summaryrefslogtreecommitdiffstats
path: root/kubernetes
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes')
-rw-r--r--kubernetes/aai/components/aai-graphadmin/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-resources/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-schema-service/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-traversal/values.yaml2
-rw-r--r--kubernetes/aai/values.yaml2
-rw-r--r--kubernetes/common/common/templates/_ingress.tpl13
-rw-r--r--kubernetes/common/common/templates/_serviceMonitor.tpl21
-rw-r--r--kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml43
-rw-r--r--kubernetes/common/mariadb-galera/values.yaml3
-rw-r--r--kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl7
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml10
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml1
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml1
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml1
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml1
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml20
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml3
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-prh/values.yaml4
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml3
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml18
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml3
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml1
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml1
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml5
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml6
-rw-r--r--kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml4
-rw-r--r--kubernetes/dcaegen2/values.yaml4
-rw-r--r--kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml8
-rw-r--r--kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml25
-rw-r--r--kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml2
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-node/values.yaml2
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-prov/values.yaml2
-rw-r--r--kubernetes/onap/resources/overrides/onap-all.yaml2
-rwxr-xr-xkubernetes/onap/values.yaml2
-rwxr-xr-xkubernetes/oof/components/oof-has/values.yaml3
-rw-r--r--kubernetes/policy/components/policy-apex-pdp/templates/serviceMonitor.yaml23
-rwxr-xr-xkubernetes/policy/components/policy-apex-pdp/values.yaml24
-rw-r--r--kubernetes/policy/components/policy-api/templates/serviceMonitor.yaml23
-rwxr-xr-xkubernetes/policy/components/policy-api/values.yaml24
-rw-r--r--kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml12
-rw-r--r--kubernetes/policy/components/policy-distribution/templates/serviceMonitor.yaml23
-rwxr-xr-xkubernetes/policy/components/policy-distribution/values.yaml24
-rw-r--r--kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml23
-rwxr-xr-xkubernetes/policy/components/policy-pap/values.yaml19
-rw-r--r--kubernetes/policy/components/policy-xacml-pdp/templates/serviceMonitor.yaml23
-rwxr-xr-xkubernetes/policy/components/policy-xacml-pdp/values.yaml24
46 files changed, 390 insertions, 81 deletions
diff --git a/kubernetes/aai/components/aai-graphadmin/values.yaml b/kubernetes/aai/components/aai-graphadmin/values.yaml
index 6f372f9bd9..a232d53c84 100644
--- a/kubernetes/aai/components/aai-graphadmin/values.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/values.yaml
@@ -76,7 +76,7 @@ global: # global defaults
version:
# Current version of the REST API
api:
- default: v26
+ default: v24
# Specifies which version the depth parameter is configurable
depth: v11
# List of all the supported versions of the API
diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml
index b1f8c085b8..fdb243de0a 100644
--- a/kubernetes/aai/components/aai-resources/values.yaml
+++ b/kubernetes/aai/components/aai-resources/values.yaml
@@ -77,7 +77,7 @@ global: # global defaults
version:
# Current version of the REST API
api:
- default: v26
+ default: v24
# Specifies which version the depth parameter is configurable
depth: v11
# List of all the supported versions of the API
diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml
index 1dd374c4dc..b03032677e 100644
--- a/kubernetes/aai/components/aai-schema-service/values.yaml
+++ b/kubernetes/aai/components/aai-schema-service/values.yaml
@@ -40,7 +40,7 @@ global: # global defaults
version:
# Current version of the REST API
api:
- default: v26
+ default: v24
# Specifies which version the depth parameter is configurable
depth: v11
# List of all the supported versions of the API
diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml
index b1c8fdd221..921d2dc832 100644
--- a/kubernetes/aai/components/aai-traversal/values.yaml
+++ b/kubernetes/aai/components/aai-traversal/values.yaml
@@ -84,7 +84,7 @@ global: # global defaults
version:
# Current version of the REST API
api:
- default: v26
+ default: v24
# Specifies which version the depth parameter is configurable
depth: v11
# List of all the supported versions of the API
diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml
index 62d1d2eabd..aa0e376b29 100644
--- a/kubernetes/aai/values.yaml
