summaryrefslogtreecommitdiffstats
path: root/kubernetes
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes')
-rw-r--r--kubernetes/a1policymanagement/resources/config/application.yaml1
-rw-r--r--kubernetes/a1policymanagement/resources/config/application_configuration.json2
-rw-r--r--kubernetes/a1policymanagement/templates/statefulset.yaml2
-rw-r--r--kubernetes/a1policymanagement/values.yaml1
-rw-r--r--kubernetes/aaf/components/aaf-cm/values.yaml2
-rw-r--r--kubernetes/aaf/components/aaf-fs/values.yaml2
-rw-r--r--kubernetes/aaf/components/aaf-gui/values.yaml2
-rw-r--r--kubernetes/aaf/components/aaf-locate/values.yaml2
-rw-r--r--kubernetes/aaf/components/aaf-oauth/values.yaml2
-rw-r--r--kubernetes/aaf/components/aaf-service/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-babel/values.yaml4
-rw-r--r--kubernetes/aai/components/aai-graphadmin/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties6
-rw-r--r--kubernetes/aai/components/aai-modelloader/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-resources/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-schema-service/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-sparky-be/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-traversal/values.yaml2
-rw-r--r--kubernetes/aai/values.yaml3
-rw-r--r--kubernetes/appc/values.yaml3
-rwxr-xr-xkubernetes/cds/components/cds-blueprints-processor/values.yaml2
-rw-r--r--kubernetes/cds/components/cds-ui/values.yaml2
-rw-r--r--kubernetes/cli/values.yaml4
-rw-r--r--kubernetes/consul/values.yaml2
-rw-r--r--kubernetes/cps/components/cps-core/values.yaml2
-rw-r--r--kubernetes/cps/components/cps-temporal/values.yaml2
-rw-r--r--kubernetes/cps/components/ncmp-dmi-plugin/values.yaml2
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/ingress.yaml17
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml10
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/ingress.yaml17
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml9
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/ingress.yaml17
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml10
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml18
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/ingress.yaml17
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml10
-rw-r--r--kubernetes/dcaemod/components/dcaemod-designtool/values.yaml4
-rw-r--r--kubernetes/dcaemod/components/dcaemod-distributor-api/values.yaml2
-rw-r--r--kubernetes/dcaemod/components/dcaemod-genprocessor/values.yaml2
-rw-r--r--kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml2
-rw-r--r--kubernetes/dmaap/components/dmaap-bc/values.yaml3
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-node/values.yaml3
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-prov/values.yaml3
-rw-r--r--kubernetes/dmaap/components/message-router/values.yaml3
-rw-r--r--kubernetes/log/components/log-elasticsearch/values.yaml2
-rw-r--r--kubernetes/log/components/log-kibana/values.yaml2
-rw-r--r--kubernetes/log/components/log-logstash/values.yaml4
-rw-r--r--kubernetes/msb/components/msb-consul/values.yaml2
-rw-r--r--kubernetes/msb/components/msb-discovery/values.yaml2
-rw-r--r--kubernetes/msb/components/msb-eag/values.yaml3
-rw-r--r--kubernetes/msb/components/msb-iag/values.yaml3
-rw-r--r--kubernetes/nbi/templates/deployment.yaml40
-rw-r--r--kubernetes/nbi/templates/service.yaml26
-rw-r--r--kubernetes/nbi/values.yaml13
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml12
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml4
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-api/values.yaml4
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml8
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml8
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml6
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml6
-rwxr-xr-xkubernetes/oof/components/oof-has/resources/config/conductor.conf25
-rw-r--r--kubernetes/oof/components/oof-has/resources/config/nginx.conf5
-rwxr-xr-xkubernetes/oof/components/oof-has/values.yaml2
-rw-r--r--kubernetes/oof/resources/config/conf/common_config.yaml2
-rwxr-xr-xkubernetes/oof/resources/config/conf/osdf_config.yaml13
-rw-r--r--kubernetes/oof/templates/deployment.yaml8
-rw-r--r--kubernetes/oof/templates/service.yaml4
-rw-r--r--kubernetes/oof/values.yaml26
-rwxr-xr-xkubernetes/policy/components/policy-apex-pdp/values.yaml2
-rwxr-xr-xkubernetes/policy/components/policy-api/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml5
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml5
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml5
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-be/values.yaml172
-rw-r--r--kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml2
-rwxr-xr-xkubernetes/policy/components/policy-distribution/values.yaml2
-rwxr-xr-xkubernetes/policy/components/policy-drools-pdp/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-gui/values.yaml4
-rwxr-xr-xkubernetes/policy/components/policy-pap/values.yaml2
-rwxr-xr-xkubernetes/policy/components/policy-xacml-pdp/values.yaml2
-rwxr-xr-xkubernetes/policy/values.yaml2
-rw-r--r--kubernetes/portal/components/portal-app/values.yaml3
-rw-r--r--kubernetes/portal/components/portal-sdk/values.yaml2
-rw-r--r--kubernetes/robot/resources/config/eteshare/config/robot_properties.py36
-rw-r--r--kubernetes/robot/values.yaml2
-rw-r--r--kubernetes/sdc/components/sdc-be/values.yaml3
-rw-r--r--kubernetes/sdc/components/sdc-fe/values.yaml3
-rw-r--r--kubernetes/sdc/components/sdc-wfd-be/values.yaml3
-rw-r--r--kubernetes/sdc/components/sdc-wfd-fe/values.yaml3
-rw-r--r--kubernetes/sdnc/templates/service.yaml5
-rw-r--r--kubernetes/sdnc/values.yaml8
-rw-r--r--kubernetes/so/components/so-admin-cockpit/resources/config/overrides/override.yaml3
-rw-r--r--kubernetes/so/components/so-admin-cockpit/values.yaml2
-rw-r--r--kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml3
-rwxr-xr-xkubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml5
-rwxr-xr-xkubernetes/so/components/so-catalog-db-adapter/resources/config/overrides/override.yaml3
-rwxr-xr-xkubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml5
-rw-r--r--kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml5
-rw-r--r--kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml2
-rwxr-xr-xkubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml5
-rwxr-xr-xkubernetes/so/components/so-etsi-sol003-adapter/values.yaml2
-rwxr-xr-xkubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml3
-rwxr-xr-xkubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml5
-rwxr-xr-xkubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml3
-rwxr-xr-xkubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml10
-rwxr-xr-xkubernetes/so/components/so-request-db-adapter/resources/config/overrides/override.yaml3
-rwxr-xr-xkubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml5
-rwxr-xr-xkubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml3
-rwxr-xr-xkubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml5
-rwxr-xr-xkubernetes/so/resources/config/overrides/override.yaml4
-rwxr-xr-xkubernetes/so/values.yaml2
-rw-r--r--kubernetes/uui/components/uui-server/values.yaml2
-rw-r--r--kubernetes/uui/values.yaml2
-rw-r--r--kubernetes/vid/values.yaml3
-rw-r--r--kubernetes/vnfsdk/values.yaml2
119 files changed, 431 insertions, 376 deletions
diff --git a/kubernetes/a1policymanagement/resources/config/application.yaml b/kubernetes/a1policymanagement/resources/config/application.yaml
index 37754ca00c..05fddb2628 100644
--- a/kubernetes/a1policymanagement/resources/config/application.yaml
+++ b/kubernetes/a1policymanagement/resources/config/application.yaml
@@ -52,6 +52,7 @@ server:
port: 8433
http-port: 8081
ssl:
+ enabled: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
key-store-type: PKCS12
key-store-password: ${KEYSTORE_PASSWORD}
key-store: {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
diff --git a/kubernetes/a1policymanagement/resources/config/application_configuration.json b/kubernetes/a1policymanagement/resources/config/application_configuration.json
index 6b8ebfb35e..757ee04f35 100644
--- a/kubernetes/a1policymanagement/resources/config/application_configuration.json
+++ b/kubernetes/a1policymanagement/resources/config/application_configuration.json
@@ -3,7 +3,7 @@
"controller": [
{
"name": "controller1",
- "baseUrl": "{{ .Values.sdncLink }}",
+ "baseUrl": "{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.sdncLink .Values.sdncLinkHttp }}",
"userName": "${A1CONTROLLER_USER}",
"password": "${A1CONTROLLER_PASSWORD}"
}
diff --git a/kubernetes/a1policymanagement/templates/statefulset.yaml b/kubernetes/a1policymanagement/templates/statefulset.yaml
index 0114b30158..89d131e26c 100644
--- a/kubernetes/a1policymanagement/templates/statefulset.yaml
+++ b/kubernetes/a1policymanagement/templates/statefulset.yaml
@@ -39,8 +39,10 @@ spec:
args:
- -c
- |
+ {{- if (include "common.needTLS" .) }}
export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop\
| xargs -0)
+ {{- end }}
cd /config-input
for PFILE in `ls -1`
do
diff --git a/kubernetes/a1policymanagement/values.yaml b/kubernetes/a1policymanagement/values.yaml
index 17fa320472..71d8852b53 100644
--- a/kubernetes/a1policymanagement/values.yaml
+++ b/kubernetes/a1policymanagement/values.yaml
@@ -86,6 +86,7 @@ a1controller:
password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
sdncLink: https://sdnc.onap:8443
+sdncLinkHttp: http://sdnc.onap:8282
# The information about A1-Mediator/RICs can be added here.
# The A1 policy management service supports both STD & OSC versions.
# Alternatively, the A1 simulator from ORAN-SC can also be used. It provides STD & OSC versions for A1 termination.
diff --git a/kubernetes/aaf/components/aaf-cm/values.yaml b/kubernetes/aaf/components/aaf-cm/values.yaml
index 964b5c1002..a8159dc2cd 100644
--- a/kubernetes/aaf/components/aaf-cm/values.yaml
+++ b/kubernetes/aaf/components/aaf-cm/values.yaml
@@ -69,7 +69,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "aafcm"
+ - baseaddr: "aaf-cm-api"
name: "aaf-cm"
port: 8150
config:
diff --git a/kubernetes/aaf/components/aaf-fs/values.yaml b/kubernetes/aaf/components/aaf-fs/values.yaml
index e911a10828..a0e9fe9bae 100644
--- a/kubernetes/aaf/components/aaf-fs/values.yaml
+++ b/kubernetes/aaf/components/aaf-fs/values.yaml
@@ -70,7 +70,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "aaffs"
+ - baseaddr: "aaf-fs-api"
name: "aaf-fs"
port: 8096
config:
diff --git a/kubernetes/aaf/components/aaf-gui/values.yaml b/kubernetes/aaf/components/aaf-gui/values.yaml
index e239e615ed..fd416b64dc 100644
--- a/kubernetes/aaf/components/aaf-gui/values.yaml
+++ b/kubernetes/aaf/components/aaf-gui/values.yaml
@@ -70,7 +70,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "aafgui"
+ - baseaddr: "aaf-ui"
name: "aaf-gui"
port: 8200
config:
diff --git a/kubernetes/aaf/components/aaf-locate/values.yaml b/kubernetes/aaf/components/aaf-locate/values.yaml
index 0a3e4d432b..86a93214e7 100644
--- a/kubernetes/aaf/components/aaf-locate/values.yaml
+++ b/kubernetes/aaf/components/aaf-locate/values.yaml
@@ -67,7 +67,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "aaflocate"
+ - baseaddr: "aaf-locate-api"
name: "aaf-locate"
port: 8095
config:
diff --git a/kubernetes/aaf/components/aaf-oauth/values.yaml b/kubernetes/aaf/components/aaf-oauth/values.yaml
index 2e9b6d42fa..a103fb2e22 100644
--- a/kubernetes/aaf/components/aaf-oauth/values.yaml
+++ b/kubernetes/aaf/components/aaf-oauth/values.yaml
@@ -70,7 +70,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "aafoauth"
+ - baseaddr: "aaf-oauth-api"
name: "aaf-oauth"
port: 8140
config:
diff --git a/kubernetes/aaf/components/aaf-service/values.yaml b/kubernetes/aaf/components/aaf-service/values.yaml
index 8d8da0db4a..a6f3c5dc4e 100644
--- a/kubernetes/aaf/components/aaf-service/values.yaml
+++ b/kubernetes/aaf/components/aaf-service/values.yaml
@@ -69,7 +69,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "aafservice"
+ - baseaddr: "aaf-service-api"
name: "aaf-service"
port: 8100
config:
diff --git a/kubernetes/aai/components/aai-babel/values.yaml b/kubernetes/aai/components/aai-babel/values.yaml
index 29a5104c9b..3cfc8189df 100644
--- a/kubernetes/aai/components/aai-babel/values.yaml
+++ b/kubernetes/aai/components/aai-babel/values.yaml
@@ -59,7 +59,7 @@ certInitializer:
#################################################################
# application image
-image: onap/babel:1.9.6
+image: onap/babel:1.11.0
flavor: small
flavorOverride: small
@@ -93,7 +93,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "aaibabel"
+ - baseaddr: "aai-babel-api"
name: "aai-babel"
port: 9516
config:
diff --git a/kubernetes/aai/components/aai-graphadmin/values.yaml b/kubernetes/aai/components/aai-graphadmin/values.yaml
index 23091c11b8..170223ccbb 100644
--- a/kubernetes/aai/components/aai-graphadmin/values.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/values.yaml
@@ -144,7 +144,7 @@ certInitializer:
chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }}
# application image
-image: onap/aai-graphadmin:1.9.5
+image: onap/aai-graphadmin:1.11.0
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties b/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties
index 89a118b25d..681da5d069 100644
--- a/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties
+++ b/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties
@@ -44,8 +44,10 @@ ml.distribution.MSG_BUS_ADDRESSES=message-router.{{.Release.Namespace}}
ml.aai.BASE_URL=https://aai.{{.Release.Namespace}}:8443
ml.aai.KEYSTORE_FILE=aai-os-cert.p12
ml.aai.KEYSTORE_PASSWORD=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
+ml.aai.USE_HTTPS= true
{{ else }}
-ml.aai.BASE_URL=http://aai.{{.Release.Namespace}}:8080
+ml.aai.BASE_URL=http://aai.{{.Release.Namespace}}:80
+ml.aai.USE_HTTPS= false
{{ end }}
ml.aai.MODEL_URL=/aai/v*/service-design-and-creation/models/model/
ml.aai.NAMED_QUERY_URL=/aai/v*/service-design-and-creation/named-queries/named-query/
@@ -62,9 +64,11 @@ ml.babel.KEYSTORE_FILE=aaf/local/{{ .Values.certInitializer.fqi_namespace }}.p12
ml.babel.KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}
ml.babel.TRUSTSTORE_FILE=aaf/local/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
ml.babel.TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}
+ml.babel.USE_HTTPS= true
{{ else }}
ml.babel.KEYSTORE_FILE=
ml.babel.KEYSTORE_PASSWORD=
ml.babel.TRUSTSTORE_FILE=
ml.babel.TRUSTSTORE_PASSWORD=
+ml.babel.USE_HTTPS= false
{{ end }}
diff --git a/kubernetes/aai/components/aai-modelloader/values.yaml b/kubernetes/aai/components/aai-modelloader/values.yaml
index 3b7d79e4a3..7857f6bc92 100644
--- a/kubernetes/aai/components/aai-modelloader/values.yaml
+++ b/kubernetes/aai/components/aai-modelloader/values.yaml
@@ -56,7 +56,7 @@ certInitializer:
chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }}
# application image
-image: onap/model-loader:1.9.4
+image: onap/model-loader:1.11.0
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml
index ce055334c0..2dfbfeebe5 100644
--- a/kubernetes/aai/components/aai-resources/values.yaml
+++ b/kubernetes/aai/components/aai-resources/values.yaml
@@ -157,7 +157,7 @@ certInitializer:
chown -R 1000 {{ .Values.credsPath }}
# application image
-image: onap/aai-resources:1.9.7
+image: onap/aai-resources:1.11.0
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml
index 727d1654bc..a72b1d9ec1 100644
--- a/kubernetes/aai/components/aai-schema-service/values.yaml
+++ b/kubernetes/aai/components/aai-schema-service/values.yaml
@@ -94,7 +94,7 @@ certInitializer:
chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }}
# application image
-image: onap/aai-schema-service:1.9.7
+image: onap/aai-schema-service:1.11.0
pullPolicy: Always
restartPolicy: Always
flavorOverride: small
diff --git a/kubernetes/aai/components/aai-sparky-be/values.yaml b/kubernetes/aai/components/aai-sparky-be/values.yaml
index 5c540c9b96..b4cea4c5a2 100644
--- a/kubernetes/aai/components/aai-sparky-be/values.yaml
+++ b/kubernetes/aai/components/aai-sparky-be/values.yaml
@@ -120,7 +120,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "aaisparkybe"
+ - baseaddr: "aai-sparkybe-api"
name: "aai-sparky-be"
port: 8000
config:
diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml
index 3b5de06207..81d372aded 100644
--- a/kubernetes/aai/components/aai-traversal/values.yaml
+++ b/kubernetes/aai/components/aai-traversal/values.yaml
@@ -140,7 +140,7 @@ certInitializer:
chown -R 1000 {{ .Values.credsPath }}
# application image
-image: onap/aai-traversal:1.9.6
+image: onap/aai-traversal:1.11.0
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml
index 94f2bea548..247c58be2b 100644
--- a/kubernetes/aai/values.yaml
+++ b/kubernetes/aai/values.yaml
@@ -396,9 +396,10 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "aai.api"
+ - baseaddr: "aai-api"
name: "aai"
port: 8443
+ plain_port: 80
config:
ssl: "redirect"
diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml
index f59a64f3d2..d224030db3 100644
--- a/kubernetes/appc/values.yaml
+++ b/kubernetes/appc/values.yaml
@@ -344,9 +344,10 @@ persistence:
ingress:
enabled: false
service:
- - baseaddr: "appc.api"
+ - baseaddr: "appc-api"
name: "appc"
port: 8443
+ plain_port: 1830
config:
ssl: "redirect"
diff --git a/kubernetes/cds/components/cds-blueprints-processor/values.yaml b/kubernetes/cds/components/cds-blueprints-processor/values.yaml
index 7ed3e85555..4b478e21e2 100755
--- a/kubernetes/cds/components/cds-blueprints-processor/values.yaml
+++ b/kubernetes/cds/components/cds-blueprints-processor/values.yaml
@@ -237,7 +237,7 @@ cluster:
ingress:
enabled: false
service:
- - baseaddr: "blueprintsprocessorhttp"
+ - baseaddr: "cds-blueprintsprocessor-api"
name: "cds-blueprints-processor-http"
port: 8080
config:
diff --git a/kubernetes/cds/components/cds-ui/values.yaml b/kubernetes/cds/components/cds-ui/values.yaml
index 14fc014920..1c8c60a8d7 100644
--- a/kubernetes/cds/components/cds-ui/values.yaml
+++ b/kubernetes/cds/components/cds-ui/values.yaml
@@ -102,7 +102,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "cdsui"
+ - baseaddr: "cds-ui"
name: "cds-ui"
port: 3000
config:
diff --git a/kubernetes/cli/values.yaml b/kubernetes/cli/values.yaml
index 58c649c326..db36661383 100644
--- a/kubernetes/cli/values.yaml
+++ b/kubernetes/cli/values.yaml
@@ -99,10 +99,10 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "cli.api"
+ - baseaddr: "cli-api"
name: "cli"
port: 443
- - baseaddr: "cli2.api"
+ - baseaddr: "cli2-api"
name: cli
port: 9443
config:
diff --git a/kubernetes/consul/values.yaml b/kubernetes/consul/values.yaml
index e2aa181efb..9036606377 100644
--- a/kubernetes/consul/values.yaml
+++ b/kubernetes/consul/values.yaml
@@ -61,7 +61,7 @@ service: {}
ingress:
enabled: false
service:
- - baseaddr: "consul.api"
+ - baseaddr: "consul-api"
name: "consul-server"
port: 8800
config:
diff --git a/kubernetes/cps/components/cps-core/values.yaml b/kubernetes/cps/components/cps-core/values.yaml
index d2bee113ba..5f85122721 100644
--- a/kubernetes/cps/components/cps-core/values.yaml
+++ b/kubernetes/cps/components/cps-core/values.yaml
@@ -154,7 +154,7 @@ startup:
ingress:
enabled: true
service:
- - baseaddr: "cps-core"
+ - baseaddr: "cps-core-api"
path: "/"
name: "cps-core"
port: *svc_port
diff --git a/kubernetes/cps/components/cps-temporal/values.yaml b/kubernetes/cps/components/cps-temporal/values.yaml
index af9306aa25..3ff7d0279f 100644
--- a/kubernetes/cps/components/cps-temporal/values.yaml
+++ b/kubernetes/cps/components/cps-temporal/values.yaml
@@ -122,7 +122,7 @@ readiness:
ingress:
enabled: true
service:
- - baseaddr: "cps-temporal"
+ - baseaddr: "cps-temporal-api"
path: "/"
name: "cps-temporal"
port: *svc_port
diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml
index 1971273ddf..143bd67516 100644
--- a/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml
+++ b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml
@@ -120,7 +120,7 @@ readiness:
ingress:
enabled: true
service:
- - baseaddr: "ncmp-dmi-plugin"
+ - baseaddr: "cps-ncmp-dmi-plugin-api"
path: "/"
name: *svc_name
port: *svc_port
diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/ingress.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/ingress.yaml
new file mode 100644
index 0000000000..79df5ced0c
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/ingress.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright (C) 2022 Deutsche Telekom AG
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.ingress" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml
index d9f91cfab8..5b0eea661c 100644
--- a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml
@@ -120,6 +120,16 @@ service:
plain_port: 8100
port_protocol: http
+ingress:
+ enabled: false
+ service:
+ - baseaddr: "dcae-datafile-collector-api"
+ name: "datafile-collector"
+ port: 8443
+ plain_port: 8100
+ config:
+ ssl: "redirect"
+
# Data Router Publisher Credentials
drPubscriberCreds:
username: username
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/ingress.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/ingress.yaml
new file mode 100644
index 0000000000..df12117b3e
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/ingress.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright (C) 2022 Deutsche Telekom AG
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.ingress" . }} \ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
index 067ddb2cf2..9beef813f8 100644
--- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
@@ -118,6 +118,15 @@ service:
port_protocol: http
nodePort: 22
+ingress:
+ enabled: false
+ service:
+ - baseaddr: "dcae-hv-ves-collector-api"
+ name: "dcae-hv-ves-collector"
+ port: 6061
+ config:
+ ssl: "redirect"
+
#strimzi kafka config
hvVesKafkaUser: dcae-hv-ves-kafka-user
diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/ingress.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/ingress.yaml
new file mode 100644
index 0000000000..df12117b3e
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/ingress.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright (C) 2022 Deutsche Telekom AG
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.ingress" . }} \ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml
index 701fa4e67c..1a3cffa7b1 100644
--- a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml
@@ -97,6 +97,16 @@ service:
nodePort: 16
useNodePortExt: true
+ingress:
+ enabled: false
+ service:
+ - baseaddr: "dcae-restconf-collector-api"
+ name: "dcae-restconf-collector"
+ port: 8443
+ plain_port: 8080
+ config:
+ ssl: "redirect"
+
# AAF Credentials
controllerCreds:
username: access
diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml
index 6ee1a491af..46002b1651 100644
--- a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml
@@ -50,7 +50,7 @@ secrets:
passwordPolicy: generate
################################aafcreds#################################
-# InitContainer Image.
