diff options
Diffstat (limited to 'kubernetes')
119 files changed, 431 insertions, 376 deletions
diff --git a/kubernetes/a1policymanagement/resources/config/application.yaml b/kubernetes/a1policymanagement/resources/config/application.yaml index 37754ca00c..05fddb2628 100644 --- a/kubernetes/a1policymanagement/resources/config/application.yaml +++ b/kubernetes/a1policymanagement/resources/config/application.yaml @@ -52,6 +52,7 @@ server: port: 8433 http-port: 8081 ssl: + enabled: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }} key-store-type: PKCS12 key-store-password: ${KEYSTORE_PASSWORD} key-store: {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 diff --git a/kubernetes/a1policymanagement/resources/config/application_configuration.json b/kubernetes/a1policymanagement/resources/config/application_configuration.json index 6b8ebfb35e..757ee04f35 100644 --- a/kubernetes/a1policymanagement/resources/config/application_configuration.json +++ b/kubernetes/a1policymanagement/resources/config/application_configuration.json @@ -3,7 +3,7 @@ "controller": [ { "name": "controller1", - "baseUrl": "{{ .Values.sdncLink }}", + "baseUrl": "{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.sdncLink .Values.sdncLinkHttp }}", "userName": "${A1CONTROLLER_USER}", "password": "${A1CONTROLLER_PASSWORD}" } diff --git a/kubernetes/a1policymanagement/templates/statefulset.yaml b/kubernetes/a1policymanagement/templates/statefulset.yaml index 0114b30158..89d131e26c 100644 --- a/kubernetes/a1policymanagement/templates/statefulset.yaml +++ b/kubernetes/a1policymanagement/templates/statefulset.yaml @@ -39,8 +39,10 @@ spec: args: - -c - | + {{- if (include "common.needTLS" .) }} export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop\ | xargs -0) + {{- end }} cd /config-input for PFILE in `ls -1` do diff --git a/kubernetes/a1policymanagement/values.yaml b/kubernetes/a1policymanagement/values.yaml index 17fa320472..71d8852b53 100644 --- a/kubernetes/a1policymanagement/values.yaml +++ b/kubernetes/a1policymanagement/values.yaml @@ -86,6 +86,7 @@ a1controller: password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U sdncLink: https://sdnc.onap:8443 +sdncLinkHttp: http://sdnc.onap:8282 # The information about A1-Mediator/RICs can be added here. # The A1 policy management service supports both STD & OSC versions. # Alternatively, the A1 simulator from ORAN-SC can also be used. It provides STD & OSC versions for A1 termination. diff --git a/kubernetes/aaf/components/aaf-cm/values.yaml b/kubernetes/aaf/components/aaf-cm/values.yaml index 964b5c1002..a8159dc2cd 100644 --- a/kubernetes/aaf/components/aaf-cm/values.yaml +++ b/kubernetes/aaf/components/aaf-cm/values.yaml @@ -69,7 +69,7 @@ service: ingress: enabled: false service: - - baseaddr: "aafcm" + - baseaddr: "aaf-cm-api" name: "aaf-cm" port: 8150 config: diff --git a/kubernetes/aaf/components/aaf-fs/values.yaml b/kubernetes/aaf/components/aaf-fs/values.yaml index e911a10828..a0e9fe9bae 100644 --- a/kubernetes/aaf/components/aaf-fs/values.yaml +++ b/kubernetes/aaf/components/aaf-fs/values.yaml @@ -70,7 +70,7 @@ service: ingress: enabled: false service: - - baseaddr: "aaffs" + - baseaddr: "aaf-fs-api" name: "aaf-fs" port: 8096 config: diff --git a/kubernetes/aaf/components/aaf-gui/values.yaml b/kubernetes/aaf/components/aaf-gui/values.yaml index e239e615ed..fd416b64dc 100644 --- a/kubernetes/aaf/components/aaf-gui/values.yaml +++ b/kubernetes/aaf/components/aaf-gui/values.yaml @@ -70,7 +70,7 @@ service: ingress: enabled: false service: - - baseaddr: "aafgui" + - baseaddr: "aaf-ui" name: "aaf-gui" port: 8200 config: diff --git a/kubernetes/aaf/components/aaf-locate/values.yaml b/kubernetes/aaf/components/aaf-locate/values.yaml index 0a3e4d432b..86a93214e7 100644 --- a/kubernetes/aaf/components/aaf-locate/values.yaml +++ b/kubernetes/aaf/components/aaf-locate/values.yaml @@ -67,7 +67,7 @@ service: ingress: enabled: false service: - - baseaddr: "aaflocate" + - baseaddr: "aaf-locate-api" name: "aaf-locate" port: 8095 config: diff --git a/kubernetes/aaf/components/aaf-oauth/values.yaml b/kubernetes/aaf/components/aaf-oauth/values.yaml index 2e9b6d42fa..a103fb2e22 100644 --- a/kubernetes/aaf/components/aaf-oauth/values.yaml +++ b/kubernetes/aaf/components/aaf-oauth/values.yaml @@ -70,7 +70,7 @@ service: ingress: enabled: false service: - - baseaddr: "aafoauth" + - baseaddr: "aaf-oauth-api" name: "aaf-oauth" port: 8140 config: diff --git a/kubernetes/aaf/components/aaf-service/values.yaml b/kubernetes/aaf/components/aaf-service/values.yaml index 8d8da0db4a..a6f3c5dc4e 100644 --- a/kubernetes/aaf/components/aaf-service/values.yaml +++ b/kubernetes/aaf/components/aaf-service/values.yaml @@ -69,7 +69,7 @@ service: ingress: enabled: false service: - - baseaddr: "aafservice" + - baseaddr: "aaf-service-api" name: "aaf-service" port: 8100 config: diff --git a/kubernetes/aai/components/aai-babel/values.yaml b/kubernetes/aai/components/aai-babel/values.yaml index 29a5104c9b..3cfc8189df 100644 --- a/kubernetes/aai/components/aai-babel/values.yaml +++ b/kubernetes/aai/components/aai-babel/values.yaml @@ -59,7 +59,7 @@ certInitializer: ################################################################# # application image -image: onap/babel:1.9.6 +image: onap/babel:1.11.0 flavor: small flavorOverride: small @@ -93,7 +93,7 @@ service: ingress: enabled: false service: - - baseaddr: "aaibabel" + - baseaddr: "aai-babel-api" name: "aai-babel" port: 9516 config: diff --git a/kubernetes/aai/components/aai-graphadmin/values.yaml b/kubernetes/aai/components/aai-graphadmin/values.yaml index 23091c11b8..170223ccbb 100644 --- a/kubernetes/aai/components/aai-graphadmin/values.yaml +++ b/kubernetes/aai/components/aai-graphadmin/values.yaml @@ -144,7 +144,7 @@ certInitializer: chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }} # application image -image: onap/aai-graphadmin:1.9.5 +image: onap/aai-graphadmin:1.11.0 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties b/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties index 89a118b25d..681da5d069 100644 --- a/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties +++ b/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties @@ -44,8 +44,10 @@ ml.distribution.MSG_BUS_ADDRESSES=message-router.{{.Release.Namespace}} ml.aai.BASE_URL=https://aai.{{.Release.Namespace}}:8443 ml.aai.KEYSTORE_FILE=aai-os-cert.p12 ml.aai.KEYSTORE_PASSWORD=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o +ml.aai.USE_HTTPS= true {{ else }} -ml.aai.BASE_URL=http://aai.{{.Release.Namespace}}:8080 +ml.aai.BASE_URL=http://aai.{{.Release.Namespace}}:80 +ml.aai.USE_HTTPS= false {{ end }} ml.aai.MODEL_URL=/aai/v*/service-design-and-creation/models/model/ ml.aai.NAMED_QUERY_URL=/aai/v*/service-design-and-creation/named-queries/named-query/ @@ -62,9 +64,11 @@ ml.babel.KEYSTORE_FILE=aaf/local/{{ .Values.certInitializer.fqi_namespace }}.p12 ml.babel.KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD} ml.babel.TRUSTSTORE_FILE=aaf/local/{{ .Values.certInitializer.fqi_namespace }}.trust.jks ml.babel.TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD} +ml.babel.USE_HTTPS= true {{ else }} ml.babel.KEYSTORE_FILE= ml.babel.KEYSTORE_PASSWORD= ml.babel.TRUSTSTORE_FILE= ml.babel.TRUSTSTORE_PASSWORD= +ml.babel.USE_HTTPS= false {{ end }} diff --git a/kubernetes/aai/components/aai-modelloader/values.yaml b/kubernetes/aai/components/aai-modelloader/values.yaml index 3b7d79e4a3..7857f6bc92 100644 --- a/kubernetes/aai/components/aai-modelloader/values.yaml +++ b/kubernetes/aai/components/aai-modelloader/values.yaml @@ -56,7 +56,7 @@ certInitializer: chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }} # application image -image: onap/model-loader:1.9.4 +image: onap/model-loader:1.11.0 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml index ce055334c0..2dfbfeebe5 100644 --- a/kubernetes/aai/components/aai-resources/values.yaml +++ b/kubernetes/aai/components/aai-resources/values.yaml @@ -157,7 +157,7 @@ certInitializer: chown -R 1000 {{ .Values.credsPath }} # application image -image: onap/aai-resources:1.9.7 +image: onap/aai-resources:1.11.0 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml index 727d1654bc..a72b1d9ec1 100644 --- a/kubernetes/aai/components/aai-schema-service/values.yaml +++ b/kubernetes/aai/components/aai-schema-service/values.yaml @@ -94,7 +94,7 @@ certInitializer: chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }} # application image -image: onap/aai-schema-service:1.9.7 +image: onap/aai-schema-service:1.11.0 pullPolicy: Always restartPolicy: Always flavorOverride: small diff --git a/kubernetes/aai/components/aai-sparky-be/values.yaml b/kubernetes/aai/components/aai-sparky-be/values.yaml index 5c540c9b96..b4cea4c5a2 100644 --- a/kubernetes/aai/components/aai-sparky-be/values.yaml +++ b/kubernetes/aai/components/aai-sparky-be/values.yaml @@ -120,7 +120,7 @@ service: ingress: enabled: false service: - - baseaddr: "aaisparkybe" + - baseaddr: "aai-sparkybe-api" name: "aai-sparky-be" port: 8000 config: diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml index 3b5de06207..81d372aded 100644 --- a/kubernetes/aai/components/aai-traversal/values.yaml +++ b/kubernetes/aai/components/aai-traversal/values.yaml @@ -140,7 +140,7 @@ certInitializer: chown -R 1000 {{ .Values.credsPath }} # application image -image: onap/aai-traversal:1.9.6 +image: onap/aai-traversal:1.11.0 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index 94f2bea548..247c58be2b 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -396,9 +396,10 @@ service: ingress: enabled: false service: - - baseaddr: "aai.api" + - baseaddr: "aai-api" name: "aai" port: 8443 + plain_port: 80 config: ssl: "redirect" diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml index f59a64f3d2..d224030db3 100644 --- a/kubernetes/appc/values.yaml +++ b/kubernetes/appc/values.yaml @@ -344,9 +344,10 @@ persistence: ingress: enabled: false service: - - baseaddr: "appc.api" + - baseaddr: "appc-api" name: "appc" port: 8443 + plain_port: 1830 config: ssl: "redirect" diff --git a/kubernetes/cds/components/cds-blueprints-processor/values.yaml b/kubernetes/cds/components/cds-blueprints-processor/values.yaml index 7ed3e85555..4b478e21e2 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/values.