+++ b/kubernetes/aai/values.yaml
@@ -231,7 +231,7 @@ global: # global defaults
version:
# Current version of the REST API
api:
- default: v26
+ default: v24
# Specifies which version the depth parameter is configurable
depth: v11
# List of all the supported versions of the API
diff --git a/kubernetes/common/common/templates/_ingress.tpl b/kubernetes/common/common/templates/_ingress.tpl
index 7fee67a7a4..f2741079c7 100644
--- a/kubernetes/common/common/templates/_ingress.tpl
+++ b/kubernetes/common/common/templates/_ingress.tpl
@@ -13,11 +13,18 @@
http:
paths:
- backend:
- serviceName: {{ .name }}
- servicePort: {{ .port }}
+ service:
+ name: {{ .name }}
+ port:
+ {{- if kindIs "string" .port }}
+ name: {{ .port }}
+ {{- else }}
+ number: {{ .port }}
+ {{- end }}
{{- if .path }}
path: {{ .path }}
{{- end }}
+ pathType: ImplementationSpecific
{{- end }}
{{- end -}}
@@ -69,7 +76,7 @@ nginx.ingress.kubernetes.io/ssl-redirect: "false"
{{- $ingressEnabled := include "common.ingress._overrideIfDefined" (dict "currVal" $ingressEnabled "parent" (default (dict) .Values.global.ingress) "var" "enabled") }}
{{- $ingressEnabled := include "common.ingress._overrideIfDefined" (dict "currVal" $ingressEnabled "parent" .Values.ingress "var" "enabledOverride") }}
{{- if $ingressEnabled }}
-apiVersion: networking.k8s.io/v1beta1
+apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "common.fullname" . }}-ingress
diff --git a/kubernetes/common/common/templates/_serviceMonitor.tpl b/kubernetes/common/common/templates/_serviceMonitor.tpl
index eb6c047c2f..81d7a74578 100644
--- a/kubernetes/common/common/templates/_serviceMonitor.tpl
+++ b/kubernetes/common/common/templates/_serviceMonitor.tpl
@@ -110,8 +110,12 @@ namespace: {{ $dot.Values.metrics.serviceMonitor.namespace }}
{{- else }}
namespace: {{ include "common.namespace" $dot }}
{{- end }}
+{{- if $dot.Values.metrics.serviceMonitor.labels }}
+labels: {{- include "common.tplValue" ( dict "value" $dot.Values.metrics.serviceMonitor.labels "context" $dot) | nindent 2 }}
+{{- else }}
labels: {{- include "common.labels" (dict "labels" $labels "dot" $dot) | nindent 2 }}
{{- end -}}
+{{- end -}}
{{/*
Create service monitor template
@@ -133,14 +137,31 @@ spec:
{{- else }}
port: metrics
{{- end }}
+ {{- if $dot.Values.metrics.serviceMonitor.isHttps }}
+ scheme: https
+ {{- if $dot.Values.metrics.serviceMonitor.tlsConfig }}
+ tlsConfig: {{- include "common.tplValue" ( dict "value" $dot.Values.metrics.serviceMonitor.tlsConfig "context" $dot) | nindent 6 }}
+ {{- else }}
+ tlsConfig:
+ insecureSkipVerify: true
+ {{- end }}
+ {{- end }}
{{- if $dot.Values.metrics.serviceMonitor.basicAuth.enabled }}
basicAuth:
username:
key: {{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretUserKey }}
+ {{- if $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretNameSuffix }}
+ name: {{ include "common.release" . }}-{{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretNameSuffix }}
+ {{- else }}
name: {{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretName }}
+ {{- end }}
password:
key: {{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretPasswordKey }}
+ {{- if $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretNameSuffix }}
+ name: {{ include "common.release" . }}-{{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretNameSuffix }}
+ {{- else }}
name: {{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretName }}
+ {{- end }}
{{- end }}
{{- if $dot.Values.metrics.serviceMonitor.interval }}
interval: {{ $dot.Values.metrics.serviceMonitor.interval }}
diff --git a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml
index 210fbd02ba..4248cfe85c 100644
--- a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml
+++ b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml
@@ -15,7 +15,7 @@
# limitations under the License.
*/}}
-{{- if .Values.backup.enabled }}
+{{- if and .Values.backup.enabled .Values.persistence.enabled }}
apiVersion: batch/v1beta1
kind: CronJob
metadata:
@@ -37,7 +37,10 @@ spec:
- name: mariadb-galera-backup-init
image: {{ include "repositoryGenerator.image.mariadb" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- {{ include "common.containerSecurityContext" . | indent 14 | trim }}
+ securityContext:
+ allowPrivilegeEscalation: false
+ privileged: false
+ readOnlyRootFilesystem: false
command:
- /bin/bash
- -c
@@ -52,7 +55,7 @@ spec:
target_dir=/backup/backup-`date +%s`
mkdir -p $target_dir
- mysqlhost={{ include "common.servicename" . }}.{{ include "common.namespace" . }}
+ mysqlhost={{ include "common.fullname" . }}-0.{{ include "common.servicename" . }}-headless.{{ include "common.namespace" . }}
mariabackup --backup --target-dir=$target_dir --user=root --password=$DB_PASS --host=$mysqlhost
@@ -78,13 +81,18 @@ spec:
volumeMounts:
- name: backup-dir
mountPath: /backup
+ - name: data
+ mountPath: /bitnami/mariadb
containers:
- name: mariadb-backup-validate
image: {{ include "repositoryGenerator.image.mariadb" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- {{ include "common.containerSecurityContext" . | indent 14 | trim }}
+ securityContext:
+ allowPrivilegeEscalation: false
