summaryrefslogtreecommitdiffstats
path: root/kubernetes
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes')
-rw-r--r--kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat3
-rw-r--r--kubernetes/common/cassandra/resources/restore.sh2
-rw-r--r--kubernetes/common/etcd-init/.helmignore21
-rw-r--r--kubernetes/common/etcd-init/Chart.yaml18
-rw-r--r--kubernetes/common/etcd-init/requirements.yaml21
-rw-r--r--kubernetes/common/etcd-init/templates/job.yaml104
-rw-r--r--kubernetes/common/etcd-init/templates/secret.yaml17
-rw-r--r--kubernetes/common/etcd-init/values.yaml74
-rw-r--r--kubernetes/common/etcd/templates/statefulset.yaml2
-rwxr-xr-xkubernetes/config/prepull_docker.sh2
-rwxr-xr-xkubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh6
-rwxr-xr-xkubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh6
-rwxr-xr-xkubernetes/contrib/tools/rke/rke_setup.sh2
-rw-r--r--kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl25
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/certificates.yaml2
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml7
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/certificates.yaml2
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml7
-rwxr-xr-xkubernetes/helm/plugins/deploy/deploy.sh54
-rwxr-xr-xkubernetes/helm/plugins/undeploy/undeploy.sh2
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml19
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-api/values.yaml14
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml21
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml14
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml36
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-data/values.yaml14
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml36
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml14
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml36
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml14
-rwxr-xr-xkubernetes/oof/components/oof-has/requirements.yaml9
-rwxr-xr-xkubernetes/oof/components/oof-has/resources/config/conductor.conf24
-rwxr-xr-xkubernetes/oof/components/oof-has/resources/config/healthcheck.json18
-rwxr-xr-xkubernetes/oof/components/oof-has/resources/config/onboard.json6
-rwxr-xr-xkubernetes/oof/components/oof-has/templates/job-healthcheck.yaml100
-rwxr-xr-xkubernetes/oof/components/oof-has/templates/job-onboard.yaml105
-rwxr-xr-xkubernetes/oof/components/oof-has/values.yaml86
-rw-r--r--kubernetes/oof/components/oof-templates/templates/_secret.tpl6
-rw-r--r--kubernetes/portal/docker/init/mariadb-client/db_migrate.sh8
-rwxr-xr-xkubernetes/robot/demo-k8s.sh2
-rwxr-xr-xkubernetes/robot/ete-k8s.sh2
-rwxr-xr-xkubernetes/robot/eteHelm-k8s.sh2
-rwxr-xr-xkubernetes/robot/scripts/etescript/vnfsdk-etescript.sh2
-rw-r--r--kubernetes/sdc/components/sdc-be/templates/deployment.yaml23
-rw-r--r--kubernetes/sdc/components/sdc-be/templates/job.yaml2
-rw-r--r--kubernetes/sdc/components/sdc-be/values.yaml6
-rw-r--r--kubernetes/sdc/components/sdc-cs/values.yaml4
-rw-r--r--kubernetes/sdc/components/sdc-fe/templates/deployment.yaml10
-rw-r--r--kubernetes/sdc/components/sdc-fe/values.yaml2
-rw-r--r--kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml26
-rw-r--r--kubernetes/sdc/components/sdc-onboarding-be/values.yaml6
-rw-r--r--kubernetes/sdc/requirements.yaml2
-rwxr-xr-xkubernetes/sdc/resources/config/environments/AUTO.json8
-rw-r--r--kubernetes/sdc/values.yaml7
54 files changed, 585 insertions, 476 deletions
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat
index a5e354053a..84bd723aad 100644
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat
+++ b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat
@@ -45,8 +45,7 @@ ngi@ngi.onap.org|ngi|local|/opt/app/osaaf/local||mailto:|org.onap.ngi|root|30|{'
oof@oof.onap.org|oof.api.simpledemo.onap.org|local|/opt/app/osaaf/local||mailto:jflood@att.com|org.onap.oof|root|30|{'cmso-onap', 'cmso.api.simpledemo.onap.org', 'cmso.onap', 'oof-has-api', 'oof-has-api.onap', 'oof-onap', 'oof-opteng', 'oof-opteng.onap', 'oof-osdf', 'oof-osdf.onap', 'oof.api.simpledemo.onap.org', 'oof.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
oof@oof.onap.org|oof|local|/opt/app/osaaf/local||mailto:jflood@att.com|org.onap.oof|root|30|{'cmso-onap', 'cmso.api.simpledemo.onap.org', 'cmso.onap', 'oof-has-api', 'oof-has-api.onap', 'oof-onap', 'oof-osdf', 'oof-osdf.onap', 'oof.api.simpledemo.onap.org', 'oof.onap'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
oof@oof.onap.org|oof.onap|local|/opt/app/osaaf/local||mailto:jflood@att.com|org.onap.oof|root|30|{'cmso-onap', 'cmso.api.simpledemo.onap.org', 'cmso.onap', 'oof-cmso', 'oof-cmso-optimizer', 'oof-cmso-ticketmgt', 'oof-cmso-topology', 'oof-has-api', 'oof-has-api.onap', 'oof-onap', 'oof-opteng', 'oof-opteng.onap', 'oof-osdf', 'oof-osdf.onap', 'oof.api.simpledemo.onap.org', 'oof.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-policy@policy.onap.org|policy|local|/opt/app/osaaf/local||mailto:|org.onap.policy|root|60|{'*.pdp', '*.pdp.onap.svc.cluster.local', 'brmsgw', 'brmsgw.onap', 'drools', 'drools.onap', 'pap', 'pap.onap', 'pdp', 'pdp.onap', 'policy', 'policy-apex-pdp', 'policy-apex-pdp.onap', 'policy-api', 'policy-api.onap', 'policy-distribution', 'policy-distribution.onap', 'policy-pap', 'policy-pap.onap', 'policy-xacml-pdp', 'policy-xacml-pdp.onap', 'policy.api.simpledemo.onap.org'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-policy@policy.onap.org|policy_onap|local|/opt/app/osaaf/local||mailto:|org.onap.policy|root|30|{'*.pdp', '*.pdp.onap.svc.cluster.local', 'brmsgw', 'brmsgw.onap', 'drools', 'drools.onap', 'pap', 'pap.onap', 'pdp', 'pdp.onap', 'policy', 'policy-apex-pdp', 'policy-apex-pdp.onap', 'policy-distribution', 'policy-distribution.onap', 'policy.api.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'pkcs12'}
+policy@policy.onap.org|policy|local|/opt/app/osaaf/local||mailto:|org.onap.policy|root|60|{'policy-drools-pdp', 'policy-drools-pdp.onap', 'policy', 'policy-apex-pdp', 'policy-apex-pdp.onap', 'policy-api', 'policy-api.onap', 'policy-distribution', 'policy-distribution.onap', 'policy-pap', 'policy-pap.onap', 'policy-xacml-pdp', 'policy-xacml-pdp.onap', 'policy.api.simpledemo.onap.org'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
pomba@pomba.onap.org|onap.pomba|local|/opt/app/osaaf/local||mailto:|org.onap.pomba|root|30|{'onap.pomba', 'onap_pomba', 'pomba', 'pomba.api.simpledemo.onap.org', 'pomba.onap', 'pomba_onap'}|aaf_admin@osaaf.org|{'jks', 'pkcs12', 'script'}
portal@portal.onap.org|portal|local|/opt/app/osaaf/local||mailto:|org.onap.portal|root|30|{'onap.portal', 'onap_portal', 'portal', 'portal-app', 'portal.api.simpledemo.onap.org', 'portal.onap', 'portal_onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
refrepo@refrepo.onap.org|refrepo|local|/opt/app/osaaf/local||mailto:|org.onap.refrepo|root|30|{'refrepo', 'refrepo.api.simpledemo.onap.org', 'refrepo.onap'}|aaf_admin@osaaf.org|{'file', 'pkcs12'}
diff --git a/kubernetes/common/cassandra/resources/restore.sh b/kubernetes/common/cassandra/resources/restore.sh
index a8105345f7..7f271d262f 100644
--- a/kubernetes/common/cassandra/resources/restore.sh
+++ b/kubernetes/common/cassandra/resources/restore.sh
@@ -41,7 +41,7 @@ then
print_usage
fi
-while [[ $# -gt 0 ]]
+while [ $# -gt 0 ]
do
key="$1"
shift
