aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes')
-rw-r--r--kubernetes/aai/charts/aai-babel/resources/config/filter-types.properties1
-rw-r--r--kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json21
-rw-r--r--kubernetes/aai/charts/aai-babel/templates/deployment.yaml8
-rw-r--r--kubernetes/aai/charts/aai-champ/resources/fproxy/config/auth/tomcat_keystorebin3659 -> 0 bytes
-rw-r--r--kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/client-cert.p12bin2556 -> 0 bytes
-rw-r--r--kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json16
-rw-r--r--kubernetes/aai/charts/aai-champ/resources/rproxy/config/cadi.properties20
-rw-r--r--kubernetes/aai/charts/aai-champ/resources/rproxy/config/security/keyfile27
-rw-r--r--kubernetes/aai/charts/aai-champ/templates/deployment.yaml36
-rw-r--r--kubernetes/aai/charts/aai-champ/templates/secrets.yaml18
-rw-r--r--kubernetes/aai/charts/aai-champ/values.yaml1
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12bin2556 -> 0 bytes
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystorebin3594 -> 0 bytes
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json10
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties22
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile27
-rw-r--r--kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml33
-rw-r--r--kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml18
-rw-r--r--kubernetes/aai/charts/aai-gizmo/values.yaml1
-rw-r--r--kubernetes/aai/resources/config/fproxy/auth/client-cert.p12 (renamed from kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12)bin3591 -> 3591 bytes
-rw-r--r--kubernetes/aai/resources/config/fproxy/auth/fproxy_truststorebin0 -> 4639 bytes
-rw-r--r--kubernetes/aai/resources/config/fproxy/auth/tomcat_keystore (renamed from kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystore)bin2214 -> 2214 bytes
-rw-r--r--kubernetes/aai/resources/config/rproxy/auth/client-cert.p12 (renamed from kubernetes/aai/charts/aai-champ/resources/fproxy/config/auth/client-cert.p12)bin2556 -> 2556 bytes
-rw-r--r--kubernetes/aai/resources/config/rproxy/auth/org.onap.aai.p12bin0 -> 4158 bytes
-rw-r--r--kubernetes/aai/resources/config/rproxy/auth/tomcat_keystore (renamed from kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/tomcat_keystore)bin3594 -> 3594 bytes
-rw-r--r--kubernetes/aai/resources/config/rproxy/security/keyfile27
-rw-r--r--kubernetes/aai/templates/configmap.yaml30
-rw-r--r--kubernetes/appc/charts/appc-ansible-server/values.yaml2
-rwxr-xr-xkubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh77
-rw-r--r--kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml2
-rw-r--r--kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml5
-rw-r--r--kubernetes/dcaegen2/charts/dcae-config-binding-service/Chart.yaml21
-rw-r--r--kubernetes/dcaegen2/charts/dcae-config-binding-service/requirements.yaml19
-rw-r--r--kubernetes/dcaegen2/charts/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml72
-rw-r--r--kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/configmap.yaml26
-rw-r--r--kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml103
-rw-r--r--kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml43
-rw-r--r--kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml89
-rw-r--r--kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml2
-rw-r--r--kubernetes/dcaegen2/charts/dcae-servicechange-handler/Chart.yaml21
-rw-r--r--kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/Chart.yaml21
-rw-r--r--kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/requirements.yaml22
-rw-r--r--kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/resources/config/config.json34
-rw-r--r--kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/configmap.yaml26
-rw-r--r--kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/deployment.yaml94
-rw-r--r--kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/service.yaml43
-rw-r--r--kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/values.yaml124
-rw-r--r--kubernetes/dcaegen2/charts/dcae-servicechange-handler/requirements.yaml19
-rw-r--r--kubernetes/dcaegen2/charts/dcae-servicechange-handler/resources/config/config.json22
-rw-r--r--kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/configmap.yaml26
-rw-r--r--kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/deployment.yaml95
-rw-r--r--kubernetes/dcaegen2/charts/dcae-servicechange-handler/values.yaml97
-rw-r--r--kubernetes/dmaap/charts/dmaap-bus-controller/resources/config/dmaapbc.properties9
-rw-r--r--kubernetes/dmaap/charts/dmaap-bus-controller/templates/deployment.yaml4
-rw-r--r--kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml4
-rw-r--r--kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/application.properties2
-rw-r--r--kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/logback.xml264
-rw-r--r--kubernetes/pomba/charts/pomba-aaictxbuilder/templates/deployment.yaml12
-rwxr-xr-xkubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/aai.properties2
-rw-r--r--kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties7
-rwxr-xr-xkubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml10
-rwxr-xr-xkubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml2
-rwxr-xr-xkubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml4
-rwxr-xr-xkubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml5
-rwxr-xr-xkubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml18
-rwxr-xr-xkubernetes/so/resources/config/overrides/override.yaml4
66 files changed, 1324 insertions, 444 deletions
diff --git a/kubernetes/aai/charts/aai-babel/resources/config/filter-types.properties b/kubernetes/aai/charts/aai-babel/resources/config/filter-types.properties
deleted file mode 100644
index fcf139f644..0000000000
--- a/kubernetes/aai/charts/aai-babel/resources/config/filter-types.properties
+++ /dev/null
@@ -1 +0,0 @@
-AAI.instance-group-types=org.openecomp.groups.NetworkCollection,org.openecomp.groups.VfcInstanceGroup
diff --git a/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json b/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json
new file mode 100644
index 0000000000..9c3d0b4b27
--- /dev/null
+++ b/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json
@@ -0,0 +1,21 @@
+{
+ "instanceGroupTypes": [
+ "org.openecomp.groups.NetworkCollection",
+ "org.openecomp.groups.VfcInstanceGroup",
+ "org.openecomp.groups.ResourceInstanceGroup"
+ ],
+ "toscaToWidgetMappings": {
+ "org.openecomp.resource.vf.allottedResource": "AllotedResource",
+ "org.openecomp.resource.vfc.AllottedResource": "ProvidingService",
+ "org.openecomp.resource.vfc": "VServerWidget",
+ "org.openecomp.resource.cp": "LIntfWidget",
+ "org.openecomp.cp": "LIntfWidget",
+ "org.openecomp.resource.vl": "L3Network",
+ "org.openecomp.resource.vf": "VirtualFunction",
+ "org.openecomp.groups.vfmodule": "VfModule",
+ "org.openecomp.groups.VfModule": "VfModule",
+ "org.openecomp.resource.vfc.nodes.heat.cinder": "VolumeWidget",
+ "org.openecomp.nodes.PortMirroringConfiguration": "Configuration",
+ "org.openecomp.resource.cr.Kk1806Cr1": "CR"
+ }
+}
diff --git a/kubernetes/aai/charts/aai-babel/templates/deployment.yaml b/kubernetes/aai/charts/aai-babel/templates/deployment.yaml
index 5ac0792a2a..4f0e9dd2c4 100644
--- a/kubernetes/aai/charts/aai-babel/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-babel/templates/deployment.yaml
@@ -84,9 +84,9 @@ spec:
- mountPath: /opt/app/babel/config/artifact-generator.properties
name: {{ include "common.fullname" . }}-config
subPath: artifact-generator.properties
- - mountPath: /opt/app/babel/config/filter-types.properties
+ - mountPath: /opt/app/babel/config/tosca-mappings.json
name: {{ include "common.fullname" . }}-config
- subPath: filter-types.properties
+ subPath: tosca-mappings.json
- mountPath: /opt/app/babel/config/babel-auth.properties
name: {{ include "common.fullname" . }}-config
subPath: babel-auth.properties
@@ -204,8 +204,8 @@ spec:
items:
- key: artifact-generator.properties
path: artifact-generator.properties
- - key: filter-types.properties
- path: filter-types.properties
+ - key: tosca-mappings.json
+ path: tosca-mappings.json
- key: babel-auth.properties
path: babel-auth.properties
- key: logback.xml
diff --git a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-champ/resources/fproxy/config/auth/tomcat_keystore
deleted file mode 100644
index f3ac0701a2..0000000000
--- a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/auth/tomcat_keystore
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/client-cert.p12
deleted file mode 100644
index dbf4fcacec..0000000000
--- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/client-cert.p12
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json
index 2865e01cd6..ca34049ec2 100644
--- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json
+++ b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json
@@ -82,18 +82,18 @@
"permissions": [
"test\\.auth\\.access\\|services\\|GET,PUT",
"\\|services\\|GET"
- ]
+ ]
},
{
"uri": "\/services\/inventory\/.*",
"permissions": [
- "org\\.access\\|\\*\\|\\*"
- ]
+ "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+ ]
},
{
- "uri": "\/services\/champ-service\/.*",
- "permissions": [
- "org\\.access\\|\\*\\|\\*"
- ]
- }
+ "uri": "\/services\/champ-service\/.*",
+ "permissions": [