+# InitContainer Image
#################################################################
tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
@@ -58,7 +58,8 @@ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
# Application Configuration Defaults.
#################################################################
# Application Image
-image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.1.3
+repository: nexus3.onap.org:10001
+image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.1.5
pullPolicy: IfNotPresent
#################################################################
@@ -69,10 +70,11 @@ pullPolicy: IfNotPresent
# policy sync is used for provide runtime configuration for slicems
# policy id is originally set to "onap.dcae.slicems.config"
-# dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1
-# policies:
+#dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1
+#pullPolicy: IfNotPresent
+#policies:
# duration:
-# 300
+# 10
# policyID: |
# '["onap.dcae.slicems.config"]'
@@ -167,11 +169,13 @@ applicationConfig:
sliceanalysisms.aaiNotif.targetAction: UPDATE
sliceanalysisms.aaiNotif.targetSource: UUI
sliceanalysisms.aaiNotif.targetEntity: service-instance
- sliceanalysisms.ccvpnEvalInterval: 15
- sliceanalysisms.ccvpnEvalThreshold: 0.8
+ sliceanalysisms.ccvpnEvalInterval: 5
+ sliceanalysisms.ccvpnEvalUpperThreshold: 0.8
+ sliceanalysisms.ccvpnEvalLowerThreshold: 0.3
sliceanalysisms.ccvpnEvalPrecision: 100.0
sliceanalysisms.ccvpnEvalPeriodicCheckOn: true
sliceanalysisms.ccvpnEvalOnDemandCheckOn: true
+ sliceanalysisms.ccvpnEvalStrategy: FlexibleThresholdStrategy
streams_publishes:
CL_topic:
type: message-router
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/ingress.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/ingress.yaml
new file mode 100644
index 0000000000..df12117b3e
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/ingress.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright (C) 2022 Deutsche Telekom AG
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.ingress" . }} \ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
index c9fb0517a3..746853c286 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
@@ -107,6 +107,16 @@ service:
nodePort: 17
useNodePortExt: true
+ingress:
+ enabled: false
+ service:
+ - baseaddr: "dcae-ves-collector-api"
+ name: "dcae-ves-collector"
+ port: 8443
+ plain_port: 8080
+ config:
+ ssl: "redirect"
+
# application environments
applicationEnv:
CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml'
diff --git a/kubernetes/dcaemod/components/dcaemod-designtool/values.yaml b/kubernetes/dcaemod/components/dcaemod-designtool/values.yaml
index 86aad57b1b..b05639b178 100644
--- a/kubernetes/dcaemod/components/dcaemod-designtool/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-designtool/values.yaml
@@ -44,11 +44,11 @@ ingress:
enabled: true
enabledOverride: true
service:
- - baseaddr: "dcaemod"
+ - baseaddr: "dcaemod-nifi-ui"
path: "/nifi"
name: "dcaemod-designtool"
port: 8080
- - baseaddr: "dcaemod"
+ - baseaddr: "dcaemod-nifi-api"
path: "/nifi-api"
name: "dcaemod-designtool"
port: 8080
diff --git a/kubernetes/dcaemod/components/dcaemod-distributor-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-distributor-api/values.yaml
index 12c0204b10..68fcf1487f 100644
--- a/kubernetes/dcaemod/components/dcaemod-distributor-api/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-distributor-api/values.yaml
@@ -44,7 +44,7 @@ ingress:
enabled: true
enabledOverride: true
service:
- - baseaddr: "dcaemod"
+ - baseaddr: "dcaemod-distributor-api"
path: "/distributor"
name: dcaemod-distributor-api
port: 8080
diff --git a/kubernetes/dcaemod/components/dcaemod-genprocessor/values.yaml b/kubernetes/dcaemod/components/dcaemod-genprocessor/values.yaml
index 81c5888f10..2dafdc9c8a 100644
--- a/kubernetes/dcaemod/components/dcaemod-genprocessor/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-genprocessor/values.yaml
@@ -44,7 +44,7 @@ ingress:
enabled: true
enabledOverride: true
service:
- - baseaddr: "dcaemod"
+ - baseaddr: "dcaemod-genprocessor-api"
path: "/nifi-jars"
name: dcaemod-genprocessor
port: 8080
diff --git a/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml
index 2aefedbc86..70067e557c 100644
--- a/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml
@@ -50,7 +50,7 @@ ingress:
enabled: true
enabledOverride: true
service:
- - baseaddr: "dcaemod"
+ - baseaddr: "dcaemod-onboarding-api"
path: "/onboarding"
name: dcaemod-onboarding-api
port: 8080
diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml
index 538820dea4..911fee85f4 100644
--- a/kubernetes/dmaap/components/dmaap-bc/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml
@@ -138,9 +138,10 @@ postgres:
ingress:
enabled: false
service:
- - baseaddr: "dmaapbc"
+ - baseaddr: "dmaap-bc-api"
name: "dmaap-bc"
port: 8443
+ plain_port: 8080
config:
ssl: "redirect"
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml
index 3382068f9d..6da3cda668 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml
@@ -105,9 +105,10 @@ secrets: {}
ingress:
enabled: false
service:
- - baseaddr: "dmaapdrnode"
+ - baseaddr: "dmaap-dr-node-api"
name: "dmaap-dr-node"
port: 8443
+ plain_port: 8080
config:
ssl: "redirect"
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
index 4a68f674f1..59b0765f28 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
@@ -79,9 +79,10 @@ persistence:
ingress:
enabled: false
service:
- - baseaddr: "dmaapdrprov"
+ - baseaddr: "dmaap-dr-prov-api"
name: "dmaap-dr-prov"
port: 8443
+ plain_port: 8080
config:
ssl: "redirect"
diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml
index 63c62ca48c..f9904e67c8 100644
--- a/kubernetes/dmaap/components/message-router/values.yaml
+++ b/kubernetes/dmaap/components/message-router/values.yaml
@@ -154,9 +154,10 @@ prometheus:
ingress:
enabled: false
service:
- - baseaddr: "mr.api"
+ - baseaddr: "dmaap-mr-api"
name: "message-router"
port: 3905
+ plain_port: 3904
config:
ssl: "redirect"
diff --git a/kubernetes/log/components/log-elasticsearch/values.yaml b/kubernetes/log/components/log-elasticsearch/values.yaml
index 7919a0948e..74cf4ed8c2 100644
--- a/kubernetes/log/components/log-elasticsearch/values.yaml
+++ b/kubernetes/log/components/log-elasticsearch/values.yaml
@@ -90,7 +90,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "loges"
+ - baseaddr: "log-es-api"
name: "log-es"
port: 9200
config:
diff --git a/kubernetes/log/components/log-kibana/values.yaml b/kubernetes/log/components/log-kibana/values.yaml
index 767ea6ae99..276bfea3b7 100644
--- a/kubernetes/log/components/log-kibana/values.yaml
+++ b/kubernetes/log/components/log-kibana/values.yaml
@@ -73,7 +73,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "kibana.api"
+ - baseaddr: "log-kibana-ui"
name: "log-kibana"
port: 5601
config:
diff --git a/kubernetes/log/components/log-logstash/values.yaml b/kubernetes/log/components/log-logstash/values.yaml
index 7a0674cdf5..0ffb32aa68 100644
--- a/kubernetes/log/components/log-logstash/values.yaml
+++ b/kubernetes/log/components/log-logstash/values.yaml
@@ -72,10 +72,10 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "logls"
+ - baseaddr: "log-ls-api"
name: "log-ls"
port: 5044
- - baseaddr: "loglshttp"
+ - baseaddr: "log-ls-http-api"
name: "log-ls"
port: 9600
config:
diff --git a/kubernetes/msb/components/msb-consul/values.yaml b/kubernetes/msb/components/msb-consul/values.yaml
index 258d49e30b..01f246689f 100644
--- a/kubernetes/msb/components/msb-consul/values.yaml
+++ b/kubernetes/msb/components/msb-consul/values.yaml
@@ -57,7 +57,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "msbconsul"
+ - baseaddr: "msb-consul-api"
name: "msb-consul"
port: 8500
config:
diff --git a/kubernetes/msb/components/msb-discovery/values.yaml b/kubernetes/msb/components/msb-discovery/values.yaml
index 2d18d14532..678dde79fa 100644
--- a/kubernetes/msb/components/msb-discovery/values.yaml
+++ b/kubernetes/msb/components/msb-discovery/values.yaml
@@ -57,7 +57,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "msb.api.discovery"
+ - baseaddr: "msb-discovery-api"
name: "msb-discovery"
port: 10081
config:
diff --git a/kubernetes/msb/components/msb-eag/values.yaml b/kubernetes/msb/components/msb-eag/values.yaml
index 45f93ed63d..1c3f3131d6 100644
--- a/kubernetes/msb/components/msb-eag/values.yaml
+++ b/kubernetes/msb/components/msb-eag/values.yaml
@@ -97,9 +97,10 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "msbeag"
+ - baseaddr: "msb-eag-ui"
name: "msb-eag"
port: 443
+ plain_port: 80
config:
ssl: "redirect"
diff --git a/kubernetes/msb/components/msb-iag/values.yaml b/kubernetes/msb/components/msb-iag/values.yaml
index 602177b479..4bb772da16 100644
--- a/kubernetes/msb/components/msb-iag/values.yaml
+++ b/kubernetes/msb/components/msb-iag/values.yaml
@@ -97,9 +97,10 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "msbiag"
+ - baseaddr: "msb-iag-ui"
name: "msb-iag"
port: 443
+ plain_port: 80
config:
ssl: "redirect"
diff --git a/kubernetes/nbi/templates/deployment.yaml b/kubernetes/nbi/templates/deployment.yaml
index b9ed35b0f7..6a246a623c 100644
--- a/kubernetes/nbi/templates/deployment.yaml
+++ b/kubernetes/nbi/templates/deployment.yaml
@@ -18,25 +18,12 @@
apiVersion: apps/v1
kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
+ selector: {{- include "common.selectors" . | nindent 4 }}
replicas: {{ .Values.replicaCount }}
template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- name: {{ include "common.fullname" . }}
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
{{- if .Values.global.aafEnabled }}
initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
@@ -45,8 +32,7 @@ spec:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
+ ports: {{ include "common.containerPorts" . | nindent 12 }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{- if .Values.global.aafEnabled }}
@@ -68,17 +54,17 @@ spec:
{{ if .Values.liveness.enabled }}
livenessProbe:
httpGet:
- port: {{ .Values.liveness.port }}
+ port: {{ if (include "common.needTLS" .) }}{{ .Values.service.internalPort }}{{ else }}{{ .Values.service.internalPlainPort }}{{ end }}
path: {{ .Values.liveness.path }}
- scheme: HTTPS
+ scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end }}
readinessProbe:
httpGet:
- port: {{ .Values.readiness.port }}
+ port: {{ if (include "common.needTLS" .) }}{{ .Values.service.internalPort }}{{ else }}{{ .Values.service.internalPlainPort }}{{ end }}
path: {{ .Values.readiness.path }}
- scheme: HTTPS
+ scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
@@ -105,15 +91,15 @@ spec:
- name: ONAP_K8SCLOUDOWNER
value: {{ .Values.config.k8sCloudOwner }}
- name: NBI_URL
- value: "https://nbi.{{ include "common.namespace" . }}:8443/nbi/api/v4"
+ value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}://nbi.{{ include "common.namespace" . }}:{{ if (include "common.needTLS" .) }}{{ .Values.service.internalPort }}{{ else }}{{ .Values.service.internalPlainPort }}{{ end }}/nbi/api/v4"
- name: SDC_HOST
- value: "https://sdc-be.{{ include "common.namespace" . }}:8443"
+ value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}://sdc-be.{{ include "common.namespace" . }}:{{ if (include "common.needTLS" .) }}8443{{ else }}8080{{ end }}"
- name: SDC_HEADER_ECOMPINSTANCEID
value: {{ .Values.config.ecompInstanceId }}
- name: SDC_HEADER_AUTHORIZATION
value: {{ .Values.sdc_authorization }}
- name: AAI_HOST
- value: "https://aai.{{ include "common.namespace" . }}:8443"
+ value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}://aai.{{ include "common.namespace" . }}:{{ if (include "common.needTLS" .) }}8443{{ else }}80{{ end }}"
- name: AAI_HEADER_AUTHORIZATION
value: {{ .Values.aai_authorization }}
- name: SO_HOST
@@ -123,11 +109,11 @@ spec:
value: {{ .Values.so_authorization }}
{{- end }}
- name: DMAAP_HOST
- value: "https://message-router.{{ include "common.namespace" . }}:3905"
+ value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}://message-router.{{ include "common.namespace" . }}:{{ if (include "common.needTLS" .) }}3905{{ else }}3904{{ end }}"
- name: LOGGING_LEVEL_ORG_ONAP_NBI
value: {{ .Values.config.loglevel }}
- name: MSB_ENABLED
- value: "true"
+ value: "{{ .Values.global.msbEnabled }}"
- name: MSB_DISCOVERY_HOST
value: "msb-discovery.{{ include "common.namespace" . }}"
- name: MSB_DISCOVERY_PORT
diff --git a/kubernetes/nbi/templates/service.yaml b/kubernetes/nbi/templates/service.yaml
