summaryrefslogtreecommitdiffstats
path: root/kubernetes
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes')
-rw-r--r--kubernetes/common/common/templates/_ingress.tpl15
-rw-r--r--kubernetes/common/common/templates/_service.tpl2
-rw-r--r--kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl55
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml8
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml31
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml26
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml26
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml32
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml8
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml40
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml32
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml38
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-prh/values.yaml16
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml17
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml32
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml15
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml32
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml16
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml8
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml16
-rw-r--r--kubernetes/holmes/components/holmes-rule-mgmt/templates/ingress.yaml17
-rw-r--r--kubernetes/holmes/components/holmes-rule-mgmt/values.yaml11
-rw-r--r--kubernetes/strimzi/templates/ingress.yaml17
-rw-r--r--kubernetes/strimzi/templates/strimzi-kafka.yaml16
-rw-r--r--kubernetes/strimzi/values.yaml28
25 files changed, 125 insertions, 429 deletions
diff --git a/kubernetes/common/common/templates/_ingress.tpl b/kubernetes/common/common/templates/_ingress.tpl
index 7065338cf9..30ef02295f 100644
--- a/kubernetes/common/common/templates/_ingress.tpl
+++ b/kubernetes/common/common/templates/_ingress.tpl
@@ -15,6 +15,21 @@
# limitations under the License.
*/}}
{{/*
+ Helper function to check, if Ingress is globally enabled
+*/}}
+{{- define "common.ingressEnabled" -}}
+{{- $dot := default . .dot -}}
+{{- if $dot.Values.ingress -}}
+{{- if $dot.Values.global.ingress -}}
+{{- if (default false $dot.Values.global.ingress.enabled) -}}
+true
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+
+{{/*
Create the hostname as concatination <baseaddr>.<baseurl>
- baseaddr: from component values: ingress.service.baseaddr
- baseurl: from values: global.ingress.virtualhost.baseurl
diff --git a/kubernetes/common/common/templates/_service.tpl b/kubernetes/common/common/templates/_service.tpl
index 4b6e0a1aae..3db01396ca 100644
--- a/kubernetes/common/common/templates/_service.tpl
+++ b/kubernetes/common/common/templates/_service.tpl
@@ -250,7 +250,7 @@ spec:
{{- $both_tls_and_plain:= default false $dot.Values.service.both_tls_and_plain }}
{{- $labels := default (dict) .labels -}}
{{- $matchLabels := default (dict) .matchLabels -}}
-{{- if and (include "common.onServiceMesh" $dot) (eq $serviceType "NodePort") }}
+{{- if and (include "common.ingressEnabled" $dot) (eq $serviceType "NodePort") -}}
{{- $serviceType = "ClusterIP" }}
{{- end }}
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
index 6713031d9a..e7f9627a3d 100644
--- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
@@ -1,7 +1,7 @@
{{/*
#============LICENSE_START========================================================
# ================================================================================
-# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2021-2023 J. F. Lucas. All rights reserved.
# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved.
# Copyright (c) 2021 Nokia. All rights reserved.
# Copyright (c) 2021 Nordix Foundation.
@@ -228,16 +228,6 @@ process into the microservice's configuration. See the documentation for
the common DMaaP provisioning template
(oom/kubernetes/common/common/templates/_dmaapProvisioning.tpl).
-If the microservice acts as a TLS client or server, the Deployment will
-include an initContainer that retrieves certificate information from
-the AAF certificate manager. The information is mounted at the
-mount point specified in .Values.certDirectory. If the microservice is
-a TLS server (indicated by setting .Values.tlsServer to true), the
-certificate information will include a server cert and key, in various
-formats. It will also include the AAF CA cert. If the microservice is
-a TLS client only (indicated by setting .Values.tlsServer to false), the
-certificate information includes only the AAF CA cert.
-
If the microservice uses certificates from an external CMPv2 provider,
the Deployment will include an initContainer that performs certificate
post-processing.