+ "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+ ]
+ }
]
diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/cadi.properties b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/cadi.properties
index 33daa73b67..1878a4de70 100644
--- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/cadi.properties
+++ b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/cadi.properties
@@ -9,13 +9,27 @@
#hostname=test.aic.cip.att.com
cadi_loglevel=DEBUG
-cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+# OAuth2
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+
+cadi_latitude=37.78187
+cadi_longitude=-122.26147
+
+# Locate URL (which AAF Env)
+aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
+
+# AAF URL
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+
+cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12
+cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV
+cadi_alias=aai@aai.onap.org
cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
-# Configure AAF
-aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}}
aaf_env=DEV
aaf_id=demo@people.osaaf.org
diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/security/keyfile b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/security/keyfile
deleted file mode 100644
index 6cd12fcfb4..0000000000
--- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/security/keyfile
+++ /dev/null
@@ -1,27 +0,0 @@
-bZNOXiGDJ2_eiKBKWYLIFx27URvb-SWfmOl2d-QKetcVKIupOrsG-ScS_VXOtKN3Yxfb2cR6t7oM
-1RNpDnhsKAxDLM6A62IkS_h_Rp3Q9c2JeyomVmyiuHR7a2ARbelaMrX8WDrxXI_t9ce4pIHDVE29
-xiQm3Bdp7d7IiKkgg-ipvOU7Y6NEzeQbvHlHvRTJ3ZZMSwHxBOA5M8DhKN-AF1sqwozEVaNAuJxK
-BVdh72A6KTW7ieb_GvVQQp8h32BuOz8oJhZV7KaGXsWTEvXg9ImboY0h7Sl9hufgn1ZtDK1jxzGm
-6O6LBg1qezzZaFGTXRmHvaeYmEeYSu0bGsU4x-JCU0RyhNTzFhkhjNoccaqPXBdcJymLf096mD99
-QLS8nyji_KtLQJL1fqr500c8p6SOURLPgG6Gzkn4ghgFYlfgve92xs1R3ggHKhNTLV4HJ4O6iSDm
-zCoHeRbsZR1JER9yxT-v8NtcHOMAZe1oDQeY6jVyxb-bhaonN6eZPI4nyF6MHJQtWKhGARC_kOs6
-x9E0ZdAEp5TrX7F7J5PwkXzbCOuSiTVftOBum43iUB4q9He8tn2tJ0X4LtLHT3bPl16wWnZm9RPf
-8wBtTJh4QP_cTStPq1ftSaLIAuqVFpbiC2DxGemXZn3QvykuYqa-rKeYPoIJ5dtWd5rNb_hhcSIz
-FakKTELb0HWYGji98TBF6PaStea2f2m-wGX_uQGD7_Dijl6AgnV9koKVs1bN1XljLtNMPbLdD8sz
-UCvc5lwvCFyyeunljI7os1fgwBmaMyckflq5VfZv9kFxom6jFLbcozylQ_uBg4j7oCP79IXVUI-r
-banZltOSmm8zHGc2R9UlUyxJWBi01yxwi1hUtn9g1H4RtncQpu3BY0Qvu5YLAmS5imivUnGVZWbv
-6wcqnJt5HwaVatE9NHONSLNTViQPsUOutWZBZxhJtAncdZuWOYZSh4TPzUJWvt6zT0E3YMBc_UuG
-yPmdLyqo7qGHR8YWRqq_vq6ISJqENMnVD6X9-BeI6KM4GPEAlDWyhgENXxQFjG45ufg3UpP8LBTB
-xDntlfkphRumsd13-8IlvwVtlpgnbuCMbwP_-lNVeNJcdA1InPt79oY-SEVZ-RVM1881ZASCnFeB
-lh3BTc_bGQ8YoC9s6iHtcCK_1SdbwzBfQBJUqqcYsa8hJLe-j8di7KCaFzI3a-UXWKuuWljpbKbq
-ibd48UFJt_34_GxkD6bmLxycuNH-og2Sd2VcYU0o5UarcrY4-2sgFPE7Mzxovrl98uayfgNF9DqE
-fJ4MwFGqLRtEHlm4zfuMxQ5Rh_giMUHDJApc1DYRkxdGbNUd4bC4aRBln2IhN-rNKbSVtiW_uT6v
-1KTMGmElvktjPWybJd2SvhT5qOLUM81-cmZzAsNa04jxZLBlQn_1fel3IroVos4Ohbdhar2NG6T5
-liten9RZ9P4Cg9RWhgeQonAD5kqLWXAHnCfffb5CVcAU5PHqkCgCbdThvD0-zIGETLO9AE0jKISc
-0o67CUZn3MzJ9pP_3gh-ALr2w-KAwqasqCf0igf1wmEDijv9wEDcgDm39ERIElTpGKgfyuVl4F8u
-PrpK5ZfpUYySUB6CZFQVVz0MvH6E7orQk4dCKFIimV_XwEtGijBttrTvyV6xYNScAEw_olt-0mdm
-8UEKSsuqSyDMxUWLjKJT19rNedahYJNtI87WR9Fhhjsrai9Or3a-srOYa56wcvSj2ZHbkevbO9Xv
-dQ2wzWCGEAMQSpSr83n0XEpR2pZT19Z19Svbhr08mnt2JNykCk60FLCeDTUOylJtYw6YOjqBizQZ
--85B51BCbSEaAKJkgT9-8n_-LGW5aPBrBB_9FT7UIYczNEt3B1Lqr2s4ipPI_36JecEfqaS2cNLn
-c0ObAtNGAONkhO5LYLneMR3fZPMFuOX1-rMObPgE0i9dYqWDZ_30w9rpRsmiWyxYi5lvWDxU5L1J
-uJxwREz3oa_VgpSC3Y2oxCufdQwzBk57iVLDOb1qs_Hwj1SWd1nukWyAo2-g5sR1folAEcao \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-champ/templates/deployment.yaml b/kubernetes/aai/charts/aai-champ/templates/deployment.yaml
index aa9157fe47..537763a6db 100644
--- a/kubernetes/aai/charts/aai-champ/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-champ/templates/deployment.yaml
@@ -31,12 +31,6 @@ spec:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
- {{ if .Values.global.installSidecarSecurity }}
- hostAliases:
- - ip: {{ .Values.global.aaf.serverIp }}
- hostnames:
- - {{ .Values.global.aaf.serverHostname }}
- {{ end }}
initContainers:
- command:
- /root/ready.py
@@ -163,18 +157,18 @@ spec:
- name: {{ include "common.fullname" . }}-rproxy-log-config
mountPath: /opt/app/rproxy/config/logback-spring.xml
subPath: logback-spring.xml
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
subPath: tomcat_keystore
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
mountPath: /opt/app/rproxy/config/auth/client-cert.p12
subPath: client-cert.p12
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12
+ subPath: org.onap.aai.p12
- name: {{ include "common.fullname" . }}-rproxy-auth-config
mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
subPath: uri-authorization.json
- #- name: {{ include "common.fullname" . }}-rproxy-auth-config
- # mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
- # subPath: aaf_truststore.jks
- name: {{ include "common.fullname" . }}-rproxy-security-config
mountPath: /opt/app/rproxy/config/security/keyfile
subPath: keyfile
@@ -189,7 +183,9 @@ spec:
- name: CONFIG_HOME
value: "/opt/app/fproxy/config"
- name: KEY_STORE_PASSWORD
- value: {{ .Values.config.keyStorePassword }}
+ value: {{ .Values.config.keyStorePassword }}
+ - name: TRUST_STORE_PASSWORD
+ value: {{ .Values.config.trustStorePassword }}
- name: spring_profiles_active
value: {{ .Values.global.fproxy.activeSpringProfiles }}
volumeMounts:
@@ -199,10 +195,13 @@ spec:
- name: {{ include "common.fullname" . }}-fproxy-log-config
mountPath: /opt/app/fproxy/config/logback-spring.xml
subPath: logback-spring.xml
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
subPath: tomcat_keystore
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+ mountPath: /opt/app/fproxy/config/auth/fproxy_truststore
+ subPath: fproxy_truststore
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
mountPath: /opt/app/fproxy/config/auth/client-cert.p12
subPath: client-cert.p12
ports:
@@ -251,18 +250,21 @@ spec:
- name: {{ include "common.fullname" . }}-rproxy-auth-config
secret:
secretName: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ secret:
+ secretName: aai-rproxy-auth-certs
- name: {{ include "common.fullname" . }}-rproxy-security-config
secret:
- secretName: {{ include "common.fullname" . }}-rproxy-security-config
+ secretName: aai-rproxy-security-config
- name: {{ include "common.fullname" . }}-fproxy-config
configMap:
name: {{ include "common.fullname" . }}-fproxy-config
- name: {{ include "common.fullname" . }}-fproxy-log-config
configMap:
name: {{ include "common.fullname" . }}-fproxy-log-config
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
secret:
- secretName: {{ include "common.fullname" . }}-fproxy-auth-config
+ secretName: aai-fproxy-auth-certs
{{ end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aai/charts/aai-champ/templates/secrets.yaml b/kubernetes/aai/charts/aai-champ/templates/secrets.yaml
index a0a1519c26..b0a62f63f6 100644
--- a/kubernetes/aai/charts/aai-champ/templates/secrets.yaml
+++ b/kubernetes/aai/charts/aai-champ/templates/secrets.yaml
@@ -42,27 +42,9 @@ data:
apiVersion: v1
kind: Secret
metadata:
- name: {{ include "common.fullname" . }}-fproxy-auth-config
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
name: {{ include "common.fullname" . }}-rproxy-auth-config
namespace: {{ include "common.namespace" . }}
type: Opaque
data:
{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-rproxy-security-config
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }}
{{ end }} \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-champ/values.yaml b/kubernetes/aai/charts/aai-champ/values.yaml
index b865b0050e..b1ce34dd1d 100644
--- a/kubernetes/aai/charts/aai-champ/values.yaml
+++ b/kubernetes/aai/charts/aai-champ/values.yaml
@@ -33,6 +33,7 @@ flavor: small
config:
keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+ trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
# default number of instances
replicaCount: 1
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12
deleted file mode 100644
index dbf4fcacec..0000000000
--- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore
deleted file mode 100644
index 99129c145f..0000000000
--- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json
index e468b3d7bd..54d5de2721 100644
--- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json
@@ -82,18 +82,18 @@
"permissions": [
"test\\.auth\\.access\\|services\\|GET,PUT",
"\\|services\\|GET"
- ]
+ ]
},
{
"uri": "\/services\/inventory\/.*",
"permissions": [
- "org\\.access\\|\\*\\|\\*"
- ]
+ "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+ ]
},
{
"uri": "\/services\/gizmo\/.*",
"permissions": [
- "org\\.access\\|\\*\\|\\*"
- ]
+ "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+ ]
}
]
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties
index a82e38caf6..51ac56a88d 100644
--- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties
@@ -9,17 +9,31 @@
#hostname=test.aic.cip.att.com
cadi_loglevel=DEBUG
-cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+# OAuth2
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+
+cadi_latitude=37.78187
+cadi_longitude=-122.26147
+
+# Locate URL (which AAF Env)
+aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
+
+# AAF URL
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+
+cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12
+cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV
+cadi_alias=aai@aai.onap.org
cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
-# Configure AAF
-aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}}
aaf_env=DEV
aaf_id=demo@people.osaaf.org
aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz
# This is a colon separated list of client cert issuers
-cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA
+cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile
deleted file mode 100644
index 6cd12fcfb4..0000000000
--- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile
+++ /dev/null
@@ -1,27 +0,0 @@
-bZNOXiGDJ2_eiKBKWYLIFx27URvb-SWfmOl2d-QKetcVKIupOrsG-ScS_VXOtKN3Yxfb2cR6t7oM
-1RNpDnhsKAxDLM6A62IkS_h_Rp3Q9c2JeyomVmyiuHR7a2ARbelaMrX8WDrxXI_t9ce4pIHDVE29
-xiQm3Bdp7d7IiKkgg-ipvOU7Y6NEzeQbvHlHvRTJ3ZZMSwHxBOA5M8DhKN-AF1sqwozEVaNAuJxK
-BVdh72A6KTW7ieb_GvVQQp8h32BuOz8oJhZV7KaGXsWTEvXg9ImboY0h7Sl9hufgn1ZtDK1jxzGm
-6O6LBg1qezzZaFGTXRmHvaeYmEeYSu0bGsU4x-JCU0RyhNTzFhkhjNoccaqPXBdcJymLf096mD99
-QLS8nyji_KtLQJL1fqr500c8p6SOURLPgG6Gzkn4ghgFYlfgve92xs1R3ggHKhNTLV4HJ4O6iSDm
-zCoHeRbsZR1JER9yxT-v8NtcHOMAZe1oDQeY6jVyxb-bhaonN6eZPI4nyF6MHJQtWKhGARC_kOs6
-x9E0ZdAEp5TrX7F7J5PwkXzbCOuSiTVftOBum43iUB4q9He8tn2tJ0X4LtLHT3bPl16wWnZm9RPf
-8wBtTJh4QP_cTStPq1ftSaLIAuqVFpbiC2DxGemXZn3QvykuYqa-rKeYPoIJ5dtWd5rNb_hhcSIz
-FakKTELb0HWYGji98TBF6PaStea2f2m-wGX_uQGD7_Dijl6AgnV9koKVs1bN1XljLtNMPbLdD8sz
-UCvc5lwvCFyyeunljI7os1fgwBmaMyckflq5VfZv9kFxom6jFLbcozylQ_uBg4j7oCP79IXVUI-r
-banZltOSmm8zHGc2R9UlUyxJWBi01yxwi1hUtn9g1H4RtncQpu3BY0Qvu5YLAmS5imivUnGVZWbv
-6wcqnJt5HwaVatE9NHONSLNTViQPsUOutWZBZxhJtAncdZuWOYZSh4TPzUJWvt6zT0E3YMBc_UuG
-yPmdLyqo7qGHR8YWRqq_vq6ISJqENMnVD6X9-BeI6KM4GPEAlDWyhgENXxQFjG45ufg3UpP8LBTB
-xDntlfkphRumsd13-8IlvwVtlpgnbuCMbwP_-lNVeNJcdA1InPt79oY-SEVZ-RVM1881ZASCnFeB
-lh3BTc_bGQ8YoC9s6iHtcCK_1SdbwzBfQBJUqqcYsa8hJLe-j8di7KCaFzI3a-UXWKuuWljpbKbq
-ibd48UFJt_34_GxkD6bmLxycuNH-og2Sd2VcYU0o5UarcrY4-2sgFPE7Mzxovrl98uayfgNF9DqE
-fJ4MwFGqLRtEHlm4zfuMxQ5Rh_giMUHDJApc1DYRkxdGbNUd4bC4aRBln2IhN-rNKbSVtiW_uT6v
-1KTMGmElvktjPWybJd2SvhT5qOLUM81-cmZzAsNa04jxZLBlQn_1fel3IroVos4Ohbdhar2NG6T5
-liten9RZ9P4Cg9RWhgeQonAD5kqLWXAHnCfffb5CVcAU5PHqkCgCbdThvD0-zIGETLO9AE0jKISc
-0o67CUZn3MzJ9pP_3gh-ALr2w-KAwqasqCf0igf1wmEDijv9wEDcgDm39ERIElTpGKgfyuVl4F8u
-PrpK5ZfpUYySUB6CZFQVVz0MvH6E7orQk4dCKFIimV_XwEtGijBttrTvyV6xYNScAEw_olt-0mdm
-8UEKSsuqSyDMxUWLjKJT19rNedahYJNtI87WR9Fhhjsrai9Or3a-srOYa56wcvSj2ZHbkevbO9Xv
-dQ2wzWCGEAMQSpSr83n0XEpR2pZT19Z19Svbhr08mnt2JNykCk60FLCeDTUOylJtYw6YOjqBizQZ
--85B51BCbSEaAKJkgT9-8n_-LGW5aPBrBB_9FT7UIYczNEt3B1Lqr2s4ipPI_36JecEfqaS2cNLn
-c0ObAtNGAONkhO5LYLneMR3fZPMFuOX1-rMObPgE0i9dYqWDZ_30w9rpRsmiWyxYi5lvWDxU5L1J
-uJxwREz3oa_VgpSC3Y2oxCufdQwzBk57iVLDOb1qs_Hwj1SWd1nukWyAo2-g5sR1folAEcao \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml b/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml
index 0a30388279..ba90fdc76b 100644
--- a/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml
@@ -32,11 +32,6 @@ spec:
release: {{ .Release.Name }}
spec:
{{ if .Values.global.installSidecarSecurity }}
- hostAliases:
- - ip: {{ .Values.global.aaf.serverIp }}
- hostnames:
- - {{ .Values.global.aaf.serverHostname }}
-
initContainers:
- name: {{ .Values.global.tproxyConfig.name }}
image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}"
@@ -154,18 +149,18 @@ spec:
- name: {{ include "common.fullname" . }}-rproxy-log-config
mountPath: /opt/app/rproxy/config/logback-spring.xml
subPath: logback-spring.xml
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
subPath: tomcat_keystore
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
mountPath: /opt/app/rproxy/config/auth/client-cert.p12
subPath: client-cert.p12
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12
+ subPath: org.onap.aai.p12
- name: {{ include "common.fullname" . }}-rproxy-auth-config
mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
subPath: uri-authorization.json
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
- mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
- subPath: aaf_truststore.jks
- name: {{ include "common.fullname" . }}-rproxy-security-config
mountPath: /opt/app/rproxy/config/security/keyfile
subPath: keyfile
@@ -181,6 +176,8 @@ spec:
value: "/opt/app/fproxy/config"
- name: KEY_STORE_PASSWORD
value: {{ .Values.config.keyStorePassword }}
+ - name: TRUST_STORE_PASSWORD
+ value: {{ .Values.config.trustStorePassword }}
- name: spring_profiles_active
value: {{ .Values.global.fproxy.activeSpringProfiles }}
volumeMounts:
@@ -190,10 +187,13 @@ spec:
- name: {{ include "common.fullname" . }}-fproxy-log-config
mountPath: /opt/app/fproxy/config/logback-spring.xml
subPath: logback-spring.xml
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
subPath: tomcat_keystore
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+ mountPath: /opt/app/fproxy/config/auth/fproxy_truststore
+ subPath: fproxy_truststore
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
mountPath: /opt/app/fproxy/config/auth/client-cert.p12
subPath: client-cert.p12
ports:
@@ -245,18 +245,21 @@ spec:
- name: {{ include "common.fullname" . }}-rproxy-auth-config
secret:
secretName: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ secret:
+ secretName: aai-rproxy-auth-certs
- name: {{ include "common.fullname" . }}-rproxy-security-config
secret:
- secretName: {{ include "common.fullname" . }}-rproxy-security-config
+ secretName: aai-rproxy-security-config
- name: {{ include "common.fullname" . }}-fproxy-config
configMap:
name: {{ include "common.fullname" . }}-fproxy-config
- name: {{ include "common.fullname" . }}-fproxy-log-config
configMap:
name: {{ include "common.fullname" . }}-fproxy-log-config
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
secret:
- secretName: {{ include "common.fullname" . }}-fproxy-auth-config
+ secretName: aai-fproxy-auth-certs
{{ end }}
imagePullSecrets:
diff --git a/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml b/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml
index 7db76055d1..96c3424476 100644
--- a/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml
+++ b/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml
@@ -46,27 +46,9 @@ data:
apiVersion: v1
kind: Secret
metadata:
- name: {{ include "common.fullname" . }}-fproxy-auth-config
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
name: {{ include "common.fullname" . }}-rproxy-auth-config
namespace: {{ include "common.namespace" . }}
type: Opaque
data:
{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-rproxy-security-config
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }}
{{ end }}
diff --git a/kubernetes/aai/charts/aai-gizmo/values.yaml b/kubernetes/aai/charts/aai-gizmo/values.yaml
index 599bc5548f..420e59879e 100644
--- a/kubernetes/aai/charts/aai-gizmo/values.yaml
+++ b/kubernetes/aai/charts/aai-gizmo/values.yaml
@@ -29,6 +29,7 @@ flavor: small
config:
keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+ trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
# default number of instances
replicaCount: 1
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12 b/kubernetes/aai/resources/config/fproxy/auth/client-cert.p12
index 7a4979a7a3..7a4979a7a3 100644
--- a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12
+++ b/kubernetes/aai/resources/config/fproxy/auth/client-cert.p12
Binary files differ
diff --git a/kubernetes/aai/resources/config/fproxy/auth/fproxy_truststore b/kubernetes/aai/resources/config/fproxy/auth/fproxy_truststore
new file mode 100644
index 0000000000..f6ebc75ed8
--- /dev/null
+++ b/kubernetes/aai/resources/config/fproxy/auth/fproxy_truststore
Binary files differ
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystore b/kubernetes/aai/resources/config/fproxy/auth/tomcat_keystore
index 9eec841aa2..9eec841aa2 100644
--- a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystore
+++ b/kubernetes/aai/resources/config/fproxy/auth/tomcat_keystore
Binary files differ
diff --git a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/auth/client-cert.p12 b/kubernetes/aai/resources/config/rproxy/auth/client-cert.p12
index dbf4fcacec..dbf4fcacec 100644
--- a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/auth/client-cert.p12
+++ b/kubernetes/aai/resources/config/rproxy/auth/client-cert.p12
Binary files differ
diff --git a/kubernetes/aai/resources/config/rproxy/auth/org.onap.aai.p12 b/kubernetes/aai/resources/config/rproxy/auth/org.onap.aai.p12
new file mode 100644
index 0000000000..023e2eaac6
--- /dev/null
+++ b/kubernetes/aai/resources/config/rproxy/auth/org.onap.aai.p12
Binary files differ
diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/tomcat_keystore b/kubernetes/aai/resources/config/rproxy/auth/tomcat_keystore
index 99129c145f..99129c145f 100644
--- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/tomcat_keystore
+++ b/kubernetes/aai/resources/config/rproxy/auth/tomcat_keystore
Binary files differ
diff --git a/kubernetes/aai/resources/config/rproxy/security/keyfile b/kubernetes/aai/resources/config/rproxy/security/keyfile
new file mode 100644
index 0000000000..3416d4a737
--- /dev/null
+++ b/kubernetes/aai/resources/config/rproxy/security/keyfile
@@ -0,0 +1,27 @@
+2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf
+jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm
+4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe
+moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf
+GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT
+74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh
+iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb
+p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt
+3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW
+hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7
+RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX
+xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk
+8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q
+ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i
+5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe
+GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE
+_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k
+zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf
+S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU
+LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw
+hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W
+nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP
+bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN
+JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk
+Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y
+J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP
+mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF \ No newline at end of file
diff --git a/kubernetes/aai/templates/configmap.yaml b/kubernetes/aai/templates/configmap.yaml
index a23ed5fdc7..651bf8dbba 100644
--- a/kubernetes/aai/templates/configmap.yaml
+++ b/kubernetes/aai/templates/configmap.yaml
@@ -72,4 +72,32 @@ type: Opaque
data:
{{ tpl (.Files.Glob "resources/config/aai/*").AsSecrets . | indent 2 }}
-
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-fproxy-auth-certs
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/fproxy/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-rproxy-auth-certs
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/rproxy/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-rproxy-security-config
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/rproxy/security/*").AsSecrets . | indent 2 }}
+{{ end }} \ No newline at end of file
diff --git a/kubernetes/appc/charts/appc-ansible-server/values.yaml b/kubernetes/appc/charts/appc-ansible-server/values.yaml
index 93d4c56e27..66f39ecfb0 100644
--- a/kubernetes/appc/charts/appc-ansible-server/values.yaml
+++ b/kubernetes/appc/charts/appc-ansible-server/values.yaml
@@ -29,7 +29,7 @@ flavor: small
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-ansible-server-image:0.3.2
+image: onap/ccsdk-ansible-server-image:0.3.3
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh
index 6a36fdf37b..ed35de8f77 100755
--- a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh
+++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh
@@ -4,7 +4,7 @@
# ============LICENSE_START=======================================================
# APPC
# ================================================================================
-# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+# Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs,Bell Canada
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -26,6 +26,7 @@
# This script takes care of installing the SDNC & APPC platform components
# if not already installed, and starts the APPC Docker Container
#
+#set -x
function enable_odl_cluster(){
if [ -z $APPC_REPLICAS ]; then
@@ -58,8 +59,6 @@ ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false}
ENABLE_AAF=${ENABLE_AAF:-true}
DBINIT_DIR=${DBINIT_DIR:-/opt/opendaylight/current/daexim}
-appcInstallStartTime=$(date +%s)
-
#
# Wait for database to init properly
#
@@ -86,16 +85,18 @@ END
then
echo "Installing SDNC database"
${SDNC_HOME}/bin/installSdncDb.sh
- fi
- appc_db_exists=$(mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p{{.Values.config.mariadbRootPassword}} mysql <<-END
+ appc_db_exists=$(mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p{{.Values.config.mariadbRootPassword}} mysql <<-END
show databases like 'appcctl';
END
)
- if [ "x${appc_db_exists}" == "x" ]
- then
- echo "Installing APPC database"
- ${APPC_HOME}/bin/installAppcDb.sh
+ if [ "x${appc_db_exists}" == "x" ]
+ then
+ echo "Installing APPC database"
+ ${APPC_HOME}/bin/installAppcDb.sh
+ fi
+ else
+ sleep 30
fi
echo "Installed at `date`" > ${DBINIT_DIR}/.installed
@@ -107,19 +108,15 @@ then
echo "Installing ODL Host Key"
${SDNC_HOME}/bin/installOdlHostKey.sh
+# echo "Copying a working version of the logging configuration into the opendaylight etc folder"
+# cp ${APPC_HOME}/data/org.ops4j.pax.logging.cfg ${ODL_HOME}/etc/org.ops4j.pax.logging.cfg
+
echo "Starting OpenDaylight"
${ODL_HOME}/bin/start
echo "Waiting ${SLEEP_TIME} seconds for OpenDaylight to initialize"
sleep ${SLEEP_TIME}
- echo "Copying a working version of the logging configuration into the opendaylight etc folder"
- cp ${APPC_HOME}/data/org.ops4j.pax.logging.cfg ${ODL_HOME}/etc/org.ops4j.pax.logging.cfg
- echo "Copying a new version of aaf cadi shiro into the opendaylight deploy folder"
- cp ${APPC_HOME}/data/aaf-shiro-aafrealm-osgi-bundle.jar ${ODL_HOME}/deploy/aaf-shiro-aafrealm-osgi-bundle.jar
-
- echo "Installing SDNC platform features"
- ${SDNC_HOME}/bin/installFeatures.sh
if [ -x ${SDNC_HOME}/svclogic/bin/install.sh ]
then
@@ -127,29 +124,18 @@ then
${SDNC_HOME}/svclogic/bin/install.sh
fi
- if $ENABLE_ODL_CLUSTER ; then echo "Installing Opendaylight cluster features" ; ${ODL_HOME}/bin/client feature:install odl-mdsal-clustering ; ${ODL_HOME}/bin/client feature:install odl-jolokia ; fi
-
- echo "Installing APPC platform features"
- ${APPC_HOME}/bin/installFeatures.sh
-
- if [ -x ${APPC_HOME}/svclogic/bin/install.sh ]
- then
- echo "Installing APPC DGs using platform-logic"
- ${APPC_HOME}/svclogic/bin/install.sh
- fi
-
if [ -x ${APPC_HOME}/svclogic/bin/install-converted-dgs.sh ]
then
echo "Installing APPC JSON DGs converted to XML using dg-loader"
${APPC_HOME}/svclogic/bin/install-converted-dgs.sh
fi
- if $ENABLE_ODL_CLUSTER ; then enable_odl_cluster ; fi
-
- echo "Adding a property system.properties for AAF cadi.properties location"
- echo "" >> ${ODL_HOME}/etc/system.properties
- echo "cadi_prop_files=${APPC_HOME}/data/properties/cadi.properties" >> ${ODL_HOME}/etc/system.properties
- echo "" >> ${ODL_HOME}/etc/system.properties
+ if $ENABLE_ODL_CLUSTER
+ then
+ echo "Installing Opendaylight cluster features"
+ ${ODL_HOME}/bin/client feature:install odl-mdsal-clustering
+ enable_odl_cluster
+ fi
echo "Copying the aaa shiro configuration into opendaylight"
if $ENABLE_AAF
@@ -180,11 +166,32 @@ then
done
echo "Karaf process has stopped"
sleep 10s
+
echo "Installed at `date`" > ${SDNC_HOME}/.installed
fi
- appcInstallEndTime=$(date +%s)
- echo "Total Appc install took $(expr $appcInstallEndTime - $appcInstallStartTime) seconds"
+# Move journal and snapshots directory to persistent storage
+
+hostdir=${ODL_HOME}/daexim/$(hostname -s)
+if [ ! -d $hostdir ]
+then
+ mkdir -p $hostdir
+ if [ -d ${ODL_HOME}/journal ]
+ then
+ mv ${ODL_HOME}/journal ${hostdir}
+ else
+ mkdir ${hostdir}/journal
+ fi
+ if [ -d ${ODL_HOME}/snapshots ]
+ then
+ mv ${ODL_HOME}/snapshots ${hostdir}
+ else
+ mkdir ${hostdir}/snapshots
+ fi
+fi
+
+ln -s ${hostdir}/journal ${ODL_HOME}/journal
+ln -s ${hostdir}/snapshots ${ODL_HOME}/snapshots
echo "Starting cdt-proxy-service jar, logging to ${APPC_HOME}/cdt-proxy-service/jar.log"
java -jar ${APPC_HOME}/cdt-proxy-service/cdt-proxy-service.jar > ${APPC_HOME}/cdt-proxy-service/jar.log &
diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml
index a26307d64b..a1adfa1dce 100644
--- a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml
+++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml
@@ -49,6 +49,8 @@ spec:
- msb-discovery
- --container-name
- kube2msb
+ - --container-name
+ - dcae-config-binding-service
- "-t"
- "15"
env:
diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml
index 26067e0230..c44401168e 100644
--- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml
+++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml
@@ -79,19 +79,16 @@ postgres:
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.5
+image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.7
# DCAE component images to be deployed via Cloudify Manager
# Use to override default setting in blueprints
componentImages:
- config_binding_service: onap/org.onap.dcaegen2.platform.configbinding.app-app:2.2.3
datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.1.1
deployment_handler: onap/org.onap.dcaegen2.platform.deployment-handler:3.1.0
holmes_rules: onap/holmes/rule-management:1.2.3
holmes_engine: onap/holmes/engine-management:1.2.2
- inventory: onap/org.onap.dcaegen2.platform.inventory-api:3.0.4
policy_handler: onap/org.onap.dcaegen2.platform.policy-handler:4.5.0
- service_change_handler: onap/org.onap.dcaegen2.platform.servicechange-handler:1.1.5
tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.1.0
ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.3.1
snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0
diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/Chart.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/Chart.yaml
new file mode 100644
index 0000000000..fe04575cc6
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/Chart.yaml
@@ -0,0 +1,21 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+description: ONAP DCAE Config Binding Service
+name: dcae-config-binding-service
+version: 3.0.0 \ No newline at end of file
diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/requirements.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/requirements.yaml
new file mode 100644
index 0000000000..897df32ce0
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/requirements.yaml
@@ -0,0 +1,19 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~3.0.0
+ repository: '@local'
diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml
new file mode 100644
index 0000000000..1a3f693a12
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml
@@ -0,0 +1,72 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+ #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+ paths:
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
+ #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+ ignore_older: 48h
+ # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+ clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+ #List of logstash server ip addresses with port number.
+ #But, in our case, this will be the loadbalancer IP address.
+ #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+ hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"]
+ #If enable will do load balancing among availabe Logstash, automatically.
+ loadbalance: true
+
+ #The list of root certificates for server verifications.
+ #If certificate_authorities is empty or not set, the trusted
+ #certificate authorities of the host system are used.
+ #ssl.certificate_authorities: $ssl.certificate_authorities
+
+ #The path to the certificate for SSL client authentication. If the certificate is not specified,
+ #client authentication is not available.
+ #ssl.certificate: $ssl.certificate
+
+ #The client certificate key used for client authentication.
+ #ssl.key: $ssl.key
+
+ #The passphrase used to decrypt an encrypted key stored in the configured key file
+ #ssl.key_passphrase: $ssl.key_passphrase
+
+logging:
+ level: debug
+
+ # enable file rotation with default configuration
+ to_files: true
+
+ # do not log to syslog
+ to_syslog: false
+
+ files:
+ path: /usr/share/filebeat/logs
+ name: mybeat.log
+ keepfiles: 7
diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/configmap.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/configmap.yaml
new file mode 100644
index 0000000000..a150cbd336
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/configmap.yaml
@@ -0,0 +1,26 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ .Release.Name }}-cbs-filebeat-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml
new file mode 100644
index 0000000000..a968204575
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml
@@ -0,0 +1,103 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - consul-server
+ - "-t"
+ - "15"
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ httpGet:
+ path: {{ .Values.readiness.path }}
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /opt/logs
+ env:
+ - name: CONSUL_HOST
+ value: consul.{{ include "common.namespace" . }}
+
+ - name: {{ include "common.name" . }}-filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ mountPath: /usr/share/filebeat/data
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /var/log/onap
+ volumes:
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ configMap:
+ name: {{ .Release.Name }}-cbs-filebeat-configmap
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml
new file mode 100644
index 0000000000..088d381d50
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml
@@ -0,0 +1,43 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.name }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.name }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+
diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml
new file mode 100644
index 0000000000..f6da1ef06c
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml
@@ -0,0 +1,89 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ repositoryCred:
+ user: docker
+ password: docker
+
+config:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+ # Addresses of other ONAP entities
+ address:
+ consul:
+ host: consul-server
+ port: 8500
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/org.onap.dcaegen2.platform.configbinding.app-app:2.2.3
+pullPolicy: Always
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ # liveness not desirable for Cloudify Manager container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ path: /healthcheck
+
+service:
+ type: ClusterIP
+ name: config-binding-service
+ externalPort: 10000
+ internalPort: 10000
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
+# Kubernetes namespace for components deployed via Cloudify manager
+# If empty, use the common namespace
+# dcae_ns: "dcae"
diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml b/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml
index 3c9936b1b1..307046138b 100644
--- a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml
+++ b/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml
@@ -45,7 +45,7 @@ readiness:
periodSeconds: 10
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.1
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.3
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/Chart.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/Chart.yaml
new file mode 100644
index 0000000000..d4782e62de
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/Chart.yaml
@@ -0,0 +1,21 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+description: ONAP DCAE Service Change Handler
+name: dcae-servicechange-handler
+version: 3.0.0 \ No newline at end of file
diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/Chart.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/Chart.yaml
new file mode 100644
index 0000000000..45402c8616
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/Chart.yaml
@@ -0,0 +1,21 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+description: ONAP DCAE Inventory API Service
+name: dcae-inventory-api
+version: 3.0.0 \ No newline at end of file
diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/requirements.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/requirements.yaml
new file mode 100644
index 0000000000..376b7db549
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/requirements.yaml
@@ -0,0 +1,22 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~3.0.0
+ repository: '@local'
+ - name: postgres
+ version: ~3.0.0
+ repository: '@local'
diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/resources/config/config.json b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/resources/config/config.json
new file mode 100644
index 0000000000..a8329f674b
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/resources/config/config.json
@@ -0,0 +1,34 @@
+{
+ "database": {
+ "driverClass": "org.postgresql.Driver",
+ "user": "{{ .Values.postgres.config.pgUserName }}",
+ "password": "{{ .Values.postgres.config.pgUserPassword }}",
+ "url": "jdbc:postgresql://{{ .Values.postgres.service.name2 }}:5432/{{ .Values.postgres.config.pgDatabase }}",
+ "properties": {
+ "charSet": "UTF-8"
+ },
+ "maxWaitForConnection": "1s",
+ "validationQuery": "/* MyService Health Check */ SELECT 1",
+ "minSize": 2,
+ "maxSize": 8,
+ "initialSize": 2,
+ "checkConnectionWhileIdle": false,
+ "evictionInterval": "10s",
+ "minIdleTime": "1 minute"
+ },
+ "databusControllerConnection": {
+ "host": "databus-controller-hostname",
+ "port": 8443,
+ "mechId": null,
+ "password": null,
+ "required": false
+ },
+ "httpClient": {
+ "minThreads": 1,
+ "maxThreads": 128,
+ "gzipEnabled": false,
+ "gzipEnabledForRequests": false,
+ "timeout": "5000milliseconds",
+ "connectionTimeout": "5000milliseconds"
+ }
+ } \ No newline at end of file
diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/configmap.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/configmap.yaml
new file mode 100644
index 0000000000..9cda43c499
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/configmap.yaml
@@ -0,0 +1,26 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/deployment.yaml
new file mode 100644
index 0000000000..e49be94a79
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/deployment.yaml
@@ -0,0 +1,94 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - {{ .Values.postgres.nameOverride }}
+ - "-t"
+ - "15"
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}:{{ .Values.image_version }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ["java"]
+ args:
+ - "-jar"
+ - "/opt/inventory-api-{{ .Values.image_version }}.jar"
+ - "server"
+ - "/opt/config.json"
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ httpGet:
+ path: {{ .Values.readiness.path }}
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-inv-config
+ mountPath: /opt/config.json
+ subPath: config.json
+ env:
+ - name: CONSUL_HOST
+ value: consul.{{ include "common.namespace" . }}
+ volumes:
+ - name: {{ include "common.fullname" . }}-inv-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/service.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/service.yaml