index 4d5359ce0e..11fae18dc1 100644
--- a/kubernetes/nbi/templates/service.yaml
+++ b/kubernetes/nbi/templates/service.yaml
@@ -14,28 +14,4 @@
# limitations under the License.
*/}}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}-{{ .Values.service.internalPort }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+{{ include "common.service" . }} \ No newline at end of file
diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml
index 9b69a4356f..dc323675ad 100644
--- a/kubernetes/nbi/values.yaml
+++ b/kubernetes/nbi/values.yaml
@@ -25,6 +25,7 @@ global:
internalPort: 3306
nameOverride: mariadb-galera
aafEnabled: true
+ msbEnabled: true
#################################################################
# AAF part
@@ -134,7 +135,6 @@ affinity: {}
# probe configuration parameters
liveness:
path: /nbi/api/v4/status
- port: 8443
initialDelaySeconds: 180
periodSeconds: 30
# necessary to disable liveness probe when setting breakpoints
@@ -143,7 +143,6 @@ liveness:
readiness:
path: /nbi/api/v4/status
- port: 8443
initialDelaySeconds: 185
periodSeconds: 30
@@ -151,15 +150,21 @@ service:
type: NodePort
portName: api
name: nbi
- nodePort: 74
internalPort: 8443
+ internalPlainPort: 8080
+ ports:
+ - name: http
+ port: 8443
+ plain_port: 8080
+ nodePort: '74'
ingress:
enabled: false
service:
- - baseaddr: "nbi.api"
+ - baseaddr: "nbi-api"
name: "nbi"
port: 8443
+ plain_port: 8080
config:
ssl: "redirect"
# Resource Limit flavor -By Default using small
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml
index 3ed20ba8a6..4e38c830f0 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml
@@ -44,8 +44,10 @@ spec:
args:
- --container-name
- oof-has-controller
+ {{- if (include "common.needTLS" .) }}
- --container-name
- aaf-service
+ {{- end }}
env:
- name: NAMESPACE
valueFrom:
@@ -55,6 +57,7 @@ spec:
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if (include "common.needTLS" .) }}
- name: {{ include "common.name" . }}-has-sms-readiness
command:
- sh
@@ -73,6 +76,7 @@ spec:
fieldPath: metadata.namespace
image: {{ include "repositoryGenerator.image.curl" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- end }}
{{ include "common.certInitializer.initContainer" . | indent 6 }}
containers:
@@ -108,9 +112,11 @@ spec:
- mountPath: /usr/local/bin/log.conf
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: log.conf
+ {{- if (include "common.needTLS" .) }}
- mountPath: /usr/local/bin/AAF_RootCA.cer
name: {{ include "common.fullname" . }}-onap-certs
subPath: aaf_root_ca.cer
+ {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
- name: {{ include "common.name" . }}-nginx
@@ -121,8 +127,10 @@ spec:
args:
- "-c"
- |
+ {{- if (include "common.needTLS" .) }}
grep -v '^$' /opt/bitnami/nginx/ssl/local/org.onap.oof.crt > /tmp/oof.crt
cat /tmp/oof.crt /tmp/intermediate_root_ca.pem /tmp/AAF_RootCA.cer >> /opt/bitnami/nginx/org.onap.oof.crt
+ {{- end }}
/opt/bitnami/scripts/nginx/entrypoint.sh /opt/bitnami/scripts/nginx/run.sh
ports:
- containerPort: {{ .Values.service.internalPort }}
@@ -146,12 +154,14 @@ spec:
- mountPath: /opt/bitnami/nginx/conf/nginx.conf
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: nginx.conf
+ {{- if (include "common.needTLS" .) }}
- mountPath: /tmp/AAF_RootCA.cer
name: {{ include "common.fullname" . }}-onap-certs
subPath: aaf_root_ca.cer
- mountPath: /tmp/intermediate_root_ca.pem
name: {{ include "common.fullname" . }}-onap-certs
subPath: intermediate_root_ca.pem
+ {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -178,6 +188,8 @@ spec:
path: conductor.conf
- key: log.conf
path: log.conf
+{{- if (include "common.needTLS" .) }}
{{ include "oof.certificate.volume" . | indent 8 }}
+{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml
index 751545ebef..f13e7cea9b 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml
@@ -32,11 +32,11 @@ spec:
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.externalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
index d0d81c57ba..c850cb7752 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
@@ -45,7 +45,7 @@ service:
externalPort: 8091
internalPort: 8091
nodePort: 75
- portName: oof-has-api
+ portName: http
#backend container info
uwsgi:
@@ -106,7 +106,7 @@ certInitializer:
ingress:
enabled: false
service:
- - baseaddr: "oof-has-api.onap"
+ - baseaddr: "oof-has-api"
name: "oof-has-api"
port: 8091
config:
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml
index 55bb4f620d..92be670db6 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml
@@ -43,8 +43,10 @@ spec:
args:
- --job-name
- {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job
+ {{- if (include "common.needTLS" .) }}
- --container-name
- aaf-sms
+ {{- end }}
env:
- name: NAMESPACE
valueFrom:
@@ -54,6 +56,7 @@ spec:
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if (include "common.needTLS" .) }}
- name: {{ include "common.name" . }}-cont-sms-readiness
command:
- sh
@@ -72,6 +75,7 @@ spec:
fieldPath: metadata.namespace
image: {{ include "repositoryGenerator.image.curl" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- end }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }}
@@ -113,9 +117,11 @@ spec:
- mountPath: /usr/local/bin/healthy.sh
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: healthy.sh
+ {{- if (include "common.needTLS" .) }}
- mountPath: /usr/local/bin/AAF_RootCA.cer
name: {{ include "common.fullname" . }}-onap-certs
subPath: aaf_root_ca.cer
+ {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -141,6 +147,8 @@ spec:
path: log.conf
- key: healthy.sh
path: healthy.sh
+{{- if (include "common.needTLS" .) }}
{{ include "oof.certificate.volume" . | indent 8 }}
+{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml
index 4f58ec3b94..72ecd7db2d 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml
@@ -52,6 +52,7 @@ spec:
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if (include "common.needTLS" .) }}
- name: {{ include "common.name" . }}-data-sms-readiness
command:
- sh
@@ -70,6 +71,7 @@ spec:
fieldPath: metadata.namespace
image: {{ include "repositoryGenerator.image.curl" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- end }}
containers:
- name: {{ include "common.name" . }}
@@ -112,6 +114,7 @@ spec:
- mountPath: /usr/local/bin/healthy.sh
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: healthy.sh
+ {{- if (include "common.needTLS" .) }}
- mountPath: /usr/local/bin/aai_cert.cer
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: aai_cert.cer
@@ -121,6 +124,7 @@ spec:
- mountPath: /usr/local/bin/AAF_RootCA.cer
name: {{ include "common.fullname" . }}-onap-certs
subPath: aaf_root_ca.cer
+ {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -146,10 +150,14 @@ spec:
path: log.conf
- key: healthy.sh
path: healthy.sh
+ {{- if (include "common.needTLS" .) }}
- key: aai_cert.cer
path: aai_cert.cer
- key: aai_key.key
path: aai_key.key
+ {{- end }}
+{{- if (include "common.needTLS" .) }}
{{ include "oof.certificate.volume" . | indent 8 }}
+{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml
index f8755ea66b..b90a6f6e89 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml
@@ -52,6 +52,7 @@ spec:
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if (include "common.needTLS" .) }}
- name: {{ include "common.name" . }}-resrv-sms-readiness
command:
- sh
@@ -70,6 +71,7 @@ spec:
fieldPath: metadata.namespace
image: {{ include "repositoryGenerator.image.curl" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- end }}
containers:
- name: {{ include "common.name" . }}
@@ -112,9 +114,11 @@ spec:
- mountPath: /usr/local/bin/healthy.sh
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: healthy.sh
+ {{- if (include "common.needTLS" .) }}
- mountPath: /usr/local/bin/AAF_RootCA.cer
name: {{ include "common.fullname" . }}-onap-certs
subPath: aaf_root_ca.cer
+ {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -140,6 +144,8 @@ spec:
path: log.conf
- key: healthy.sh
path: healthy.sh
+{{- if (include "common.needTLS" .) }}
{{ include "oof.certificate.volume" . | indent 8 }}
+{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml
index 154bc78e41..4499d9806e 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml
@@ -52,6 +52,7 @@ spec:
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if (include "common.needTLS" .) }}
- name: {{ include "common.name" . }}-solvr-sms-readiness
command:
- sh
@@ -70,6 +71,7 @@ spec:
fieldPath: metadata.namespace
image: {{ include "repositoryGenerator.image.curl" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- end }}
containers:
- name: {{ include "common.name" . }}
@@ -112,9 +114,11 @@ spec:
- mountPath: /usr/local/bin/healthy.sh
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: healthy.sh
+ {{- if (include "common.needTLS" .) }}
- mountPath: /usr/local/bin/AAF_RootCA.cer
name: {{ include "common.fullname" . }}-onap-certs
subPath: aaf_root_ca.cer
+ {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -140,6 +144,8 @@ spec:
path: log.conf
- key: healthy.sh
path: healthy.sh
+{{- if (include "common.needTLS" .) }}
{{ include "oof.certificate.volume" . | indent 8 }}
+{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/components/oof-has/resources/config/conductor.conf b/kubernetes/oof/components/oof-has/resources/config/conductor.conf
index 78553d73af..d650808036 100755
--- a/kubernetes/oof/components/oof-has/resources/config/conductor.conf
+++ b/kubernetes/oof/components/oof-has/resources/config/conductor.conf
@@ -159,13 +159,13 @@ appkey = ""
#
# is_aaf_enabled. (boolean value)
-is_aaf_enabled = true
+is_aaf_enabled = {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
# aaf_cache_expiry_hrs. (integer value)
aaf_cache_expiry_hrs = 3
# aaf_url. (string value)
-aaf_url = https://{{.Values.config.aaf.serviceName}}:{{.Values.config.aaf.port}}/authz/perms/user/
+aaf_url = http{{ if (include "common.needTLS" .) }}s{{ end }}://{{.Values.config.aaf.serviceName}}:{{.Values.config.aaf.port}}/authz/perms/user/
# aaf_cert_file. (string value)
#aaf_cert_file = <None>
@@ -175,7 +175,7 @@ aaf_url = https://{{.Values.config.aaf.serviceName}}:{{.Values.config.aaf.port}}
# aaf_ca_bundle_file. (string value)
#aaf_ca_bundle_file =
-aaf_ca_bundle_file = /usr/local/bin/AAF_RootCA.cer
+aaf_ca_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }}
# aaf_retries. (integer value)
#aaf_retries = 3
@@ -193,9 +193,12 @@ aaf_ca_bundle_file = /usr/local/bin/AAF_RootCA.cer
# From conductor
#
+# is_enabled. (boolean value)
+is_enabled = {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
+
# Base URL for SMS, up to and not including the version, and without a trailing
# slash. (string value)
-aaf_sms_url = https://{{.Values.config.sms.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.sms.port}}
+aaf_sms_url = http{{ if (include "common.needTLS" .) }}s{{ end }}://{{.Values.config.sms.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.sms.port}}