@@ -247,7 +237,6 @@ post-processing.
{{- $log := default dict .Values.log -}}
{{- $logDir := default "" $log.path -}}
{{- $certDir := (eq "true" (include "common.needTLS" .)) | ternary (default "" .Values.certDirectory . ) "" -}}
-{{- $tlsServer := default "" .Values.tlsServer -}}
{{- $commonRelease := print (include "common.release" .) -}}
{{- $policy := default dict .Values.policies -}}
{{- $policyRls := default $commonRelease $policy.policyRelease -}}
@@ -269,44 +258,6 @@ spec:
{{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
{{- end }}
{{- include "common.dmaap.provisioning.initContainer" . | nindent 6 }}
- {{- if $certDir }}
- - name: {{ include "common.name" . }}-aaf-init-readiness
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - /app/ready.py
- args:
- - --container-name
- - aaf-cm
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- resources:
- limits:
- cpu: 100m
- memory: 100Mi
- requests:
- cpu: 3m
- memory: 20Mi
- - name: init-tls
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.tlsImage }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- env:
- - name: TLS_SERVER
- value: {{ $tlsServer | quote }}
- - name: POD_IP
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: status.podIP
- resources: {{ include "common.resources" . | nindent 10 }}
- volumeMounts:
- - mountPath: /opt/app/osaaf
- name: tls-info
- {{- end }}
{{ include "dcaegen2-services-common._certPostProcessor" . | nindent 4 }}
containers:
- image: {{ default ( include "repositoryGenerator.repository" . ) .Values.imageRepositoryOverride }}/{{ .Values.image }}
@@ -423,10 +374,6 @@ spec:
volumeMounts:
- mountPath: /etc/policies
name: policy-shared
- {{- if $certDir }}
- - mountPath: /opt/ca-certificates/
- name: tls-info
- {{- end }}
{{- end }}
hostname: {{ include "common.name" . }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml
index cd9be3b30d..1cc450d936 100644
--- a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml
@@ -2,7 +2,7 @@
# =========================================================================
# Copyright (c) 2021 Nordix Foundation.
# Copyright (c) 2022 Nokia. All rights reserved.
-# Copyright (c) 2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
# =========================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -45,7 +45,6 @@ secrets:
#################################################################
# InitContainer Images.
#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.5.0
#################################################################
@@ -66,11 +65,6 @@ logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# if absent, no certs will be retrieved and stored
certDirectory: /opt/app/datafile/etc/cert
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
# CMPv2 certificate
# It is used only when:
# - certDirectory is set
diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml
index e18ea04ee1..06ff279207 100644
--- a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml
@@ -1,7 +1,7 @@
# ============= LICENSE_START ================================================
# ============================================================================
# Copyright (C) 2021 Wipro Limited.
-# Copyright (c) 2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -32,21 +32,6 @@ filebeatConfig:
logstashPort: 5044
#################################################################
-# Secrets Configuration.
-#################################################################
-secrets:
- - uid: &aafCredsUID aafcreds
- type: basicAuth
- login: '{{ .Values.aafCreds.identity }}'
- password: '{{ .Values.aafCreds.password }}'
- passwordPolicy: required
-
-################################aafcreds#################################
-# InitContainer Images.
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-
-#################################################################
# Application Configuration Defaults.
#################################################################
# Application Image
@@ -59,15 +44,6 @@ log:
path: /var/log/ONAP/dcaegen2/services/datalake-admin-ui
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-# Directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-certDirectory: /opt/app/datalake-admin-ui/etc/cert/
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
# Dependencies
readinessCheck:
wait_for:
@@ -91,11 +67,6 @@ service:
port: 8088
port_protocol: http
-# AAF Credentials
-aafCreds:
- identity: dcae@dcae.onap.org
- password: demo123456!