new file mode 100644
index 0000000000..088d381d50
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/service.yaml
@@ -0,0 +1,43 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.name }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.name }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+
diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/values.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/values.yaml
new file mode 100644
index 0000000000..5be3b34c4e
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/values.yaml
@@ -0,0 +1,124 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ repositoryCred:
+ user: docker
+ password: docker
+
+config:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+ # Addresses of other ONAP entities
+ address:
+ consul:
+ host: consul-server
+ port: 8500
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/org.onap.dcaegen2.platform.inventory-api
+# need the version to be separate because it's used in 2 places
+image_version: 3.0.1
+
+pullPolicy: Always
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ # liveness not desirable for Cloudify Manager container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 30
+ periodSeconds: 30
+ path: /dcae-service-types
+
+service:
+ type: ClusterIP
+ name: inventory
+ externalPort: 8080
+ internalPort: 8080
+
+# application configuration override for postgres
+postgres:
+ nameOverride: dcae-inv-pg
+ service:
+ name: dcae-inv-postgres
+ name2: dcae-inv-pg-primary
+ name3: dcae-inv-pg-replica
+ container:
+ name:
+ primary: dcae-inv-pg-primary
+ replica: dcae-inv-pg-replica
+ config:
+ pgUserName: dcae_inv
+ pgDatabase: dcae_inventory
+ pgPrimaryPassword: onapdemodb
+ pgUserPassword: onapdemodb
+ pgRootPassword: onapdemodb
+ persistence:
+ mountSubPath: dcae-inv/data
+ mountInitPath: dcae-inv
+ pgpool:
+ nameOverride: dcae-inv-pgpool
+ service:
+ name: dcae-inv-pgpool
+ credentials:
+ pgusername: ddcae_inv
+ pgpassword: onapdemodb
+ container:
+ name:
+ primary: dcae-inv-pgpool-primary
+ replica: dcae-inv-pgpool-replica
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
+# Kubernetes namespace for components deployed via Cloudify manager
+# If empty, use the common namespace
+# dcae_ns: "dcae"
diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/requirements.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/requirements.yaml
new file mode 100644
index 0000000000..897df32ce0
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/requirements.yaml
@@ -0,0 +1,19 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~3.0.0
+ repository: '@local'
diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/resources/config/config.json b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/resources/config/config.json
new file mode 100644
index 0000000000..7ddc800817
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/resources/config/config.json
@@ -0,0 +1,22 @@
+{
+ "asdcDistributionClient": {
+ "asdcAddress": "{{ .Values.config.address.sdc }}.{{include "common.namespace" . }}:8443",
+ "asdcUri": "https://{{ .Values.config.address.sdc }}.{{include "common.namespace" . }}:8443",
+ "msgBusAddress": "{{ .Values.config.address.message_router }}.{{include "common.namespace" . }}",
+ "user": "{{ .Values.sdc.user }}",
+ "password": "{{ .Values.sdc.password }}",
+ "pollingInterval": 20,
+ "pollingTimeout": 20,
+ "consumerGroup": "dcae",
+ "consumerId": "dcae-sch",
+ "environmentName": "{{ .Values.sdc.environmentName }}",
+ "keyStorePath": null,
+ "keyStorePassword": null,
+ "activateServerTLSAuth": {{ .Values.sdc.useHttps }},
+ "useHttpsWithDmaap": {{ .Values.dmaap.useHttps }},
+ "isFilterInEmptyResources": false
+ },
+ "dcaeInventoryClient": {
+ "uri": "http://inventory:8080"
+ }
+}
diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/configmap.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/configmap.yaml
new file mode 100644
index 0000000000..9cda43c499
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/configmap.yaml
@@ -0,0 +1,26 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/deployment.yaml
new file mode 100644
index 0000000000..dc802a7892
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/deployment.yaml
@@ -0,0 +1,95 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - "dcae-inventory-api"
+ - --container-name
+ - "message-router"
+ - --container-name
+ - "sdc-dcae-be"
+ - "-t"
+ - "45"
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}:{{ .Values.image_version }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ["java"]
+ args:
+ - "-jar"
+ - "/opt/servicechange-handler.jar"
+ - "prod"
+ - "/opt/config.json"
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ exec:
+ command: [{{ .Values.liveness.script }}]
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ exec:
+ command: [{{ .Values.readiness.script }}]
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-sch-config
+ mountPath: /opt/config.json
+ subPath: config.json
+ env:
+ - name: CONSUL_HOST
+ value: consul.{{ include "common.namespace" . }}
+ volumes:
+ - name: {{ include "common.fullname" . }}-sch-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/values.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/values.yaml
new file mode 100644
index 0000000000..b92f41703f
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/values.yaml
@@ -0,0 +1,97 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ repositoryCred:
+ user: docker
+ password: docker
+
+config:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+ address:
+ # Addresses of ONAP components
+ message_router: message-router
+ sdc: sdc-be
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/org.onap.dcaegen2.platform.servicechange-handler
+# need the version to be separate because it's used in 2 places
+image_version: 1.1.5
+
+pullPolicy: Always
+
+# configuration for accessing SDC
+sdc:
+ user: "dcae"
+ password: !!str Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+ environmentName: "AUTO"
+ useHttps: false
+
+# configuration for accessing DMaaP
+dmaap:
+ useHttps: false
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 30
+ periodSeconds: 30
+ script: /opt/health.sh
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ # liveness not desirable for Cloudify Manager container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 30
+ periodSeconds: 30
+ script: /opt/health.sh
+
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
+# Kubernetes namespace for components deployed via Cloudify manager
+# If empty, use the common namespace
+# dcae_ns: "dcae"
diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/config/dmaapbc.properties b/kubernetes/dmaap/charts/dmaap-bus-controller/resources/config/dmaapbc.properties
index f2a6dd9648..faa19c6f4d 100644
--- a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/config/dmaapbc.properties
+++ b/kubernetes/dmaap/charts/dmaap-bus-controller/resources/config/dmaapbc.properties
@@ -31,7 +31,7 @@ UseAAF: false
csit: No
# name of this DMaaP instance (deprecated)
-DmaapName: demo
+#DmaapName: demo
#####################################################
#
@@ -39,7 +39,7 @@ DmaapName: demo
#
#####################################################
# FQDN of DR Prov Server (deprecated)
-DR.provhost: dcae-drps.domain.not.set
+#DR.provhost: dcae-drps.domain.not.set
# URI to retrieve dynamic DR configuration
ProvisioningURI: /internal/prov
@@ -99,7 +99,7 @@ MR.TopicFactoryNS: org.onap.dmaap.mr.topicFactory
MR.TopicMgrRole: org.onap.dmaap-bc-topic-mgr.client
# MR topic ProjectID (used in certain topic name generation formats)
-MR.projectID: ONAP
+MR.projectID: mr
#####################################################
@@ -130,6 +130,9 @@ aaf.AdminUser: {{ .Values.adminUser }}
# Admin Password
aaf.AdminPassword: {{ .Values.adminPwd }}
+# Identity that is owner of any created namespaces for topics
+aaf.NsOwnerIdentity: {{ .Values.adminUser }}
+
# location of the codec keyfile used to decrypt passwords in this properties file before they are passed to AAF
CredentialCodeKeyfile: etc/LocalKey
diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/templates/deployment.yaml b/kubernetes/dmaap/charts/dmaap-bus-controller/templates/deployment.yaml
index 9cf147fdab..4d009e9698 100644
--- a/kubernetes/dmaap/charts/dmaap-bus-controller/templates/deployment.yaml
+++ b/kubernetes/dmaap/charts/dmaap-bus-controller/templates/deployment.yaml
@@ -31,6 +31,10 @@ spec:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
+ hostAliases:
+ - ip: "10.12.6.214"
+ hostnames:
+ - "aaf-onap-test.osaaf.org"
initContainers:
- command:
- /root/ready.py
diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml b/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml
index 0483ce5db2..6d7b7c363d 100644
--- a/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml
+++ b/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml
@@ -31,12 +31,12 @@ pullPolicy: Always
# application images
repository: nexus3.onap.org:10001
-image: onap/dmaap/buscontroller:1.0.23
+image: onap/dmaap/buscontroller:1.0.25
# application configuration
dmaapMessageRouterService: message-router
-aafURL: https://aaf-authz/
+aafURL: https://aaf-onap-test.osaaf.org:8095/proxy/
topicMgrUser: dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org
topicMgrPwd: demo123456!