+ privileged: false
+ readOnlyRootFilesystem: false
env:
- - name: MYSQL_ROOT_PASSWORD
+ - name: MARIADB_ROOT_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 18 }}
command:
- /bin/bash
@@ -105,17 +113,17 @@ spec:
fi
target_dir=$(ls -td -- /backup/backup-* | head -n 1)
- cp -Ra $target_dir/* /var/lib/mysql/
+ cp -Ra $target_dir/* /bitnami/mariadb/data
- if [ ! "$(ls -A /var/lib/mysql)" ]; then
+ if [ ! "$(ls -A /bitnami/mariadb/data)" ]; then
remove_dir $target_dir
exit 0
fi
- /docker-entrypoint.sh mysqld &
+ /opt/bitnami/scripts/mariadb/entrypoint.sh /opt/bitnami/scripts/mariadb/run.sh &
count=0
- until mysql --user=root --password=$MYSQL_ROOT_PASSWORD -e "SELECT 1";
+ until mysql --user=root --password=$MARIADB_ROOT_PASSWORD -e "SELECT 1";
do sleep 3;
count=`expr $count + 1`;
if [ $count -ge 30 ]; then
@@ -124,7 +132,7 @@ spec:
fi;
done
- mysqlcheck -A --user=root --password=$MYSQL_ROOT_PASSWORD > /tmp/output.log
+ mysqlcheck -A --user=root --password=$MARIADB_ROOT_PASSWORD > /tmp/output.log
error_lines=`cat /tmp/output.log| grep -v "OK" | wc -l`
cat /tmp/output.log
@@ -142,6 +150,10 @@ spec:
fi
resources: {{ include "common.resources" . | nindent 12 }}
volumeMounts:
+ - mountPath: /bitnami/mariadb/data
+ name: tmp-data
+ - mountPath: /opt/bitnami/mariadb/tmp
+ name: tmp
- mountPath: /etc/localtime
name: localtime
readOnly: true
@@ -153,7 +165,18 @@ spec:
- name: localtime
hostPath:
path: /etc/localtime
+ - name: data
+ persistentVolumeClaim:
+ {{- if .Values.persistence.existingClaim }}
+ claimName: {{ .Values.persistence.existingClaim }}
+ {{- else }}
+ claimName: {{ include "common.fullname" . }}-{{ include "common.fullname" . }}-0
+ {{- end }}
- name: backup-dir
persistentVolumeClaim:
claimName: {{ include "common.fullname" . }}-backup-data
+ - name: tmp-data
+ emptyDir: {}
+ - name: tmp
+ emptyDir: {}
{{- end }}
diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml
index 9f7c882134..d65c4f7943 100644
--- a/kubernetes/common/mariadb-galera/values.yaml
+++ b/kubernetes/common/mariadb-galera/values.yaml
@@ -174,6 +174,8 @@ galera:
# password:
# externalSecret:
+## The backup job will mount the mariadb data pvc in order to run mariabackup.
+## For this reason the db data pvc needs to have accessMode: ReadWriteMany.
backup:
enabled: false
cron: "00 00 * * *"
@@ -458,6 +460,7 @@ persistence:
##
annotations:
## Persistent Volume Access Mode
+ ## Use ReadWriteMany if backup is enabled, see backup section.
##
accessMode: ReadWriteOnce
## Persistent Volume size
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
index ef49f8c5d4..ef846034d0 100644
--- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
@@ -1,7 +1,7 @@
{{/*
#============LICENSE_START========================================================
# ================================================================================
-# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved.
# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved.
# Copyright (c) 2021 Nokia. All rights reserved.
# Copyright (c) 2021 Nordix Foundation.
@@ -176,7 +176,7 @@ The Deployment always includes a single Pod, with a container that uses
the DCAE microservice image.
The Deployment Pod may also include a logging sidecar container.
-The sidecar is included if .Values.logDirectory is set. The
+The sidecar is included if .Values.log.path is set. The
logging sidecar and the DCAE microservice container share a
volume where the microservice logs are written.
@@ -222,7 +222,8 @@ policies:
*/}}
{{- define "dcaegen2-services-common.microserviceDeployment" -}}
-{{- $logDir := default "" .Values.log.path -}}
+{{- $log := default dict .Values.log -}}
+{{- $logDir := default "" $log.path -}}
{{- $certDir := default "" .Values.certDirectory . -}}
{{- $tlsServer := default "" .Values.tlsServer -}}
{{- $commonRelease := print (include "common.release" .) -}}
diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml
index 2ce6c89775..d53a83daa4 100644
--- a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml
@@ -1,6 +1,7 @@
# ================================ LICENSE_START ==========================
# =========================================================================
# Copyright (c) 2021 Nordix Foundation.
+# Copyright (c) 2022 Nokia. All rights reserved.
# =========================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -51,7 +52,7 @@ certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-
# Application Configuration Defaults.
#################################################################
# Application Image
-image: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.6.1
+image: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.7.1
pullPolicy: Always
# Log directory where logging sidecar should look for log files
@@ -96,7 +97,6 @@ certificates:
readinessCheck:
wait_for:
containers:
- - dcae-config-binding-service
- aaf-cm
- dmaap-bc
- dmaap-provisioning-job
@@ -120,12 +120,6 @@ service:
plain_port: 8100
port_protocol: http
-# Environment variables
-applicationEnv:
-# Empty path forces DFC to use Consul configuration, which allows app runtime reconfiguration.