diff --git a/kubernetes/common/etcd-init/.helmignore b/kubernetes/common/etcd-init/.helmignore
new file mode 100644
index 0000000000..f0c1319444
--- /dev/null
+++ b/kubernetes/common/etcd-init/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/common/etcd-init/Chart.yaml b/kubernetes/common/etcd-init/Chart.yaml
new file mode 100644
index 0000000000..20f5ac40cc
--- /dev/null
+++ b/kubernetes/common/etcd-init/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright (C) 2021 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Chart for etcd init job
+name: etcd-init
+version: 8.0.0
diff --git a/kubernetes/common/etcd-init/requirements.yaml b/kubernetes/common/etcd-init/requirements.yaml
new file mode 100644
index 0000000000..008789b822
--- /dev/null
+++ b/kubernetes/common/etcd-init/requirements.yaml
@@ -0,0 +1,21 @@
+# Copyright (C) 2021 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~8.x-0
+ repository: 'file://../common'
+ - name: repositoryGenerator
+ version: ~8.x-0
+ repository: 'file://../repositoryGenerator'
diff --git a/kubernetes/common/etcd-init/templates/job.yaml b/kubernetes/common/etcd-init/templates/job.yaml
new file mode 100644
index 0000000000..69bcfaaf99
--- /dev/null
+++ b/kubernetes/common/etcd-init/templates/job.yaml
@@ -0,0 +1,104 @@
+{{/*
+# Copyright (C) 2021 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-job
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ backoffLimit: {{ .Values.backoffLimit }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
+ name: {{ include "common.name" . }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ command:
+ - /app/ready.py
+ args:
+ - --container-name
+ - {{ .Values.etcd.containerName }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: {{ include "repositoryGenerator.image.readiness" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ containers:
+ - name: {{ include "common.name" . }}
+ image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /bin/sh
+ - -ec
+ - |
+ # Create users
+ export ETCDCTL_ENDPOINTS=http://${ETCD_HOST}:${ETCD_PORT}
+ export ETCDCTL_API=3
+ echo "${ROOT_PASSWORD}" | etcdctl user add root --interactive=false
+ echo "${APP_PASSWORD}" | etcdctl user add ${APP_USER} --interactive=false
+
+ # Create roles
+ etcdctl role add ${APP_ROLE}
+ etcdctl role grant-permission ${APP_ROLE} --prefix=true readwrite ${KEY_PREFIX}
+
+ etcdctl user grant-role ${APP_USER} ${APP_ROLE}
+ etcdctl auth enable
+ env:
+ - name: ALLOW_NONE_AUTHENTICATION
+ value: "yes"
+ - name: ETCD_HOST
+ value: "{{ .Values.etcd.serviceName }}.{{ include "common.namespace" . }}"
+ - name: ETCD_PORT
+ value: "{{ .Values.etcd.port }}"
+ - name: ROOT_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "root-password" "key" "password" ) | indent 10 }}
+ - name: APP_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-creds" "key" "login") | indent 10 }}
+ - name: APP_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-creds" "key" "password") | indent 10 }}
+ - name: APP_ROLE
+ value: "{{ .Values.config.appRole }}"
+ - name: KEY_PREFIX
+ value: "{{ .Values.config.keyPrefix }}"
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ resources: {{ include "common.resources" . | nindent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity: {{ toYaml .Values.affinity | nindent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ restartPolicy: Never
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/common/etcd-init/templates/secret.yaml b/kubernetes/common/etcd-init/templates/secret.yaml
new file mode 100644
index 0000000000..e874185693
--- /dev/null
+++ b/kubernetes/common/etcd-init/templates/secret.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright (C) 2021 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/common/etcd-init/values.yaml b/kubernetes/common/etcd-init/values.yaml
new file mode 100644
index 0000000000..c99c9f1e5b
--- /dev/null
+++ b/kubernetes/common/etcd-init/values.yaml
@@ -0,0 +1,74 @@
+# Copyright (C) 2021 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global: {}
+
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: root-password
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.config.userRootSecret) . }}'
+ password: '{{ .Values.config.userRootPassword }}'
+ - uid: app-creds
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.appUser }}'
+ password: '{{ .Values.config.appPassword }}'
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+
+image: bitnami/etcd:3.3.15
+pullPolicy: Always
+backoffLimit: 20
+
+nodeSelector: {}
+
+affinity: {}
+
+etcd:
+ serviceName: k8s-etcd
+ port : 2379
+ containerName: k8s-etcd
+
+config:
+ userRootSecret: root
+# userCredentialsExternalSecret:
+ appUser: user
+ appRole: role
+ keyPrefix: key
+
+flavor: small
+resources:
+ small:
+ limits:
+ cpu: 100m
+ memory: 500Mi
+ requests:
+ cpu: 10m
+ memory: 10Mi
+ large:
+ limits:
+ cpu: 200m
+ memory: 500Mi
+ requests:
+ cpu: 20m
+ memory: 20Mi
+ unlimited: {}
diff --git a/kubernetes/common/etcd/templates/statefulset.yaml b/kubernetes/common/etcd/templates/statefulset.yaml
index a343d4fce5..48c8b6d0cc 100644
--- a/kubernetes/common/etcd/templates/statefulset.yaml
+++ b/kubernetes/common/etcd/templates/statefulset.yaml
@@ -49,7 +49,7 @@ spec:
{{ toYaml .Values.tolerations | indent 8 }}
{{- end }}
containers:
- - name: {{ include "common.fullname" . }}
+ - name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.googleK8sRepository" . }}/{{ .Values.image }}
imagePullPolicy: "{{ .Values.pullPolicy }}"
ports:
diff --git a/kubernetes/config/prepull_docker.sh b/kubernetes/config/prepull_docker.sh
index 040adec23d..590d651f87 100755
--- a/kubernetes/config/prepull_docker.sh
+++ b/kubernetes/config/prepull_docker.sh
@@ -102,7 +102,7 @@ do
for line in `parse_yaml $filename`
do
#skiping commented line
- if [[ ${line:0:1} != '#' ]]; then
+ if [ "${line:0:1}" != '#' ]; then
#find all image subtag inside converted values.yaml file's lines
if echo $line | grep -q $IMAGE_TEXT ; then
#find imageName inside line
diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh
index 1a75bd7a85..67bbfd6c6f 100755
--- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh
+++ b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh
@@ -86,9 +86,11 @@ deploy() {
target_machine_notice_info
}
-if [[ $# -eq 1 ]] && [[ $1 = "-h" || $1 = "--help" ]]; then
+if [ $# -eq 1 ] && [ "$1" = "-h" ]; then
usage
-elif [[ $# -eq 1 ]] && [[ $1 = "--info" ]]; then
+elif [ $# -eq 1 ] && [ "$1" = "--help" ]; then
+ usage
+elif [ $# -eq 1 ] && [ "$1" = "--info" ]; then
target_machine_notice_info
else
deploy $@
diff --git a/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh b/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh
index 44fe79a0c6..bf2bc121a7 100755
--- a/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh
+++ b/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh
@@ -76,9 +76,11 @@ manual_configuration() {
generate_config_map $@
}
-if [[ $# -eq 1 ]] && [[ $1 = "-h" || $1 = "--help" ]]; then
+if [ $# -eq 1 ] && [ "$1" = "-h" ]; then
usage
-elif [[ $# -eq 0 ]]; then
+if [ $# -eq 1 ] && [ "$1" = "--help" ]; then
+ usage
+elif [ $# -eq 0 ]; then
automatic_configuration
else
manual_configuration $@
diff --git a/kubernetes/contrib/tools/rke/rke_setup.sh b/kubernetes/contrib/tools/rke/rke_setup.sh
index 7950e0cc88..2ee123b36a 100755
--- a/kubernetes/contrib/tools/rke/rke_setup.sh