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/values.yaml @@ -237,7 +237,7 @@ cluster: ingress: enabled: false service: - - baseaddr: "blueprintsprocessorhttp" + - baseaddr: "cds-blueprintsprocessor-api" name: "cds-blueprints-processor-http" port: 8080 config: diff --git a/kubernetes/cds/components/cds-ui/values.yaml b/kubernetes/cds/components/cds-ui/values.yaml index 14fc014920..1c8c60a8d7 100644 --- a/kubernetes/cds/components/cds-ui/values.yaml +++ b/kubernetes/cds/components/cds-ui/values.yaml @@ -102,7 +102,7 @@ service: ingress: enabled: false service: - - baseaddr: "cdsui" + - baseaddr: "cds-ui" name: "cds-ui" port: 3000 config: diff --git a/kubernetes/cli/values.yaml b/kubernetes/cli/values.yaml index 58c649c326..db36661383 100644 --- a/kubernetes/cli/values.yaml +++ b/kubernetes/cli/values.yaml @@ -99,10 +99,10 @@ service: ingress: enabled: false service: - - baseaddr: "cli.api" + - baseaddr: "cli-api" name: "cli" port: 443 - - baseaddr: "cli2.api" + - baseaddr: "cli2-api" name: cli port: 9443 config: diff --git a/kubernetes/consul/values.yaml b/kubernetes/consul/values.yaml index e2aa181efb..9036606377 100644 --- a/kubernetes/consul/values.yaml +++ b/kubernetes/consul/values.yaml @@ -61,7 +61,7 @@ service: {} ingress: enabled: false service: - - baseaddr: "consul.api" + - baseaddr: "consul-api" name: "consul-server" port: 8800 config: diff --git a/kubernetes/cps/components/cps-core/values.yaml b/kubernetes/cps/components/cps-core/values.yaml index d2bee113ba..5f85122721 100644 --- a/kubernetes/cps/components/cps-core/values.yaml +++ b/kubernetes/cps/components/cps-core/values.yaml @@ -154,7 +154,7 @@ startup: ingress: enabled: true service: - - baseaddr: "cps-core" + - baseaddr: "cps-core-api" path: "/" name: "cps-core" port: *svc_port diff --git a/kubernetes/cps/components/cps-temporal/values.yaml b/kubernetes/cps/components/cps-temporal/values.yaml index af9306aa25..3ff7d0279f 100644 --- a/kubernetes/cps/components/cps-temporal/values.yaml +++ b/kubernetes/cps/components/cps-temporal/values.yaml @@ -122,7 +122,7 @@ readiness: ingress: enabled: true service: - - baseaddr: "cps-temporal" + - baseaddr: "cps-temporal-api" path: "/" name: "cps-temporal" port: *svc_port diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml index 1971273ddf..143bd67516 100644 --- a/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml +++ b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml @@ -120,7 +120,7 @@ readiness: ingress: enabled: true service: - - baseaddr: "ncmp-dmi-plugin" + - baseaddr: "cps-ncmp-dmi-plugin-api" path: "/" name: *svc_name port: *svc_port diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/ingress.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/ingress.yaml new file mode 100644 index 0000000000..79df5ced0c --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/ingress.yaml @@ -0,0 +1,17 @@ +{{/* +# Copyright (C) 2022 Deutsche Telekom AG +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{ include "common.ingress" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml index d9f91cfab8..5b0eea661c 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml @@ -120,6 +120,16 @@ service: plain_port: 8100 port_protocol: http +ingress: + enabled: false + service: + - baseaddr: "dcae-datafile-collector-api" + name: "datafile-collector" + port: 8443 + plain_port: 8100 + config: + ssl: "redirect" + # Data Router Publisher Credentials drPubscriberCreds: username: username diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/ingress.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/ingress.yaml new file mode 100644 index 0000000000..df12117b3e --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/ingress.yaml @@ -0,0 +1,17 @@ +{{/* +# Copyright (C) 2022 Deutsche Telekom AG +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{ include "common.ingress" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml index 067ddb2cf2..9beef813f8 100644 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml @@ -118,6 +118,15 @@ service: port_protocol: http nodePort: 22 +ingress: + enabled: false + service: + - baseaddr: "dcae-hv-ves-collector-api" + name: "dcae-hv-ves-collector" + port: 6061 + config: + ssl: "redirect" + #strimzi kafka config hvVesKafkaUser: dcae-hv-ves-kafka-user diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/ingress.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/ingress.yaml new file mode 100644 index 0000000000..df12117b3e --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/ingress.yaml @@ -0,0 +1,17 @@ +{{/* +# Copyright (C) 2022 Deutsche Telekom AG +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{ include "common.ingress" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml index 701fa4e67c..1a3cffa7b1 100644 --- a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml @@ -97,6 +97,16 @@ service: nodePort: 16 useNodePortExt: true +ingress: + enabled: false + service: + - baseaddr: "dcae-restconf-collector-api" + name: "dcae-restconf-collector" + port: 8443 + plain_port: 8080 + config: + ssl: "redirect" + # AAF Credentials controllerCreds: username: access diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml index 6ee1a491af..46002b1651 100644 --- a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml @@ -50,7 +50,7 @@ secrets: passwordPolicy: generate ################################aafcreds################################# -# InitContainer Image. +# InitContainer Image ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 @@ -58,7 +58,8 @@ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.1.3 +repository: nexus3.onap.org:10001 +image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.1.5 pullPolicy: IfNotPresent ################################################################# @@ -69,10 +70,11 @@ pullPolicy: IfNotPresent # policy sync is used for provide runtime configuration for slicems # policy id is originally set to "onap.dcae.slicems.config" -# dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 -# policies: +#dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 +#pullPolicy: IfNotPresent +#policies: # duration: -# 300 +# 10 # policyID: | # '["onap.dcae.slicems.config"]' @@ -167,11 +169,13 @@ applicationConfig: sliceanalysisms.aaiNotif.targetAction: UPDATE sliceanalysisms.aaiNotif.targetSource: UUI sliceanalysisms.aaiNotif.targetEntity: service-instance - sliceanalysisms.ccvpnEvalInterval: 15 - sliceanalysisms.ccvpnEvalThreshold: 0.8 + sliceanalysisms.ccvpnEvalInterval: 5 + sliceanalysisms.ccvpnEvalUpperThreshold: 0.8 + sliceanalysisms.ccvpnEvalLowerThreshold: 0.3 sliceanalysisms.ccvpnEvalPrecision: 100.0 sliceanalysisms.ccvpnEvalPeriodicCheckOn: true sliceanalysisms.ccvpnEvalOnDemandCheckOn: true + sliceanalysisms.ccvpnEvalStrategy: FlexibleThresholdStrategy streams_publishes: CL_topic: type: message-router diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/ingress.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/ingress.yaml new file mode 100644 index 0000000000..df12117b3e --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/ingress.yaml @@ -0,0 +1,17 @@ +{{/* +# Copyright (C) 2022 Deutsche Telekom AG +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{ include "common.ingress" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml index c9fb0517a3..746853c286 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml @@ -107,6 +107,16 @@ service: nodePort: 17 useNodePortExt: true +ingress: + enabled: false + service: + - baseaddr: "dcae-ves-collector-api" + name: "dcae-ves-collector" + port: 8443 + plain_port: 8080 + config: + ssl: "redirect" + # application environments applicationEnv: CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml' diff --git a/kubernetes/dcaemod/components/dcaemod-designtool/values.yaml b/kubernetes/dcaemod/components/dcaemod-designtool/values.yaml index 86aad57b1b..b05639b178 100644 --- a/kubernetes/dcaemod/components/dcaemod-designtool/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-designtool/values.yaml @@ -44,11 +44,11 @@ ingress: enabled: true enabledOverride: true service: - - baseaddr: "dcaemod" + - baseaddr: "dcaemod-nifi-ui" path: "/nifi" name: "dcaemod-designtool" port: 8080 - - baseaddr: "dcaemod" + - baseaddr: "dcaemod-nifi-api" path: "/nifi-api" name: "dcaemod-designtool" port: 8080 diff --git a/kubernetes/dcaemod/components/dcaemod-distributor-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-distributor-api/values.yaml index 12c0204b10..68fcf1487f 100644 --- a/kubernetes/dcaemod/components/dcaemod-distributor-api/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-distributor-api/values.yaml @@ -44,7 +44,7 @@ ingress: enabled: true enabledOverride: true service: - - baseaddr: "dcaemod" + - baseaddr: "dcaemod-distributor-api" path: "/distributor" name: dcaemod-distributor-api port: 8080 diff --git a/kubernetes/dcaemod/components/dcaemod-genprocessor/values.yaml b/kubernetes/dcaemod/components/dcaemod-genprocessor/values.yaml index 81c5888f10..2dafdc9c8a 100644 --- a/kubernetes/dcaemod/components/dcaemod-genprocessor/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-genprocessor/values.yaml @@ -44,7 +44,7 @@ ingress: enabled: true enabledOverride: true service: - - baseaddr: "dcaemod" + - baseaddr: "dcaemod-genprocessor-api" path: "/nifi-jars" name: dcaemod-genprocessor port: 8080 diff --git a/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml index 2aefedbc86..70067e557c 100644 --- a/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml @@ -50,7 +50,7 @@ ingress: enabled: true enabledOverride: true service: - - baseaddr: "dcaemod" + - baseaddr: "dcaemod-onboarding-api" path: "/onboarding" name: dcaemod-onboarding-api port: 8080 diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml index 538820dea4..911fee85f4 100644 --- a/kubernetes/dmaap/components/dmaap-bc/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -138,9 +138,10 @@ postgres: ingress: enabled: false service: - - baseaddr: "dmaapbc" + - baseaddr: "dmaap-bc-api" name: "dmaap-bc" port: 8443 + plain_port: 8080 config: ssl: "redirect" diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index 3382068f9d..6da3cda668 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -105,9 +105,10 @@ secrets: {} ingress: enabled: false service: - - baseaddr: "dmaapdrnode" + - baseaddr: "dmaap-dr-node-api" name: "dmaap-dr-node" port: 8443 + plain_port: 8080 config: ssl: "redirect" diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index 4a68f674f1..59b0765f28 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -79,9 +79,10 @@ persistence: ingress: enabled: false service: - - baseaddr: "dmaapdrprov" + - baseaddr: "dmaap-dr-prov-api" name: "dmaap-dr-prov" port: 8443 + plain_port: 8080 config: ssl: "redirect" diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index 63c62ca48c..f9904e67c8 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -154,9 +154,10 @@ prometheus: ingress: enabled: false service: - - baseaddr: "mr.api" + - baseaddr: "dmaap-mr-api" name: "message-router" port: 3905 + plain_port: 3904 config: ssl: "redirect" diff --git