-# It's a workaround because DMAAP specific env variables are not available in main container.
- CBS_CLIENT_CONFIG_PATH: ''
-
# Data Router Publisher Credentials
drPubscriberCreds:
username: username
diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml
index 07306e1286..ec320ebef8 100644
--- a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml
@@ -79,7 +79,6 @@ tlsServer: true
# Dependencies
readinessCheck:
wait_for:
- - dcae-config-binding-service
- aaf-cm
- &postgresName dcae-datalake-postgres
diff --git a/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml b/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml
index 4ed0a83677..c325569de5 100644
--- a/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml
@@ -79,7 +79,6 @@ tlsServer: true
# Dependencies
readinessCheck:
wait_for:
- - dcae-config-binding-service
- aaf-cm
- &postgresName dcae-heartbeat-postgres
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
index 65a5d04d80..a8a30f4d12 100644
--- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
@@ -93,7 +93,6 @@ certificates:
# dependencies
readinessCheck:
wait_for:
- - dcae-config-binding-service
- aaf-cm
# probe configuration
diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml
index 037dd0aec0..8425024ba6 100644
--- a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml
@@ -78,7 +78,6 @@ policies:
# Dependencies
readinessCheck:
wait_for:
- - dcae-config-binding-service
- aaf-cm
# Probe Configuration
diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml
index 39c4a8ed50..0d28683feb 100644
--- a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml
@@ -1,6 +1,7 @@
# ================================ LICENSE_START ==========================
# =========================================================================
# Copyright (C) 2021 Nordix Foundation.
+# Copyright (c) 2022 Nokia. All rights reserved.
# =========================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -55,7 +56,7 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.
# Application Configuration Defaults.
#################################################################
# Application Image
-image: onap/org.onap.dcaegen2.services.pm-mapper:1.7.2
+image: onap/org.onap.dcaegen2.services.pm-mapper:1.8.0
pullPolicy: Always
# Log directory where logging sidecar should look for log files
@@ -78,7 +79,6 @@ tlsServer: true
readinessCheck:
wait_for:
containers:
- - dcae-config-binding-service
- aaf-cm
- dmaap-bc
- dmaap-provisioning-job
@@ -131,14 +131,14 @@ credentials:
# Initial Application Configuration
applicationConfig:
enable_tls: true
- enable_http: false
- aaf_identity: ${AAF_IDENTITY}
- aaf_password: ${AAF_PASSWORD}
+ enable_http: true
+ aaf_identity: ""
+ aaf_password: ""
pm-mapper-filter: "{ \"filters\":[] }"
- key_store_path: /opt/app/pm-mapper/etc/cert/cert.jks
- key_store_pass_path: /opt/app/pm-mapper/etc/cert/jks.pass
- trust_store_path: /opt/app/pm-mapper/etc/cert/trust.jks
- trust_store_pass_path: /opt/app/pm-mapper/etc/cert/trust.pass
+ key_store_path: ""
+ key_store_pass_path: ""
+ trust_store_path: ""
+ trust_store_pass_path: ""
dmaap_dr_delete_endpoint: https://dmaap-dr-node:8443/delete
streams_publishes:
dmaap_publisher:
@@ -147,7 +147,7 @@ applicationConfig:
client_id: ${MR_FILES_PUBLISHER_CLIENT_ID_0}
location: san-francisco
client_role: org.onap.dcae.pmPublisher
- topic_url: http://message-router:3904/events/org.onap.dmaap.mr.PERFORMANCE_MEASUREMENTS
+ topic_url: http://message-router:3904/events/unauthenticated.PERFORMANCE_MEASUREMENTS
streams_subscribes:
dmaap_subscriber:
type: data_router
diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml
index 4bdd2b8088..80014e7528 100644
--- a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml
@@ -57,7 +57,7 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.
# Application Configuration Defaults.
#################################################################
# Application Image
-image: onap/org.onap.dcaegen2.services.pmsh:1.3.2
+image: onap/org.onap.dcaegen2.services.pmsh:2.0.0
pullPolicy: Always
# Log directory where logging sidecar should look for log files
@@ -79,7 +79,6 @@ tlsServer: true
# Dependencies
readinessCheck:
wait_for:
- - dcae-config-binding-service
- aaf-cm
- &postgresName dcae-pmsh-postgres
diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml
index a4ed6994f7..7886ed75a8 100644
--- a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml
@@ -1,6 +1,7 @@
#============LICENSE_START========================================================
# ================================================================================
# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# Copyright (c) 2022 Nokia. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -40,7 +41,7 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.