+++ b/kubernetes/contrib/tools/rke/rke_setup.sh
@@ -344,7 +344,7 @@ while getopts ":b:s:e:u:l:k:v" PARAM; do
esac
done
-if [[ -z $BRANCH ]]; then
+if [ -z $BRANCH ]; then
usage
exit 1
fi
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
index 5de526288e..310d9ae662 100644
--- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
@@ -274,6 +274,10 @@ spec:
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}
env:
+ {{- range $cred := .Values.credentials }}
+ - name: {{ $cred.name }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" $ "uid" $cred.uid "key" $cred.key) | indent 10 }}
+ {{- end }}
{{- if $certDir }}
- name: DCAE_CA_CERTPATH
value: {{ $certDir }}/cacert.pem
@@ -317,6 +321,8 @@ spec:
volumeMounts:
- mountPath: /app-config
name: app-config
+ - mountPath: /app-config-input
+ name: app-config-input
{{- if $logDir }}
- mountPath: {{ $logDir}}
name: component-log
@@ -324,7 +330,7 @@ spec:
{{- if $certDir }}
- mountPath: {{ $certDir }}
name: tls-info
- {{- if and .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration -}}
+ {{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
{{- include "common.certManager.volumeMountsReadOnly" . | nindent 8 -}}
{{- end -}}
{{- end }}
@@ -422,7 +428,7 @@ spec:
{{- if $certDir }}
- emptyDir: {}
name: tls-info
- {{ if and .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration -}}
+ {{ if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
{{ include "common.certManager.volumesReadOnly" . | nindent 6 }}
{{- end }}
{{- end }}
@@ -443,7 +449,7 @@ spec:
*/}}
{{- define "dcaegen2-services-common._certPostProcessor" -}}
{{- $certDir := default "" .Values.certDirectory . -}}
- {{- if and $certDir .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration -}}
+ {{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
{{- $cmpv2Certificate := (index .Values.certificates 0) -}}
{{- $cmpv2CertificateDir := $cmpv2Certificate.mountPath -}}
{{- $certType := "pem" -}}
@@ -480,3 +486,16 @@ spec:
value: {{ $keystoreDestinationPaths | quote }}
{{- end }}
{{- end -}}
+
+{{/*
+ Template returns string "true" if CMPv2 certificates should be used and nothing (so it can be used in with statements)
+ when they shouldn't. Example use:
+ {{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
+
+*/}}
+{{- define "dcaegen2-services-common.shouldUseCmpv2Certificates" -}}
+ {{- $certDir := default "" .Values.certDirectory . -}}
+ {{- if (and $certDir .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration .Values.useCmpv2Certificates) -}}
+ true
+ {{- end -}}
+{{- end -}}
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/certificates.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/certificates.yaml
index 0db2138a4f..12a05885ca 100644
--- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/certificates.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/certificates.yaml
@@ -14,6 +14,6 @@
# limitations under the License.
*/}}
-{{ if and .Values.certDirectory .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
{{ include "certManagerCertificate.certificate" . }}
{{ end }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
index bb65f37f73..223789a75f 100644
--- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
@@ -65,8 +65,13 @@ secrets:
passwordPolicy: required
# CMPv2 certificate
-# It is used only when global parameter cmpv2Enabled is true
+# It is used only when:
+# - certDirectory is set
+# - global cmpv2Enabled flag is set to true
+# - global CertManagerIntegration flag is set to true
+# - flag useCmpv2Certificates is set to true
# Disabled by default
+useCmpv2Certificates: false
certificates:
- mountPath: /etc/ves-hv/ssl/external
commonName: dcae-hv-ves-collector
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/certificates.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/certificates.yaml
index 0db2138a4f..12a05885ca 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/certificates.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/certificates.yaml
@@ -14,6 +14,6 @@
# limitations under the License.
*/}}
-{{ if and .Values.certDirectory .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
{{ include "certManagerCertificate.certificate" . }}
{{ end }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
index a675db6797..9e08ea1a69 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
@@ -58,8 +58,13 @@ certDirectory: /opt/app/dcae-certificate
tlsServer: true
# CMPv2 certificate
-# It is used only when global parameter cmpv2Enabled is true
+# It is used only when:
+# - certDirectory is set
+# - global cmpv2Enabled flag is set to true
+# - global CertManagerIntegration flag is set to true
+# - flag useCmpv2Certificates is set to true
# Disabled by default
+useCmpv2Certificates: false
certificates:
- mountPath: /opt/app/dcae-certificate/external
commonName: dcae-ves-collector
diff --git a/kubernetes/helm/plugins/deploy/deploy.sh b/kubernetes/helm/plugins/deploy/deploy.sh
index 0d434ad877..ce8e80225f 100755
--- a/kubernetes/helm/plugins/deploy/deploy.sh
+++ b/kubernetes/helm/plugins/deploy/deploy.sh
@@ -49,14 +49,14 @@ generate_overrides() {
for index in "${!SUBCHART_NAMES[@]}"; do
START=${SUBCHART_NAMES[index]}
END=${SUBCHART_NAMES[index+1]}
- if [[ $START = "global:" ]]; then
+ if [ "$START" = "global:" ]; then
echo "global:" > $GLOBAL_OVERRIDES
cat $COMPUTED_OVERRIDES | sed '/common:/,/consul:/d' \
| sed -n '/^'"$START"'/,/'log:'/p' | sed '1d;$d' >> $GLOBAL_OVERRIDES
else
SUBCHART_DIR="$CACHE_SUBCHART_DIR/$(echo "$START" |cut -d':' -f1)"
- if [[ -d "$SUBCHART_DIR" ]]; then
- if [[ -z "$END" ]]; then
+ if [ -d "$SUBCHART_DIR" ]; then
+ if [ -z "$END" ]; then
cat $COMPUTED_OVERRIDES | sed -n '/^'"$START"'/,/'"$END"'/p' \
| sed '1d;$d' | cut -c3- > $SUBCHART_DIR/subchart-overrides.yaml
else
@@ -72,11 +72,11 @@ resolve_deploy_flags() {
n=${#flags[*]}
i=0 ; while [ "$i" -lt "$n" ]; do
PARAM=${flags[i]}
- if [[ $PARAM = "-f" || \
- $PARAM = "--values" || \
- $PARAM = "--set" || \
- $PARAM = "--set-string" || \
- $PARAM = "--version" ]]; then
+ if [ "$PARAM" = "-f" ] || \
+ [ "$PARAM" = "--values" ] || \
+ [ "$PARAM" = "--set" ] || \
+ [ "$PARAM" = "--set-string" ] || \
+ [ "$PARAM" = "--version" ]; then
# skip param and its value
i=$((i + 1))
else
@@ -89,7 +89,7 @@ resolve_deploy_flags() {
deploy() {
# validate params
- if [[ -z "$1" || -z "$2" ]]; then
+ if [ -z "$1" ] || [ -z "$2" ]; then
usage
exit 0
fi
@@ -99,7 +99,7 @@ deploy() {
FLAGS=${@:3}
CHART_REPO="$(echo "$CHART_URL" |cut -d'/' -f1)"
CHART_NAME="$(echo "$CHART_URL" |cut -d'/' -f2)"
- if [[ $HELM_VER = "v3."* ]]; then
+ if expr "$HELM_VER" : "v3\..*" ; then
CACHE_DIR=~/.local/share/helm/plugins/deploy/cache
else
CACHE_DIR=~/.helm/plugins/deploy/cache
@@ -111,23 +111,23 @@ deploy() {
# determine if verbose output is enabled
VERBOSE="false"
- if [[ $FLAGS = *"--verbose"* ]]; then
+ if expr "$FLAGS" : ".*--verbose.*" ; then
FLAGS="$(echo $FLAGS| sed -n 's/--verbose//p')"
VERBOSE="true"
fi
# determine if delay for deployment is enabled
DELAY="false"
- if [[ $FLAGS = *"--delay"* ]]; then
+ if expr "$FLAGS" : ".*--delay.*" ; then
FLAGS="$(echo $FLAGS| sed -n 's/--delay//p')"
DELAY="true"
fi
# determine if set-last-applied flag is enabled
SET_LAST_APPLIED="false"
- if [[ $FLAGS = *"--set-last-applied"* ]]; then
+ if expr"$FLAGS" : ".*--set-last-applied.*" ; then
