes/vfc/components/vfc-generic-vnfm-driver/Chart.yaml b/kubernetes/vfc/components/vfc-generic-vnfm-driver/Chart.yaml index 1e1bb3cc55..74f472eeb5 100644 --- a/kubernetes/vfc/components/vfc-generic-vnfm-driver/Chart.yaml +++ b/kubernetes/vfc/components/vfc-generic-vnfm-driver/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP VFC - Generic VNFM Driver name: vfc-generic-vnfm-driver -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/deployment.yaml b/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/deployment.yaml index d5a043d533..b5ab1fb93c 100644 --- a/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/deployment.yaml @@ -59,9 +59,14 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: MSB_HOST - value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }} - name: SSL_ENABLED - value: "{{ .Values.global.config.ssl_enabled }}" + value: "true" + {{- else }} + - name: SSL_ENABLED + value: "false" + {{- end }} - name: REG_TO_MSB_WHEN_START value: "{{ .Values.global.config.reg_to_msb_when_start }}" volumeMounts: diff --git a/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/service.yaml b/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/service.yaml index df7fe3149a..85498aeca8 100644 --- a/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/service.yaml +++ b/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/service.yaml @@ -43,11 +43,11 @@ spec: - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/vfc/components/vfc-generic-vnfm-driver/values.yaml b/kubernetes/vfc/components/vfc-generic-vnfm-driver/values.yaml index d92989dbcb..6a4a802028 100644 --- a/kubernetes/vfc/components/vfc-generic-vnfm-driver/values.yaml +++ b/kubernetes/vfc/components/vfc-generic-vnfm-driver/values.yaml @@ -26,7 +26,7 @@ global: # application image flavor: small -image: onap/vfc/gvnfmdriver:1.4.3 +image: onap/vfc/gvnfmdriver:1.4.4 pullPolicy: Always #Istio sidecar injection policy @@ -60,7 +60,7 @@ readiness: service: type: ClusterIP name: vfc-generic-vnfm-driver - portName: vfc-generic-vnfm-driver + portName: http externalPort: 8484 internalPort: 8484 # nodePort: 30484 diff --git a/kubernetes/vfc/components/vfc-huawei-vnfm-driver/Chart.yaml b/kubernetes/vfc/components/vfc-huawei-vnfm-driver/Chart.yaml index 33698eacb2..3fa0c45f0c 100644 --- a/kubernetes/vfc/components/vfc-huawei-vnfm-driver/Chart.yaml +++ b/kubernetes/vfc/components/vfc-huawei-vnfm-driver/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP VFC - Huawei VNFM Driver name: vfc-huawei-vnfm-driver -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/deployment.yaml b/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/deployment.yaml index dd763b4f1e..f96d4d664b 100644 --- a/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/deployment.yaml @@ -60,9 +60,14 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: MSB_PROTO - value: "{{ .Values.global.config.msbprotocol }}" + value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}" + {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }} - name: SSL_ENABLED - value: "{{ .Values.global.config.ssl_enabled }}" + value: "true" + {{- else }} + - name: SSL_ENABLED + value: "false" + {{- end }} - name: MSB_ADDR value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - name: REG_TO_MSB_WHEN_START diff --git a/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/service.yaml b/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/service.yaml index 95a84cff02..def3fa2a54 100644 --- a/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/service.yaml +++ b/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/service.yaml @@ -44,7 +44,7 @@ spec: port: {{ .Values.service.internalPort }} targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - - name: {{ .Values.service.portName }}2 + - name: {{ .Values.service.portName }}s port: {{ .Values.service.internalPort2 }} targetPort: {{ .Values.service.internalPort2 }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} @@ -54,7 +54,7 @@ spec: name: {{ .Values.service.portName }} - port: {{ .Values.service.externalPort2 }} targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName }}2 + name: {{ .Values.service.portName }}s {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/vfc/components/vfc-huawei-vnfm-driver/values.yaml b/kubernetes/vfc/components/vfc-huawei-vnfm-driver/values.yaml index 596a1cf36d..32221692e3 100644 --- a/kubernetes/vfc/components/vfc-huawei-vnfm-driver/values.yaml +++ b/kubernetes/vfc/components/vfc-huawei-vnfm-driver/values.yaml @@ -60,7 +60,7 @@ readiness: service: type: ClusterIP name: vfc-huawei-vnfm-driver - portName: vfc-huawei-vnfm-driver + portName: http externalPort: 8482 internalPort: 8482 externalPort2: 8483 diff --git a/kubernetes/vfc/components/vfc-nslcm/Chart.yaml b/kubernetes/vfc/components/vfc-nslcm/Chart.yaml index 24942d1ee0..f415fec224 100644 --- a/kubernetes/vfc/components/vfc-nslcm/Chart.yaml +++ b/kubernetes/vfc/components/vfc-nslcm/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP VFC - NS Life Cycle Management name: vfc-nslcm -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml b/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml index 13c17059f4..f9faa7e845 100644 --- a/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml @@ -79,9 +79,14 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: MSB_HOST - value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }} - name: SSL_ENABLED - value: "{{ .Values.global.config.ssl_enabled }}" + value: "true" + {{- else }} + - name: SSL_ENABLED + value: "false" + {{- end }} - name: MYSQL_ADDR value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}' - name: MYSQL_ROOT_USER diff --git a/kubernetes/vfc/components/vfc-nslcm/templates/service.yaml b/kubernetes/vfc/components/vfc-nslcm/templates/service.yaml index f46530ded9..4ca1cb891c 100644 --- a/kubernetes/vfc/components/vfc-nslcm/templates/service.yaml +++ b/kubernetes/vfc/components/vfc-nslcm/templates/service.yaml @@ -52,11 +52,11 @@ spec: - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/vfc/components/vfc-nslcm/values.yaml b/kubernetes/vfc/components/vfc-nslcm/values.yaml index 21ff189046..0cd3ce178a 100644 --- a/kubernetes/vfc/components/vfc-nslcm/values.yaml +++ b/kubernetes/vfc/components/vfc-nslcm/values.yaml @@ -41,7 +41,7 @@ secrets: # application image flavor: small -image: onap/vfc/nslcm:1.4.4 +image: onap/vfc/nslcm:1.4.7 pullPolicy: Always #Istio sidecar injection policy @@ -78,7 +78,7 @@ readiness: service: type: ClusterIP name: vfc-nslcm - portName: vfc-nslcm + portName: http externalPort: 8403 internalPort: 8403 # nodePort: 30403 diff --git a/kubernetes/vfc/components/vfc-redis/Chart.yaml b/kubernetes/vfc/components/vfc-redis/Chart.yaml index dac35a7984..9fe692baeb 100644 --- a/kubernetes/vfc/components/vfc-redis/Chart.yaml +++ b/kubernetes/vfc/components/vfc-redis/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP VFC - REDIS name: vfc-redis -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/vfc/components/vfc-redis/templates/service.yaml b/kubernetes/vfc/components/vfc-redis/templates/service.yaml index b20f3f8880..23518e95f1 100644 --- a/kubernetes/vfc/components/vfc-redis/templates/service.yaml +++ b/kubernetes/vfc/components/vfc-redis/templates/service.yaml @@ -31,11 +31,11 @@ spec: - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/vfc/components/vfc-redis/values.yaml b/kubernetes/vfc/components/vfc-redis/values.yaml index 0bbb395938..1c6c4b4cce 100644 --- a/kubernetes/vfc/components/vfc-redis/values.yaml +++ b/kubernetes/vfc/components/vfc-redis/values.yaml @@ -55,7 +55,7 @@ readiness: service: type: ClusterIP name: vfc-redis - portName: vfc-redis + portName: http externalPort: 6379 internalPort: 6379 diff --git a/kubernetes/vfc/components/vfc-vnflcm/Chart.yaml b/kubernetes/vfc/components/vfc-vnflcm/Chart.yaml index a816c4ad94..288e447339 100644 --- a/kubernetes/vfc/components/vfc-vnflcm/Chart.yaml +++ b/kubernetes/vfc/components/vfc-vnflcm/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP VFC - VNF Life Cycle Management name: vfc-vnflcm -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml b/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml index 69de15c171..8c414ffc59 100644 --- a/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml @@ -79,9 +79,14 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: MSB_HOST - value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }} - name: SSL_ENABLED - value: "{{ .Values.global.config.ssl_enabled }}" + value: "true" + {{- else }} + - name: SSL_ENABLED + value: "false" + {{- end }} - name: MYSQL_ADDR value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}' - name: MYSQL_ROOT_USER diff --git a/kubernetes/vfc/components/vfc-vnflcm/templates/service.yaml b/kubernetes/vfc/components/vfc-vnflcm/templates/service.yaml index b64740bbe2..7970e8a9b1 100644 --- a/kubernetes/vfc/components/vfc-vnflcm/templates/service.yaml +++ b/kubernetes/vfc/components/vfc-vnflcm/templates/service.yaml @@ -43,11 +43,11 @@ spec: - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/vfc/components/vfc-vnflcm/values.yaml b/kubernetes/vfc/components/vfc-vnflcm/values.yaml index e4ae447491..fcad261817 100644 --- a/kubernetes/vfc/components/vfc-vnflcm/values.yaml +++ b/kubernetes/vfc/components/vfc-vnflcm/values.yaml @@ -41,7 +41,7 @@ secrets: # application image flavor: small -image: onap/vfc/vnflcm:1.4.2 +image: onap/vfc/vnflcm:1.4.3 pullPolicy: Always #Istio sidecar injection policy @@ -78,7 +78,7 @@ readiness: service: type: ClusterIP name: vfc-vnflcm - portName: vfc-vnflcm + portName: http externalPort: 8801 internalPort: 8801 # nodePort: 30801 diff --git a/kubernetes/vfc/components/vfc-vnfmgr/Chart.yaml b/kubernetes/vfc/components/vfc-vnfmgr/Chart.yaml index 49191effbf..93fb2edafc 100644 --- a/kubernetes/vfc/components/vfc-vnfmgr/Chart.yaml +++ b/kubernetes/vfc/components/vfc-vnfmgr/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP VFC - VNF Manager name: vfc-vnfmgr -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml b/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml index 0ee0b931b2..9fcf9b923d 100644 --- a/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml @@ -79,9 +79,14 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: MSB_HOST - value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }} - name: SSL_ENABLED - value: "{{ .Values.global.config.ssl_enabled }}" + value: "true" + {{- else }} + - name: SSL_ENABLED + value: "false" + {{- end }} - name: MYSQL_ADDR value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}' - name: REDIS_HOST diff --git a/kubernetes/vfc/components/vfc-vnfmgr/templates/service.yaml b/kubernetes/vfc/components/vfc-vnfmgr/templates/service.yaml index 97ef463977..9daf4e0e26 100644 --- a/kubernetes/vfc/components/vfc-vnfmgr/templates/service.yaml +++ b/kubernetes/vfc/components/vfc-vnfmgr/templates/service.yaml @@ -43,11 +43,11 @@ spec: - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/vfc/components/vfc-vnfmgr/values.yaml b/kubernetes/vfc/components/vfc-vnfmgr/values.yaml index cc2becc576..528bbe0c01 100644 --- a/kubernetes/vfc/components/vfc-vnfmgr/values.yaml +++ b/kubernetes/vfc/components/vfc-vnfmgr/values.yaml @@ -78,7 +78,7 @@ readiness: service: type: ClusterIP name: vfc-vnfmgr - portName: vfc-vnfmgr + portName: http externalPort: 8803 internalPort: 8803 # nodePort: 30803 diff --git a/kubernetes/vfc/components/vfc-vnfres/Chart.yaml b/kubernetes/vfc/components/vfc-vnfres/Chart.yaml index 383b34a585..b02dfefb62 100644 --- a/kubernetes/vfc/components/vfc-vnfres/Chart.yaml +++ b/kubernetes/vfc/components/vfc-vnfres/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP VFC - VNF Resource Manager name: vfc-vnfres -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml b/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml index a0178151d4..5723b0f322 100644 --- a/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml @@ -79,9 +79,14 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: MSB_HOST - value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }} - name: SSL_ENABLED - value: "{{ .Values.global.config.ssl_enabled }}" + value: "true" + {{- else }} + - name: SSL_ENABLED + value: "false" + {{- end }} - name: MYSQL_ADDR value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}' - name: REDIS_HOST diff --git a/kubernetes/vfc/components/vfc-vnfres/templates/service.yaml b/kubernetes/vfc/components/vfc-vnfres/templates/service.yaml index c043913b70..4f583f2181 100644 --- a/kubernetes/vfc/components/vfc-vnfres/templates/service.yaml +++ b/kubernetes/vfc/components/vfc-vnfres/templates/service.yaml @@ -43,11 +43,11 @@ spec: - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/vfc/components/vfc-vnfres/values.yaml b/kubernetes/vfc/components/vfc-vnfres/values.yaml index 68d66a6558..c2954d5517 100644 --- a/kubernetes/vfc/components/vfc-vnfres/values.yaml +++ b/kubernetes/vfc/components/vfc-vnfres/values.yaml @@ -41,7 +41,7 @@ secrets: # application image flavor: small -image: onap/vfc/vnfres:1.4.0 +image: onap/vfc/vnfres:1.4.1 pullPolicy: Always #Istio sidecar injection policy @@ -78,7 +78,7 @@ readiness: service: type: ClusterIP name: vfc-vnfres - portName: vfc-vnfres + portName: http externalPort: 8802 internalPort: 8802 # nodePort: 30802 diff --git a/kubernetes/vfc/components/vfc-zte-vnfm-driver/Chart.yaml b/kubernetes/vfc/components/vfc-zte-vnfm-driver/Chart.yaml index f4c5d397ed..5f8a392870 100644 --- a/kubernetes/vfc/components/vfc-zte-vnfm-driver/Chart.yaml +++ b/kubernetes/vfc/components/vfc-zte-vnfm-driver/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP VFC - ZTE VNFM Driver name: vfc-zte-vnfm-driver -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/deployment.yaml b/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/deployment.yaml index 9dcba3bf9b..855532ddf3 100644 --- a/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/deployment.yaml @@ -59,9 +59,14 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: MSB_HOST - value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }} - name: SSL_ENABLED - value: "{{ .Values.global.config.ssl_enabled }}" + value: "true" + {{- else }} + - name: SSL_ENABLED + value: "false" + {{- end }} - name: REG_TO_MSB_WHEN_START value: "{{ .Values.global.config.reg_to_msb_when_start }}" volumeMounts: diff --git a/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/service.yaml b/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/service.yaml index 826b6904f9..8a80a87062 100644 --- a/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/service.yaml +++ b/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/service.yaml @@ -43,11 +43,11 @@ spec: - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/vfc/components/vfc-zte-vnfm-driver/values.yaml b/kubernetes/vfc/components/vfc-zte-vnfm-driver/values.yaml index c6db92a7a4..258407b6ba 100644 --- a/kubernetes/vfc/components/vfc-zte-vnfm-driver/values.yaml +++ b/kubernetes/vfc/components/vfc-zte-vnfm-driver/values.yaml @@ -60,7 +60,7 @@ readiness: service: type: ClusterIP name: vfc-zte-vnfm-driver - portName: vfc-zte-vnfm-driver + portName: http externalPort: 8410 internalPort: 8410 diff --git a/kubernetes/vfc/values.yaml b/kubernetes/vfc/values.yaml index 01d9eefd67..a0b69e0c94 100644 --- a/kubernetes/vfc/values.yaml +++ b/kubernetes/vfc/values.yaml @@ -15,7 +15,7 @@ global: config: ssl_enabled: false - msbprotocol: https + msbprotocol: http msbServiceName: msb-iag msbPort: 443 redisServiceName: vfc-redis diff --git a/kubernetes/vid/Chart.yaml b/kubernetes/vid/Chart.yaml index aea0849d08..fe6164a46e 100644 --- a/kubernetes/vid/Chart.yaml +++ b/kubernetes/vid/Chart.yaml @@ -17,26 +17,26 @@ apiVersion: v2 description: ONAP Virtual Infrastructure Deployment name: vid -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.mariadbGalera.localCluster - name: mariadb-init - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: not global.mariadbGalera.localCluster - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/vnfsdk/Chart.yaml b/kubernetes/vnfsdk/Chart.yaml index 59522b842d..7ef08bd32d 100644 --- a/kubernetes/vnfsdk/Chart.yaml +++ b/kubernetes/vnfsdk/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: ONAP VNF SDK name: vnfsdk -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' |