# Application configuration defaults.
#################################################################
# application image
-image: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.7.1
+image: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.8.0
pullPolicy: Always
# log directory where logging sidecar should look for log files
@@ -69,7 +70,6 @@ secrets:
# dependencies
readinessCheck:
wait_for:
- - dcae-config-binding-service
- aaf-cm
# probe configuration
diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml
index 543b79b9c0..4c736c49f0 100644
--- a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml
@@ -51,7 +51,7 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.
# Application Configuration Defaults.
#################################################################
# Application Image
-image: onap/org.onap.dcaegen2.collectors.restconfcollector:1.2.7
+image: onap/org.onap.dcaegen2.collectors.restconfcollector:1.3.2
pullPolicy: Always
# Log directory where logging sidecar should look for log files
@@ -73,7 +73,6 @@ tlsServer: true
# Dependencies
readinessCheck:
wait_for:
- - dcae-config-binding-service
- aaf-cm
# Probe Configuration
diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml
index 6cebca6412..849738e8e2 100644
--- a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml
@@ -1,6 +1,6 @@
# ============= LICENSE_START ================================================
# ============================================================================
-# Copyright (C) 2021 Wipro Limited.
+# Copyright (C) 2021-2022 Wipro Limited.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -57,7 +57,7 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.
# Application Configuration Defaults.
#################################################################
# Application Image
-image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.0.6
+image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.0.7
# Log directory where logging sidecar should look for log files
# if path is set to null sidecar won't be deployed in spite of
@@ -78,7 +78,6 @@ tlsServer: true
# Dependencies
readinessCheck:
wait_for:
- - dcae-config-binding-service
- aaf-cm
- &postgresName dcae-sliceanalysisms-postgres
@@ -121,8 +120,6 @@ credentials:
# Initial Application Configuration
applicationConfig:
- aafUsername: ${AAF_IDENTITY}
- aafPassword: ${AAF_PASSWORD}
postgres.host: dcae-sliceanalysisms-pg-primary
postgres.port: 5432
postgres.username: ${PG_USERNAME}
@@ -144,32 +141,35 @@ applicationConfig:
sliceanalysisms.samples: 3
sliceanalysisms.minPercentageChange: 5
sliceanalysisms.initialDelaySeconds: 120000
+ sliceanalysisms.rannfnssiDetailsTemplateId: get-rannfnssiid-details
+ sliceanalysisms.desUrl: http://dl-des:1681/datalake/v1/exposure/pm_data
+ sliceanalysisms.pmDataDurationInWeeks: 4
streams_publishes:
CL_topic:
type: message-router
aaf_username: ${AAF_IDENTITY}
aaf_password: ${AAF_PASSWORD}
dmaap_info:
- topic_url: https://message-router.onap.svc.cluster.local:3905/events/unauthenticated.DCAE_CL_OUTPUT
+ topic_url: http://message-router:3904/events/unauthenticated.DCAE_CL_OUTPUT
streams_subscribes:
performance_management_topic:
type: message-router
aaf_username: ${AAF_IDENTITY}
aaf_password: ${AAF_PASSWORD}
dmaap_info:
- topic_url: https://message-router.onap.svc.cluster.local:3905/events/org.onap.dmaap.mr.PERFORMANCE_MEASUREMENTS
+ topic_url: http://message-router:3904/events/unauthenticated.PERFORMANCE_MEASUREMENTS
intelligent_slicing_topic:
type: message-router
aaf_username: ${AAF_IDENTITY}
aaf_password: ${AAF_PASSWORD}
dmaap_info:
- topic_url: https://message-router.onap.svc.cluster.local:3905/events/unauthenticated.ML_RESPONSE_TOPIC
+ topic_url: http://message-router:3904/events/unauthenticated.ML_RESPONSE_TOPIC
dcae_cl_response_topic:
type: message-router
aaf_username: ${AAF_IDENTITY}
aaf_password: ${AAF_PASSWORD}
dmaap_info:
- topic_url: https://message-router.onap.svc.cluster.local:3905/events/DCAE_CL_RSP
+ topic_url: http://message-router:3904/events/DCAE_CL_RSP
applicationEnv:
STANDALONE: 'false'
diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml
index 51ec337724..25f0c3b730 100644
--- a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml
@@ -57,10 +57,11 @@ logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# and key from AAF and mount them in certDirectory.
tlsServer: true
+
# Dependencies
readinessCheck:
wait_for:
- - dcae-config-binding-service
+ - message-router
# Probe Configuration
readiness:
diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
index 9aa5d707ba..8d45290fb2 100644
--- a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
@@ -91,7 +91,6 @@ policies:
# Dependencies
readinessCheck:
wait_for:
- - dcae-config-binding-service
- aaf-cm
- &postgresName dcae-sonhms-postgres
diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
index a65fa7c347..cb03d89d25 100644
--- a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
@@ -71,7 +71,6 @@ secrets:
# dependencies
readinessCheck:
wait_for:
- - dcae-config-binding-service
- aaf-cm
# probe configuration
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
index 508cea4766..13b71ec44d 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
@@ -1,7 +1,7 @@
#============LICENSE_START========================================================
# ================================================================================
# Copyright (c) 2021 J. F. Lucas. All rights reserved.
-# Copyright (c) 2021 Nokia. All rights reserved.