# Timeout for SMS API Call (integer value)
@@ -231,7 +234,8 @@ complex_cache_refresh_interval = 60
# Base URL for A&AI, up to and not including the version, and without a
# trailing slash. (string value)
-server_url = https://{{.Values.config.aai.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.aai.port}}/aai
+#server_url = https://{{.Values.config.aai.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.aai.port}}/aai
+server_url = http{{ if (include "common.needTLS" .) }}s{{ end }}://{{.Values.config.aai.serviceName}}.{{ include "common.namespace" . }}:{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.aai.port .Values.config.aai.plainPort }}/aai
# Timeout for A&AI Rest Call (string value)
#aai_rest_timeout = 30
@@ -252,7 +256,7 @@ certificate_key_file =
# Certificate Authority Bundle file in pem format. Must contain the appropriate
# trust chain for the Certificate file. (string value)
#certificate_authority_bundle_file = certificate_authority_bundle.pem
-certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer
+certificate_authority_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }}
# Username for AAI. (string value)
username = OOF
@@ -676,7 +680,8 @@ concurrent = true
# Base URL for SDC, up to and not including the version, and without a
# trailing slash. (string value)
#server_url = https://controller:8443/sdc
-server_url = https://{{.Values.config.sdc.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.sdc.port}}/sdc
+#server_url = https://{{.Values.config.sdc.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.sdc.port}}/sdc
+server_url = http{{ if (include "common.needTLS" .) }}s{{ end }}://{{.Values.config.sdc.serviceName}}.{{ include "common.namespace" . }}:{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdc.port .Values.config.sdc.plainPort }}/sdc
# Timeout for SDC Rest Call (string value)
#sdc_rest_timeout = 30
@@ -699,7 +704,7 @@ certificate_key_file =
# Certificate Authority Bundle file in pem format. Must contain the appropriate
# trust chain for the Certificate file. (string value)
#certificate_authority_bundle_file = certificate_authority_bundle.pem
-certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer
+certificate_authority_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }}
# Username for SDC. (string value)
#username =
@@ -744,7 +749,7 @@ certificate_key_file =
# Certificate Authority Bundle file in pem format. Must contain the appropriate
# trust chain for the Certificate file. (string value)
#certificate_authority_bundle_file = certificate_authority_bundle.pem
-certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer
+certificate_authority_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }}
# Username for CPS. (string value)
#username =
@@ -788,7 +793,7 @@ certificate_key_file =
# Certificate Authority Bundle file in pem format. Must contain the appropriate
# trust chain for the Certificate file. (string value)
#certificate_authority_bundle_file = certificate_authority_bundle.pem
-certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer
+certificate_authority_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }}
# Username for DCAE. (string value)
#username =
diff --git a/kubernetes/oof/components/oof-has/resources/config/nginx.conf b/kubernetes/oof/components/oof-has/resources/config/nginx.conf
index cbb1b60a58..9272e8581c 100644
--- a/kubernetes/oof/components/oof-has/resources/config/nginx.conf
+++ b/kubernetes/oof/components/oof-has/resources/config/nginx.conf
@@ -11,12 +11,17 @@ http {
server {
+{{ if (include "common.needTLS" .) }}
listen 8091 ssl;
server_name oof;
ssl_certificate /opt/bitnami/nginx/org.onap.oof.crt;
ssl_certificate_key /opt/bitnami/nginx/ssl/local/org.onap.oof.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
+{{ else }}
+ listen 8091;
+ server_name oof;
+{{ end }}
location / {
include /opt/bitnami/nginx/conf/uwsgi_params;
diff --git a/kubernetes/oof/components/oof-has/values.yaml b/kubernetes/oof/components/oof-has/values.yaml
index 733b9209b5..0c5397c5a8 100755
--- a/kubernetes/oof/components/oof-has/values.yaml
+++ b/kubernetes/oof/components/oof-has/values.yaml
@@ -56,6 +56,7 @@ config:
aai:
serviceName: aai
port: 8443
+ plainPort: 80
msb:
serviceName: msb-iag
port: 80
@@ -68,6 +69,7 @@ config:
sdc:
serviceName: sdc-be
port: 8443
+ plainPort: 8080
cps:
service: cps-tbdmt
port: 8080
diff --git a/kubernetes/oof/resources/config/conf/common_config.yaml b/kubernetes/oof/resources/config/conf/common_config.yaml
index 57e8e27a19..d34967617b 100644
--- a/kubernetes/oof/resources/config/conf/common_config.yaml
+++ b/kubernetes/oof/resources/config/conf/common_config.yaml
@@ -5,7 +5,7 @@ osdf_system:
external: 8698 # clients use this port on DockerHost
osdf_ip_default: 0.0.0.0
# # Important Note: At deployment time, we need to ensure the port mapping is done
- ssl_context: ['/opt/osdf/org.onap.oof.crt', '/opt/osdf/osaaf/local/org.onap.oof.key']
+ ssl_context: {{ if (include "common.needTLS" .) }}['/opt/osdf/org.onap.oof.crt', '/opt/osdf/osaaf/local/org.onap.oof.key']{{ end }}
osdf_temp: # special configuration required for "workarounds" or testing
local_policies:
diff --git a/kubernetes/oof/resources/config/conf/osdf_config.yaml b/kubernetes/oof/resources/config/conf/osdf_config.yaml
index 441a77ab5a..ff62bb6b0a 100755
--- a/kubernetes/oof/resources/config/conf/osdf_config.yaml
+++ b/kubernetes/oof/resources/config/conf/osdf_config.yaml
@@ -11,14 +11,14 @@ placementDefaultMinorVersion: {{ .Values.config.placementDefaultMinorVersion }}
placementDefaultPatchVersion: {{ .Values.config.placementDefaultPatchVersion }}
# Credentials for Conductor
-conductorUrl: {{ .Values.config.conductorUrl }}
+conductorUrl: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.conductorUrl.https .Values.config.conductorUrl.http }}
conductorPingWaitTime: {{ .Values.config.conductorPingWaitTime }}
conductorMaxRetries: {{ .Values.config.conductorMaxRetries }}
# versions to be set in HTTP header
conductorMinorVersion: {{ .Values.config.conductorMinorVersion }}
# Policy Platform -- requires ClientAuth, Authorization, and Environment
-policyPlatformUrl: {{ .Values.config.policyPlatformUrl }}
+policyPlatformUrl: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.policyPlatformUrl.https .Values.config.policyPlatformUrl.http }}
policyPlatformEnv: {{ .Values.config.policyPlatformEnv }}
# Credentials for DMaaP
@@ -31,14 +31,14 @@ sdcONAPInstanceID: {{ .Values.config.sdcONAPInstanceID }}
is_aaf_enabled: {{ .Values.config.is_aaf_enabled }}
aaf_cache_expiry_mins: {{ .Values.config.aaf_cache_expiry_mins }}
-aaf_url: {{ .Values.config.aaf_url }}
+aaf_url: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.aaf_url.https .Values.config.aaf_url.http }}
aaf_user_roles:
{{- range .Values.config.aaf_user_roles }}
- {{ . }}
{{- end }}
# Secret Management Service from AAF
-aaf_sms_url: {{ .Values.config.aaf_sms_url }}.{{ include "common.namespace" . }}:{{ .Values.config.aaf_sms_port }}
+aaf_sms_url: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.aaf_sms_url.https .Values.config.aaf_sms_url.http }}.{{ include "common.namespace" . }}:{{ .Values.config.aaf_sms_port }}
aaf_sms_timeout: {{ .Values.config.aaf_sms_timeout }}
secret_domain: {{ .Values.config.secret_domain }}
aaf_ca_certs: {{ .Values.config.aaf_ca_certs }}
@@ -56,7 +56,7 @@ cpsCellListUrl: {{ .Values.config.cps.cellListUrl }}
cpsNbrListUrl: {{ .Values.config.cps.nbrListUrl }}
# AAI api
-aaiUrl: {{ .Values.config.aaiUrl }}
+aaiUrl: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.aaiUrl.https .Values.config.aaiUrl.http }}
aaiGetLinksUrl: {{ .Values.config.aaiGetLinksUrl }}
aaiServiceInstanceUrl : {{ .Values.config.aaiServiceInstanceUrl }}
aaiGetControllersUrl: {{ .Values.config.aaiGetControllersUrl }}
@@ -65,7 +65,7 @@ aaiGetInterDomainLinksUrl: {{ .Values.config.aaiGetInterDomainLinksUrl }}
dslQueryPath: /aai/v23/dsl?format=
#DES api
-desUrl: {{ .Values.config.desUrl }}
+desUrl: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.desUrl.https .Values.config.desUrl.http }}
desApiPath: {{ .Values.config.desApiPath }}
desHeaders:
Accept: application/json
@@ -77,4 +77,3 @@ desPassword: {{ .Values.config.desPassword }}
appkey: ''
activateConsulConfig: False
-
diff --git a/kubernetes/oof/templates/deployment.yaml b/kubernetes/oof/templates/deployment.yaml
index 58ff39e1e5..31884c06bb 100644
--- a/kubernetes/oof/templates/deployment.yaml
+++ b/kubernetes/oof/templates/deployment.yaml
@@ -52,12 +52,13 @@ spec:
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
+ {{- if (include "common.needTLS" .) }}
- command:
- sh
- -c
- resp="FAILURE";
until [ $resp = "200" ]; do
- resp=$(curl -s -o /dev/null -k --write-out %{http_code} https://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/osdf/secret);
+ resp=$(curl -s -o /dev/null -k --write-out %{http_code} http{{ if (include "common.needTLS" .) }}s{{ end }}://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/osdf/secret);
echo $resp;
sleep 2;
done
@@ -70,6 +71,7 @@ spec:
image: {{ include "repositoryGenerator.image.curl" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-osdf-sms-readiness
+ {{- end }}
{{ include "common.certInitializer.initContainer" . | indent 6 }}
containers:
- name: {{ include "common.name" . }}
@@ -80,8 +82,10 @@ spec:
args:
- "-c"
- |
+ {{- if (include "common.needTLS" .) }}
grep -v '^$' /opt/osdf/osaaf/local/org.onap.oof.crt > /tmp/oof.crt
cat /tmp/oof.crt /opt/app/ssl_cert/intermediate_root_ca.pem /opt/app/ssl_cert/aaf_root_ca.cer >> /opt/osdf/org.onap.oof.crt
+ {{ end }}
python osdfapp.py
ports:
- containerPort: {{ .Values.service.internalPort }}
@@ -108,12 +112,14 @@ spec:
- mountPath: /opt/osdf/config/osdf_config.yaml
name: {{ include "common.fullname" . }}-config
subPath: osdf_config.yaml
+ {{- if (include "common.needTLS" .) }}
- mountPath: /opt/app/ssl_cert/aaf_root_ca.cer
name: {{ include "common.fullname" . }}-onap-certs
subPath: aaf_root_ca.cer
- mountPath: /opt/app/ssl_cert/intermediate_root_ca.pem
name: {{ include "common.fullname" . }}-onap-certs
subPath: intermediate_root_ca.pem
+ {{- end }}
- mountPath: /opt/osdf/config/common_config.yaml
name: {{ include "common.fullname" . }}-config
subPath: common_config.yaml
diff --git a/kubernetes/oof/templates/service.yaml b/kubernetes/oof/templates/service.yaml
index 0706a8d6d4..b2da17a23f 100644
--- a/kubernetes/oof/templates/service.yaml
+++ b/kubernetes/oof/templates/service.yaml
@@ -33,11 +33,11 @@ spec:
- port: {{ .Values.service.externalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.name }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.name }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/oof/values.yaml b/kubernetes/oof/values.yaml
index 0673cf2079..f6867bd8bf 100644
--- a/kubernetes/oof/values.yaml
+++ b/kubernetes/oof/values.yaml
@@ -56,13 +56,17 @@ config:
placementDefaultPatchVersion: "0"