adminUser: aaf_admin@people.osaaf.org
diff --git a/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/application.properties b/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/application.properties
index 41ec250ac8..790707914d 100644
--- a/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/application.properties
+++ b/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/application.properties
@@ -43,7 +43,7 @@ aai.readTimeout={{ .Values.config.aaiReadTimeout }}
http.userId={{ .Values.config.httpUserId }}
http.password={{ .Values.config.httpPassword }}
-aai.searchNodeQuery=/aai/v11/search/nodes-query?search-node-type=service-instance&filter=service-instance-id:EQUALS:
+aai.searchNodeQuery=/aai/v13/search/nodes-query?search-node-type=service-instance&filter=service-instance-id:EQUALS:
#Servlet context parameters
server.context_parameters.p-name=value #context parameter with p-name as key and value as value.
diff --git a/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/logback.xml b/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/logback.xml
index 9991b8b1b0..0a4b616453 100644
--- a/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/logback.xml
+++ b/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/logback.xml
@@ -1,235 +1,31 @@
-<configuration scan="true" scanPeriod="10 seconds" debug="false">
- <jmxConfigurator />
- <property name="logDirectory" value="/var/log/onap/pomba-aaictxbuilder" />
- <!-- Example evaluator filter applied against console appender -->
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <!-- filter class="ch.qos.logback.classic.filter.LevelFilter"> <level>ERROR</level>
- <onMatch>ACCEPT</onMatch> <onMismatch>DENY</onMismatch> </filter -->
- <!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>INFO</level>
- </filter>
- <encoder>
- <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
- </pattern>
- </encoder>
- </appender>
-
- <appender name="ERROR"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>INFO</level>
- </filter>
- <file>${logDirectory}/error.log</file>
- <append>true</append>
- <encoder>
- <pattern>%date{"yyyy-MM-dd'T'HH:mm:ss,SSSXXX", UTC}|%X{RequestId}|%.20thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%.-5level|%X{ErrorCode}|%X{ErrorDescription}|%msg%n</pattern>
- </encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/error.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
- </appender>
-
- <appender name="DEBUG"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/debug.log</file>
- <append>true</append>
- <encoder>
- <pattern>%date{"yyyy-MM-dd'T'HH:mm:ss,SSSXXX",UTC}|%X{RequestId}|%.20thread|%.-5level|%logger{36}|%msg%n</pattern>
- </encoder>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/debug.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>10MB</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>5</maxHistory>
- </rollingPolicy>
- </appender>
-
- <appender name="AUDIT"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/audit.log</file>
- <append>true</append>
- <encoder>
- <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n
- </pattern>
- </encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/audit.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
- </appender>
- <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="AUDIT" />
- </appender>
-
- <appender name="METRIC"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/metric.log</file>
- <append>true</append>
- <encoder>
- <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|
- %msg%n</pattern>
- </encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/metric.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
- </appender>
- <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="METRIC" />
- </appender>
-
- <!-- SECURITY related loggers -->
- <appender name="SECURITY"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/security.log</file>
- <append>true</append>
- <encoder>
- <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n
- </pattern>
- </encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/security.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
- </appender>
- <appender name="asyncEELFSecurity" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="SECURITY" />
- </appender>
-
- <!-- CLDS related loggers -->
- <logger name="org.onap.pomba.clds" level="INFO" additivity="true">
- <appender-ref ref="ERROR" />
- </logger>
-
- <!-- CLDS related loggers -->
- <logger name="com.att.eelf.error" level="OFF" additivity="true">
- <appender-ref ref="ERROR" />
- </logger>
- <!-- EELF related loggers -->
- <logger name="com.att.eelf.audit" level="INFO" additivity="false">
- <appender-ref ref="asyncEELFAudit" />
- </logger>
- <logger name="com.att.eelf.metrics" level="DEBUG" additivity="false">
- <appender-ref ref="asyncEELFMetrics" />
- </logger>
- <logger name="com.att.eelf.security" level="DEBUG" additivity="false">
- <appender-ref ref="asyncEELFSecurity" />
- </logger>
-
-
- <!-- Spring related loggers -->
- <logger name="org.springframework" level="WARN" />
- <logger name="org.springframework.beans" level="WARN" />
- <logger name="org.springframework.web" level="WARN" />
- <logger name="com.blog.spring.jms" level="WARN" />
-
- <!-- Other Loggers that may help troubleshoot -->
- <logger name="net.sf" level="WARN" />
- <logger name="org.apache.commons.httpclient" level="WARN" />
- <logger name="org.apache.commons" level="WARN" />
- <logger name="org.apache.coyote" level="WARN" />
- <logger name="org.apache.jasper" level="WARN" />
-
- <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
- May aid in troubleshooting) -->
- <logger name="org.apache.camel" level="WARN" />
- <logger name="org.apache.cxf" level="WARN" />
- <logger name="org.apache.camel.processor.interceptor" level="WARN" />
- <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
- <logger name="org.apache.cxf.service" level="WARN" />
- <logger name="org.restlet" level="DEBUG" />
- <logger name="org.apache.camel.component.restlet" level="DEBUG" />
-
- <!-- logback internals logging -->
- <logger name="ch.qos.logback.classic" level="INFO" />
- <logger name="ch.qos.logback.core" level="INFO" />
-
- <!-- logback jms appenders & loggers definition starts here -->
- <!-- logback jms appenders & loggers definition starts here -->
- <appender name="auditLogs"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- </filter>
- <file>${logDirectory}/Audit.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/Audit.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
- </encoder>
- </appender>
- <appender name="perfLogs"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- </filter>
- <file>${logDirectory}/Perform.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/Perform.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
- </encoder>
- </appender>
- <logger name="AuditRecord" level="INFO" additivity="FALSE">
- <appender-ref ref="auditLogs" />
- </logger>
- <logger name="AuditRecord_DirectCall" level="INFO" additivity="FALSE">
- <appender-ref ref="auditLogs" />
- </logger>
- <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE">
- <appender-ref ref="perfLogs" />
- </logger>
- <!-- logback jms appenders & loggers definition ends here -->
-
- <root level="WARN">
- <appender-ref ref="DEBUG" />
- <appender-ref ref="STDOUT" />
- </root>
-
+<configuration >
+ <property name="p_tim" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}"/>
+ <property name="p_lvl" value="%level"/>
+ <property name="p_log" value="%logger"/>
+ <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/>
+ <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <!-- tabs -->
+ <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_thr" value="%thread"/>
+ <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/>
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="FILE" class="ch.qos.logback.core.FileAppender">
+ <file>/opt/app/logs/EELF/output.log</file>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false">
+ <appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
+ </logger>
+ <root level="info">
+ <appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
+ </root>
</configuration>
diff --git a/kubernetes/pomba/charts/pomba-aaictxbuilder/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-aaictxbuilder/templates/deployment.yaml
index 6d46e9de09..d8210b32fc 100644
--- a/kubernetes/pomba/charts/pomba-aaictxbuilder/templates/deployment.yaml
+++ b/kubernetes/pomba/charts/pomba-aaictxbuilder/templates/deployment.yaml
@@ -56,15 +56,20 @@ spec:
name: localtime
readOnly: true
- name: {{ include "common.fullname" . }}-logs
- mountPath: /var/log/onap
+ mountPath: /opt/app/logs
+ readOnly: false
- mountPath: /opt/app/config/logback.xml
name: {{ include "common.fullname" . }}-log-conf
subPath: logback.xml
+ - name: {{ include "common.fullname" . }}-logs-eelf
+ mountPath: /opt/app/logs/EELF
+ readOnly: false