+# Copyright (c) 2021-2022 Nokia. All rights reserved.
# Copyright (c) 2022 AT&T Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -43,7 +43,7 @@ certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-
# Application configuration defaults.
#################################################################
# application image
-image: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.10.3
+image: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.11.0
pullPolicy: Always
# log directory where logging sidecar should look for log files
@@ -87,7 +87,6 @@ certificates:
# dependencies
readinessCheck:
wait_for:
- - dcae-config-binding-service
- aaf-cm
# probe configuration
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml
index d11f167acf..c9ee185984 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml
@@ -40,7 +40,7 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.
# Application Configuration Defaults.
#################################################################
# Application Image
-image: onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor:1.3.2
+image: onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor:1.3.3
pullPolicy: Always
# Log directory where logging sidecar should look for log files
@@ -62,7 +62,6 @@ logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# Dependencies
readinessCheck:
wait_for:
- - dcae-config-binding-service
- aaf-cm
# Service Configuration
@@ -77,6 +76,9 @@ service:
# application environments
applicationEnv:
LOG4J_FORMAT_MSG_NO_LOOKUPS: 'true'
+ CONFIG_BINDING_SERVICE_SERVICE_PORT: '10000' # Workaround until DCAEGEN2-3098 is addressed
+ CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml'
+
# Initial Application Configuration
applicationConfig:
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
index b1671f00f5..417d968ac9 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
@@ -98,8 +98,8 @@ default_k8s_location: central
# Use to override default setting in blueprints
componentImages:
tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.3.1
- ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.10.1
- prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.7.1
+ ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.11.0
+ prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.8.0
hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.10.0
# Resource Limit flavor -By Default using small
diff --git a/kubernetes/dcaegen2/values.yaml b/kubernetes/dcaegen2/values.yaml
index 2c276a7827..d4452480a0 100644
--- a/kubernetes/dcaegen2/values.yaml
+++ b/kubernetes/dcaegen2/values.yaml
@@ -48,7 +48,7 @@ dcae-cloudify-manager:
config:
cloudifyManagerPasswordExternalSecret: *cmPassSecretName
dcae-config-binding-service:
- enabled: true
+ enabled: false
dcae-dashboard:
enabled: false
config:
@@ -58,7 +58,7 @@ dcae-deployment-handler:
config:
cloudifyManagerPasswordExternalSecret: *cmPassSecretName
dcae-healthcheck:
- enabled: true
+ enabled: false
dcae-inventory-api:
enabled: false
dcae-policy-handler:
diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml
index dee6adddc2..555e63767e 100644
--- a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml
@@ -1,6 +1,6 @@
#============LICENSE_START========================================================
#=================================================================================
-# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2021-2022 AT&T Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -16,7 +16,7 @@
# ============LICENSE_END=========================================================
apiVersion: v2
-appVersion: "Istanbul"
+appVersion: "Jakarta"
description: TBD
name: TBD
version: TBD
@@ -41,3 +41,7 @@ dependencies:
- name: serviceAccount
version: ~10.x-0
repository: '@local'
+ - name: mongo
+ version: ~10.x-0
+ repository: '@local'
+ condition: mongo.enabled
diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml
index 139e3d308f..7609ba6568 100644
--- a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml
@@ -1,6 +1,6 @@
#============LICENSE_START========================================================
#=================================================================================
-# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2021-2022 AT&T Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -48,10 +48,32 @@ dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-syn
postgres:
enabled: false
+#mongo enable/disable
+mongo:
+ enabled: false
+ nameOverride: dcae-mongo
+ config:
+ dbName: dcaecommondb
+ service:
+ name: dcae-mongohost
+ internalPort: 27017
+ nfsprovisionerPrefix: dcaemongo
+ sdnctlPrefix: tcagen2
+ persistence:
+ mountSubPath: dcae/mongo/data
+ enabled: true
+ disableNfsProvisioner: true
+
# log directory where logging sidecar should look for log files
# if absent, no sidecar will be deployed
#logDirectory: TBD #/opt/app/VESCollector/logs #DONE
+# Following requires manual override until fix for DCAEGEN2-3087
+# is available to switch logDirectory setting to log.path
+log:
+ path: /opt/app/
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
+
# directory where TLS certs should be stored
# if absent, no certs will be retrieved and stored
#certDirectory: TBD #/opt/app/dcae-certificate #DONE
@@ -64,7 +86,6 @@ postgres:
# dependencies
readinessCheck:
wait_for:
- - dcae-config-binding-service
- aaf-cm
# probe configuration #NEED DISCUSSION
diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
index e7d3fa2fa2..5c50381309 100644
--- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
@@ -93,7 +93,7 @@ readiness:
# application image
-image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.3.1
+image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.3.2
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml
index 6ad3e454d7..d1d2c54833 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml
@@ -44,7 +44,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/dmaap/datarouter-node:2.1.9
+image: onap/dmaap/datarouter-node:2.1.10
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
index 9e6effac8b..12eb1fb041 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
@@ -42,7 +42,7 @@ secrets:
# Application configuration defaults.
#################################################################
# application image
-image: onap/dmaap/datarouter-prov:2.1.9
+image: onap/dmaap/datarouter-prov:2.1.10
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/onap/resources/overrides/onap-all.yaml b/kubernetes/onap/resources/overrides/onap-all.yaml
index f92bfa78bc..9306985d33 100644
--- a/kubernetes/onap/resources/overrides/onap-all.yaml
+++ b/kubernetes/onap/resources/overrides/onap-all.yaml
@@ -87,7 +87,7 @@ uui:
vfc:
enabled: true
vid:
- enabled: true
+ enabled: false
vnfsdk:
enabled: true
modeling:
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 73f96d3eb8..f5b5c8ed7d 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -135,7 +135,7 @@ global:
# default password complexity
# available options: phrase, name, pin, basic, short, medium, long, maximum security
- # More datails: https://masterpassword.app/masterpassword-algorithm.pdf
+ # More datails: https://www.masterpasswordapp.com/masterpassword-algorithm.pdf
passwordStrength: long
# configuration to set log level to all components (the one that are using
diff --git a/kubernetes/oof/components/oof-has/values.yaml b/kubernetes/oof/components/oof-has/values.yaml
index 248d3afd57..bc129beb3e 100755
--- a/kubernetes/oof/components/oof-has/values.yaml
+++ b/kubernetes/oof/components/oof-has/values.yaml
@@ -155,3 +155,6 @@ etcd-init:
keyPrefix: conductor
flavor: *etcd-flavor
resources: *etcd-resources
+
+# Python doesn't support well dollar sign in password
+passwordStrengthOverride: basic \ No newline at end of file
diff --git a/kubernetes/policy/components/policy-apex-pdp/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-apex-pdp/templates/serviceMonitor.yaml
new file mode 100644
index 0000000000..dbf6a7cd6a
--- /dev/null
+++ b/kubernetes/policy/components/policy-apex-pdp/templates/serviceMonitor.yaml
@@ -0,0 +1,23 @@
+{{/*
+# ============LICENSE_START=======================================================
+# Copyright (c) 2022 Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+
+# http://www.apache.org/licenses/LICENSE-2.0
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+*/}}
+
+{{- if .Values.prometheus.enabled }}
+{{ include "common.serviceMonitor" . }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml
index 48e6802219..7bb430ad29 100755
--- a/kubernetes/policy/components/policy-apex-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml
@@ -139,3 +139,27 @@ serviceAccount:
nameOverride: policy-apex-pdp
roles:
- read
+
+prometheus:
+ enabled: true
+
+metrics:
+ serviceMonitor:
+ # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
+ # The default operator for prometheus enforces the below label.
+ labels:
+ release: prometheus
+ enabled: true
+ port: policy-apex-pdp
+ interval: 60s
+ isHttps: true
+ basicAuth:
+ enabled: true
+ externalSecretNameSuffix: policy-apex-pdp-restserver-creds
+ externalSecretUserKey: login
+ externalSecretPasswordKey: password
+ selector:
+ app: '{{ include "common.name" . }}'
+ chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
+ release: '{{ include "common.release" . }}'
+ heritage: '{{ .Release.Service }}'
diff --git a/kubernetes/policy/components/policy-api/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-api/templates/serviceMonitor.yaml
new file mode 100644
index 0000000000..dbf6a7cd6a
--- /dev/null
+++ b/kubernetes/policy/components/policy-api/templates/serviceMonitor.yaml
@@ -0,0 +1,23 @@
+{{/*
+# ============LICENSE_START=======================================================
+# Copyright (c) 2022 Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+
+# http://www.apache.org/licenses/LICENSE-2.0
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+*/}}
+
+{{- if .Values.prometheus.enabled }}
+{{ include "common.serviceMonitor" . }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml
index e037c64e15..4dfdcae152 100755
--- a/kubernetes/policy/components/policy-api/values.yaml
+++ b/kubernetes/policy/components/policy-api/values.yaml
@@ -149,3 +149,27 @@ serviceAccount:
nameOverride: policy-api
roles:
- read
+
+prometheus:
+ enabled: true
+
+metrics:
+ serviceMonitor:
+ # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
+ # The default operator for prometheus enforces the below label.
+ labels:
+ release: prometheus
+ enabled: true
+ port: policy-api
+ interval: 60s
+ isHttps: true
+ basicAuth:
+ enabled: true
+ externalSecretNameSuffix: policy-api-user-creds
+ externalSecretUserKey: login
+ externalSecretPasswordKey: password
+ selector:
+ app: '{{ include "common.name" . }}'
+ chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
+ release: '{{ include "common.release" . }}'
+ heritage: '{{ .Release.Service }}'
diff --git a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml
index 184adb6f0a..7227ee8ded 100644
--- a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml
+++ b/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml
@@ -63,7 +63,7 @@ server:
logging:
# Configuration of logging
level:
- ROOT: ERROR
+ ROOT: INFO
org.springframework: ERROR
org.springframework.data: ERROR
org.springframework.web.reactive.function.client.ExchangeFunctions: ERROR
@@ -74,4 +74,12 @@ logging:
chart:
api:
- enabled: false \ No newline at end of file
+ enabled: false
+
+# Sample Permitted list of helm repositories. Before deployment update the repositories where the helm charts are located.