# Url and credentials for Conductor.
- conductorUrl: https://oof-has-api:8091/v1/plans/
+ conductorUrl:
+ https: https://oof-has-api:8091/v1/plans/
+ http: http://oof-has-api:8091/v1/plans/
conductorPingWaitTime: 10
conductorMaxRetries: 30
# versions to be set in HTTP header
conductorMinorVersion: 0
# Url and credentials for the Policy Platform
- policyPlatformUrl: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision # Policy Dev platform URL
+ policyPlatformUrl:
+ https: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision # Policy Dev platform URL
+ http: http://policy-xacml-pdp:8080/policy/pdpx/v1/decision
policyPlatformEnv: TEST # Environment for policy platform
# Credentials for the message reader - A placeholder.
messageReaderHosts: NA
@@ -73,12 +77,16 @@ config:
#AAF Authentication
is_aaf_enabled: False
aaf_cache_expiry_mins: 5
- aaf_url: https://aaf-service:8100
+ aaf_url:
+ https: https://aaf-service:8100
+ http: http://aaf-service:8080
aaf_user_roles:
- '/placement:org.onap.oof.access|*|read ALL'
- '/pci:org.onap.oof.access|*|read ALL'
# Secret Management Service from AAF
- aaf_sms_url: https://aaf-sms
+ aaf_sms_url:
+ https: https://aaf-sms
+ http: http://aaf-sms
aaf_sms_port: 10443
aaf_sms_timeout: 30
secret_domain: osdf
@@ -95,14 +103,18 @@ config:
nbrListUrl: 'ran-network/getNbrList'
#aai api
- aaiUrl: https://aai:8443
+ aaiUrl:
+ https: https://aai:8443
+ http: http://aai:8080
aaiGetLinksUrl: /aai/v16/network/logical-links
aaiServiceInstanceUrl : /aai/v20/nodes/service-instances/service-instance/
aaiGetControllersUrl: /aai/v19/external-system/esr-thirdparty-sdnc-list
controllerQueryUrl: /aai/v19/query?format=resource
aaiGetInterDomainLinksUrl: /aai/v19/network/logical-links?link-type=inter-domain&operational-status=up
#des api
- desUrl: https://des.url:9000
+ desUrl:
+ https: https://des.url:9000
+ http: http://des.url:8080
desApiPath: /datalake/v1/exposure/
desUsername: ''
desPassword: ''
@@ -166,7 +178,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "oofosdf"
+ - baseaddr: "oof-osdf-api"
name: "oof-osdf"
port: 8698
config:
diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml
index 09206dc8e9..e366c4415e 100755
--- a/kubernetes/policy/components/policy-apex-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml
@@ -57,7 +57,7 @@ secrets:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-apex-pdp:2.8.0
+image: onap/policy-apex-pdp:2.8.1
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml
index d77929dc42..ec80ba82f0 100755
--- a/kubernetes/policy/components/policy-api/values.yaml
+++ b/kubernetes/policy/components/policy-api/values.yaml
@@ -79,7 +79,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-api:2.7.0
+image: onap/policy-api:2.7.1
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml
index c8532499a6..51d4b47a15 100644
--- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml
@@ -17,6 +17,11 @@
# ============LICENSE_END=========================================================
spring:
+ autoconfigure:
+ exclude: >
+ org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,
+ org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration,
+ org.springframework.boot.autoconfigure.jdbc.DataSourceTransactionManagerAutoConfiguration
security:
user:
name: ${RESTSERVER_USER}
diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml
index 697ce6ea47..668d911f7e 100644
--- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml
@@ -78,7 +78,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-ac-http-ppnt:6.3.0
+image: onap/policy-clamp-ac-http-ppnt:6.3.1
pullPolicy: Always
# application configuration
diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml
index 6fc53e24d6..bbe905b282 100644
--- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml
@@ -17,6 +17,11 @@
# ============LICENSE_END=========================================================
spring:
+ autoconfigure:
+ exclude: >
+ org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,
+ org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration,
+ org.springframework.boot.autoconfigure.jdbc.DataSourceTransactionManagerAutoConfiguration
security:
user:
name: ${RESTSERVER_USER}
diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml
index b8f6b9f3c4..3d2eeeec9d 100644
--- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml
@@ -79,7 +79,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-ac-k8s-ppnt:6.3.0
+image: onap/policy-clamp-ac-k8s-ppnt:6.3.1
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml
index fc0060629e..f24e0ff8c6 100644
--- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml
@@ -17,6 +17,11 @@
# ============LICENSE_END=========================================================
spring:
+ autoconfigure:
+ exclude: >
+ org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,
+ org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration,
+ org.springframework.boot.autoconfigure.jdbc.DataSourceTransactionManagerAutoConfiguration
security:
user:
name: ${RESTSERVER_USER}
diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml
index 9d000f1018..cf20bd1d56 100644
--- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml
@@ -90,7 +90,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-ac-pf-ppnt:6.3.0
+image: onap/policy-clamp-ac-pf-ppnt:6.3.1
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-clamp-be/values.yaml b/kubernetes/policy/components/policy-clamp-be/values.yaml
deleted file mode 100644
index 3442cdd3be..0000000000
--- a/kubernetes/policy/components/policy-clamp-be/values.yaml
+++ /dev/null
@@ -1,172 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018-2021 AT&T
-# Modifications Copyright © 2022 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global: # global defaults
- nodePortPrefix: 302
- persistence: {}
- centralizedLoggingEnabled: true
- #AAF service
- aafEnabled: true
-
-#################################################################
-# AAF part
-#################################################################
-certInitializer:
- permission_user: 1000
- permission_group: 999
- keystoreFile: 'org.onap.clamp.p12'
- truststoreFile: 'org.onap.clamp.trust.jks'
- keyFile: 'org.onap.clamp.keyfile'
- truststoreFileONAP: 'truststoreONAPall.jks'
- nameOverride: clamp-backend-cert-initializer
- aafDeployFqi: deployer@people.osaaf.org
- aafDeployPass: demo123456!
- fqdn: clamp
- fqi: clamp@clamp.onap.org
- public_fqdn: clamp.onap.org
- cadi_longitude: '-72.0'
- cadi_latitude: '38.0'
- app_ns: org.osaaf.aaf
- credsPath: /opt/app/osaaf/local
- aaf_add_config: >
- /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop;
- cd {{ .Values.credsPath }};
- chmod a+rx *;
-
-secrets:
- - uid: db-creds
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
- login: '{{ .Values.db.user }}'
- password: '{{ .Values.db.password }}'
- passwordPolicy: required
- - uid: sdc-creds
- type: password
- externalSecret: '{{ tpl (default "" .Values.sdc.sdcClientExternalSecret) . }}'
- password: '{{ .Values.sdc.clientPassword }}'
- passwordPolicy: required
- - uid: runtime-be-secret
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.config.appUserExternalSecret) . }}'
- login: '{{ .Values.config.policyAppUserName }}'
- password: '{{ .Values.config.policyAppUserPassword }}'
- passwordPolicy: required
-
-flavor: small
-
-# application image
-image: onap/policy-clamp-backend:6.3.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# log configuration
-log:
- path: /var/log/onap
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-
-#####dummy values for db user and password to pass lint!!!#######
-sdc:
- clientPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-
-db:
- user: policy_user
- password: policy_user
- image: mariadb:10.5.8
- service:
- name: policy-mariadb
- internalPort: 3306
-
-config:
- policyAppUserName: runtimeUser
- policyAppUserPassword: none
- log:
- logstashServiceName: log-ls
- logstashPort: 5044
- mysqlPassword: strong_pitchou
- dataRootDir: /dockerdata-nfs
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 120
- periodSeconds: 10
- timeoutSeconds: 3
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
- timeoutSeconds: 3
-
-service:
- type: ClusterIP
- name: policy-clamp-be
- portName: policy-clamp-be
- internalPort: 8443
- externalPort: 8443
-
-ingress:
- enabled: false
-
-#resources: {}
-# We usually recommend not to specify default resources and to leave this as a conscious
-# choice for the user. This also increases chances charts run on environments with little
-# resources, such as Minikube. If you do want to specify resources, uncomment the following
-# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-#
-# Example:
-# Configure resource requests and limits
-# ref: http://kubernetes.io/docs/user-guide/compute-resources/
-# Minimum memory for development is 2 CPU cores and 4GB memory
-# Minimum memory for production is 4 CPU cores and 8GB memory
-resources:
- small:
- limits:
- cpu: 1
- memory: 1Gi
- requests:
- cpu: 1m
- memory: 1Gi
- large:
- limits:
- cpu: 1
- memory: 3Gi
- requests:
- cpu: 10m
- memory: 3Gi
- unlimited: {}
-
-#Pods Service Account
-serviceAccount:
- nameOverride: policy-clamp-be
- roles:
- - read
diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml
index 87b613a3ef..7c7d07979b 100644
--- a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml
@@ -85,7 +85,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-runtime-acm:6.3.0
+image: onap/policy-clamp-runtime-acm:6.3.1
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml
index 11b47a676e..22c8fc4ba9 100755
--- a/kubernetes/policy/components/policy-distribution/values.yaml
+++ b/kubernetes/policy/components/policy-distribution/values.yaml
@@ -67,7 +67,7 @@ global:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-distribution:2.8.0
+image: onap/policy-distribution:2.8.1
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml
index 72f22bcd3b..7b55612a9a 100755
--- a/kubernetes/policy/components/policy-drools-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml
@@ -41,7 +41,7 @@ secrets:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-pdpd-cl:1.11.0
+image: onap/policy-pdpd-cl:1.11.1
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-gui/values.yaml b/kubernetes/policy/components/policy-gui/values.yaml
index 8761df7a6b..330d1fcac8 100644
--- a/kubernetes/policy/components/policy-gui/values.yaml
+++ b/kubernetes/policy/components/policy-gui/values.yaml
@@ -75,7 +75,7 @@ subChartsOnly:
flavor: small
# application image
-image: onap/policy-gui:2.3.0
+image: onap/policy-gui:2.3.1
pullPolicy: Always
# flag to enable debugging - application support required
@@ -127,7 +127,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "policygui.api"
+ - baseaddr: "policy-ui"
name: "policygui"
port: 2443
config:
diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml
index cc66af9146..1d1561cd7c 100755
--- a/kubernetes/policy/components/policy-pap/values.yaml
+++ b/kubernetes/policy/components/policy-pap/values.yaml
@@ -100,7 +100,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-pap:2.7.0
+image: onap/policy-pap:2.7.1
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml
index c29e0303fd..691e9ce855 100755
--- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml
@@ -83,7 +83,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-xacml-pdp:2.7.0
+image: onap/policy-xacml-pdp:2.7.1
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml
index 1b9955b5a7..b3297278a9 100755
--- a/kubernetes/policy/values.yaml
+++ b/kubernetes/policy/values.yaml
@@ -170,7 +170,7 @@ mariadb:
image: mariadb:10.5.8
dbmigrator:
- image: onap/policy-db-migrator:2.5.0
+ image: onap/policy-db-migrator:2.5.1
schema: policyadmin
policy_home: "/opt/app/policy"
diff --git a/kubernetes/portal/components/portal-app/values.yaml b/kubernetes/portal/components/portal-app/values.yaml
index 039f56016e..483a7f3568 100644
--- a/kubernetes/portal/components/portal-app/values.yaml
+++ b/kubernetes/portal/components/portal-app/values.yaml
@@ -141,9 +141,10 @@ messageRouter:
ingress:
enabled: false
service:
- - baseaddr: portal.api
+ - baseaddr: portal-ui
name: "portal-app"
port: 8443
+ plain_port: 8080
config:
ssl: "redirect"
diff --git a/kubernetes/portal/components/portal-sdk/values.yaml b/kubernetes/portal/components/portal-sdk/values.yaml
index 617ed100ef..1bc6b44852 100644
--- a/kubernetes/portal/components/portal-sdk/values.yaml
+++ b/kubernetes/portal/components/portal-sdk/values.yaml
@@ -136,7 +136,7 @@ messageRouter:
ingress:
enabled: false
service:
- - baseaddr: portal-sdk
+ - baseaddr: portal-sdk-api
name: "portal-sdk"
port: 8443
config:
diff --git a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
index 3c5f9ce73a..8365c68297 100644
--- a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
+++ b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
@@ -152,11 +152,11 @@ GLOBAL_SDC_USERNAME = '{{ .Values.sdcUsername }}'
GLOBAL_SDC_PASSWORD = '{{ .Values.sdcPassword }}'
GLOBAL_SDC_AUTHENTICATION = [GLOBAL_SDC_USERNAME, GLOBAL_SDC_PASSWORD]
# clamp info - everything is from the private oam network (also called onap private network)
-GLOBAL_CLAMP_SERVER_PROTOCOL = "https"
+GLOBAL_CLAMP_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}'
GLOBAL_CLAMP_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "policy-gui" "port" 2443) }}'
# nbi info - everything is from the private oam network (also called onap private network)
-GLOBAL_NBI_SERVER_PROTOCOL = "https"
-GLOBAL_NBI_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "nbi" "port" 8443) }}'
+GLOBAL_NBI_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}'
+GLOBAL_NBI_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "nbi" "port" ( ternary 8443 8080 (eq "true" (include "common.needTLS" . )))) }}'
# cli info - everything is from the private oam network (also called onap private network)
GLOBAL_CLI_SERVER_PROTOCOL = "https"
GLOBAL_CLI_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "cli" "port" 443) }}'
@@ -176,10 +176,10 @@ GLOBAL_DCAE_AUTHENTICATION = [GLOBAL_DCAE_USERNAME, GLOBAL_DCAE_PASSWORD]
GLOBAL_DCAE_HVVES_SERVER_NAME = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dcae-hv-ves-collector") }}'
GLOBAL_DCAE_HVVES_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dcae-hv-ves-collector" "port" 6061) }}'
# data router info - everything is from the private oam network (also called onap private network)
-GLOBAL_DMAAP_DR_PROV_SERVER_PROTOCOL = "https"
+GLOBAL_DMAAP_DR_PROV_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}'
GLOBAL_DMAAP_DR_PROV_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dmaap-dr-prov" "port" 443) }}'
-GLOBAL_DMAAP_DR_NODE_SERVER_PROTOCOL = "https"
-GLOBAL_DMAAP_DR_NODE_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dmapp-dr-node" "port" 8443) }}'
+GLOBAL_DMAAP_DR_NODE_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}'
+GLOBAL_DMAAP_DR_NODE_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dmapp-dr-node" "port" ( ternary 8443 8080 (eq "true" (include "common.needTLS" . )))) }}'
# dmaap message router info
GLOBAL_DMAAP_MESSAGE_ROUTER_SERVER_NAME = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "message-router") }}'
GLOBAL_DMAAP_MESSAGE_ROUTER_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "message-router" "port" 3904) }}'
@@ -216,14 +216,14 @@ GLOBAL_POMBA_ELASTICSEARCH_PORT = '{{include "robot.ingress.port" (dict "root" .