a/kubernetes/log/components/log-elasticsearch/values.yaml b/kubernetes/log/components/log-elasticsearch/values.yaml index 7919a0948e..74cf4ed8c2 100644 --- a/kubernetes/log/components/log-elasticsearch/values.yaml +++ b/kubernetes/log/components/log-elasticsearch/values.yaml @@ -90,7 +90,7 @@ service: ingress: enabled: false service: - - baseaddr: "loges" + - baseaddr: "log-es-api" name: "log-es" port: 9200 config: diff --git a/kubernetes/log/components/log-kibana/values.yaml b/kubernetes/log/components/log-kibana/values.yaml index 767ea6ae99..276bfea3b7 100644 --- a/kubernetes/log/components/log-kibana/values.yaml +++ b/kubernetes/log/components/log-kibana/values.yaml @@ -73,7 +73,7 @@ service: ingress: enabled: false service: - - baseaddr: "kibana.api" + - baseaddr: "log-kibana-ui" name: "log-kibana" port: 5601 config: diff --git a/kubernetes/log/components/log-logstash/values.yaml b/kubernetes/log/components/log-logstash/values.yaml index 7a0674cdf5..0ffb32aa68 100644 --- a/kubernetes/log/components/log-logstash/values.yaml +++ b/kubernetes/log/components/log-logstash/values.yaml @@ -72,10 +72,10 @@ service: ingress: enabled: false service: - - baseaddr: "logls" + - baseaddr: "log-ls-api" name: "log-ls" port: 5044 - - baseaddr: "loglshttp" + - baseaddr: "log-ls-http-api" name: "log-ls" port: 9600 config: diff --git a/kubernetes/msb/components/msb-consul/values.yaml b/kubernetes/msb/components/msb-consul/values.yaml index 258d49e30b..01f246689f 100644 --- a/kubernetes/msb/components/msb-consul/values.yaml +++ b/kubernetes/msb/components/msb-consul/values.yaml @@ -57,7 +57,7 @@ service: ingress: enabled: false service: - - baseaddr: "msbconsul" + - baseaddr: "msb-consul-api" name: "msb-consul" port: 8500 config: diff --git a/kubernetes/msb/components/msb-discovery/values.yaml b/kubernetes/msb/components/msb-discovery/values.yaml index 2d18d14532..678dde79fa 100644 --- a/kubernetes/msb/components/msb-discovery/values.yaml +++ b/kubernetes/msb/components/msb-discovery/values.yaml @@ -57,7 +57,7 @@ service: ingress: enabled: false service: - - baseaddr: "msb.api.discovery" + - baseaddr: "msb-discovery-api" name: "msb-discovery" port: 10081 config: diff --git a/kubernetes/msb/components/msb-eag/values.yaml b/kubernetes/msb/components/msb-eag/values.yaml index 45f93ed63d..1c3f3131d6 100644 --- a/kubernetes/msb/components/msb-eag/values.yaml +++ b/kubernetes/msb/components/msb-eag/values.yaml @@ -97,9 +97,10 @@ service: ingress: enabled: false service: - - baseaddr: "msbeag" + - baseaddr: "msb-eag-ui" name: "msb-eag" port: 443 + plain_port: 80 config: ssl: "redirect" diff --git a/kubernetes/msb/components/msb-iag/values.yaml b/kubernetes/msb/components/msb-iag/values.yaml index 602177b479..4bb772da16 100644 --- a/kubernetes/msb/components/msb-iag/values.yaml +++ b/kubernetes/msb/components/msb-iag/values.yaml @@ -97,9 +97,10 @@ service: ingress: enabled: false service: - - baseaddr: "msbiag" + - baseaddr: "msb-iag-ui" name: "msb-iag" port: 443 + plain_port: 80 config: ssl: "redirect" diff --git a/kubernetes/nbi/templates/deployment.yaml b/kubernetes/nbi/templates/deployment.yaml index b9ed35b0f7..6a246a623c 100644 --- a/kubernetes/nbi/templates/deployment.yaml +++ b/kubernetes/nbi/templates/deployment.yaml @@ -18,25 +18,12 @@ apiVersion: apps/v1 kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} + selector: {{- include "common.selectors" . | nindent 4 }} replicas: {{ .Values.replicaCount }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - name: {{ include "common.fullname" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: {{- if .Values.global.aafEnabled }} initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }} @@ -45,8 +32,7 @@ spec: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} + ports: {{ include "common.containerPorts" . | nindent 12 }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{- if .Values.global.aafEnabled }} @@ -68,17 +54,17 @@ spec: {{ if .Values.liveness.enabled }} livenessProbe: httpGet: - port: {{ .Values.liveness.port }} + port: {{ if (include "common.needTLS" .) }}{{ .Values.service.internalPort }}{{ else }}{{ .Values.service.internalPlainPort }}{{ end }} path: {{ .Values.liveness.path }} - scheme: HTTPS + scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} readinessProbe: httpGet: - port: {{ .Values.readiness.port }} + port: {{ if (include "common.needTLS" .) }}{{ .Values.service.internalPort }}{{ else }}{{ .Values.service.internalPlainPort }}{{ end }} path: {{ .Values.readiness.path }} - scheme: HTTPS + scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: @@ -105,15 +91,15 @@ spec: - name: ONAP_K8SCLOUDOWNER value: {{ .Values.config.k8sCloudOwner }} - name: NBI_URL - value: "https://nbi.{{ include "common.namespace" . }}:8443/nbi/api/v4" + value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}://nbi.{{ include "common.namespace" . }}:{{ if (include "common.needTLS" .) }}{{ .Values.service.internalPort }}{{ else }}{{ .Values.service.internalPlainPort }}{{ end }}/nbi/api/v4" - name: SDC_HOST - value: "https://sdc-be.{{ include "common.namespace" . }}:8443" + value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}://sdc-be.{{ include "common.namespace" . }}:{{ if (include "common.needTLS" .) }}8443{{ else }}8080{{ end }}" - name: SDC_HEADER_ECOMPINSTANCEID value: {{ .Values.config.ecompInstanceId }} - name: SDC_HEADER_AUTHORIZATION value: {{ .Values.sdc_authorization }} - name: AAI_HOST - value: "https://aai.{{ include "common.namespace" . }}:8443" + value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}://aai.{{ include "common.namespace" . }}:{{ if (include "common.needTLS" .) }}8443{{ else }}80{{ end }}" - name: AAI_HEADER_AUTHORIZATION value: {{ .Values.aai_authorization }} - name: SO_HOST @@ -123,11 +109,11 @@ spec: value: {{ .Values.so_authorization }} {{- end }} - name: DMAAP_HOST - value: "https://message-router.{{ include "common.namespace" . }}:3905" + value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}://message-router.{{ include "common.namespace" . }}:{{ if (include "common.needTLS" .) }}3905{{ else }}3904{{ end }}" - name: LOGGING_LEVEL_ORG_ONAP_NBI value: {{ .Values.config.loglevel }} - name: MSB_ENABLED - value: "true" + value: "{{ .Values.global.msbEnabled }}" - name: MSB_DISCOVERY_HOST value: "msb-discovery.{{ include "common.namespace" . }}" - name: MSB_DISCOVERY_PORT diff --git a/kubernetes/nbi/templates/service.yaml b/kubernetes/nbi/templates/service.yaml index 4d5359ce0e..11fae18dc1 100644 --- a/kubernetes/nbi/templates/service.yaml +++ b/kubernetes/nbi/templates/service.yaml @@ -14,28 +14,4 @@ # limitations under the License. */}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }}-{{ .Values.service.internalPort }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} +{{ include "common.service" . }}
\ No newline at end of file diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index 9b69a4356f..dc323675ad 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -25,6 +25,7 @@ global: internalPort: 3306 nameOverride: mariadb-galera aafEnabled: true + msbEnabled: true ################################################################# # AAF part @@ -134,7 +135,6 @@ affinity: {} # probe configuration parameters liveness: path: /nbi/api/v4/status - port: 8443 initialDelaySeconds: 180 periodSeconds: 30 # necessary to disable liveness probe when setting breakpoints @@ -143,7 +143,6 @@ liveness: readiness: path: /nbi/api/v4/status - port: 8443 initialDelaySeconds: 185 periodSeconds: 30 @@ -151,15 +150,21 @@ service: type: NodePort portName: api name: nbi - nodePort: 74 internalPort: 8443 + internalPlainPort: 8080 + ports: + - name: http + port: 8443 + plain_port: 8080 + nodePort: '74' ingress: enabled: false service: - - baseaddr: "nbi.api" + - baseaddr: "nbi-api" name: "nbi" port: 8443 + plain_port: 8080 config: ssl: "redirect" # Resource Limit flavor -By Default using small diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml index 3ed20ba8a6..4e38c830f0 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml @@ -44,8 +44,10 @@ spec: args: - --container-name - oof-has-controller + {{- if (include "common.needTLS" .) }} - --container-name - aaf-service + {{- end }} env: - name: NAMESPACE valueFrom: @@ -55,6 +57,7 @@ spec: image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{- if (include "common.needTLS" .) }} - name: {{ include "common.name" . }}-has-sms-readiness command: - sh @@ -73,6 +76,7 @@ spec: fieldPath: metadata.namespace image: {{ include "repositoryGenerator.image.curl" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{- end }} {{ include "common.certInitializer.initContainer" . | indent 6 }} containers: @@ -108,9 +112,11 @@ spec: - mountPath: /usr/local/bin/log.conf name: {{ .Values.global.commonConfigPrefix }}-config subPath: log.conf + {{- if (include "common.needTLS" .) }} - mountPath: /usr/local/bin/AAF_RootCA.cer name: {{ include "common.fullname" . }}-onap-certs subPath: aaf_root_ca.cer + {{- end }} resources: {{ include "common.resources" . | indent 12 }} - name: {{ include "common.name" . }}-nginx @@ -121,8 +127,10 @@ spec: args: - "-c" - | + {{- if (include "common.needTLS" .) }} grep -v '^$' /opt/bitnami/nginx/ssl/local/org.onap.oof.crt > /tmp/oof.crt cat /tmp/oof.crt /tmp/intermediate_root_ca.pem /tmp/AAF_RootCA.cer >> /opt/bitnami/nginx/org.onap.oof.crt + {{- end }} /opt/bitnami/scripts/nginx/entrypoint.sh /opt/bitnami/scripts/nginx/run.sh ports: - containerPort: {{ .Values.service.internalPort }} @@ -146,12 +154,14 @@ spec: - mountPath: /opt/bitnami/nginx/conf/nginx.conf name: {{ .Values.global.commonConfigPrefix }}-config subPath: nginx.conf + {{- if (include "common.needTLS" .) }} - mountPath: /tmp/AAF_RootCA.cer name: {{ include "common.fullname" . }}-onap-certs subPath: aaf_root_ca.cer - mountPath: /tmp/intermediate_root_ca.pem name: {{ include "common.fullname" . }}-onap-certs subPath: intermediate_root_ca.pem + {{- end }} resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -178,6 +188,8 @@ spec: path: conductor.conf - key: log.conf path: log.conf +{{- if (include "common.needTLS" .) }} {{ include "oof.certificate.volume" . | indent 8 }} +{{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml index 751545ebef..f13e7cea9b 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml @@ -32,11 +32,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml index d0d81c57ba..c850cb7752 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml @@ -45,7 +45,7 @@ service: externalPort: 8091 internalPort: 8091 nodePort: 75 - portName: oof-has-api + portName: http #backend container info uwsgi: @@ -106,7 +106,7 @@ certInitializer: ingress: enabled: false service: - - baseaddr: "oof-has-api.onap" + - baseaddr: "oof-has-api" name: "oof-has-api" port: 8091 config: diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml index 55bb4f620d..92be670db6 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml @@ -43,8 +43,10 @@ spec: args: - --job-name - {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job + {{- if (include "common.needTLS" .) }} - --container-name - aaf-sms + {{- end }} env: - name: NAMESPACE valueFrom: @@ -54,6 +56,7 @@ spec: image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{- if (include "common.needTLS" .) }} - name: {{ include "common.name" . }}-cont-sms-readiness command: - sh @@ -72,6 +75,7 @@ spec: fieldPath: metadata.namespace image: {{ include "repositoryGenerator.image.curl" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{- end }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }} @@ -113,9 +117,11 @@ spec: - mountPath: /usr/local/bin/healthy.sh name: {{ .Values.global.commonConfigPrefix }}-config subPath: healthy.sh + {{- if (include "common.needTLS" .) }} - mountPath: /usr/local/bin/AAF_RootCA.cer name: {{ include "common.fullname" . }}-onap-certs subPath: aaf_root_ca.cer + {{- end }} resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -141,6 +147,8 @@ spec: path: log.conf - key: healthy.sh path: healthy.sh +{{- if (include "common.needTLS" .) }} {{ include "oof.certificate.volume" . | indent 8 }} +{{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml index 4f58ec3b94..72ecd7db2d 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml @@ -52,6 +52,7 @@ spec: image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{- if (include "common.needTLS" .) }} - name: {{ include "common.name" . }}-data-sms-readiness command: - sh @@ -70,6 +71,7 @@ spec: fieldPath: metadata.namespace image: {{ include "repositoryGenerator.image.curl" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{- end }} containers: - name: {{ include "common.name" . }} @@ -112,6 +114,7 @@ spec: - mountPath: /usr/local/bin/healthy.sh name: {{ .Values.global.commonConfigPrefix }}-config subPath: healthy.sh + {{- if (include "common.needTLS" .) }} - mountPath: /usr/local/bin/aai_cert.cer name: {{ .Values.global.commonConfigPrefix }}-config subPath: aai_cert.cer @@ -121,6 +124,7 @@ spec: - mountPath: /usr/local/bin/AAF_RootCA.cer name: {{ include "common.fullname" . }}-onap-certs subPath: aaf_root_ca.cer + {{- end }} resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -146,10 +150,14 @@ spec: path: log.conf - key: healthy.sh path: healthy.sh + {{- if (include "common.needTLS" .) }} - key: aai_cert.cer path: aai_cert.cer - key: aai_key.key path: aai_key.key + {{- end }} +{{- if (include "common.needTLS" .) }} {{ include "oof.certificate.volume" . | indent 8 }} +{{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml index f8755ea66b..b90a6f6e89 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml @@ -52,6 +52,7 @@ spec: image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{- if (include "common.needTLS" .) }} - name: {{ include "common.name" . }}-resrv-sms-readiness command: - sh @@ -70,6 +71,7 @@ spec: fieldPath: metadata.namespace image: {{ include "repositoryGenerator.image.curl" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{- end }} containers: - name: {{ include "common.name" . }} @@ -112,9 +114,11 @@ spec: - mountPath: /usr/local/bin/healthy.sh name: {{ .Values.global.commonConfigPrefix }}-config subPath: healthy.sh + {{- if (include "common.needTLS" .) }} - mountPath: /usr/local/bin/AAF_RootCA.cer name: {{ include "common.fullname" . }}-onap-certs subPath: aaf_root_ca.cer + {{- end }} resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -140,6 +144,8 @@ spec: path: log.conf - key: healthy.sh path: healthy.sh +{{- if (include "common.needTLS" .) }} {{ include "oof.certificate.volume" . | indent 8 }} +{{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml index 154bc78e41..4499d9806e 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml @@ -52,6 +52,7 @@ spec: image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{- if (include "common.needTLS" .) }} - name: {{ include "common.name" . }}-solvr-sms-readiness command: - sh @@ -70,6 +71,7 @@ spec: fieldPath: metadata.namespace image: {{ include "repositoryGenerator.image.curl" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{- end }} containers: - name: {{ include "common.name" . }} @@ -112,9 +114,11 @@ spec: - mountPath: /usr/local/bin/healthy.sh name: {{ .Values.global.commonConfigPrefix }}-config subPath: healthy.sh + {{- if (include "common.needTLS" .) }} - mountPath: /usr/local/bin/AAF_RootCA.cer name: {{ include "common.fullname" . }}-onap-certs subPath: aaf_root_ca.cer + {{- end }} resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -140,6 +144,8 @@ spec: path: log.conf - key: healthy.sh path: healthy.sh +{{- if (include "common.needTLS" .) }} {{ include "oof.certificate.volume" . | indent 8 }} +{{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/components/oof-has/resources/config/conductor.conf b/kubernetes/oof/components/oof-has/resources/config/conductor.conf index 78553d73af..d650808036 100755 --- a/kubernetes/oof/components/oof-has/resources/config/conductor.conf +++ b/kubernetes/oof/components/oof-has/resources/config/conductor.conf @@ -159,13 +159,13 @@ appkey = "" # # is_aaf_enabled. (boolean value) -is_aaf_enabled = true +is_aaf_enabled = {{ (eq "true" (include "common.needTLS" .)) | ternary true false }} # aaf_cache_expiry_hrs. (integer value) aaf_cache_expiry_hrs = 3 # aaf_url. (string value) -aaf_url = https://{{.Values.config.aaf.serviceName}}:{{.Values.config.aaf.port}}/authz/perms/user/ +aaf_url = http{{ if (include "common.needTLS" .) }}s{{ end }}://{{.Values.config.aaf.serviceName}}:{{.Values.config.aaf.port}}/authz/perms/user/ # aaf_cert_file. (string value) #aaf_cert_file = <None> @@ -175,7 +175,7 @@ aaf_url = https://{{.Values.config.aaf.serviceName}}:{{.Values.config.aaf.port}} # aaf_ca_bundle_file. (string value) #aaf_ca_bundle_file = -aaf_ca_bundle_file = /usr/local/bin/AAF_RootCA.cer +aaf_ca_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }} # aaf_retries. (integer value) #aaf_retries = 3 @@ -193,9 +193,12 @@ aaf_ca_bundle_file = /usr/local/bin/AAF_RootCA.cer # From conductor # +# is_enabled. (boolean value) +is_enabled = {{ (eq "true" (include "common.needTLS" .)) | ternary true false }} + # Base URL for SMS, up to and not including the version, and without a trailing # slash. (string value) -aaf_sms_url = https://{{.Values.config.sms.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.sms.port}} +aaf_sms_url = http{{ if (include "common.needTLS" .) }}s{{ end }}://{{.Values.config.sms.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.sms.port}} # Timeout for SMS API Call (integer value) @@ -231,7 +234,8 @@ complex_cache_refresh_interval = 60 # Base URL for A&AI, up to and not including the version, and without a # trailing slash. (string value) -server_url = https://{{.Values.config.aai.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.aai.port}}/aai +#server_url = https://{{.Values.config.aai.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.aai.port}}/aai +server_url = http{{ if (include "common.needTLS" .) }}s{{ end }}://{{.Values.config.aai.serviceName}}.{{ include "common.namespace" . }}:{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.aai.port .Values.config.aai.plainPort }}/aai # Timeout for A&AI Rest Call (string value) #aai_rest_timeout = 30 @@ -252,7 +256,7 @@ certificate_key_file = # Certificate Authority Bundle file in pem format. Must contain the appropriate # trust chain for the Certificate file. (string value) #certificate_authority_bundle_file = certificate_authority_bundle.pem -certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer +certificate_authority_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }} # Username for AAI. (string value) username = OOF @@ -676,7 +680,8 @@ concurrent = true # Base URL for SDC, up to and not including the version, and without a # trailing slash. (string value) #server_url = https://controller:8443/sdc -server_url = https://{{.Values.config.sdc.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.sdc.port}}/sdc +#server_url = https://{{.Values.config.sdc.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.sdc.port}}/sdc +server_url = http{{ if (include "common.needTLS" .) }}s{{ end }}://{{.Values.config.sdc.serviceName}}.{{ include "common.namespace" . }}:{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdc.port .Values.config.sdc.plainPort }}/sdc # Timeout for SDC Rest Call (string value) #sdc_rest_timeout = 30 @@ -699,7 +704,7 @@ certificate_key_file = # Certificate Authority Bundle file in pem format. Must contain the appropriate # trust chain for the Certificate file. (string value) #certificate_authority_bundle_file = certificate_authority_bundle.pem -certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer +certificate_authority_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }} # Username for SDC. (string value) #username = @@ -744,7 +749,7 @@ certificate_key_file = # Certificate Authority Bundle file in pem format. Must contain the appropriate # trust chain for the Certificate file. (string value) #certificate_authority_bundle_file = certificate_authority_bundle.pem -certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer +certificate_authority_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }} # Username for CPS. (string value) #username = @@ -788,7 +793,7 @@ certificate_key_file = # Certificate Authority Bundle file in pem format. Must contain the appropriate # trust chain for the Certificate file. (string value) #certificate_authority_bundle_file = certificate_authority_bundle.pem -certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer +certificate_authority_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }} # Username for DCAE. (string value) #username = diff --git a/kubernetes/oof/components/oof-has/resources/config/nginx.conf b/kubernetes/oof/components/oof-has/resources/config/nginx.conf index cbb1b60a58..9272e8581c 100644 --- a/kubernetes/oof/components/oof-has/resources/config/nginx.conf +++ b/kubernetes/oof/components/oof-has/resources/config/nginx.conf @@ -11,12 +11,17 @@ http { server { +{{ if (include "common.needTLS" .) }} listen 8091 ssl; server_name oof; ssl_certificate /opt/bitnami/nginx/org.onap.oof.crt; ssl_certificate_key /opt/bitnami/nginx/ssl/local/org.onap.oof.