FLAGS="$(echo $FLAGS| sed -n 's/--set-last-applied//p')"
SET_LAST_APPLIED="true"
fi
- if [[ $FLAGS = *"--dry-run"* ]]; then
+ if expr "$FLAGS" : ".*--dry-run.*" ; then
VERBOSE="true"
FLAGS="$FLAGS --debug"
fi
@@ -150,7 +150,7 @@ deploy() {
SUBCHART_RELEASE="$(echo "$RELEASE" |cut -d'-' -f2)"
# update specified subchart without parent
RELEASE="$(echo "$RELEASE" |cut -d'-' -f1)"
- if [[ $SUBCHART_RELEASE = $RELEASE ]]; then
+ if [ "$SUBCHART_RELEASE" = "$RELEASE" ]; then
SUBCHART_RELEASE=
fi
@@ -158,7 +158,7 @@ deploy() {
rm -rf $CACHE_DIR
# fetch umbrella chart (parent chart containing subcharts)
- if [[ -d "$CHART_URL" ]]; then
+ if [ -d "$CHART_URL" ]; then
mkdir -p $CHART_DIR
cp -R $CHART_URL/* $CHART_DIR/
@@ -195,20 +195,20 @@ deploy() {
generate_overrides $COMPUTED_OVERRIDES $GLOBAL_OVERRIDES
# upgrade/install parent chart first
- if [[ -z "$SUBCHART_RELEASE" ]]; then
+ if [ -z "$SUBCHART_RELEASE" ]; then
LOG_FILE=$LOG_DIR/${RELEASE}.log
:> $LOG_FILE
helm upgrade -i $RELEASE $CHART_DIR $DEPLOY_FLAGS -f $COMPUTED_OVERRIDES \
> $LOG_FILE.log 2>&1
- if [[ $VERBOSE = "true" ]]; then
+ if [ "$VERBOSE" = "true" ]; then
cat $LOG_FILE
else
echo "release \"$RELEASE\" deployed"
fi
# Add annotation last-applied-configuration if set-last-applied flag is set
- if [[ $SET_LAST_APPLIED = "true" ]]; then
+ if [ "$SET_LAST_APPLIED" = "true" ]; then
helm get manifest ${RELEASE} \
| kubectl apply set-last-applied --create-annotation -n onap -f - \
> $LOG_FILE.log 2>&1
@@ -224,12 +224,12 @@ deploy() {
SUBCHART_OVERRIDES=$CACHE_SUBCHART_DIR/$subchart/subchart-overrides.yaml
SUBCHART_ENABLED=0
- if [[ -f $SUBCHART_OVERRIDES ]]; then
+ if [ -f $SUBCHART_OVERRIDES ]; then
SUBCHART_ENABLED=$(cat $SUBCHART_OVERRIDES | grep -c "^enabled: true")
fi
- if [[ $SUBCHART_ENABLED -eq 1 ]]; then
- if [[ -z "$SUBCHART_RELEASE" || $SUBCHART_RELEASE = "$subchart" ]]; then
+ if [ $SUBCHART_ENABLED -eq 1 ]; then
+ if [ -z "$SUBCHART_RELEASE" ] || [ "$SUBCHART_RELEASE" = "$subchart" ]; then
LOG_FILE=$LOG_DIR/"${RELEASE}-${subchart}".log
:> $LOG_FILE
@@ -237,19 +237,19 @@ deploy() {
$DEPLOY_FLAGS -f $GLOBAL_OVERRIDES -f $SUBCHART_OVERRIDES \
> $LOG_FILE 2>&1
- if [[ $VERBOSE = "true" ]]; then
+ if [ "$VERBOSE" = "true" ]; then
cat $LOG_FILE
else
echo "release \"${RELEASE}-${subchart}\" deployed"
fi
# Add annotation last-applied-configuration if set-last-applied flag is set
- if [[ $SET_LAST_APPLIED = "true" ]]; then
+ if [ "$SET_LAST_APPLIED" = "true" ]; then
helm get manifest "${RELEASE}-${subchart}" \
| kubectl apply set-last-applied --create-annotation -n onap -f - \
> $LOG_FILE.log 2>&1
fi
fi
- if [[ $DELAY = "true" ]]; then
+ if [ "$DELAY" = "true" ]; then
echo sleep 3m
sleep 3m
fi
@@ -257,7 +257,7 @@ deploy() {
array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}"))
n=${#array[*]}
for i in $(seq $(($n-1)) -1 0); do
- if [[ $HELM_VER = "v3."* ]]; then
+ if expr "$HELM_VER" : "v3\..*" ; then
helm del "${array[i]}"
else
helm del "${array[i]}" --purge
@@ -267,7 +267,7 @@ deploy() {
done
# report on success/failures of installs/upgrades
- if [[ $HELM_VER = "v3."* ]]; then
+ if expr "$HELM_VER" : "v3\..*" ; then
helm ls --all-namespaces | grep -i FAILED | grep $RELEASE
else
helm ls | grep FAILED | grep $RELEASE
diff --git a/kubernetes/helm/plugins/undeploy/undeploy.sh b/kubernetes/helm/plugins/undeploy/undeploy.sh
index 1689bf1b48..790f84fda9 100755
--- a/kubernetes/helm/plugins/undeploy/undeploy.sh
+++ b/kubernetes/helm/plugins/undeploy/undeploy.sh
@@ -29,7 +29,7 @@ undeploy() {
done
}
-if [[ $# < 1 ]]; then
+if [ $# < 1 ]; then
echo "Error: command 'undeploy' requires a release name"
exit 0
fi
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml
index 491250c72a..ba4a657c1a 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml
@@ -55,21 +55,6 @@ spec:
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- - name: {{ include "common.name" . }}-onboard-readiness
- command:
- - /app/ready.py
- args:
- - -j
- - "{{ include "common.release" . }}-oof-has-onboard"
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-
- name: {{ include "common.name" . }}-has-sms-readiness
command:
- sh
@@ -94,7 +79,7 @@ spec:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"]
+ command: ["/bin/sh","-c"]
args: ["/usr/local/bin/uwsgi -s /run/conductor/uwsgi.sock --chmod-socket=777 --wsgi-file /etc/nginx/conductor.wsgi --callable application --set port={{ .Values.uwsgi.internalPort }} --die-on-term --exit-on-reload --pidfile /run/conductor/conductor-uwsgi.pid --enable-threads --workers 6 --master --vacuum --single-interpreter --socket-timeout 10 --max-worker-lifetime 300 --max-requests 100 --no-defer-accept --protocol=uwsgi --socket 0.0.0.0:{{ .Values.uwsgi.internalPort }}"]
ports:
- containerPort: {{ .Values.uwsgi.internalPort }}
@@ -112,7 +97,7 @@ spec:
port: {{ .Values.uwsgi.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
+ env: {{ include "oof.etcd.env" . | nindent 10 }}
volumeMounts:
- mountPath: /etc/localtime
name: localtime
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
index d6743cdfda..63461d9c83 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
@@ -16,7 +16,7 @@
global: # global defaults
nodePortPrefix: 302
image:
- optf_has: onap/optf-has:2.1.5
+ optf_has: onap/optf-has:2.2.0
#################################################################
# secrets metaconfig
@@ -26,6 +26,18 @@ secrets:
externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
type: generic
filePaths: '{{ .Values.secretsFilePaths }}'
+ - uid: oof-has-etcd-secret
+ name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.etcd.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.etcd.appUser }}'
+ password: '{{ .Values.config.etcd.appPassword }}'
+ passwordPolicy: required
+
+config:
+ etcd:
+ appUser: user
+ appPassword: pass
service:
type: NodePort
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml
index 8e0ff1aeb5..895a305b53 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml
@@ -41,8 +41,8 @@ spec:
command:
- /app/ready.py
args:
- - --container-name
- - music-springboot
+ - --job-name
+ - {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job
- --container-name
- aaf-sms
env:
@@ -54,21 +54,6 @@ spec:
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- - name: {{ include "common.name" . }}-onboard-readiness
- command:
- - /app/ready.py
- args:
- - -j
- - "{{ include "common.release" . }}-oof-has-onboard"
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-
- name: {{ include "common.name" . }}-cont-sms-readiness
command:
- sh
@@ -114,7 +99,7 @@ spec:
- /usr/local/bin/healthy.sh
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
+ env: {{ include "oof.etcd.env" . | nindent 10 }}
volumeMounts:
- mountPath: /etc/localtime
name: localtime
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml
index 3cbf96adc1..9e799e1045 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml
@@ -14,7 +14,7 @@
global:
image:
- optf_has: onap/optf-has:2.1.5
+ optf_has: onap/optf-has:2.2.0
#################################################################
# Secrets metaconfig
@@ -24,6 +24,18 @@ secrets:
externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
type: generic
filePaths: '{{ .Values.secretsFilePaths }}'
+ - uid: oof-has-etcd-secret
+ name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.etcd.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.etcd.appUser }}'
+ password: '{{ .Values.config.etcd.appPassword }}'
+ passwordPolicy: required
+
+config:
+ etcd:
+ appUser: user
+ appPassword: pass
ingress:
enabled: false
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml
index f4ccd57773..cc4eaf08b9 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml
@@ -41,38 +41,8 @@ spec:
command:
- /app/ready.py
args:
- - --container-name
- - music-springboot
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-
- - name: {{ include "common.name" . }}-onboard-readiness
- command:
- - /app/ready.py
- args:
- - -j
- - "{{ include "common.release" . }}-oof-has-onboard"
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-
- - name: {{ include "common.name" . }}-health-readiness
- command:
- - /app/ready.py
- args:
- - -j
- - "{{ include "common.release" . }}-oof-has-healthcheck"
+ - --job-name
+ - {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job
env:
- name: NAMESPACE
valueFrom:
@@ -128,7 +98,7 @@ spec:
- /usr/local/bin/healthy.sh
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
+ env: {{ include "oof.etcd.env" . | nindent 10 }}
volumeMounts:
- mountPath: /etc/localtime
name: localtime
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml
index 0940a9db39..915ffc019f 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml
@@ -14,7 +14,7 @@
global:
image:
- optf_has: onap/optf-has:2.1.5
+ optf_has: onap/optf-has:2.2.0
#################################################################
# secrets metaconfig
@@ -24,6 +24,18 @@ secrets:
externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
type: generic
filePaths: '{{ .Values.secretsFilePaths }}'
+ - uid: oof-has-etcd-secret
+ name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.etcd.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.etcd.appUser }}'
+ password: '{{ .Values.config.etcd.appPassword }}'
+ passwordPolicy: required
+
+config:
+ etcd:
+ appUser: user
+ appPassword: pass
ingress:
enabled: false
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml
index 4d04b6fe76..095162bea2 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml
@@ -41,38 +41,8 @@ spec:
command:
- /app/ready.py
args:
- - --container-name
- - music-springboot
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-
- - name: {{ include "common.name" . }}-onboard-readiness
- command:
- - /app/ready.py
- args:
- - -j
- - "{{ include "common.release" . }}-oof-has-onboard"
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-
- - name: {{ include "common.name" . }}-health-readiness
- command:
- - /app/ready.py
- args:
- - -j
- - "{{ include "common.release" . }}-oof-has-healthcheck"
+ - --job-name
+ - {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job
env:
- name: NAMESPACE
valueFrom:
@@ -128,7 +98,7 @@ spec:
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
{{ end -}}
- env:
+ env: {{ include "oof.etcd.env" . | nindent 10 }}
volumeMounts:
- mountPath: /etc/localtime
name: localtime
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml
index 0940a9db39..915ffc019f 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml
@@ -14,7 +14,7 @@
global:
image:
- optf_has: onap/optf-has:2.1.5
+ optf_has: onap/optf-has:2.2.0
#################################################################
# secrets metaconfig
@@ -24,6 +24,18 @@ secrets:
externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
type: generic
filePaths: '{{ .Values.secretsFilePaths }}'
+ - uid: oof-has-etcd-secret
+ name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.etcd.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.etcd.appUser }}'
+ password: '{{ .Values.config.etcd.appPassword }}'
+ passwordPolicy: required
+
+config:
+ etcd:
+ appUser: user
+ appPassword: pass
ingress:
enabled: false
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml
index 6079dcfd6e..d664ca0875 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml
@@ -41,38 +41,8 @@ spec:
command:
- /app/ready.py
args:
- - --container-name
- - music-springboot
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-
- - name: {{ include "common.name" . }}-onboard-readiness
- command:
- - /app/ready.py
- args:
- - -j
- - "{{ include "common.release" . }}-oof-has-onboard"
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-
- - name: {{ include "common.name" . }}-health-readiness
- command:
- - /app/ready.py
- args:
- - -j
- - "{{ include "common.release" . }}-oof-has-healthcheck"
+ - --job-name
+ - {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job
env:
- name: NAMESPACE
valueFrom:
@@ -128,7 +98,7 @@ spec:
- /usr/local/bin/healthy.sh
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
+ env: {{ include "oof.etcd.env" . | nindent 10 }}
volumeMounts:
- mountPath: /etc/localtime
name: localtime
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml
index 0940a9db39..915ffc019f 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml
@@ -14,7 +14,7 @@
global:
image:
- optf_has: onap/optf-has:2.1.5
+ optf_has: onap/optf-has:2.2.0
#################################################################
# secrets metaconfig
@@ -24,6 +24,18 @@ secrets:
externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
type: generic
filePaths: '{{ .Values.secretsFilePaths }}'
+ - uid: oof-has-etcd-secret
+ name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.etcd.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.etcd.appUser }}'
+ password: '{{ .Values.config.etcd.appPassword }}'
+ passwordPolicy: required
+
+config:
+ etcd:
+ appUser: user
+ appPassword: pass
ingress:
enabled: false
diff --git a/kubernetes/oof/components/oof-has/requirements.yaml b/kubernetes/oof/components/oof-has/requirements.yaml
index 851211a1fb..7310aac8d0 100755
--- a/kubernetes/oof/components/oof-has/requirements.yaml
+++ b/kubernetes/oof/components/oof-has/requirements.yaml
@@ -20,6 +20,15 @@ dependencies:
- name: music
version: ~8.x-0
repository: '@local'
+ condition: music.enabled
+ - name: etcd
+ version: ~8.x-0
+ repository: '@local'
+ condition: etcd.enabled
+ - name: etcd-init
+ version: ~8.x-0
+ repository: '@local'
+ condition: etcd-init.enabled
- name: oof-has-api
version: ~8.x-0
repository: 'file://components/oof-has-api'
diff --git a/kubernetes/oof/components/oof-has/resources/config/conductor.conf b/kubernetes/oof/components/oof-has/resources/config/conductor.conf
index ded979c4fc..18b60bba4a 100755
--- a/kubernetes/oof/components/oof-has/resources/config/conductor.conf
+++ b/kubernetes/oof/components/oof-has/resources/config/conductor.conf
@@ -424,6 +424,30 @@ server_url = http://{{.Values.config.msb.serviceName}}.{{ include "common.namesp
#server_url_version = v0
+[db_options]
+
+# db_backend to use
+db_backend = {{.Values.config.dbBackend}}
+
+# Use music mock api
+music_mock = False
+
+
+[etcd_api]
+
+# host/ip address of etcd server
+host = {{.Values.config.etcd.serviceName}}.{{ include "common.namespace" . }}
+
+# port of etcd server
+port = {{.Values.config.etcd.port}}
+
+# username for etcd authentication
+username =
+
+# password for etcd authentication
+password =
+
+
[music_api]
#
diff --git a/kubernetes/oof/components/oof-has/resources/config/healthcheck.json b/kubernetes/oof/components/oof-has/resources/config/healthcheck.json
deleted file mode 100755
index 833fa0f5d9..0000000000
--- a/kubernetes/oof/components/oof-has/resources/config/healthcheck.json
+++ /dev/null
@@ -1,18 +0,0 @@
-{