GLOBAL_POMBA_CONTEXTAGGREGATOR_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "pomba-contextaggregator" "port" 9529) }}'
# microservice bus info - everything is from the private oam network (also called onap private network)
-GLOBAL_MSB_SERVER_PROTOCOL = "https"
-GLOBAL_MSB_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "clamp" "port" 443) }}'
+GLOBAL_MSB_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}'
+GLOBAL_MSB_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "msb-iag" "port" ( ternary 443 80 (eq "true" (include "common.needTLS" . )))) }}'
# message router info - everything is from the private oam network (also called onap private network)
GLOBAL_MR_SERVER_PROTOCOL = "http"
GLOBAL_MR_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "message-router" "port" 3904) }}'
# bus controller info
-GLOBAL_BC_SERVER_PROTOCOL = "https"
-GLOBAL_BC_HTTPS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dmaap-bc" "port" 8443) }}'
+GLOBAL_BC_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}'
+GLOBAL_BC_HTTPS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dmaap-bc" "port" ( ternary 8443 8080 (eq "true" (include "common.needTLS" . )))) }}'
GLOBAL_BC_USERNAME = '{{ .Values.bcUsername }}'
GLOBAL_BC_PASSWORD = '{{ .Values.bcPassword }}'
# dcae inventory and deployment handler info
@@ -290,7 +290,7 @@ GLOBAL_SO_NSSMF_ENDPOINT = 'http://' + GLOBAL_INJECTED_SO_NSSMF_IP_ADDR + ':' +
GLOBAL_MUSIC_SERVER_PROTOCOL = "https"
GLOBAL_MUSIC_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "music" "port" 8443) }}'
# oof global info - everything is from the private oam network (also called onap private network)
-GLOBAL_OOF_SERVER_PROTOCOL = "https"
+GLOBAL_OOF_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}'
# oof-homing info - everything is from the private oam network (also called onap private network)
GLOBAL_OOF_HOMING_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "oof-has-api" "port" 8091) }}'
GLOBAL_OOF_HOMING_USERNAME="{{ .Values.oofHomingUsername }}"
@@ -315,7 +315,7 @@ GLOBAL_PACKET_GENERATOR_USERNAME = "admin"
GLOBAL_PACKET_GENERATOR_PASSWORD = "admin"
GLOBAL_PGN_PORT = "2831"
# policy info - everything is from the private oam network (also called onap private network)
-GLOBAL_POLICY_SERVER_PROTOCOL = "https"
+GLOBAL_POLICY_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}'
GLOBAL_POLICY_SERVER_PORT = "8081"
GLOBAL_POLICY_HEALTHCHECK_PORT = "6969"
GLOBAL_POLICY_AUTH = '{{ .Values.policyAuth}}'
@@ -332,9 +332,9 @@ GLOBAL_PORTAL_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "host
GLOBAL_PORTAL_USERNAME = '{{ .Values.portalUsername }}'
GLOBAL_PORTAL_PASSWORD = '{{ .Values.portalPassword }}'
# sdnc info - everything is from the private oam network (also called onap private network)
-GLOBAL_SDNC_SERVER_PROTOCOL = "https"
-GLOBAL_SDNC_REST_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdnc" "port" 8443) }}'
-GLOBAL_SDNC_ADMIN_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdnc-portal" "port" 8443) }}'
+GLOBAL_SDNC_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}'
+GLOBAL_SDNC_REST_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdnc" "port" ( ternary 8443 8282 (eq "true" (include "common.needTLS" . )))) }}'
+GLOBAL_SDNC_ADMIN_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdnc-portal" "port" ( ternary 8443 8080 (eq "true" (include "common.needTLS" . )))) }}'
GLOBAL_SDNC_USERNAME = '{{ .Values.sdncUsername }}'
GLOBAL_SDNC_PASSWORD = '{{ .Values.sdncPassword }}'
GLOBAL_SDNC_AUTHENTICATION = [GLOBAL_SDNC_USERNAME, GLOBAL_SDNC_PASSWORD]
@@ -350,13 +350,13 @@ GLOBAL_VID_PASSWORD = '{{ .Values.vidPassword}}'
GLOBAL_VID_HEALTH_USERNAME = '{{ .Values.vidHealthUsername }}'
GLOBAL_VID_HEALTH_PASSWORD = '{{ .Values.vidHealthPassword }}'
# vnfsdk info - everything is from the private oam network (also called onap private network)
-GLOBAL_VNFSDK_SERVER_PROTOCOL = "https"
+GLOBAL_VNFSDK_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}'
GLOBAL_VNFSDK_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "refrepo" "port" 8703) }}'
GLOBAL_DCAE_VES_PROTOCOL = "http"
GLOBAL_DCAE_VES_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dcae-ves-collector" "port" 8080) }}'
-GLOBAL_DCAE_VES_HTTPS_PROTOCOL = "https"
-GLOBAL_DCAE_VES_HTTPS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dcae-ves-collector-https" "port" 8443) }}'
+GLOBAL_DCAE_VES_HTTPS_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}'
+GLOBAL_DCAE_VES_HTTPS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dcae-ves-collector-https" "port" ( ternary 8443 8080 (eq "true" (include "common.needTLS" . )))) }}'
GLOBAL_DCAE_VES_USERNAME = 'sample1'
GLOBAL_DCAE_VES_PASSWORD = 'sample1'
diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml
index 0b1aa0e71d..d7ee2437c8 100644
--- a/kubernetes/robot/values.yaml
+++ b/kubernetes/robot/values.yaml
@@ -437,7 +437,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "robot.api"
+ - baseaddr: "robot-api"
name: "robot"
port: 443
config:
diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml
index dc3b669526..9f216352c0 100644
--- a/kubernetes/sdc/components/sdc-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-be/values.yaml
@@ -135,9 +135,10 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "sdc.api.be"
+ - baseaddr: "sdc-be-api"
name: "sdc-be"
port: 8443
+ plain_port: 8080
config:
ssl: "redirect"
diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml
index 5e0c8da5fb..76c9e13767 100644
--- a/kubernetes/sdc/components/sdc-fe/values.yaml
+++ b/kubernetes/sdc/components/sdc-fe/values.yaml
@@ -122,9 +122,10 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "sdc.api.fe"
+ - baseaddr: "sdc-fe-ui"
name: "sdc-fe"
port: 9443
+ plain_port: 8181
config:
ssl: "redirect"
diff --git a/kubernetes/sdc/components/sdc-wfd-be/values.yaml b/kubernetes/sdc/components/sdc-wfd-be/values.yaml
index 828283ec76..8e4916901b 100644
--- a/kubernetes/sdc/components/sdc-wfd-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-be/values.yaml
@@ -136,9 +136,10 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "sdcwfdbe"
+ - baseaddr: "sdc-wfd-be-api"
name: "sdc-wfd-be"
port: 8443
+ plain_port: 8080
config:
ssl: "redirect"
diff --git a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml
index fd6f713655..37fdfd7993 100644
--- a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml
@@ -110,9 +110,10 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "sdcwfdfe"
+ - baseaddr: "sdc-wfd-fe-ui"
name: "sdc-wfd-fe"
port: 8443
+ plain_port: 8080
annotations:
ingress.kubernetes.io/secure-backends: "false"
nginx.ingress.kubernetes.io/secure-backends: "false"
diff --git a/kubernetes/sdnc/templates/service.yaml b/kubernetes/sdnc/templates/service.yaml
index d2482eab56..1fe4ee3ded 100644
--- a/kubernetes/sdnc/templates/service.yaml
+++ b/kubernetes/sdnc/templates/service.yaml
@@ -70,13 +70,8 @@ spec:
type: ClusterIP
ports:
- name: "{{ .Values.service.portName }}-restconf-alt"
- {{ if .Values.global.aafEnabled }}
port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- {{- else -}}
- port: {{ .Values.service.internalPort4 }}
- targetPort: {{ .Values.service.internalPort4 }}
- {{ end }}
- name: "{{ .Values.service.portName }}-karaf"
port: {{ .Values.service.externalPort2 }}
targetPort: {{ .Values.service.internalPort2 }}
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index 292ea05479..c2b1a9a795 100644
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -486,12 +486,13 @@ dgbuilder:
ingress:
enabled: false
service:
- - baseaddr: "sdnc-dgbuilder"
+ - baseaddr: "sdnc-dgbuilder-ui"
name: "sdnc-dgbuilder"
port: 3000
- - baseaddr: "sdnc-web-service"
+ - baseaddr: "sdnc-web-service-api"
name: "sdnc-web-service"
port: 8443
+ plain_port: 8080
config:
ssl: "redirect"
@@ -617,9 +618,10 @@ certpersistence:
ingress:
enabled: false
service:
- - baseaddr: "sdnc.api"
+ - baseaddr: "sdnc-api"
name: "sdnc"
port: 8443
+ plain_port: 8282
config:
ssl: "redirect"
diff --git a/kubernetes/so/components/so-admin-cockpit/resources/config/overrides/override.yaml b/kubernetes/so/components/so-admin-cockpit/resources/config/overrides/override.yaml
index e1bac69fe3..348609b8da 100644
--- a/kubernetes/so/components/so-admin-cockpit/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-admin-cockpit/resources/config/overrides/override.yaml
@@ -1,4 +1,7 @@
server:
+ {{- if include "common.onServiceMesh" . }}
+ forward-headers-strategy: none
+ {{- end }}
port: {{ index .Values.containerPort }}
{{- if .Values.global.aafEnabled }}
ssl:
diff --git a/kubernetes/so/components/so-admin-cockpit/values.yaml b/kubernetes/so/components/so-admin-cockpit/values.yaml
index 6cba922571..f3954ed13f 100644
--- a/kubernetes/so/components/so-admin-cockpit/values.yaml
+++ b/kubernetes/so/components/so-admin-cockpit/values.yaml
@@ -151,7 +151,7 @@ livenessProbe:
ingress:
enabled: false
service:
- - baseaddr: "soadmincockpit"
+ - baseaddr: "so-admin-cockpit-ui"
name: "so-admin-cockpit"
port: 9091
config:
diff --git a/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml b/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml
index 661ed64b0e..061d8f0847 100644
--- a/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml
@@ -15,6 +15,9 @@
*/}}
server:
+ {{- if include "common.onServiceMesh" . }}
+ forward-headers-strategy: none
+ {{- end }}
port: {{ index .Values.containerPort }}
tomcat:
max-threads: 50
diff --git a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml
index ddff9c1dea..77e553bd67 100755
--- a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml
@@ -20,7 +20,7 @@ aai:
{{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
{{ else }}
- endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ endpoint: http://aai.{{ include "common.namespace" . }}:80
{{ end }}
workflowAaiDistributionDelay: PT30S
pnfEntryNotificationTimeout: P14D
@@ -358,6 +358,9 @@ sniro:
headers.minorVersion: 1
headers.latestVersion: 2
server:
+ {{- if include "common.onServiceMesh" . }}
+ forward-headers-strategy: none
+ {{- end }}
port: {{ index .Values.containerPort }}
tomcat:
max-threads: 50
diff --git a/kubernetes/so/components/so-catalog-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-catalog-db-adapter/resources/config/overrides/override.yaml
index 7aa5984403..c82a0d29d4 100755
--- a/kubernetes/so/components/so-catalog-db-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-catalog-db-adapter/resources/config/overrides/override.yaml