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; ssl_ciphers HIGH:!aNULL:!MD5; +{{ else }} + listen 8091; + server_name oof; +{{ end }} location / { include /opt/bitnami/nginx/conf/uwsgi_params; diff --git a/kubernetes/oof/components/oof-has/values.yaml b/kubernetes/oof/components/oof-has/values.yaml index 733b9209b5..0c5397c5a8 100755 --- a/kubernetes/oof/components/oof-has/values.yaml +++ b/kubernetes/oof/components/oof-has/values.yaml @@ -56,6 +56,7 @@ config: aai: serviceName: aai port: 8443 + plainPort: 80 msb: serviceName: msb-iag port: 80 @@ -68,6 +69,7 @@ config: sdc: serviceName: sdc-be port: 8443 + plainPort: 8080 cps: service: cps-tbdmt port: 8080 diff --git a/kubernetes/oof/resources/config/conf/common_config.yaml b/kubernetes/oof/resources/config/conf/common_config.yaml index 57e8e27a19..d34967617b 100644 --- a/kubernetes/oof/resources/config/conf/common_config.yaml +++ b/kubernetes/oof/resources/config/conf/common_config.yaml @@ -5,7 +5,7 @@ osdf_system: external: 8698 # clients use this port on DockerHost osdf_ip_default: 0.0.0.0 # # Important Note: At deployment time, we need to ensure the port mapping is done - ssl_context: ['/opt/osdf/org.onap.oof.crt', '/opt/osdf/osaaf/local/org.onap.oof.key'] + ssl_context: {{ if (include "common.needTLS" .) }}['/opt/osdf/org.onap.oof.crt', '/opt/osdf/osaaf/local/org.onap.oof.key']{{ end }} osdf_temp: # special configuration required for "workarounds" or testing local_policies: diff --git a/kubernetes/oof/resources/config/conf/osdf_config.yaml b/kubernetes/oof/resources/config/conf/osdf_config.yaml index 441a77ab5a..ff62bb6b0a 100755 --- a/kubernetes/oof/resources/config/conf/osdf_config.yaml +++ b/kubernetes/oof/resources/config/conf/osdf_config.yaml @@ -11,14 +11,14 @@ placementDefaultMinorVersion: {{ .Values.config.placementDefaultMinorVersion }} placementDefaultPatchVersion: {{ .Values.config.placementDefaultPatchVersion }} # Credentials for Conductor -conductorUrl: {{ .Values.config.conductorUrl }} +conductorUrl: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.conductorUrl.https .Values.config.conductorUrl.http }} conductorPingWaitTime: {{ .Values.config.conductorPingWaitTime }} conductorMaxRetries: {{ .Values.config.conductorMaxRetries }} # versions to be set in HTTP header conductorMinorVersion: {{ .Values.config.conductorMinorVersion }} # Policy Platform -- requires ClientAuth, Authorization, and Environment -policyPlatformUrl: {{ .Values.config.policyPlatformUrl }} +policyPlatformUrl: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.policyPlatformUrl.https .Values.config.policyPlatformUrl.http }} policyPlatformEnv: {{ .Values.config.policyPlatformEnv }} # Credentials for DMaaP @@ -31,14 +31,14 @@ sdcONAPInstanceID: {{ .Values.config.sdcONAPInstanceID }} is_aaf_enabled: {{ .Values.config.is_aaf_enabled }} aaf_cache_expiry_mins: {{ .Values.config.aaf_cache_expiry_mins }} -aaf_url: {{ .Values.config.aaf_url }} +aaf_url: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.aaf_url.https .Values.config.aaf_url.http }} aaf_user_roles: {{- range .Values.config.aaf_user_roles }} - {{ . }} {{- end }} # Secret Management Service from AAF -aaf_sms_url: {{ .Values.config.aaf_sms_url }}.{{ include "common.namespace" . }}:{{ .Values.config.aaf_sms_port }} +aaf_sms_url: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.aaf_sms_url.https .Values.config.aaf_sms_url.http }}.{{ include "common.namespace" . }}:{{ .Values.config.aaf_sms_port }} aaf_sms_timeout: {{ .Values.config.aaf_sms_timeout }} secret_domain: {{ .Values.config.secret_domain }} aaf_ca_certs: {{ .Values.config.aaf_ca_certs }} @@ -56,7 +56,7 @@ cpsCellListUrl: {{ .Values.config.cps.cellListUrl }} cpsNbrListUrl: {{ .Values.config.cps.nbrListUrl }} # AAI api -aaiUrl: {{ .Values.config.aaiUrl }} +aaiUrl: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.aaiUrl.https .Values.config.aaiUrl.http }} aaiGetLinksUrl: {{ .Values.config.aaiGetLinksUrl }} aaiServiceInstanceUrl : {{ .Values.config.aaiServiceInstanceUrl }} aaiGetControllersUrl: {{ .Values.config.aaiGetControllersUrl }} @@ -65,7 +65,7 @@ aaiGetInterDomainLinksUrl: {{ .Values.config.aaiGetInterDomainLinksUrl }} dslQueryPath: /aai/v23/dsl?format= #DES api -desUrl: {{ .Values.config.desUrl }} +desUrl: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.desUrl.https .Values.config.desUrl.http }} desApiPath: {{ .Values.config.desApiPath }} desHeaders: Accept: application/json @@ -77,4 +77,3 @@ desPassword: {{ .Values.config.desPassword }} appkey: '' activateConsulConfig: False - diff --git a/kubernetes/oof/templates/deployment.yaml b/kubernetes/oof/templates/deployment.yaml index 58ff39e1e5..31884c06bb 100644 --- a/kubernetes/oof/templates/deployment.yaml +++ b/kubernetes/oof/templates/deployment.yaml @@ -52,12 +52,13 @@ spec: image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness + {{- if (include "common.needTLS" .) }} - command: - sh - -c - resp="FAILURE"; until [ $resp = "200" ]; do - resp=$(curl -s -o /dev/null -k --write-out %{http_code} https://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/osdf/secret); + resp=$(curl -s -o /dev/null -k --write-out %{http_code} http{{ if (include "common.needTLS" .) }}s{{ end }}://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/osdf/secret); echo $resp; sleep 2; done @@ -70,6 +71,7 @@ spec: image: {{ include "repositoryGenerator.image.curl" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-osdf-sms-readiness + {{- end }} {{ include "common.certInitializer.initContainer" . | indent 6 }} containers: - name: {{ include "common.name" . }} @@ -80,8 +82,10 @@ spec: args: - "-c" - | + {{- if (include "common.needTLS" .) }} grep -v '^$' /opt/osdf/osaaf/local/org.onap.oof.crt > /tmp/oof.crt cat /tmp/oof.crt /opt/app/ssl_cert/intermediate_root_ca.pem /opt/app/ssl_cert/aaf_root_ca.cer >> /opt/osdf/org.onap.oof.crt + {{ end }} python osdfapp.py ports: - containerPort: {{ .Values.service.internalPort }} @@ -108,12 +112,14 @@ spec: - mountPath: /opt/osdf/config/osdf_config.yaml name: {{ include "common.fullname" . }}-config subPath: osdf_config.yaml + {{- if (include "common.needTLS" .) }} - mountPath: /opt/app/ssl_cert/aaf_root_ca.cer name: {{ include "common.fullname" . }}-onap-certs subPath: aaf_root_ca.cer - mountPath: /opt/app/ssl_cert/intermediate_root_ca.pem name: {{ include "common.fullname" . }}-onap-certs subPath: intermediate_root_ca.pem + {{- end }} - mountPath: /opt/osdf/config/common_config.yaml name: {{ include "common.fullname" . }}-config subPath: common_config.yaml diff --git a/kubernetes/oof/templates/service.yaml b/kubernetes/oof/templates/service.yaml index 0706a8d6d4..b2da17a23f 100644 --- a/kubernetes/oof/templates/service.yaml +++ b/kubernetes/oof/templates/service.yaml @@ -33,11 +33,11 @@ spec: - port: {{ .Values.service.externalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.name }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.name }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/oof/values.yaml b/kubernetes/oof/values.yaml index 0673cf2079..f6867bd8bf 100644 --- a/kubernetes/oof/values.yaml +++ b/kubernetes/oof/values.yaml @@ -56,13 +56,17 @@ config: placementDefaultPatchVersion: "0" # Url and credentials for Conductor. - conductorUrl: https://oof-has-api:8091/v1/plans/ + conductorUrl: + https: https://oof-has-api:8091/v1/plans/ + http: http://oof-has-api:8091/v1/plans/ conductorPingWaitTime: 10 conductorMaxRetries: 30 # versions to be set in HTTP header conductorMinorVersion: 0 # Url and credentials for the Policy Platform - policyPlatformUrl: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision # Policy Dev platform URL + policyPlatformUrl: + https: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision # Policy Dev platform URL + http: http://policy-xacml-pdp:8080/policy/pdpx/v1/decision policyPlatformEnv: TEST # Environment for policy platform # Credentials for the message reader - A placeholder. messageReaderHosts: NA @@ -73,12 +77,16 @@ config: #AAF Authentication is_aaf_enabled: False aaf_cache_expiry_mins: 5 - aaf_url: https://aaf-service:8100 + aaf_url: + https: https://aaf-service:8100 + http: http://aaf-service:8080 aaf_user_roles: - '/placement:org.onap.oof.access|*|read ALL' - '/pci:org.onap.oof.access|*|read ALL' # Secret Management Service from AAF - aaf_sms_url: https://aaf-sms + aaf_sms_url: + https: https://aaf-sms + http: http://aaf-sms aaf_sms_port: 10443 aaf_sms_timeout: 30 secret_domain: osdf @@ -95,14 +103,18 @@ config: nbrListUrl: 'ran-network/getNbrList' #aai api - aaiUrl: https://aai:8443 + aaiUrl: + https: https://aai:8443 + http: http://aai:8080 aaiGetLinksUrl: /aai/v16/network/logical-links aaiServiceInstanceUrl : /aai/v20/nodes/service-instances/service-instance/ aaiGetControllersUrl: /aai/v19/external-system/esr-thirdparty-sdnc-list controllerQueryUrl: /aai/v19/query?format=resource aaiGetInterDomainLinksUrl: /aai/v19/network/logical-links?link-type=inter-domain&operational-status=up #des api - desUrl: https://des.url:9000 + desUrl: + https: https://des.url:9000 + http: http://des.url:8080 desApiPath: /datalake/v1/exposure/ desUsername: '' desPassword: '' @@ -166,7 +178,7 @@ service: ingress: enabled: false service: - - baseaddr: "oofosdf" + - baseaddr: "oof-osdf-api" name: "oof-osdf" port: 8698 config: diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml index 09206dc8e9..e366c4415e 100755 --- a/kubernetes/policy/components/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml @@ -57,7 +57,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-apex-pdp:2.8.0 +image: onap/policy-apex-pdp:2.8.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml index d77929dc42..ec80ba82f0 100755 --- a/kubernetes/policy/components/policy-api/values.yaml +++ b/kubernetes/policy/components/policy-api/values.yaml @@ -79,7 +79,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-api:2.7.0 +image: onap/policy-api:2.7.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml index c8532499a6..51d4b47a15 100644 --- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml @@ -17,6 +17,11 @@ # ============LICENSE_END========================================================= spring: + autoconfigure: + exclude: > + org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration, + org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration, + org.springframework.boot.autoconfigure.jdbc.DataSourceTransactionManagerAutoConfiguration security: user: name: ${RESTSERVER_USER} diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml index 697ce6ea47..668d911f7e 100644 --- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml @@ -78,7 +78,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-http-ppnt:6.3.0 +image: onap/policy-clamp-ac-http-ppnt:6.3.1 pullPolicy: Always # application configuration diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml index 6fc53e24d6..bbe905b282 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml @@ -17,6 +17,11 @@ # ============LICENSE_END========================================================= spring: + autoconfigure: + exclude: > + org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration, + org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration, + org.springframework.boot.autoconfigure.jdbc.DataSourceTransactionManagerAutoConfiguration security: user: name: ${RESTSERVER_USER} diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml index b8f6b9f3c4..3d2eeeec9d 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml @@ -79,7 +79,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-k8s-ppnt:6.3.0 +image: onap/policy-clamp-ac-k8s-ppnt:6.3.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml index fc0060629e..f24e0ff8c6 100644 --- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml @@ -17,6 +17,11 @@ # ============LICENSE_END========================================================= spring: + autoconfigure: + exclude: > + org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration, + org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration, + org.springframework.boot.autoconfigure.jdbc.DataSourceTransactionManagerAutoConfiguration security: user: name: ${RESTSERVER_USER} diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml index 9d000f1018..cf20bd1d56 100644 --- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml @@ -90,7 +90,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-pf-ppnt:6.3.0 +image: onap/policy-clamp-ac-pf-ppnt:6.3.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-be/values.yaml b/kubernetes/policy/components/policy-clamp-be/values.yaml deleted file mode 100644 index 3442cdd3be..0000000000 --- a/kubernetes/policy/components/policy-clamp-be/values.yaml +++ /dev/null @@ -1,172 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018-2021 AT&T -# Modifications Copyright © 2022 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: # global defaults - nodePortPrefix: 302 - persistence: {} - centralizedLoggingEnabled: true - #AAF service - aafEnabled: true - -################################################################# -# AAF part -################################################################# -certInitializer: - permission_user: 1000 - permission_group: 999 - keystoreFile: 'org.onap.clamp.p12' - truststoreFile: 'org.onap.clamp.trust.jks' - keyFile: 'org.onap.clamp.keyfile' - truststoreFileONAP: 'truststoreONAPall.jks' - nameOverride: clamp-backend-cert-initializer - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - fqdn: clamp - fqi: clamp@clamp.onap.org - public_fqdn: clamp.onap.org - cadi_longitude: '-72.0' - cadi_latitude: '38.0' - app_ns: org.osaaf.aaf - credsPath: /opt/app/osaaf/local - aaf_add_config: > - /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop; - cd {{ .Values.credsPath }}; - chmod a+rx *; - -secrets: - - uid: db-creds - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}' - login: '{{ .Values.db.user }}' - password: '{{ .Values.db.password }}' - passwordPolicy: required - - uid: sdc-creds - type: password - externalSecret: '{{ tpl (default "" .Values.sdc.sdcClientExternalSecret) . }}' - password: '{{ .Values.sdc.clientPassword }}' - passwordPolicy: required - - uid: runtime-be-secret - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.config.appUserExternalSecret) . }}' - login: '{{ .Values.config.policyAppUserName }}' - password: '{{ .Values.config.policyAppUserPassword }}' - passwordPolicy: required - -flavor: small - -# application image -image: onap/policy-clamp-backend:6.3.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -# log configuration -log: - path: /var/log/onap - -################################################################# -# Application configuration defaults. -################################################################# - -#####dummy values for db user and password to pass lint!!!####### -sdc: - clientPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U - -db: - user: policy_user - password: policy_user - image: mariadb:10.5.8 - service: - name: policy-mariadb - internalPort: 3306 - -config: - policyAppUserName: runtimeUser - policyAppUserPassword: none - log: - logstashServiceName: log-ls - logstashPort: 5044 - mysqlPassword: strong_pitchou - dataRootDir: /dockerdata-nfs - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 120 - periodSeconds: 10 - timeoutSeconds: 3 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 3 - -service: - type: ClusterIP - name: policy-clamp-be - portName: policy-clamp-be - internalPort: 8443 - externalPort: 8443 - -ingress: - enabled: false - -#resources: {} -# We usually recommend not to specify default resources and to leave this as a conscious -# choice for the user. This also increases chances charts run on environments with little -# resources, such as Minikube. If you do want to specify resources, uncomment the following -# lines, adjust them as necessary, and remove the curly braces after 'resources:'. -# -# Example: -# Configure resource requests and limits -# ref: http://kubernetes.io/docs/user-guide/compute-resources/ -# Minimum memory for development is 2 CPU cores and 4GB memory -# Minimum memory for production is 4 CPU cores and 8GB memory -resources: - small: - limits: - cpu: 1 - memory: 1Gi - requests: - cpu: 1m - memory: 1Gi - large: - limits: - cpu: 1 - memory: 3Gi - requests: - cpu: 10m - memory: 3Gi - unlimited: {} - -#Pods Service Account -serviceAccount: - nameOverride: policy-clamp-be - roles: - - read diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml index 87b613a3ef..7c7d07979b 100644 --- a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml @@ -85,7 +85,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-runtime-acm:6.3.0 +image: onap/policy-clamp-runtime-acm:6.3.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml index 11b47a676e..22c8fc4ba9 100755 --- a/kubernetes/policy/components/policy-distribution/values.yaml +++ b/kubernetes/policy/components/policy-distribution/values.yaml @@ -67,7 +67,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/policy-distribution:2.8.0 +image: onap/policy-distribution:2.8.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml index 72f22bcd3b..7b55612a9a 100755 --- a/kubernetes/policy/components/policy-drools-pdp/values.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml @@ -41,7 +41,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pdpd-cl:1.11.0 +image: onap/policy-pdpd-cl:1.11.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-gui/values.yaml b/kubernetes/policy/components/policy-gui/values.yaml index 8761df7a6b..330d1fcac8 100644 --- a/kubernetes/policy/components/policy-gui/values.yaml +++ b/kubernetes/policy/components/policy-gui/values.yaml @@ -75,7 +75,7 @@ subChartsOnly: flavor: small # application image -image: onap/policy-gui:2.3.0 +image: onap/policy-gui:2.3.1 pullPolicy: Always # flag to enable debugging - application support required @@ -127,7 +127,7 @@ service: ingress: enabled: false service: - - baseaddr: "policygui.api" + - baseaddr: "policy-ui" name: "policygui" port: 2443 config: diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml index cc66af9146..1d1561cd7c 100755 --- a/kubernetes/policy/components/policy-pap/values.yaml +++ b/kubernetes/policy/components/policy-pap/values.yaml @@ -100,7 +100,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pap:2.7.0 +image: onap/policy-pap:2.7.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml index c29e0303fd..691e9ce855 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml @@ -83,7 +83,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-xacml-pdp:2.7.0 +image: onap/policy-xacml-pdp:2.7.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 1b9955b5a7..b3297278a9 100755 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -170,7 +170,7 @@ mariadb: image: mariadb:10.5.8 dbmigrator: - image: onap/policy-db-migrator:2.5.0 + image: onap/policy-db-migrator:2.5.1 schema: policyadmin policy_home: "/opt/app/policy" diff --git a/kubernetes/portal/components/portal-app/values.yaml b/kubernetes/portal/components/portal-app/values.yaml index 039f56016e..483a7f3568 100644 --- a/kubernetes/portal/components/portal-app/values.yaml +++ b/kubernetes/portal/components/portal-app/values.yaml @@ -141,9 +141,10 @@ messageRouter: ingress: enabled: false service: - - baseaddr: portal.api + - baseaddr: portal-ui name: "portal-app" port: 8443 + plain_port: 8080 config: ssl: "redirect" diff --git a/kubernetes/portal/components/portal-sdk/values.yaml b/kubernetes/portal/components/portal-sdk/values.yaml index 617ed100ef..1bc6b44852 100644 --- a/kubernetes/portal/components/portal-sdk/values.yaml +++ b/kubernetes/portal/components/portal-sdk/values.yaml @@ -136,7 +136,7 @@ messageRouter: ingress: enabled: false service: - - baseaddr: portal-sdk + - baseaddr: portal-sdk-api name: "portal-sdk" port: 8443 config: diff --git a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py index 3c5f9ce73a..8365c68297 100644 --- a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py @@ -152,11 +152,11 @@ GLOBAL_SDC_USERNAME = '{{ .Values.sdcUsername }}' GLOBAL_SDC_PASSWORD = '{{ .Values.sdcPassword }}' GLOBAL_SDC_AUTHENTICATION = [GLOBAL_SDC_USERNAME, GLOBAL_SDC_PASSWORD] # clamp info - everything is from the private oam network (also called onap private network) -GLOBAL_CLAMP_SERVER_PROTOCOL = "https" +GLOBAL_CLAMP_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}' GLOBAL_CLAMP_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "policy-gui" "port" 2443) }}' # nbi info - everything is from the private oam network (also called onap private network) -GLOBAL_NBI_SERVER_PROTOCOL = "https" -GLOBAL_NBI_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "nbi" "port" 8443) }}' +GLOBAL_NBI_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}' +GLOBAL_NBI_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "nbi" "port" ( ternary 8443 8080 (eq "true" (include "common.needTLS" . )))) }}' # cli info - everything is from the private oam network (also called onap private network) GLOBAL_CLI_SERVER_PROTOCOL = "https" GLOBAL_CLI_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "cli" "port" 443) }}' @@ -176,10 +176,10 @@ GLOBAL_DCAE_AUTHENTICATION = [GLOBAL_DCAE_USERNAME, GLOBAL_DCAE_PASSWORD] GLOBAL_DCAE_HVVES_SERVER_NAME = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dcae-hv-ves-collector") }}' GLOBAL_DCAE_HVVES_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dcae-hv-ves-collector" "port" 6061) }}' # data router info - everything is from the private oam network (also called onap private network) -GLOBAL_DMAAP_DR_PROV_SERVER_PROTOCOL = "https" +GLOBAL_DMAAP_DR_PROV_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}' GLOBAL_DMAAP_DR_PROV_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dmaap-dr-prov" "port" 443) }}' -GLOBAL_DMAAP_DR_NODE_SERVER_PROTOCOL = "https" -GLOBAL_DMAAP_DR_NODE_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dmapp-dr-node" "port" 8443) }}' +GLOBAL_DMAAP_DR_NODE_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}' +GLOBAL_DMAAP_DR_NODE_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dmapp-dr-node" "port" ( ternary 8443 8080 (eq "true" (include "common.needTLS" . )))) }}' # dmaap message router info GLOBAL_DMAAP_MESSAGE_ROUTER_SERVER_NAME = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "message-router") }}' GLOBAL_DMAAP_MESSAGE_ROUTER_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "message-router" "port" 3904) }}' @@ -216,14 +216,14 @@ GLOBAL_POMBA_ELASTICSEARCH_PORT = '{{include "robot.ingress.port" (dict "root" . GLOBAL_POMBA_CONTEXTAGGREGATOR_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "pomba-contextaggregator" "port" 9529) }}' # microservice bus info - everything is from the private oam network (also called onap private network) -GLOBAL_MSB_SERVER_PROTOCOL = "https" -GLOBAL_MSB_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "clamp" "port" 443) }}' +GLOBAL_MSB_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}' +GLOBAL_MSB_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "msb-iag" "port" ( ternary 443 80 (eq "true" (include "common.needTLS" . )))) }}' # message router info - everything is from the private oam network (also called onap private network) GLOBAL_MR_SERVER_PROTOCOL = "http" GLOBAL_MR_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "message-router" "port" 3904) }}' # bus controller info -GLOBAL_BC_SERVER_PROTOCOL = "https" -GLOBAL_BC_HTTPS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dmaap-bc" "port" 8443) }}' +GLOBAL_BC_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}' +GLOBAL_BC_HTTPS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dmaap-bc" "port" ( ternary 8443 8080 (eq "true" (include "common.needTLS" . )))) }}' GLOBAL_BC_USERNAME = '{{ .Values.bcUsername }}' GLOBAL_BC_PASSWORD = '{{ .Values.bcPassword }}' # dcae inventory and deployment handler info @@ -290,7 +290,7 @@ GLOBAL_SO_NSSMF_ENDPOINT = 'http://' + GLOBAL_INJECTED_SO_NSSMF_IP_ADDR + ':' + GLOBAL_MUSIC_SERVER_PROTOCOL = "https" GLOBAL_MUSIC_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "music" "port" 8443) }}' # oof global info - everything is from the private oam network (also called onap private network) -GLOBAL_OOF_SERVER_PROTOCOL = "https" +GLOBAL_OOF_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}' # oof-homing info - everything is from the private oam network (also called onap private network) GLOBAL_OOF_HOMING_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "oof-has-api" "port" 8091) }}' GLOBAL_OOF_HOMING_USERNAME="{{ .Values.oofHomingUsername }}" @@ -315,7 +315,7 @@ GLOBAL_PACKET_GENERATOR_USERNAME = "admin" GLOBAL_PACKET_GENERATOR_PASSWORD = "admin" GLOBAL_PGN_PORT = "2831" # policy info - everything is from the private oam network (also called onap private network) -GLOBAL_POLICY_SERVER_PROTOCOL = "https" +GLOBAL_POLICY_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}' GLOBAL_POLICY_SERVER_PORT = "8081" GLOBAL_POLICY_HEALTHCHECK_PORT = "6969" GLOBAL_POLICY_AUTH = '{{ .Values.policyAuth}}' @@ -332,9 +332,9 @@ GLOBAL_PORTAL_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "host GLOBAL_PORTAL_USERNAME = '{{ .Values.portalUsername }}' GLOBAL_PORTAL_PASSWORD = '{{ .Values.portalPassword }}' # sdnc info - everything is from the private oam network (also called onap private network) -GLOBAL_SDNC_SERVER_PROTOCOL = "https" -GLOBAL_SDNC_REST_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdnc" "port" 8443) }}' -GLOBAL_SDNC_ADMIN_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdnc-portal" "port" 8443) }}' +GLOBAL_SDNC_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}' +GLOBAL_SDNC_REST_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdnc" "port" ( ternary 8443 8282 (eq "true" (include "common.needTLS" . )))) }}' +GLOBAL_SDNC_ADMIN_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdnc-portal" "port" ( ternary 8443 8080 (eq "true" (include "common.needTLS" . )))) }}' GLOBAL_SDNC_USERNAME = '{{ .Values.sdncUsername }}' GLOBAL_SDNC_PASSWORD = '{{ .Values.sdncPassword }}' GLOBAL_SDNC_AUTHENTICATION = [GLOBAL_SDNC_USERNAME, GLOBAL_SDNC_PASSWORD] @@ -350,13 +350,13 @@ GLOBAL_VID_PASSWORD = '{{ .Values.vidPassword}}' GLOBAL_VID_HEALTH_USERNAME = '{{ .Values.vidHealthUsername }}' GLOBAL_VID_HEALTH_PASSWORD = '{{ .Values.vidHealthPassword }}' # vnfsdk info - everything is from the private oam network (also called onap private network) -GLOBAL_VNFSDK_SERVER_PROTOCOL = "https" +GLOBAL_VNFSDK_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}' GLOBAL_VNFSDK_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "refrepo" "port" 8703) }}' GLOBAL_DCAE_VES_PROTOCOL = "http" GLOBAL_DCAE_VES_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dcae-ves-collector" "port" 8080) }}' -GLOBAL_DCAE_VES_HTTPS_PROTOCOL = "https" -GLOBAL_DCAE_VES_HTTPS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dcae-ves-collector-https" "port" 8443) }}' +GLOBAL_DCAE_VES_HTTPS_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}' +GLOBAL_DCAE_VES_HTTPS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dcae-ves-collector-https" "port" ( ternary 8443 8080 (eq "true" (include "common.needTLS" . )))) }}' GLOBAL_DCAE_VES_USERNAME = 'sample1' GLOBAL_DCAE_VES_PASSWORD = 'sample1' diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml index 0b1aa0e71d..d7ee2437c8 100644 --- a/kubernetes/robot/values.yaml +++ b/kubernetes/robot/values.yaml @@ -437,7 +437,7 @@ service: ingress: enabled: false service: - - baseaddr: "robot.api" + - baseaddr: "robot-api" name: "robot" port: 443 config: diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml index dc3b669526..9f216352c0 100644 --- a/kubernetes/sdc/components/sdc-be/values.yaml +++ b/kubernetes/sdc/components/sdc-be/values.yaml @@ -135,9 +135,10 @@ service: ingress: enabled: false service: - - baseaddr: "sdc.api.be" + - baseaddr: "sdc-be-api" name: "sdc-be" port: 8443 + plain_port: 8080 config: ssl: "redirect" diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml index 5e0c8da5fb..76c9e13767 100644 --- a/kubernetes/sdc/components/sdc-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-fe/values.yaml @@ -122,9 +122,10 @@ service: ingress: enabled: false service: - - baseaddr: "sdc.api.fe" + - baseaddr: "sdc-fe-ui" name: "sdc-fe" port: 9443 + plain_port: 8181 config: ssl: "redirect" diff --git a/kubernetes/sdc/components/sdc-wfd-be/values.yaml b/kubernetes/sdc/components/sdc-wfd-be/values.yaml index 828283ec76..8e4916901b 100644 --- a/kubernetes/sdc/components/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/components/sdc-wfd-be/values.yaml @@ -136,9 +136,10 @@ service: ingress: enabled: false service: - - baseaddr: "sdcwfdbe" + - baseaddr: "sdc-wfd-be-api" name: "sdc-wfd-be" port: 8443 + plain_port: 8080 config: ssl: "redirect" diff --git a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml index fd6f713655..37fdfd7993 100644 --- a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml @@ -110,9 +110,10 @@ service: ingress: enabled: false service: - - baseaddr: "sdcwfdfe" + - baseaddr: "sdc-wfd-fe-ui" name: "sdc-wfd-fe" port: 8443 + plain_port: 8080 annotations: ingress.kubernetes.io/secure-backends: "false" nginx.ingress.kubernetes.io/secure-backends: "false" diff --git a/kubernetes/sdnc/templates/service.yaml b/kubernetes/sdnc/templates/service.yaml index d2482eab56..1fe4ee3ded 100644 --- a/kubernetes/sdnc/templates/service.yaml +++ b/kubernetes/sdnc/templates/service.yaml @@ -70,13 +70,8 @@ spec: type: ClusterIP ports: - name: "{{ .Values.service.portName }}-restconf-alt" - {{ if .Values.global.aafEnabled }} port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - {{- else -}} - port: {{ .Values.service.internalPort4 }} - targetPort: {{ .Values.service.internalPort4 }} - {{ end }} - name: "{{ .Values.service.portName }}-karaf" port: {{ .Values.service.externalPort2 }} targetPort: {{ .Values.service.internalPort2 }} diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index 292ea05479..c2b1a9a795 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -486,12 +486,13 @@ dgbuilder: ingress: enabled: false service: - - baseaddr: "sdnc-dgbuilder" + - baseaddr: "sdnc-dgbuilder-ui" name: "sdnc-dgbuilder" port: 3000 - - baseaddr: "sdnc-web-service" + - baseaddr: "sdnc-web-service-api" name: "sdnc-web-service" port: 8443 + plain_port: 8080 config: ssl: "redirect" @@ -617,9 +618,10 @@ certpersistence: ingress: enabled: false service: - - baseaddr: "sdnc.api" + - baseaddr: "sdnc-api" name: "sdnc" port: 8443 + plain_port: 8282 config: ssl: "redirect" diff --git a/kubernetes/so/components/so-admin-cockpit/resources/config/overrides/override.yaml b/kubernetes/so/components/so-admin-cockpit/resources/config/overrides/override.yaml index e1bac69fe3..348609b8da 100644 --- a/kubernetes/so/components/so-admin-cockpit/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-admin-cockpit/resources/config/overrides/override.yaml @@ -1,4 +1,7 @@ server: + {{- if include "common.onServiceMesh" . }} + forward-headers-strategy: none + {{- end }} port: {{ index .Values.containerPort }} {{- if .Values.global.aafEnabled }} ssl: diff --git a/kubernetes/so/components/so-admin-cockpit/values.yaml b/kubernetes/so/components/so-admin-cockpit/values.yaml index 6cba922571..f3954ed13f 100644 --- a/kubernetes/so/components/so-admin-cockpit/values.yaml +++ b/kubernetes/so/components/so-admin-cockpit/values.yaml @@ -151,7 +151,7 @@ livenessProbe: ingress: enabled: false service: - - baseaddr: "soadmincockpit" + - baseaddr: "so-admin-cockpit-ui" name: "so-admin-cockpit" port: 9091 config: diff --git a/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml b/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml index 661ed64b0e..061d8f0847 100644 --- a/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml @@ -15,6 +15,9 @@ */}} server: + {{- if include "common.onServiceMesh" . }} + forward-headers-strategy: none + {{- end }} port: {{ index .Values.containerPort }} tomcat: max-threads: 50 diff --git a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml index ddff9c1dea..77e553bd67 100755 --- a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml @@ -20,7 +20,7 @@ aai: {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 {{ else }} - endpoint: http://aai.{{ include "common.namespace" . }}:8080 + endpoint: http://aai.