- "consistencyInfo": {
- "type": "eventual"
- },
- "values": {
- "id": "healthcheck",
- "created": 1479482603641,
- "message": "",
- "name": "foo",
- "recommend_max": 1,
- "solution": "{\"healthcheck\": \" healthcheck\"}",
- "status": "solved",
- "template": "{\"healthcheck\": \"healthcheck\"}",
- "timeout": 3600,
- "translation": "{\"healthcheck\": \" healthcheck\"}",
- "updated": 1484324150629
- }
-}
diff --git a/kubernetes/oof/components/oof-has/resources/config/onboard.json b/kubernetes/oof/components/oof-has/resources/config/onboard.json
deleted file mode 100755
index 2c3d69be8d..0000000000
--- a/kubernetes/oof/components/oof-has/resources/config/onboard.json
+++ /dev/null
@@ -1,6 +0,0 @@
-{
- "appname": "conductor",
- "userId": "conductor",
- "isAAF": "false",
- "password": "c0nduct0r"
-}
diff --git a/kubernetes/oof/components/oof-has/templates/job-healthcheck.yaml b/kubernetes/oof/components/oof-has/templates/job-healthcheck.yaml
deleted file mode 100755
index 49406ba423..0000000000
--- a/kubernetes/oof/components/oof-has/templates/job-healthcheck.yaml
+++ /dev/null
@@ -1,100 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ include "common.fullname" . }}-healthcheck
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- initContainers:
- - image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
- command:
- - /app/ready.py
- args:
- - --container-name
- - oof-has-api
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- containers:
- - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-healthcheck
- command:
- - "/bin/sh"
- - "-c"
- - |
- echo "INSERT HEALTHCHECK PLAN";
- sleep 15;
- resp="FAILURE";
- until [ $resp = "200" ]; do
- resp=$(curl -k -s -o /dev/null --write-out %{http_code} -X POST https://{{.Values.config.music.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.music.port}}/MUSIC/rest/v2/keyspaces/conductor/tables/plans/rows?id=healthcheck \
- -H "Content-Type: application/json" \
- -H "ns: conductor" \
- -H "Authorization: Basic Y29uZHVjdG9yOmMwbmR1Y3Qwcg==" \
- --data @healthcheck.json);
- echo $resp;
- sleep 2;
- done;
- workingDir: /has
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /has/healthcheck.json
- name: {{ .Values.global.commonConfigPrefix }}-config
- subPath: healthcheck.json
- resources:
-{{ include "common.resources" . | indent 10 }}
- nodeSelector:
- {{- if .Values.nodeSelector }}
-{{ toYaml .Values.nodeSelector | indent 8 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 8 }}
- {{- end }}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: {{ .Values.global.commonConfigPrefix }}-config
- configMap:
- name: {{ .Values.global.commonConfigPrefix }}-configmap
- items:
- - key: healthcheck.json
- path: healthcheck.json
- restartPolicy: OnFailure
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/components/oof-has/templates/job-onboard.yaml b/kubernetes/oof/components/oof-has/templates/job-onboard.yaml
deleted file mode 100755
index e63aeb369a..0000000000
--- a/kubernetes/oof/components/oof-has/templates/job-onboard.yaml
+++ /dev/null
@@ -1,105 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ include "common.fullname" . }}-onboard
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- initContainers:
- - image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
- command:
- - /app/ready.py
- args:
- - --container-name
- - "music-springboot"
- - --container-name
- - "music-cassandra"
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- - command:
- - /app/ready.py
- args:
- - -j
- - "{{ include "common.release" . }}-music-cassandra-config"
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-music-db-readiness
- containers:
- - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-onboard
- command:
- - "/bin/sh"
- - "-c"
- - |
- echo "job-onboard"
- workingDir: /has
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /has/onboard.json
- name: {{ .Values.global.commonConfigPrefix }}-config
- subPath: onboard.json
- resources:
-{{ include "common.resources" . | indent 10 }}
- nodeSelector:
- {{- if .Values.nodeSelector }}
-{{ toYaml .Values.nodeSelector | indent 8 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 8 }}
- {{- end }}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: {{ .Values.global.commonConfigPrefix }}-config
- configMap:
- name: {{ .Values.global.commonConfigPrefix }}-configmap
- items:
- - key: onboard.json
- path: onboard.json
- restartPolicy: OnFailure
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/components/oof-has/values.yaml b/kubernetes/oof/components/oof-has/values.yaml
index 3615a3bd33..9a8b60574e 100755
--- a/kubernetes/oof/components/oof-has/values.yaml
+++ b/kubernetes/oof/components/oof-has/values.yaml
@@ -19,7 +19,7 @@
global:
commonConfigPrefix: onap-oof-has
image:
- optf_has: onap/optf-has:2.1.5
+ optf_has: onap/optf-has:2.2.0
persistence:
enabled: true
@@ -32,11 +32,24 @@ secrets:
externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
type: generic
filePaths: '{{ .Values.secretsFilePaths }}'
+ - uid: oof-has-etcd-root-password
+ name: &root-password '{{ include "common.release" . }}-has-etcd-root-password'
+ type: password
+ password: '{{ .Values.config.etcd.rootPassword }}'
+ policy: generate
+ - uid: oof-has-etcd-secret
+ name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.etcd.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.etcd.appUser }}'
+ password: '{{ .Values.config.etcd.appPassword }}'
+ passwordPolicy: generate
pullPolicy: Always
nodePortPrefix: 302
dataRootDir: /dockerdata-nfs
config:
+ dbBackend: etcd
aaf:
serviceName: aaf-service
port: 8100
@@ -58,6 +71,13 @@ config:
cps:
service: cps-tbdmt
port: 8080
+ etcd:
+ serviceName: &etcd-service oof-has-etcd
+ port: 2379
+ appUser: conductor
+# rootPassword:
+# appPassword:
+# userCredentialsExternalSecret:
# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)
@@ -79,19 +99,59 @@ resources:
unlimited: {}
#component overrides
-oof-has-api:
+oof-has-api: &has-config
enabled: true
certSecret: *oof-certs
-oof-has-controller:
- enabled: true
- certSecret: *oof-certs
-oof-has-data:
- enabled: true
- certSecret: *oof-certs
-oof-has-reservation:
- enabled: true
- certSecret: *oof-certs
-oof-has-solver:
+ config:
+ etcd:
+ userCredentialsExternalSecret: *user-creds
+ configJobNameOverride: &job-name oof-has-etcd-config
+oof-has-controller: *has-config
+oof-has-data: *has-config
+oof-has-reservation: *has-config
+oof-has-solver: *has-config
+music:
+ enabled: false
+
+#etcd subchart configurations
+etcd:
enabled: true
- certSecret: *oof-certs
+ replicaCount: 3
+ nameOverride: &etcd-container oof-has-etcd
+ service:
+ name: *etcd-service
+ persistence:
+ mountSubPath: oof/etcd/data
+ enabled: true
+ flavor: &etcd-flavor large
+ resources: &etcd-resources
+ small:
+ limits:
+ cpu: 100m
+ memory: 300Mi
+ requests:
+ cpu: 10m
+ memory: 75Mi
+ large:
+ limits:
+ cpu: 200m
+ memory: 1Gi
+ requests:
+ cpu: 50m
+ memory: 300Mi
+ unlimited: {}
+etcd-init:
+ enabled: true
+ nameOverride: *job-name
+ etcd:
+ serviceName: *etcd-service
+ port : 2379
+ containerName: *etcd-container
+ config:
+ userRootSecret: *root-password
+ userCredentialsExternalSecret: *user-creds
+ appRole: conductor
+ keyPrefix: conductor
+ flavor: *etcd-flavor
+ resources: *etcd-resources
diff --git a/kubernetes/oof/components/oof-templates/templates/_secret.tpl b/kubernetes/oof/components/oof-templates/templates/_secret.tpl
new file mode 100644
index 0000000000..0b04f7120b
--- /dev/null
+++ b/kubernetes/oof/components/oof-templates/templates/_secret.tpl
@@ -0,0 +1,6 @@
+{{- define "oof.etcd.env" -}}
+- name: OS_ETCD_API__USERNAME
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oof-has-etcd-secret" "key" "login") | indent 2 }}
+- name: OS_ETCD_API__PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oof-has-etcd-secret" "key" "password") | indent 2 }}
+{{- end -}} \ No newline at end of file
diff --git a/kubernetes/portal/docker/init/mariadb-client/db_migrate.sh b/kubernetes/portal/docker/init/mariadb-client/db_migrate.sh
index 6f62a0ebac..2b90a994c3 100644
--- a/kubernetes/portal/docker/init/mariadb-client/db_migrate.sh
+++ b/kubernetes/portal/docker/init/mariadb-client/db_migrate.sh
@@ -17,10 +17,10 @@
SQL_DEST_DIR=${SQL_DEST_DIR:-/tmp/sql}
DB_PORT=${DB_PORT:-3306}
-[[ -z "$SQL_SRC_DIR" ]] && { echo "Error: SQL_SRC_DIR must be provided as an environment variable"; exit 1; }
-[[ -z "$DB_USER" ]] && { echo "Error: DB_USER must be provided as an environment variable"; exit 1; }
-[[ -z "$DB_PASS" ]] && { echo "Error: DB_PASS must be provided as an environment variable"; exit 1; }
-[[ -z "$DB_HOST" ]] && { echo "Error: DB_HOST must be provided as an environment variable"; exit 1; }
+[ -z "$SQL_SRC_DIR" ] && { echo "Error: SQL_SRC_DIR must be provided as an environment variable"; exit 1; }
+[ -z "$DB_USER" ] && { echo "Error: DB_USER must be provided as an environment variable"; exit 1; }
+[ -z "$DB_PASS" ] && { echo "Error: DB_PASS must be provided as an environment variable"; exit 1; }
+[ -z "$DB_HOST" ] && { echo "Error: DB_HOST must be provided as an environment variable"; exit 1; }
mkdir -p $SQL_DEST_DIR
diff --git a/kubernetes/robot/demo-k8s.sh b/kubernetes/robot/demo-k8s.sh
index d48070cf24..099f80ccff 100755
--- a/kubernetes/robot/demo-k8s.sh
+++ b/kubernetes/robot/demo-k8s.sh
@@ -63,7 +63,7 @@ usage ()
# Check if execscript flag is used and drop it from input arguments
-if [[ "${!#}" = "execscript" ]]; then
+if [ "${!#}" = "execscript" ]; then
set -- "${@:1:$#-1}"
execscript=true
fi
diff --git a/kubernetes/robot/ete-k8s.sh b/kubernetes/robot/ete-k8s.sh
index 97f4e4d032..15d07fb3ee 100755
--- a/kubernetes/robot/ete-k8s.sh
+++ b/kubernetes/robot/ete-k8s.sh
@@ -76,7 +76,7 @@ SCRIPTDIR=scripts/etescript
ETEHOME=/var/opt/ONAP
-if [[ "${!#}" = "execscript" ]]; then
+if [ "${!#}" = "execscript" ]; then
for script in $(ls -1 "$DIR/$SCRIPTDIR"); do
[ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script"
done
diff --git a/kubernetes/robot/eteHelm-k8s.sh b/kubernetes/robot/eteHelm-k8s.sh
index 2512e5f7ce..d5e2fa41c3 100755
--- a/kubernetes/robot/eteHelm-k8s.sh
+++ b/kubernetes/robot/eteHelm-k8s.sh
@@ -44,7 +44,7 @@ SCRIPTDIR=scripts/helmscript
ETEHOME=/var/opt/ONAP
-if [[ "${!#}" = "execscript" ]]; then
+if [ "${!#}" = "execscript" ]; then
for script in $(ls -1 "$DIR/$SCRIPTDIR"); do
[ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script"
done
diff --git a/kubernetes/robot/scripts/etescript/vnfsdk-etescript.sh b/kubernetes/robot/scripts/etescript/vnfsdk-etescript.sh
index 19864d438c..a93f109085 100755
--- a/kubernetes/robot/scripts/etescript/vnfsdk-etescript.sh
+++ b/kubernetes/robot/scripts/etescript/vnfsdk-etescript.sh
@@ -35,7 +35,7 @@ copy_package_certs_to_robot () {
mkdir "$DIR/$SCRIPTDIR/tmp"
cd "$DIR/$SCRIPTDIR/tmp"
-if [[ -f rootCA-robot-$SDCVALID.cert && -f package-robot-$SDCVALID.cert && -f package-robot-$SDCINVALID.cert && -f package-private-robot-$SDCVALID.key && -f package-private-robot-$SDCINVALID.key ]]; then
+if [ -f rootCA-robot-$SDCVALID.cert ] && [ -f package-robot-$SDCVALID.cert ] && [ -f package-robot-$SDCINVALID.cert ] && [ -f package-private-robot-$SDCVALID.key ] && [ -f package-private-robot-$SDCINVALID.key ]; then
echo "All files are present";
else
generate_ca_key_cert_and_package_cert_issued_by_CA $SDCVALID
diff --git a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml
index 28e9c1369c..346534ce57 100644
--- a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml
@@ -119,8 +119,7 @@ spec:
livenessProbe:
httpGet:
path: /sdc2/rest/healthCheck
- port: {{ .Values.liveness.port }}
- scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }}
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
@@ -128,9 +127,9 @@ spec:
failureThreshold: {{ .Values.liveness.failureThreshold }}
{{ end }}
readinessProbe:
- exec:
- command:
- - "/var/lib/jetty/ready-probe.sh"
+ httpGet:
+ path: /sdc2/rest/healthCheck
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
@@ -138,9 +137,9 @@ spec:
failureThreshold: {{ .Values.readiness.failureThreshold }}
resources: {{ include "common.resources" . | nindent 12 }}
startupProbe:
- exec:
- command:
- - "/var/lib/jetty/ready-probe.sh"
+ httpGet:
+ path: /sdc2/rest/healthCheck
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
periodSeconds: {{ .Values.startup.periodSeconds }}
timeoutSeconds: {{ .Values.startup.timeoutSeconds }}
@@ -160,12 +159,12 @@ spec:
fieldPath: status.podIP
volumeMounts:
- name: sdc-environments-output
- mountPath: /var/lib/jetty/chef-solo/environments/
+ mountPath: /app/jetty/chef-solo/environments/
- name: sdc-environments-output
- mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.p12
+ mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.p12
subPath: org.onap.sdc.p12
- name: sdc-environments-output
- mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.trust.jks
+ mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.trust.jks
subPath: org.onap.sdc.trust.jks
- name: {{ include "common.fullname" . }}-localtime
mountPath: /etc/localtime
@@ -178,7 +177,7 @@ spec:
lifecycle:
postStart:
exec:
- command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/var/lib/jetty/config/catalog-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
+ command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/app/jetty/config/catalog-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
# side car containers
- name: {{ include "common.name" . }}-filebeat-onap
image: {{ include "repositoryGenerator.image.logging" . }}
diff --git a/kubernetes/sdc/components/sdc-be/templates/job.yaml b/kubernetes/sdc/components/sdc-be/templates/job.yaml
index b9db3f93c8..aaf8fada28 100644
--- a/kubernetes/sdc/components/sdc-be/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-be/templates/job.yaml
@@ -64,7 +64,7 @@ spec:
- name: {{ include "common.fullname" . }}-environments
mountPath: /home/onap/chef-solo/environments/
- name: sdc-logs
- mountPath: /var/lib/jetty/logs
+ mountPath: /home/onap/logs
env:
- name: ENVNAME
value: {{ .Values.env.name }}
diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml
index fc3b53fc50..3e5c58b0bc 100644
--- a/kubernetes/sdc/components/sdc-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-be/values.yaml
@@ -35,8 +35,8 @@ global:
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-backend-all-plugins:1.8.5
-backendInitImage: onap/sdc-backend-init:1.8.5
+image: onap/sdc-backend-all-plugins:1.9.0
+backendInitImage: onap/sdc-backend-init:1.9.0
pullPolicy: Always
@@ -90,7 +90,6 @@ liveness:
failureThreshold: 3
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
- port: api
enabled: true
readiness:
@@ -111,6 +110,7 @@ service:
type: NodePort
name: sdc-be
both_tls_and_plain: true