@@ -14,6 +14,9 @@
# limitations under the License.
*/}}
server:
+ {{- if include "common.onServiceMesh" . }}
+ forward-headers-strategy: none
+ {{- end }}
port: {{ index .Values.containerPort }}
tomcat:
max-threads: 50
diff --git a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml
index 0c2f679082..d667cb5c60 100755
--- a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml
@@ -19,7 +19,7 @@ aai:
{{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
{{ else }}
- endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ endpoint: http://aai.{{ include "common.namespace" . }}:80
{{ end }}
enabled: {{ .Values.global.aai.enabled }}
logging:
@@ -31,6 +31,9 @@ spring:
password: ${ACTUATOR_PASSWORD}
role: ACTUATOR
server:
+ {{- if include "common.onServiceMesh" . }}
+ forward-headers-strategy: none
+ {{- end }}
port: {{ index .Values.containerPort }}
tomcat:
max-threads: 50
diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml
index 7c1cb1b3c4..df47c0a5fd 100644
--- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml
@@ -20,7 +20,7 @@ aai:
{{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
{{ else }}
- endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ endpoint: http://aai.{{ include "common.namespace" . }}:80
{{ end }}
spring:
datasource:
@@ -45,6 +45,9 @@ spring:
password: ${ETSI_NFVO_PASSWORD}
role: ETSI-NFVO-Client
server:
+ {{- if include "common.onServiceMesh" . }}
+ forward-headers-strategy: none
+ {{- end }}
port: {{ .Values.containerPort }}
tomcat:
max-threads: 50
diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml
index 57bf2f3c17..f791cdac81 100644
--- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml
+++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml
@@ -150,7 +150,7 @@ livenessProbe:
ingress:
enabled: false
service:
- - baseaddr: 'soetsinfvonslcm'
+ - baseaddr: 'so-etsi-nfvo-ns-lcm-api'
name: 'so-etsi-nfvo-ns-lcm'
port: 9095
config:
diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml
index 33b38add57..fed38f7592 100755
--- a/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml
@@ -19,7 +19,7 @@ aai:
{{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
{{ else }}
- endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ endpoint: http://aai.{{ include "common.namespace" . }}:80
{{ end }}
spring:
security:
@@ -31,6 +31,9 @@ spring:
password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
role: ACTUATOR
server:
+ {{- if include "common.onServiceMesh" . }}
+ forward-headers-strategy: none
+ {{- end }}
port: {{ index .Values.containerPort }}
ssl:
enabled: false
diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/values.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/values.yaml
index 42554bb5a2..339b042c21 100755
--- a/kubernetes/so/components/so-etsi-sol003-adapter/values.yaml
+++ b/kubernetes/so/components/so-etsi-sol003-adapter/values.yaml
@@ -101,7 +101,7 @@ livenessProbe:
ingress:
enabled: false
service:
- - baseaddr: "soetsisol003adapter"
+ - baseaddr: "so-etsi-sol003-adapter-api"
name: "so-etsi-sol003-adapter"
port: 9092
config:
diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml
index e1e2fc23c6..189a02bf73 100755
--- a/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml
@@ -33,6 +33,9 @@ spring:
password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
role: ACTUATOR
server:
+ {{- if include "common.onServiceMesh" . }}
+ forward-headers-strategy: none
+ {{- end }}
port: {{ index .Values.containerPort }}
tomcat:
max-threads: 50
diff --git a/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml
index 1d8a97c028..016b3f534f 100755
--- a/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml
@@ -18,7 +18,7 @@ aai:
{{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
{{ else }}
- endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ endpoint: http://aai.{{ include "common.namespace" . }}:80
{{ end }}
logging:
path: logs
@@ -44,6 +44,9 @@ spring:
password: ${ACTUATOR_PASSWORD}
role: ACTUATOR
server:
+ {{- if include "common.onServiceMesh" . }}
+ forward-headers-strategy: none
+ {{- end }}
port: {{ index .Values.containerPort }}
tomcat:
max-threads: 50
diff --git a/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml
index 8db5d26788..2d645bebf2 100755
--- a/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml
@@ -25,6 +25,9 @@ spring:
password: ${ACTUATOR_PASSWORD}
role: ACTUATOR
server:
+ {{- if include "common.onServiceMesh" . }}
+ forward-headers-strategy: none
+ {{- end }}
port: {{ index .Values.containerPort }}
tomcat:
max-threads: 50
diff --git a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml
index 487e93132d..7dc22c3536 100755
--- a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml
@@ -18,10 +18,14 @@ aai:
{{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
{{ else }}
- endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ endpoint: http://aai.{{ include "common.namespace" . }}:80
{{ end }}
server:
+ {{- if include "common.onServiceMesh" . }}
+ forward-headers-strategy: none
+ {{- end }}
port: {{ index .Values.containerPort }}
+SW port: {{ index .Values.containerPort }}
spring:
datasource:
hikari:
@@ -117,8 +121,8 @@ mso:
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.encrypted "value2" .Values.mso.auth )}}
logPath: ./logs/openstack
msb-ip: msb-iag
- msb-port: 443
- msb-scheme: https
+ msb-port: 80
+ msb-scheme: http
workflow:
endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/sobpmnengine
msoKey: {{ .Values.mso.msoKey }}
diff --git a/kubernetes/so/components/so-request-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-request-db-adapter/resources/config/overrides/override.yaml
index 9b70ddcb5d..86e02d638a 100755
--- a/kubernetes/so/components/so-request-db-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-request-db-adapter/resources/config/overrides/override.yaml
@@ -15,6 +15,9 @@
# will be used as entry in DB to say SITE OFF/ON for healthcheck
*/}}
server:
+ {{- if include "common.onServiceMesh" . }}
+ forward-headers-strategy: none
+ {{- end }}
port: {{ index .Values.containerPort }}
tomcat:
max-threads: 50
diff --git a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml
index ffa66e9d78..29a1cf7443 100755
--- a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml
@@ -16,6 +16,9 @@
aai:
auth: {{.Values.aai.auth}}
server:
+ {{- if include "common.onServiceMesh" . }}
+ forward-headers-strategy: none
+ {{- end }}
port: {{ index .Values.containerPort }}
spring:
datasource:
@@ -66,7 +69,7 @@ mso:
{{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
{{ else }}
- endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ endpoint: http://aai.{{ include "common.namespace" . }}:80
{{ end }}
asdc-connections:
asdc-controller1:
diff --git a/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml
index 5c7a9af467..119236b1b2 100755
--- a/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml
@@ -14,6 +14,9 @@
# limitations under the License.
*/}}
server:
+ {{- if include "common.onServiceMesh" . }}
+ forward-headers-strategy: none
+ {{- end }}
port: {{ index .Values.containerPort }}
mso:
msoKey: ${MSO_KEY}
diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml
index 8471540011..1a96abf9cb 100755
--- a/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml
@@ -15,6 +15,9 @@
*/}}
server:
+ {{- if include "common.onServiceMesh" . }}
+ forward-headers-strategy: none
+ {{- end }}
port: {{ include "common.getPort" (dict "global" . "name" "http") }}
vevnfmadapter:
@@ -28,7 +31,7 @@ aai:
{{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
{{ else }}
- endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ endpoint: http://aai.{{ include "common.namespace" . }}:80
{{ end }}
dmaap:
diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml
index 6933607827..48b75c72e9 100755
--- a/kubernetes/so/resources/config/overrides/override.yaml
+++ b/kubernetes/so/resources/config/overrides/override.yaml
@@ -2,7 +2,7 @@ aai:
{{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
{{ else }}
- endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ endpoint: http://aai.{{ include "common.namespace" . }}:80
{{ end }}
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}}
server:
@@ -62,7 +62,7 @@ mso:
{{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
{{ else }}
- endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ endpoint: http://aai.{{ include "common.namespace" . }}:80
{{ end }}
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}}
diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml
index 553de8c2d9..911c34da51 100755
--- a/kubernetes/so/values.yaml
+++ b/kubernetes/so/values.yaml
@@ -280,7 +280,7 @@ mariadb-galera:
ingress:
enabled: false
service:
- - baseaddr: 'so.api'
+ - baseaddr: 'so-api'
name: 'so'
port: 8080
config:
diff --git a/kubernetes/uui/components/uui-server/values.yaml b/kubernetes/uui/components/uui-server/values.yaml
index edeef7af9a..8b98ae6fb5 100644
--- a/kubernetes/uui/components/uui-server/values.yaml
+++ b/kubernetes/uui/components/uui-server/values.yaml
@@ -103,7 +103,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: uuiserver
+ - baseaddr: uui-server-api
name: "uui-server"
port: 8082
config:
diff --git a/kubernetes/uui/values.yaml b/kubernetes/uui/values.yaml
index 10d9a253ba..d265b6e9ec 100644
--- a/kubernetes/uui/values.yaml
+++ b/kubernetes/uui/values.yaml
@@ -97,7 +97,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "uui.api"
+ - baseaddr: "uui-ui"
name: "uui"
port: 8443
config:
diff --git a/kubernetes/vid/values.yaml b/kubernetes/vid/values.yaml
index aba010eb26..f2ca8143a3 100644
--- a/kubernetes/vid/values.yaml
+++ b/kubernetes/vid/values.yaml
@@ -170,9 +170,10 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "vid.api"
+ - baseaddr: "vid-ui"
name: "vid-http"
port: 8443
+ plain_port: 8080
config:
ssl: "redirect"
diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml
index 0fbee4c07f..a19f15d991 100644
--- a/kubernetes/vnfsdk/values.yaml
+++ b/kubernetes/vnfsdk/values.yaml
@@ -140,7 +140,7 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "refrepo"
+ - baseaddr: "vnfsdk-refrepo-api"
name: "refrepo"
port: 8703
config: