aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes')
-rw-r--r--kubernetes/aaf/components/Makefile5
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/job.yaml1
-rw-r--r--kubernetes/aaf/components/aaf-sms/values.yaml5
-rw-r--r--kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl4
-rw-r--r--kubernetes/common/common/templates/_serviceMonitor.tpl2
-rw-r--r--kubernetes/common/mariadb-galera/templates/metrics-svc.yaml4
-rw-r--r--kubernetes/common/mariadb-galera/templates/service.yaml17
-rw-r--r--kubernetes/common/mariadb-galera/templates/statefulset.yaml6
-rw-r--r--kubernetes/common/mariadb-galera/values.yaml22
-rw-r--r--kubernetes/common/mariadb-init/templates/job.yaml3
-rw-r--r--kubernetes/common/mariadb-init/values.yaml4
-rw-r--r--kubernetes/holmes/components/holmes-engine-mgmt/values.yaml2
-rw-r--r--kubernetes/holmes/components/holmes-rule-mgmt/values.yaml2
-rw-r--r--kubernetes/onap/resources/overrides/environment.yaml2
-rwxr-xr-xkubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh6
-rw-r--r--kubernetes/strimzi/templates/strimzi-kafka.yaml3
16 files changed, 66 insertions, 22 deletions
diff --git a/kubernetes/aaf/components/Makefile b/kubernetes/aaf/components/Makefile
index f4c9784bc4..4a15d0251b 100644
--- a/kubernetes/aaf/components/Makefile
+++ b/kubernetes/aaf/components/Makefile
@@ -19,7 +19,10 @@ SECRET_DIR := $(OUTPUT_DIR)/secrets
EXCLUDES :=
HELM_BIN := helm
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+PROCESSED_FIRST := aaf-templates
+TO_FILTER := $(PROCESSED_FIRST) $(EXCLUDES)
+
+HELM_CHARTS := $(PROCESSED_FIRST) $(filter-out $(TO_FILTER), $(sort $(patsubst %/.,%,$(wildcard */.))))
.PHONY: $(EXCLUDES) $(HELM_CHARTS)
diff --git a/kubernetes/aaf/components/aaf-sms/templates/job.yaml b/kubernetes/aaf/components/aaf-sms/templates/job.yaml
index 8dbe276d97..2370cf60de 100644
--- a/kubernetes/aaf/components/aaf-sms/templates/job.yaml
+++ b/kubernetes/aaf/components/aaf-sms/templates/job.yaml
@@ -201,6 +201,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: localtime
hostPath:
diff --git a/kubernetes/aaf/components/aaf-sms/values.yaml b/kubernetes/aaf/components/aaf-sms/values.yaml
index da268ccf06..114ad23672 100644
--- a/kubernetes/aaf/components/aaf-sms/values.yaml
+++ b/kubernetes/aaf/components/aaf-sms/values.yaml
@@ -276,3 +276,8 @@ resources:
cpu: 25m
memory: 100Mi
unlimited: {}
+
+wait_for_job_container:
+ containers:
+ - '{{ include "common.name" . }}-preload'
+
diff --git a/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl
index 50da519a89..c0614b255e 100644
--- a/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl
+++ b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl
@@ -23,6 +23,10 @@ spec:
replicas: {{ .Values.replicaCount }}
template:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+ {{- if (include "common.onServiceMesh" .) }}
+ annotations:
+ sidecar.istio.io/inject: "false"
+ {{- end }}
spec: {{ include "aaf.initContainers" . | nindent 6 }}
containers:
- name: {{ include "common.name" . }}
diff --git a/kubernetes/common/common/templates/_serviceMonitor.tpl b/kubernetes/common/common/templates/_serviceMonitor.tpl
index 81d7a74578..907d9c6a9c 100644
--- a/kubernetes/common/common/templates/_serviceMonitor.tpl
+++ b/kubernetes/common/common/templates/_serviceMonitor.tpl
@@ -135,7 +135,7 @@ spec:
{{- else if $dot.Values.metrics.serviceMonitor.targetPort }}
targetPort: {{ $dot.Values.metrics.serviceMonitor.targetPort }}
{{- else }}
- port: metrics
+ port: tcp-metrics
{{- end }}
{{- if $dot.Values.metrics.serviceMonitor.isHttps }}
scheme: https
diff --git a/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml b/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml
index e71351e9cb..841aab3e17 100644
--- a/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml
+++ b/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml
@@ -27,8 +27,8 @@ metadata:
spec:
type: {{ .Values.metrics.service.type }}
ports:
- - name: metrics
+ - name: tcp-metrics
port: {{ .Values.metrics.service.port }}
- targetPort: metrics
+ targetPort: tcp-metrics
selector: {{- include "common.matchLabels" . | nindent 4 }}
{{- end }}
diff --git a/kubernetes/common/mariadb-galera/templates/service.yaml b/kubernetes/common/mariadb-galera/templates/service.yaml
index 75aff985e5..880bc55612 100644
--- a/kubernetes/common/mariadb-galera/templates/service.yaml
+++ b/kubernetes/common/mariadb-galera/templates/service.yaml
@@ -18,3 +18,20 @@
{{ include "common.service" . }}
---
{{ include "common.headlessService" . }}
+{{- if (include "common.onServiceMesh" .) }}
+{{- if eq (default "istio" .Values.global.serviceMesh.engine) "istio" }}
+---
+apiVersion: security.istio.io/v1beta1
+kind: PeerAuthentication
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.servicename" . }}
+ portLevelMtls:
+ {{ .Values.service.internalPort }}:
+ mode: DISABLE
+{{- end}}
+{{- end}}
diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml
index 22832c936d..c95b572465 100644
--- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml
+++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml
@@ -197,12 +197,12 @@ spec:
- |
DATA_SOURCE_NAME="$MARIADB_ROOT_USER:$MARIADB_ROOT_PASSWORD@(localhost:3306)/" /bin/mysqld_exporter $MARIADB_METRICS_EXTRA_FLAGS
ports:
- - name: metrics
+ - name: tcp-metrics
containerPort: 9104
livenessProbe:
httpGet:
path: /metrics
- port: metrics
+ port: tcp-metrics
initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }}
@@ -211,7 +211,7 @@ spec:
readinessProbe:
httpGet:
path: /metrics
- port: metrics
+ port: tcp-metrics
initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }}
diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml
index 38f3e6e423..d719fb30bd 100644
--- a/kubernetes/common/mariadb-galera/values.yaml
+++ b/kubernetes/common/mariadb-galera/values.yaml
@@ -89,14 +89,14 @@ service:
headless: {}
internalPort: &dbPort 3306
ports:
- - name: mysql
+ - name: tcp-mysql
port: *dbPort
headlessPorts:
- - name: galera
+ - name: tcp-galera
port: 4567
- - name: ist
+ - name: tcp-ist
port: 4568
- - name: sst
+ - name: tcp-sst
port: 4444
@@ -380,8 +380,12 @@ updateStrategy:
## Additional pod annotations for MariaDB Galera pods
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+## -> here required to enable mariadb-galera in istio
##
-podAnnotations: {}
+podAnnotations:
+ # sidecar.istio.io/inject: "false"
+ traffic.sidecar.istio.io/excludeInboundPorts: "4568"
+ traffic.sidecar.istio.io/includeInboundPorts: '*'
## Pod affinity preset
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
@@ -504,14 +508,14 @@ livenessProbe:
enabled: true
initialDelaySeconds: 1
periodSeconds: 10
- timeoutSeconds: 1
+ timeoutSeconds: 180
successThreshold: 1
failureThreshold: 3
readinessProbe:
enabled: true
initialDelaySeconds: 1
periodSeconds: 10
- timeoutSeconds: 1
+ timeoutSeconds: 180
successThreshold: 1
failureThreshold: 3
startupProbe:
@@ -520,7 +524,7 @@ startupProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
- timeoutSeconds: 1
+ timeoutSeconds: 180
successThreshold: 1
# will wait up for initialDelaySeconds + failureThreshold*periodSeconds before
# stating startup wasn't good (910s per default)
@@ -644,7 +648,7 @@ metrics:
release: prometheus
## Rules as a map.
- rules: {}
+ rules: []
# - alert: MariaDB-Down
# annotations:
# message: 'MariaDB instance {{ $labels.instance }} is down'
diff --git a/kubernetes/common/mariadb-init/templates/job.yaml b/kubernetes/common/mariadb-init/templates/job.yaml
index 96d1dc54a4..e911d46d12 100644
--- a/kubernetes/common/mariadb-init/templates/job.yaml
+++ b/kubernetes/common/mariadb-init/templates/job.yaml
@@ -59,6 +59,8 @@ spec:
- /bin/sh
- -c
- |
+ {{- if include "common.onServiceMesh" . }}
+ echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
/db_init/db_init.sh {{ if or .Values.dbScriptConfigMap .Values.dbScript }} &&
/db_config/db_cmd.sh{{ end }}
env:
@@ -91,6 +93,7 @@ spec:
{{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
diff --git a/kubernetes/common/mariadb-init/values.yaml b/kubernetes/common/mariadb-init/values.yaml
index b2c0a05e46..9104dd84d6 100644
--- a/kubernetes/common/mariadb-init/values.yaml
+++ b/kubernetes/common/mariadb-init/values.yaml
@@ -117,3 +117,7 @@ resources:
cpu: 20m
memory: 20Mi
unlimited: {}
+
+wait_for_job_container:
+ containers:
+ - '{{ include "common.name" . }}'
diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml
index 5781dabb85..29e50d6523 100644
--- a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml
+++ b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml
@@ -28,7 +28,7 @@ global:
# Application configuration defaults.
#################################################################
# application image
-image: onap/holmes/engine-management:10.0.3
+image: onap/holmes/engine-management:10.0.4
consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
#################################################################
diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml
index fbe873b184..85ed5a8dde 100644
--- a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml
+++ b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml
@@ -28,7 +28,7 @@ global:
# Application configuration defaults.
#################################################################
# application image
-image: onap/holmes/rule-management:10.0.3
+image: onap/holmes/rule-management:10.0.4
consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
#################################################################
diff --git a/kubernetes/onap/resources/overrides/environment.yaml b/kubernetes/onap/resources/overrides/environment.yaml
index 50703fbf4a..c9ae94a136 100644
--- a/kubernetes/onap/resources/overrides/environment.yaml
+++ b/kubernetes/onap/resources/overrides/environment.yaml
@@ -136,7 +136,7 @@ dmaap:
initialDelaySeconds: 120
mariadb-galera:
liveness:
- initialDelaySeconds: 180
+ initialDelaySeconds: 30
periodSeconds: 60
mariadb-galera-server:
liveness:
diff --git a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh
index 099103ca79..d92a1049e3 100755
--- a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh
+++ b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
{{/*
# Copyright © 2018 Amdocs
@@ -33,8 +33,8 @@ failover(){
debugLog "Currently running sdnc and dns failover"
return
fi
- trap "rm -f ${lockFile}" INT TERM RETURN
- echo $BASHPID > ${lockFile}
+ trap "rm -f ${lockFile}" INT TERM EXIT
+ echo $$ > ${lockFile}
# perform takeover
debugLog "Started executing sdnc.failover for $SITE_NAME"
diff --git a/kubernetes/strimzi/templates/strimzi-kafka.yaml b/kubernetes/strimzi/templates/strimzi-kafka.yaml
index 5f1e7303d9..06802da968 100644
--- a/kubernetes/strimzi/templates/strimzi-kafka.yaml
+++ b/kubernetes/strimzi/templates/strimzi-kafka.yaml
@@ -89,6 +89,9 @@ spec:
replicas: {{ .Values.replicaCount }}
config:
ssl.hostnameVerification: false
+ {{- if (include "common.onServiceMesh" .) }}
+ sslQuorum: false
+ {{- end }}
storage:
type: persistent-claim
size: {{ .Values.persistenceZk.size }}