+ internalPort: 8080
msb:
- port: 8443
url: "/sdc/v1"
diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml
index 3422f9d14d..2308f95fb2 100644
--- a/kubernetes/sdc/components/sdc-cs/values.yaml
+++ b/kubernetes/sdc/components/sdc-cs/values.yaml
@@ -38,8 +38,8 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-cassandra:1.8.5
-cassandraInitImage: onap/sdc-cassandra-init:1.8.5
+image: onap/sdc-cassandra:1.9.0
+cassandraInitImage: onap/sdc-cassandra-init:1.9.0
pullPolicy: Always
config:
diff --git a/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml
index 0a5c0a3445..407d61c904 100644
--- a/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml
@@ -148,12 +148,12 @@ spec:
value: {{ .Values.config.javaOptions }}
volumeMounts:
- name: sdc-environments-output
- mountPath: /var/lib/jetty/chef-solo/environments/
+ mountPath: /app/jetty/chef-solo/environments/
- name: sdc-environments-output
- mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.p12
+ mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.p12
subPath: org.onap.sdc.p12
- name: sdc-environments-output
- mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.trust.jks
+ mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.trust.jks
subPath: org.onap.sdc.trust.jks
- name: {{ include "common.fullname" . }}-localtime
mountPath: /etc/localtime
@@ -161,7 +161,7 @@ spec:
- name: {{ include "common.fullname" . }}-logs
mountPath: /var/log/onap
- name: {{ include "common.fullname" . }}-configs
- mountPath: /var/lib/jetty/config/catalog-fe/plugins-configuration.yaml
+ mountPath: /app/jetty/config/catalog-fe/plugins-configuration.yaml
subPath: plugins-configuration.yaml
- name: {{ include "common.fullname" . }}-logback
mountPath: /tmp/logback.xml
@@ -169,7 +169,7 @@ spec:
lifecycle:
postStart:
exec:
- command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/var/lib/jetty/config/catalog-fe/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
+ command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/app/jetty/config/catalog-fe/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
# side car containers
- name: {{ include "common.name" . }}-filebeat-onap
image: {{ include "repositoryGenerator.image.logging" . }}
diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml
index dde22b5b55..82afc4d3db 100644
--- a/kubernetes/sdc/components/sdc-fe/values.yaml
+++ b/kubernetes/sdc/components/sdc-fe/values.yaml
@@ -47,7 +47,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-frontend:1.8.5
+image: onap/sdc-frontend:1.9.0
pullPolicy: Always
config:
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
index 7251006d38..257f8b79a5 100644
--- a/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
@@ -122,9 +122,9 @@ spec:
- containerPort: {{ .Values.service.internalPort2 }}
{{ if eq .Values.liveness.enabled true }}
livenessProbe:
- exec:
- command:
- - "/var/lib/jetty/ready-probe.sh"
+ httpGet:
+ path: /onboarding-api/v1.0/healthcheck
+ port: {{ .Values.service.internalPort2 }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
@@ -132,18 +132,18 @@ spec:
failureThreshold: {{ .Values.liveness.failureThreshold }}
{{ end }}
readinessProbe:
- exec:
- command:
- - "/var/lib/jetty/ready-probe.sh"
+ httpGet:
+ path: /onboarding-api/v1.0/healthcheck
+ port: {{ .Values.service.internalPort2 }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
successThreshold: {{ .Values.readiness.successThreshold }}
failureThreshold: {{ .Values.readiness.failureThreshold }}
startupProbe:
- exec:
- command:
- - "/var/lib/jetty/ready-probe.sh"
+ httpGet:
+ path: /onboarding-api/v1.0/healthcheck
+ port: {{ .Values.service.internalPort2 }}
initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
periodSeconds: {{ .Values.startup.periodSeconds }}
timeoutSeconds: {{ .Values.startup.timeoutSeconds }}
@@ -173,12 +173,12 @@ spec:
value: {{ .Values.cert.certDir }}
volumeMounts:
- name: sdc-environments-output
- mountPath: /var/lib/jetty/chef-solo/environments/
+ mountPath: /app/jetty/chef-solo/environments/
- name: sdc-environments-output
- mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12
+ mountPath: /app/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12
subPath: org.onap.sdc.p12
- name: sdc-environments-output
- mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks
+ mountPath: /app/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks
subPath: org.onap.sdc.trust.jks
- name: {{ include "common.fullname" . }}-localtime
mountPath: /etc/localtime
@@ -193,7 +193,7 @@ spec:
lifecycle:
postStart:
exec:
- command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/var/lib/jetty/config/onboarding-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
+ command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/app/jetty/config/onboarding-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
# side car containers
- name: {{ include "common.name" . }}-filebeat-onap
image: {{ include "repositoryGenerator.image.logging" . }}
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
index f26a0208b9..f09958e811 100644
--- a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
@@ -59,8 +59,8 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-onboard-backend:1.8.5
-onboardingInitImage: onap/sdc-onboard-cassandra-init:1.8.5
+image: onap/sdc-onboard-backend:1.9.0
+onboardingInitImage: onap/sdc-onboard-cassandra-init:1.9.0
pullPolicy: Always
# flag to enable debugging - application support required
@@ -141,7 +141,7 @@ persistence:
##Certificate storage persistence
##This is temporary solution for SDC-1980
cert:
- certDir: /var/lib/jetty/cert
+ certDir: /app/jetty/cert
persistence:
enabled: true
size: 10Mi
diff --git a/kubernetes/sdc/requirements.yaml b/kubernetes/sdc/requirements.yaml
index 2f2cb6c373..1f9b2d1600 100644
--- a/kubernetes/sdc/requirements.yaml
+++ b/kubernetes/sdc/requirements.yaml
@@ -37,4 +37,4 @@ dependencies:
- name: sdc-helm-validator
version: ~8.x-0
repository: 'file://components/sdc-helm-validator'
- condition: sdc-helm-validator.enabled
+ condition: sdcHelmValidator.enabled
diff --git a/kubernetes/sdc/resources/config/environments/AUTO.json b/kubernetes/sdc/resources/config/environments/AUTO.json
index 79428f73c6..d01f8557f3 100755
--- a/kubernetes/sdc/resources/config/environments/AUTO.json
+++ b/kubernetes/sdc/resources/config/environments/AUTO.json
@@ -46,6 +46,14 @@
"VnfRepo": {
"vnfRepoPort": "{{.Values.config.environment.vnfRepoPort}}",
"vnfRepoHost": "refrepo.{{include "common.namespace" .}}"
+ },
+ "HelmValidator": {
+ "validator_enabled": "{{.Values.sdcHelmValidator.enabled}}",
+ "helm_version": "{{.Values.sdcHelmValidator.helmVersion}}",
+ "deployable": "{{.Values.sdcHelmValidator.deployable}}",
+ "lintable": "{{.Values.sdcHelmValidator.lintable}}",
+ "strict_lintable": "{{.Values.sdcHelmValidator.strictLintable}}",
+ "validator_url": "{{.Values.sdcHelmValidator.url}}"
}
},
"override_attributes": {
diff --git a/kubernetes/sdc/values.yaml b/kubernetes/sdc/values.yaml
index b7476a584e..cd3dc1e5fd 100644
--- a/kubernetes/sdc/values.yaml
+++ b/kubernetes/sdc/values.yaml
@@ -63,5 +63,10 @@ cassandra:
# dependency / sub-chart configuration
sdc-wfd:
enabled: true
-sdc-helm-validator:
+sdcHelmValidator:
enabled: true
+ helmVersion: 3.5.2
+ deployable: true
+ lintable: false
+ strictLintable: false
+ url: http://sdc-helm-validator:8080/validate