+# The Kubernetes participant accept only HTTPS Address
+helm:
+ repos:
+ -
+ repoName: bitnami
+ address: https://charts.bitnami.com/bitnami \ No newline at end of file
diff --git a/kubernetes/policy/components/policy-distribution/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-distribution/templates/serviceMonitor.yaml
new file mode 100644
index 0000000000..dbf6a7cd6a
--- /dev/null
+++ b/kubernetes/policy/components/policy-distribution/templates/serviceMonitor.yaml
@@ -0,0 +1,23 @@
+{{/*
+# ============LICENSE_START=======================================================
+# Copyright (c) 2022 Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+
+# http://www.apache.org/licenses/LICENSE-2.0
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+*/}}
+
+{{- if .Values.prometheus.enabled }}
+{{ include "common.serviceMonitor" . }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml
index 42caed4163..e8f8ad6099 100755
--- a/kubernetes/policy/components/policy-distribution/values.yaml
+++ b/kubernetes/policy/components/policy-distribution/values.yaml
@@ -161,3 +161,27 @@ serviceAccount:
nameOverride: policy-distribution
roles:
- read
+
+prometheus:
+ enabled: true
+
+metrics:
+ serviceMonitor:
+ # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
+ # The default operator for prometheus enforces the below label.
+ labels:
+ release: prometheus
+ enabled: true
+ port: policy-distribution
+ interval: 60s
+ isHttps: true
+ basicAuth:
+ enabled: true
+ externalSecretNameSuffix: policy-distribution-restserver-creds
+ externalSecretUserKey: login
+ externalSecretPasswordKey: password
+ selector:
+ app: '{{ include "common.name" . }}'
+ chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
+ release: '{{ include "common.release" . }}'
+ heritage: '{{ .Release.Service }}'
diff --git a/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml
new file mode 100644
index 0000000000..dbf6a7cd6a
--- /dev/null
+++ b/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml
@@ -0,0 +1,23 @@
+{{/*
+# ============LICENSE_START=======================================================
+# Copyright (c) 2022 Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+
+# http://www.apache.org/licenses/LICENSE-2.0
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+*/}}
+
+{{- if .Values.prometheus.enabled }}
+{{ include "common.serviceMonitor" . }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml
index a31de712ef..3ef235631a 100755
--- a/kubernetes/policy/components/policy-pap/values.yaml
+++ b/kubernetes/policy/components/policy-pap/values.yaml
@@ -175,3 +175,22 @@ serviceAccount:
nameOverride: policy-pap
roles:
- read
+
+prometheus:
+ enabled: true
+
+metrics:
+ serviceMonitor:
+ # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
+ # The default operator for prometheus enforces the below label.
+ labels:
+ release: prometheus
+ enabled: true
+ port: http-api
+ interval: 60s
+ isHttps: true
+ basicAuth:
+ enabled: true
+ externalSecretNameSuffix: policy-pap-user-creds
+ externalSecretUserKey: login
+ externalSecretPasswordKey: password
diff --git a/kubernetes/policy/components/policy-xacml-pdp/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-xacml-pdp/templates/serviceMonitor.yaml
new file mode 100644
index 0000000000..dbf6a7cd6a
--- /dev/null
+++ b/kubernetes/policy/components/policy-xacml-pdp/templates/serviceMonitor.yaml
@@ -0,0 +1,23 @@
+{{/*
+# ============LICENSE_START=======================================================
+# Copyright (c) 2022 Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+
+# http://www.apache.org/licenses/LICENSE-2.0
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+*/}}
+
+{{- if .Values.prometheus.enabled }}
+{{ include "common.serviceMonitor" . }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml
index 718c222307..e0d8b798a4 100755
--- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml
@@ -158,3 +158,27 @@ serviceAccount:
nameOverride: policy-xacml-pdp
roles:
- read
+
+prometheus:
+ enabled: true
+
+metrics:
+ serviceMonitor:
+ # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
+ # The default operator for prometheus enforces the below label.
+ labels:
+ release: prometheus
+ enabled: true
+ port: policy-xacml-pdp
+ interval: 60s
+ isHttps: true
+ basicAuth:
+ enabled: true
+ externalSecretNameSuffix: policy-xacml-pdp-restserver-creds
+ externalSecretUserKey: login
+ externalSecretPasswordKey: password
+ selector:
+ app: '{{ include "common.name" . }}'
+ chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
+ release: '{{ include "common.release" . }}'
+ heritage: '{{ .Release.Service }}'