-
# Initial Application Configuration
applicationConfig:
FEEDER_ADDR: dl-feeder
diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml
index cab2a953ec..9049e0a03c 100644
--- a/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml
@@ -1,7 +1,7 @@
# ============= LICENSE_START ================================================
# ============================================================================
# Copyright (C) 2021 Wipro Limited.
-# Copyright (c) 2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -36,22 +36,12 @@ filebeatConfig:
# Secrets Configuration.
#################################################################
secrets:
- - uid: &aafCredsUID aafcreds
- type: basicAuth
- login: '{{ .Values.aafCreds.identity }}'
- password: '{{ .Values.aafCreds.password }}'
- passwordPolicy: required
- uid: &pgUserCredsSecretUid pg-user-creds
externalSecret: '{{ include "common.release" . }}-datalake-pg-user-creds'
type: basicAuth
login: '{{ .Values.postgres.config.pgUserName }}'
passwordPolicy: required
-################################aafcreds#################################
-# InitContainer Images.
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-
#################################################################
# Application Configuration Defaults.
#################################################################
@@ -65,15 +55,6 @@ log:
path: /var/log/ONAP/dcaegen2/services/datalake
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-# Directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-certDirectory: /opt/app/datalake/etc/cert/
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
# Dependencies
readinessCheck:
wait_for:
@@ -97,11 +78,6 @@ service:
port: 1681
port_protocol: http
-# AAF Credentials
-aafCreds:
- identity: dcae@dcae.onap.org
- password: demo123456!
-
#postgres configuration
postgres:
config:
diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml
index 25b74d7502..552e00cfbd 100644
--- a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml
@@ -1,7 +1,7 @@
# ================================ LICENSE_START =============================
# ============================================================================
# Copyright (C) 2021 Wipro Limited.
-# Copyright (c) 2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -35,11 +35,6 @@ filebeatConfig:
# Secrets Configuration.
#################################################################
secrets:
- - uid: &aafCredsUID aafcreds
- type: basicAuth
- login: '{{ .Values.aafCreds.identity }}'
- password: '{{ .Values.aafCreds.password }}'
- passwordPolicy: required
- uid: &pgUserCredsSecretUid pg-user-creds
name: &pgUserCredsSecretName '{{ include "common.release" . }}-datalake-pg-user-creds'
type: basicAuth
@@ -49,11 +44,6 @@ secrets:
passwordPolicy: generate
#################################################################
-# InitContainer Images.
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-
-#################################################################
# Application Configuration Defaults.
#################################################################
# Application Image
@@ -67,15 +57,6 @@ log:
path: /var/log/ONAP/dcaegen2/services/datalake
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-# Directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-certDirectory: /opt/app/datalake/etc/certs
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
# Dependencies
readinessCheck:
wait_for:
@@ -99,11 +80,6 @@ service:
port: 1680
port_protocol: http
-# AAF Credentials
-aafCreds:
- identity: dcae@dcae.onap.org
- password: demo123456!
-
credentials:
- name: PG_USER
uid: *pgUserCredsSecretUid
diff --git a/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml b/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml
index 83acd545c8..115bd257c6 100644
--- a/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml
@@ -1,7 +1,7 @@
# ================================ LICENSE_START =============================
# ============================================================================
# Copyright (c) 2021-2023 AT&T Intellectual Property. All rights reserved.
-# Copyright (c) 2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -35,11 +35,6 @@ filebeatConfig:
# Secrets Configuration.
#################################################################
secrets:
- - uid: &aafCredsUID aafcreds
- type: basicAuth
- login: '{{ .Values.aafCreds.identity }}'
- password: '{{ .Values.aafCreds.password }}'
- passwordPolicy: required
- uid: &pgUserCredsSecretUid pg-user-creds
name: &pgUserCredsSecretName '{{ include "common.release" . }}-heartbeat-pg-user-creds'
type: basicAuth
@@ -49,11 +44,6 @@ secrets:
passwordPolicy: generate
#################################################################
-# InitContainer Images.
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-
-#################################################################
# Application Configuration Defaults.
#################################################################
# Application Image
@@ -67,15 +57,6 @@ log:
path: /var/log/ONAP/dcaegen2/services/heartbeat
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-# Directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-certDirectory: /opt/app/heartbeat/etc/certs
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
# Dependencies
readinessCheck:
wait_for:
@@ -100,18 +81,7 @@ service:
port: 10002
port_protocol: http
-# AAF Credentials
-aafCreds:
- identity: dcae@dcae.onap.org
- password: demo123456!
-
credentials:
-- name: AAF_IDENTITY
- uid: *aafCredsUID
- key: login
-- name: AAF_PASSWORD
- uid: *aafCredsUID
- key: password
- name: HEARTBEAT_PG_USERNAME
uid: *pgUserCredsSecretUid
key: login
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
index 482d88e883..ab6d3f247c 100644
--- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
@@ -1,6 +1,6 @@
#============LICENSE_START========================================================
# ================================================================================
-# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2021-2023 J. F. Lucas. All rights reserved.
# Copyright (c) 2021-2022 Nokia. All rights reserved.
# Modifications Copyright (C) 2022-2023 Nordix Foundation.
# ================================================================================
@@ -35,7 +35,6 @@ filebeatConfig:
#################################################################
# initContainer images.
#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.5.0
#################################################################
@@ -59,11 +58,6 @@ logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# if absent, no certs will be retrieved and stored
certDirectory: /etc/ves-hv/ssl
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
# CMPv2 certificate
# It is used only when:
# - certDirectory is set
diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml
index 19ff61fa96..db85cfd045 100644
--- a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml
@@ -1,7 +1,7 @@
# ============= LICENSE_START ================================================
# ============================================================================
# Copyright (C) 2021-2022 Wipro Limited.
-# Copyright (c) 2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -32,21 +32,6 @@ filebeatConfig:
logstashPort: 5044
#################################################################
-# Secrets Configuration.
-#################################################################
-secrets:
- - uid: &aafCredsUID aafcreds
- type: basicAuth
- login: '{{ .Values.aafCreds.identity }}'
- password: '{{ .Values.aafCreds.password }}'
- passwordPolicy: required
-
-#################################################################
-# InitContainer Images.
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-
-#################################################################
# Application Configuration Defaults.
#################################################################
# Application Image
@@ -60,16 +45,6 @@ log:
path: /var/log/ONAP/dcaegen2/services/kpims
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-# Directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-certDirectory: /opt/app/kpims/etc/cert/
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-enable_tls: false
-
# Optional Policy configuration properties
# if present, policy-sync side car will be deployed
#dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1
@@ -100,19 +75,6 @@ service:
port: 8080
port_protocol: http
-# AAF Credentials
-aafCreds:
- identity: dcae@dcae.onap.org
- password: demo123456!
-
-credentials:
-- name: AAF_IDENTITY
- uid: *aafCredsUID
- key: login
-- name: AAF_PASSWORD
- uid: *aafCredsUID
- key: password
-
# Initial Application Configuration
applicationConfig:
trust_store_path: '/opt/app/kpims/etc/cert/trust.jks'
diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml
index 5cdd5db7b9..f3a7ae3977 100644
--- a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml
@@ -2,7 +2,7 @@
# =========================================================================
# Copyright (C) 2021 Nordix Foundation.
# Copyright (c) 2022 Nokia. All rights reserved.
-# Copyright (c) 2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
# =========================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -36,11 +36,6 @@ filebeatConfig:
# Secrets Configuration.
#################################################################
secrets:
- - uid: &aafCredsUID aafcreds
- type: basicAuth
- login: '{{ .Values.aafCreds.identity }}'
- password: '{{ .Values.aafCreds.password }}'
- passwordPolicy: required
- uid: &drSubCredsUID drsubcreds
type: basicAuth
login: '{{ .Values.drSubscriberCreds.username }}'
@@ -48,11 +43,6 @@ secrets:
passwordPolicy: required
#################################################################
-# InitContainer Images.
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-
-#################################################################
# Application Configuration Defaults.
#################################################################
# Application Image
@@ -66,15 +56,6 @@ log:
path: /var/log/ONAP/dcaegen2/services/pm-mapper
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-# Directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-certDirectory: /opt/app/pm-mapper/etc/cert
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
# Dependencies
readinessCheck:
wait_for:
@@ -104,23 +85,12 @@ service:
plain_port: 8081
port_protocol: http
-# AAF Credentials
-aafCreds:
- identity: dcae@dcae.onap.org
- password: demo123456!
-
# Data Router Subscriber Credentials
drSubscriberCreds:
username: username
password: password
credentials:
-- name: AAF_IDENTITY
- uid: *aafCredsUID
- key: login
-- name: AAF_PASSWORD
- uid: *aafCredsUID
- key: password
- name: DR_USERNAME
uid: *drSubCredsUID
key: login
diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml
index 7f306542b4..f6782db6c6 100644
--- a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml
@@ -1,7 +1,7 @@
# ================================ LICENSE_START =============================
# ============================================================================
# Copyright (C) 2021 Nordix Foundation.
-# Copyright (c) 2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -35,11 +35,6 @@ filebeatConfig:
# Secrets Configuration.
#################################################################
secrets:
- - uid: &aafCredsUID aafcreds
- type: basicAuth
- login: '{{ .Values.aafCreds.identity }}'
- password: '{{ .Values.aafCreds.password }}'
- passwordPolicy: required
- uid: &pgUserCredsSecretUid pg-user-creds
name: &pgUserCredsSecretName '{{ include "common.release" . }}-pmsh-pg-user-creds'
type: basicAuth
@@ -49,11 +44,6 @@ secrets:
passwordPolicy: generate
#################################################################
-# InitContainer Images.
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-
-#################################################################
# Application Configuration Defaults.
#################################################################
# Application Image
@@ -67,15 +57,6 @@ log:
path: /var/log/ONAP/dcaegen2/services/pmsh
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-# Directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-certDirectory: /opt/app/pmsh/etc/certs
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
# Dependencies
readinessCheck:
wait_for:
@@ -101,24 +82,11 @@ service:
plain_port: 8080
port_protocol: http
-# AAF Credentials
-aafCreds:
- identity: dcae@dcae.onap.org
- password: demo123456!
-
-credentials:
-- name: AAF_IDENTITY
- uid: *aafCredsUID
- key: login
-- name: AAF_PASSWORD
- uid: *aafCredsUID
- key: password
-
# Initial Application Configuration
applicationConfig:
enable_tls: false
- aaf_identity: ${AAF_IDENTITY}
- aaf_password: ${AAF_PASSWORD}
+ aaf_identity: dummy_value
+ aaf_password: dummy_value
key_path: /opt/app/pmsh/etc/certs/key.pem
cert_path: /opt/app/pmsh/etc/certs/cert.pem
ca_cert_path: /opt/app/pmsh/etc/certs/cacert.pem
diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml
index 80154c781f..da48074303 100644
--- a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml
@@ -1,6 +1,6 @@
#============LICENSE_START========================================================
# ================================================================================
-# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2021-2023 J. F. Lucas. All rights reserved.
# Copyright (c) 2022 Nokia. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -32,11 +32,6 @@ filebeatConfig:
logstashPort: 5044
#################################################################
-# initContainer images.
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-
-#################################################################
# Application configuration defaults.
#################################################################
# application image
@@ -50,15 +45,6 @@ log:
path: /opt/app/prh/logs
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-# directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-certDirectory: /opt/app/prh/etc/cert
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
secrets:
- uid: &aaiCredsUID aaicreds
type: basicAuth
diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml
index dcbedf4b2f..92467f4a7c 100644
--- a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml
@@ -1,7 +1,7 @@
# ================================ LICENSE_START =============================
# ============================================================================
# Copyright (c) 2021-2022 AT&T Intellectual Property. All rights reserved.
-# Copyright (c) 2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -41,12 +41,6 @@ secrets:
password: '{{ .Values.controllerCreds.password }}'
passwordPolicy: required
-
-#################################################################
-# InitContainer Images.
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-
#################################################################
# Application Configuration Defaults.
#################################################################
@@ -61,15 +55,6 @@ log:
path: null # /opt/app/restconfcollector/logs
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-# Directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-certDirectory: /opt/app/dcae-certificate
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
# Dependencies
readinessCheck:
wait_for:
diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml
index 3fdd251110..e57c781ed5 100644
--- a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml
@@ -1,7 +1,7 @@
# ============= LICENSE_START ================================================
# ============================================================================
# Copyright (C) 2021-2022 Wipro Limited.
-# Copyright (c) 2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
# Copyright (C) 2022 Huawei Canada Limited.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -36,11 +36,6 @@ filebeatConfig:
# Secrets Configuration.
#################################################################
secrets:
- - uid: &aafCredsUID aafcreds
- type: basicAuth
- login: '{{ .Values.aafCreds.identity }}'
- password: '{{ .Values.aafCreds.password }}'
- passwordPolicy: required
- uid: &pgUserCredsSecretUid pg-user-creds
name: &pgUserCredsSecretName '{{ include "common.release" . }}-sliceanalysisms-pg-user-creds'
type: basicAuth
@@ -49,11 +44,6 @@ secrets:
password: '{{ .Values.postgres.config.pgUserPassword }}'
passwordPolicy: generate
-################################aafcreds#################################
-# InitContainer Image
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-
#################################################################
# Application Configuration Defaults.
#################################################################
@@ -85,15 +75,6 @@ log:
path: /var/log/ONAP/dcaegen2/services/sliceanalysisms
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-# Directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-certDirectory: /opt/app/sliceanalysisms/etc/cert/
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
# Dependencies
readinessCheck:
wait_for:
@@ -118,18 +99,7 @@ service:
port: 8080
port_protocol: http
-# AAF Credentials
-aafCreds:
- identity: dcae@dcae.onap.org
- password: demo123456!
-
credentials:
-- name: AAF_IDENTITY
- uid: *aafCredsUID
- key: login
-- name: AAF_PASSWORD
- uid: *aafCredsUID
- key: password
- name: PG_USERNAME
uid: *pgUserCredsSecretUid
key: login
diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml
index 5340f35770..5c888db790 100644
--- a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml
@@ -1,7 +1,7 @@
# ================================ LICENSE_START =============================
# ============================================================================
# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved.
-# Copyright (c) 2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -31,12 +31,6 @@ filebeatConfig:
logstashServiceName: log-ls
logstashPort: 5044
-
-#################################################################
-# InitContainer Images.
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-
#################################################################
# Application Configuration Defaults.
#################################################################
@@ -51,13 +45,6 @@ log:
path: /opt/app/snmptrap/logs
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
-
# Dependencies
readinessCheck:
wait_for:
diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
index bd684e3db5..6b007a330b 100644
--- a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
@@ -1,7 +1,7 @@
# ============= LICENSE_START ================================================
# ============================================================================
# Copyright (C) 2021-2022 Wipro Limited.
-# Copyright (c) 2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -35,11 +35,6 @@ filebeatConfig:
# Secrets Configuration.
#################################################################
secrets:
- - uid: &aafCredsUID aafcreds
- type: basicAuth
- login: '{{ .Values.aafCreds.identity }}'
- password: '{{ .Values.aafCreds.password }}'
- passwordPolicy: required
- uid: &cpsCredsUID cpscreds
type: basicAuth
login: '{{ .Values.cpsCreds.identity }}'
@@ -54,11 +49,6 @@ secrets:
passwordPolicy: generate
#################################################################
-# InitContainer Images.
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-
-#################################################################
# Application Configuration Defaults.
#################################################################
# Application Image
@@ -72,15 +62,6 @@ log:
path: /var/log/ONAP/dcaegen2/services/sonhms
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-# Directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-certDirectory: /opt/app/sonhms/etc/certs
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
# Optional Policy configuration properties
# if present, policy-sync side car will be deployed
#dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1
@@ -112,21 +93,12 @@ service:
port: 8080
port_protocol: http
-# AAF Credentials
-aafCreds:
- identity: dcae@dcae.onap.org
- password: demo123456!
+# Credentials
cpsCreds:
identity: cps
password: cpsr0cks!
credentials:
-- name: AAF_IDENTITY
- uid: *aafCredsUID
- key: login
-- name: AAF_PASSWORD
- uid: *aafCredsUID
- key: password
- name: CPS_IDENTITY
uid: *cpsCredsUID
key: login
diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
index 08ca865aff..40a7c13dca 100644
--- a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
@@ -1,6 +1,6 @@
#============LICENSE_START========================================================
# ================================================================================
-# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2021-2023 J. F. Lucas. All rights reserved.
# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -32,11 +32,6 @@ filebeatConfig:
logstashPort: 5044
#################################################################
-# initContainer images.
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-
-#################################################################
# Application configuration defaults.
#################################################################
# application image
@@ -50,15 +45,6 @@ log:
path: /opt/logs/dcae-analytics-tca
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-# directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-certDirectory: /etc/tca-gen2/ssl
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
secrets:
- uid: &aaiCredsUID aaicreds
type: basicAuth
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
index 9e9750a56f..2ee3eb2ee4 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
@@ -1,7 +1,7 @@
#============LICENSE_START========================================================
# ================================================================================
# Copyright (c) 2021-2022 Nokia. All rights reserved.
-# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2021-2023 J. F. Lucas. All rights reserved.
# Copyright (c) 2022 AT&T Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -35,7 +35,6 @@ filebeatConfig:
#################################################################
# initContainer images.
#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.5.0
#################################################################
@@ -56,11 +55,6 @@ logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# if absent, no certs will be retrieved and stored
certDirectory: /opt/app/dcae-certificate
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
# CMPv2 certificate
# It is used only when:
# - certDirectory is set
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml
index 47eb5f1f20..4ee6ee72f4 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml
@@ -1,7 +1,7 @@
# ================================ LICENSE_START =============================
# ============================================================================
# Copyright (c) 2021-2022 AT&T Intellectual Property. All rights reserved.
-# Copyright (c) 2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -32,11 +32,6 @@ filebeatConfig:
logstashPort: 5044
#################################################################
-# InitContainer Images.
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-
-#################################################################
# Application Configuration Defaults.
#################################################################
# Application Image
@@ -50,15 +45,6 @@ log:
path: /opt/app/VESAdapter/logs
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-# Directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-#certDirectory: /opt/app/ves-mapper/etc/certs
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-#tlsServer: false
-
# Dependencies
readinessCheck:
wait_for:
diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/templates/ingress.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/templates/ingress.yaml
new file mode 100644
index 0000000000..bcc60a0953
--- /dev/null
+++ b/kubernetes/holmes/components/holmes-rule-mgmt/templates/ingress.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Deutsche Telekom
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.ingress" . }}
diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml
index 0a2552719f..2320095652 100644
--- a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml
+++ b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml
@@ -1,6 +1,7 @@
#============LICENSE_START========================================================
# ================================================================================
# Copyright (c) 2021 ZTE Corporation Intellectual Property. All rights reserved.
+# Modifications 2023 Deutsche Telekom
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -71,6 +72,16 @@ service:
port: 9104
nodePort: 93
+ingress:
+ enabled: false
+ service:
+ - baseaddr: 'holmes-api'
+ name: 'holmes-rule-mgmt'
+ port: 9101
+ - baseaddr: 'holmes-ui'
+ name: 'holmes-rule-mgmt'
+ port: 9104
+
# probe configuration parameters
liveness:
initialDelaySeconds: 10
diff --git a/kubernetes/strimzi/templates/ingress.yaml b/kubernetes/strimzi/templates/ingress.yaml
new file mode 100644
index 0000000000..bcc60a0953
--- /dev/null
+++ b/kubernetes/strimzi/templates/ingress.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Deutsche Telekom
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.ingress" . }}
diff --git a/kubernetes/strimzi/templates/strimzi-kafka.yaml b/kubernetes/strimzi/templates/strimzi-kafka.yaml
index b35485f11c..99252ec3e6 100644
--- a/kubernetes/strimzi/templates/strimzi-kafka.yaml
+++ b/kubernetes/strimzi/templates/strimzi-kafka.yaml
@@ -35,20 +35,34 @@ spec:
type: tls
- name: external
port: 9094
- type: nodeport
+ type: {{ if (include "common.ingressEnabled" .) }}cluster-ip{{ else }}nodeport{{ end }}
tls: true
authentication:
type: tls
configuration:
+ {{- if not (include "common.ingressEnabled" .) }}
bootstrap:
nodePort: {{ .Values.global.nodePortPrefixExt }}93
+ {{- end }}
brokers:
- broker: 0
+ advertisedHost: {{ .Values.config.advertisedHost }}
+ advertisedPort: {{ .Values.config.advertizedPortBroker0 }}
+ {{- if not (include "common.ingressEnabled" .) }}
nodePort: {{ .Values.global.nodePortPrefixExt }}90
+ {{- end }}
- broker: 1
+ advertisedHost: {{ .Values.config.advertisedHost }}
+ advertisedPort: {{ .Values.config.advertizedPortBroker1 }}
+ {{- if not (include "common.ingressEnabled" .) }}
nodePort: {{ .Values.global.nodePortPrefixExt }}91
+ {{- end }}
- broker: 2
+ advertisedHost: {{ .Values.config.advertisedHost }}
+ advertisedPort: {{ .Values.config.advertizedPortBroker2 }}
+ {{- if not (include "common.ingressEnabled" .) }}
nodePort: {{ .Values.global.nodePortPrefixExt }}92
+ {{- end }}
authorization:
type: {{ .Values.config.authType }}
superUsers:
diff --git a/kubernetes/strimzi/values.yaml b/kubernetes/strimzi/values.yaml
index e6da1d55db..ec1ed887a7 100644
--- a/kubernetes/strimzi/values.yaml
+++ b/kubernetes/strimzi/values.yaml
@@ -29,6 +29,10 @@ config:
saslMechanism: &saslMech scram-sha-512
kafkaInternalPort: &plainPort 9092
strimziKafkaAdminUser: &adminUser strimzi-kafka-admin
+ advertisedHost: kafka-api.simpledemo.onap.org
+ advertizedPortBroker0: &advertizedPortBroker0 9000
+ advertizedPortBroker1: &advertizedPortBroker1 9001
+ advertizedPortBroker2: &advertizedPortBroker2 9002
persistence:
enabled: &pvenabled true
@@ -56,6 +60,30 @@ serviceAccount:
roles:
- read
+ingress:
+ enabled: false
+ service:
+ - baseaddr: "kafka-bootstrap-api"
+ name: "onap-strimzi-kafka-external-bootstrap"
+ port: 9094
+ exposedPort: 9010
+ exposedProtocol: TLS
+ - baseaddr: "kafka-0-api"
+ name: "onap-strimzi-kafka-0"
+ port: 9094
+ exposedPort: *advertizedPortBroker0
+ exposedProtocol: TLS
+ - baseaddr: "kafka-1-api"
+ name: "onap-strimzi-kafka-1"
+ port: 9094
+ exposedPort: *advertizedPortBroker1
+ exposedProtocol: TLS
+ - baseaddr: "kafka-2-api"
+ name: "onap-strimzi-kafka-2"
+ port: 9094
+ exposedPort: *advertizedPortBroker2
+ exposedProtocol: TLS
+
######################
# Component overrides
######################