{{ include "common.namespace" . }}:80 {{ end }} workflowAaiDistributionDelay: PT30S pnfEntryNotificationTimeout: P14D @@ -358,6 +358,9 @@ sniro: headers.minorVersion: 1 headers.latestVersion: 2 server: + {{- if include "common.onServiceMesh" . }} + forward-headers-strategy: none + {{- end }} port: {{ index .Values.containerPort }} tomcat: max-threads: 50 diff --git a/kubernetes/so/components/so-catalog-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-catalog-db-adapter/resources/config/overrides/override.yaml index 7aa5984403..c82a0d29d4 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/resources/config/overrides/override.yaml @@ -14,6 +14,9 @@ # limitations under the License. */}} server: + {{- if include "common.onServiceMesh" . }} + forward-headers-strategy: none + {{- end }} port: {{ index .Values.containerPort }} tomcat: max-threads: 50 diff --git a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml index 0c2f679082..d667cb5c60 100755 --- a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml @@ -19,7 +19,7 @@ aai: {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 {{ else }} - endpoint: http://aai.{{ include "common.namespace" . }}:8080 + endpoint: http://aai.{{ include "common.namespace" . }}:80 {{ end }} enabled: {{ .Values.global.aai.enabled }} logging: @@ -31,6 +31,9 @@ spring: password: ${ACTUATOR_PASSWORD} role: ACTUATOR server: + {{- if include "common.onServiceMesh" . }} + forward-headers-strategy: none + {{- end }} port: {{ index .Values.containerPort }} tomcat: max-threads: 50 diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml index 7c1cb1b3c4..df47c0a5fd 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml @@ -20,7 +20,7 @@ aai: {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 {{ else }} - endpoint: http://aai.{{ include "common.namespace" . }}:8080 + endpoint: http://aai.{{ include "common.namespace" . }}:80 {{ end }} spring: datasource: @@ -45,6 +45,9 @@ spring: password: ${ETSI_NFVO_PASSWORD} role: ETSI-NFVO-Client server: + {{- if include "common.onServiceMesh" . }} + forward-headers-strategy: none + {{- end }} port: {{ .Values.containerPort }} tomcat: max-threads: 50 diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml index 57bf2f3c17..f791cdac81 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml @@ -150,7 +150,7 @@ livenessProbe: ingress: enabled: false service: - - baseaddr: 'soetsinfvonslcm' + - baseaddr: 'so-etsi-nfvo-ns-lcm-api' name: 'so-etsi-nfvo-ns-lcm' port: 9095 config: diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml index 33b38add57..fed38f7592 100755 --- a/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml @@ -19,7 +19,7 @@ aai: {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 {{ else }} - endpoint: http://aai.{{ include "common.namespace" . }}:8080 + endpoint: http://aai.{{ include "common.namespace" . }}:80 {{ end }} spring: security: @@ -31,6 +31,9 @@ spring: password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' role: ACTUATOR server: + {{- if include "common.onServiceMesh" . }} + forward-headers-strategy: none + {{- end }} port: {{ index .Values.containerPort }} ssl: enabled: false diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/values.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/values.yaml index 42554bb5a2..339b042c21 100755 --- a/kubernetes/so/components/so-etsi-sol003-adapter/values.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/values.yaml @@ -101,7 +101,7 @@ livenessProbe: ingress: enabled: false service: - - baseaddr: "soetsisol003adapter" + - baseaddr: "so-etsi-sol003-adapter-api" name: "so-etsi-sol003-adapter" port: 9092 config: diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml index e1e2fc23c6..189a02bf73 100755 --- a/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml @@ -33,6 +33,9 @@ spring: password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' role: ACTUATOR server: + {{- if include "common.onServiceMesh" . }} + forward-headers-strategy: none + {{- end }} port: {{ index .Values.containerPort }} tomcat: max-threads: 50 diff --git a/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml index 1d8a97c028..016b3f534f 100755 --- a/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml @@ -18,7 +18,7 @@ aai: {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 {{ else }} - endpoint: http://aai.{{ include "common.namespace" . }}:8080 + endpoint: http://aai.{{ include "common.namespace" . }}:80 {{ end }} logging: path: logs @@ -44,6 +44,9 @@ spring: password: ${ACTUATOR_PASSWORD} role: ACTUATOR server: + {{- if include "common.onServiceMesh" . }} + forward-headers-strategy: none + {{- end }} port: {{ index .Values.containerPort }} tomcat: max-threads: 50 diff --git a/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml index 8db5d26788..2d645bebf2 100755 --- a/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml @@ -25,6 +25,9 @@ spring: password: ${ACTUATOR_PASSWORD} role: ACTUATOR server: + {{- if include "common.onServiceMesh" . }} + forward-headers-strategy: none + {{- end }} port: {{ index .Values.containerPort }} tomcat: max-threads: 50 diff --git a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml index 487e93132d..7dc22c3536 100755 --- a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml @@ -18,10 +18,14 @@ aai: {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 {{ else }} - endpoint: http://aai.{{ include "common.namespace" . }}:8080 + endpoint: http://aai.{{ include "common.namespace" . }}:80 {{ end }} server: + {{- if include "common.onServiceMesh" . }} + forward-headers-strategy: none + {{- end }} port: {{ index .Values.containerPort }} +SW port: {{ index .Values.containerPort }} spring: datasource: hikari: @@ -117,8 +121,8 @@ mso: auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.encrypted "value2" .Values.mso.auth )}} logPath: ./logs/openstack msb-ip: msb-iag - msb-port: 443 - msb-scheme: https + msb-port: 80 + msb-scheme: http workflow: endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/sobpmnengine msoKey: {{ .Values.mso.msoKey }} diff --git a/kubernetes/so/components/so-request-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-request-db-adapter/resources/config/overrides/override.yaml index 9b70ddcb5d..86e02d638a 100755 --- a/kubernetes/so/components/so-request-db-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-request-db-adapter/resources/config/overrides/override.yaml @@ -15,6 +15,9 @@ # will be used as entry in DB to say SITE OFF/ON for healthcheck */}} server: + {{- if include "common.onServiceMesh" . }} + forward-headers-strategy: none + {{- end }} port: {{ index .Values.containerPort }} tomcat: max-threads: 50 diff --git a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml index ffa66e9d78..29a1cf7443 100755 --- a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml @@ -16,6 +16,9 @@ aai: auth: {{.Values.aai.auth}} server: + {{- if include "common.onServiceMesh" . }} + forward-headers-strategy: none + {{- end }} port: {{ index .Values.containerPort }} spring: datasource: @@ -66,7 +69,7 @@ mso: {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 {{ else }} - endpoint: http://aai.{{ include "common.namespace" . }}:8080 + endpoint: http://aai.{{ include "common.namespace" . }}:80 {{ end }} asdc-connections: asdc-controller1: diff --git a/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml index 5c7a9af467..119236b1b2 100755 --- a/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml @@ -14,6 +14,9 @@ # limitations under the License. */}} server: + {{- if include "common.onServiceMesh" . }} + forward-headers-strategy: none + {{- end }} port: {{ index .Values.containerPort }} mso: msoKey: ${MSO_KEY} diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml index 8471540011..1a96abf9cb 100755 --- a/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml @@ -15,6 +15,9 @@ */}} server: + {{- if include "common.onServiceMesh" . }} + forward-headers-strategy: none + {{- end }} port: {{ include "common.getPort" (dict "global" . "name" "http") }} vevnfmadapter: @@ -28,7 +31,7 @@ aai: {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 {{ else }} - endpoint: http://aai.{{ include "common.namespace" . }}:8080 + endpoint: http://aai.{{ include "common.namespace" . }}:80 {{ end }} dmaap: diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml index 6933607827..48b75c72e9 100755 --- a/kubernetes/so/resources/config/overrides/override.yaml +++ b/kubernetes/so/resources/config/overrides/override.yaml @@ -2,7 +2,7 @@ aai: {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 {{ else }} - endpoint: http://aai.{{ include "common.namespace" . }}:8080 + endpoint: http://aai.{{ include "common.namespace" . }}:80 {{ end }} auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}} server: @@ -62,7 +62,7 @@ mso: {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 {{ else }} - endpoint: http://aai.{{ include "common.namespace" . }}:8080 + endpoint: http://aai.{{ include "common.namespace" . }}:80 {{ end }} auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}} diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index 553de8c2d9..911c34da51 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -280,7 +280,7 @@ mariadb-galera: ingress: enabled: false service: - - baseaddr: 'so.api' + - baseaddr: 'so-api' name: 'so' port: 8080 config: diff --git a/kubernetes/uui/components/uui-server/values.yaml b/kubernetes/uui/components/uui-server/values.yaml index edeef7af9a..8b98ae6fb5 100644 --- a/kubernetes/uui/components/uui-server/values.yaml +++ b/kubernetes/uui/components/uui-server/values.yaml @@ -103,7 +103,7 @@ service: ingress: enabled: false service: - - baseaddr: uuiserver + - baseaddr: uui-server-api name: "uui-server" port: 8082 config: diff --git a/kubernetes/uui/values.yaml b/kubernetes/uui/values.yaml index 10d9a253ba..d265b6e9ec 100644 --- a/kubernetes/uui/values.yaml +++ b/kubernetes/uui/values.yaml @@ -97,7 +97,7 @@ service: ingress: enabled: false service: - - baseaddr: "uui.api" + - baseaddr: "uui-ui" name: "uui" port: 8443 config: diff --git a/kubernetes/vid/values.yaml b/kubernetes/vid/values.yaml index aba010eb26..f2ca8143a3 100644 --- a/kubernetes/vid/values.yaml +++ b/kubernetes/vid/values.yaml @@ -170,9 +170,10 @@ service: ingress: enabled: false service: - - baseaddr: "vid.api" + - baseaddr: "vid-ui" name: "vid-http" port: 8443 + plain_port: 8080 config: ssl: "redirect" diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml index 0fbee4c07f..a19f15d991 100644 --- a/kubernetes/vnfsdk/values.yaml +++ b/kubernetes/vnfsdk/values.yaml @@ -140,7 +140,7 @@ service: ingress: enabled: false service: - - baseaddr: "refrepo" + - baseaddr: "vnfsdk-refrepo-api" name: "refrepo" port: 8703 config: |