- mountPath: /opt/app/config/application.properties
name: {{ include "common.fullname" . }}-config
subPath: application.properties
readOnly: true
+
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -87,7 +92,7 @@ spec:
- name: {{ include "common.fullname" . }}-data-filebeat
mountPath: /usr/share/filebeat/data
- name: {{ include "common.fullname" . }}-logs
- mountPath: /var/log/onap
+ mountPath: /opt/app/logs
volumes:
- name: localtime
@@ -106,7 +111,8 @@ spec:
emptyDir: {}
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
-
+ - name: {{ include "common.fullname" . }}-logs-eelf
+ emptyDir: {}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/aai.properties b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/aai.properties
index 5d1e583370..db72a01a5e 100755
--- a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/aai.properties
+++ b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/aai.properties
@@ -1,4 +1,4 @@
-# Copyright © 2018 Amdocs
+# Copyright © 2018 Amdocs
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
diff --git a/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties b/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties
index fcfe9dc412..991c77df7c 100644
--- a/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties
+++ b/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties
@@ -53,9 +53,9 @@ aai.readTimeout={{ .Values.config.aaiReadTimeout }}
aai.http.userId={{ .Values.config.aaiHttpUserId }}
aai.http.password={{ .Values.config.aaiHttpPassword }}
-aai.searchNodeQuery=/aai/v11/search/nodes-query?search-node-type=service-instance&filter=service-instance-id:EQUALS:
-aai.customerQuery=/aai/v11/business/customers/customer/
-aai.serviceInstancePath=/aai/v11/business/customers/customer/{0}/service-subscriptions/service-subscription/{1}/service-instances/service-instance/{2}
+aai.searchNodeQuery=/aai/v13/search/nodes-query?search-node-type=service-instance&filter=service-instance-id:EQUALS:
+aai.customerQuery=/aai/v13/business/customers/customer/
+aai.serviceInstancePath=/aai/v13/business/customers/customer/{0}/service-subscriptions/service-subscription/{1}/service-instances/service-instance/{2}
# SDNC REST Client Configuration
sdnc.serviceName={{ .Values.config.sdncServiceName }}.{{.Release.Namespace}}
@@ -66,6 +66,7 @@ sdnc.httpProtocol={{ .Values.config.sdncHttpProtocol }}
sdnc.connectionTimeout={{ .Values.config.sdncConnectionTimeout }}
sdnc.readTimeout={{ .Values.config.sdncReadTimeout }}
sdnc.genericResourcePath=/restconf/config/GENERIC-RESOURCE-API:services/service/{0}
+sdnc.portMirrorResourcePath=/restconf/config/GENERIC-RESOURCE-API:port-mirror-configurations/port-mirror-configuration/{0}/configuration-data/configuration-operation-information/port-mirror-configuration-request-input
sdnc.vnfPath=/restconf/config/VNF-API:vnfs/vnf-list/{0}
#Servlet context parameters
diff --git a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml
index a9eac31405..f9107ea22b 100755
--- a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml
+++ b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml
@@ -252,6 +252,9 @@ mso:
callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
rollback:
callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
+ use:
+ qualified:
+ host: false
global:
dmaap:
username: testuser
@@ -259,8 +262,13 @@ mso:
host: http://10.42.111.36:904
publisher:
topic: replaceme
+ naming:
+ endpoint: http://naming.demo.onap.com:8081/web/service/v1/genNetworkElementName
+ auth: Basic bTA0NzY4QG5vbi1wcm9kLm1zby5lY29tcC5hdHQuY29tOkF0dG0wNDc2OExpZmUhQA==
policy:
auth: Basic dGVzdHBkcDphbHBoYTEyMw==
+ default:
+ disposition: Skip
client:
auth: Basic bTAzNzQzOnBvbGljeVIwY2sk
endpoint: http://pdp.{{ include "common.namespace" . }}:8081/pdp/api/
@@ -310,7 +318,7 @@ server:
spring:
datasource:
driver-class-name: org.mariadb.jdbc.Driver
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/camundabpmn
+ jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/camundabpmn
username: ${DB_USERNAME}
password: ${DB_PASSWORD}
dbcp2:
diff --git a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml
index 98b0976314..b88149bc68 100755
--- a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml
@@ -15,7 +15,7 @@ server:
port: {{ index .Values.containerPort }}
spring:
datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
+ jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
username: ${DB_ADMIN_USERNAME}
password: ${DB_ADMIN_PASSWORD}
driver-class-name: org.mariadb.jdbc.Driver
diff --git a/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml
index 2755f94f41..95726d4520 100755
--- a/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml
@@ -26,7 +26,7 @@ mso:
endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
spring:
datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
+ jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
username: ${DB_USERNAME}
password: ${DB_PASSWORD}
driver-class-name: org.mariadb.jdbc.Driver
@@ -60,6 +60,6 @@ management:
context-path: /manage
flyway:
baseline-on-migrate: true
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
+ jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
user: ${DB_ADMIN_USERNAME}
password: ${DB_ADMIN_PASSWORD}
diff --git a/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml
index 370887ee00..9ac209fb3c 100755
--- a/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml
+++ b/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml
@@ -17,7 +17,7 @@ server:
port: {{ index .Values.containerPort }}
spring:
datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
+ jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
username: ${DB_USERNAME}
password: ${DB_PASSWORD}
driver-class-name: org.mariadb.jdbc.Driver
@@ -38,7 +38,7 @@ spring:
role: ACTUATOR
request:
datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
+ jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
username: ${DB_USERNAME}
password: ${DB_PASSWORD}
driver-class-name: org.mariadb.jdbc.Driver
@@ -75,6 +75,7 @@ mso:
pollingInterval: 60
pollingTimeout: 60
relevantArtifactTypes: HEAT,HEAT_ENV,HEAT_VOL
+ useHttpsWithDmaap: false
activateServerTLSAuth: false
keyStorePassword:
keyStorePath:
diff --git a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml
index 74905d2df3..662b4d4ba4 100755
--- a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml
@@ -83,6 +83,9 @@ org:
activate: POST|285000|sdncurl8|sdnc-request-header|com:att:sdnctl:nbncapi
assign: POST|285000|sdncurl8|sdnc-request-header|com:att:sdnctl:nbncapi
delete: POST|285000|sdncurl8|sdnc-request-header|com:att:sdnctl:nbncapi
+ vnf-topology-aic-operation:
+ activate: POST|270000|sdncurl11|sdnc-request-header|com:att:sdnctl:vnftopologyaic
+ assign: POST|270000|sdncurl11|sdnc-request-header|com:att:sdnctl:vnftopologyaic
tunnelxconn-topology-operation:
activate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource
assign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource
@@ -99,6 +102,20 @@ org:
rollback: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf
bpelauth: 023A0244AB819A0DE0131DBC3AC5FAB4D8544E1CB1A7FE3CE60F6E3292AC0D93
bpelurl: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/SDNCAdapterCallbackService
+ gammainternet:
+ '':
+ query: GET|60000|sdncurl4|sdnc-request-header|com:att:sdnctl:firewallapi
+ service-configuration-operation:
+ activate: POST|90000|sdncurl1|sdnc-request-header|com:att:sdnctl:l3api
+ changeactivate: POST|60000|sdncurl1|sdnc-request-header|com:att:sdnctl:l3api
+ changedelete: POST|250000|sdncurl1|sdnc-request-header|com:att:sdnctl:l3api
+ changereserve: POST|60000|sdncurl1|sdnc-request-header|com:att:sdnctl:l3api
+ delete: POST|250000|sdncurl1|sdnc-request-header|com:att:sdnctl:l3api
+ reserve: POST|60000|sdncurl1|sdnc-request-header|com:att:sdnctl:l3api
+ turnup: POST|60000|sdncurl1|sdnc-request-header|com:att:sdnctl:l3api
+ svc-topology-operation:
+ assign: POST|60000|sdncurl1|sdnc-request-header|com:att:sdnctl:l3api
+ delete: POST|250000|sdncurl1|sdnc-request-header|com:att:sdnctl:l3api
generic-resource:
network-topology-operation:
create: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource
@@ -143,6 +160,7 @@ org:
sdncurl12: 'http://sdnc.{{ include "common.namespace" . }}:8282/'
sdncurl5: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/config'
sdncurl6: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNF-API:'
+ sdncurl7: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/L3UCPE-API:'
sdncurl8: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NBNC-API:'
sdncurl9: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NORTHBOUND-API:service-topology-operation'
service:
diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml
index 6adc2120fb..060a3067b8 100755
--- a/kubernetes/so/resources/config/overrides/override.yaml
+++ b/kubernetes/so/resources/config/overrides/override.yaml
@@ -59,7 +59,7 @@ mso:
topic: com.att.ecomp.mso.operationalEnvironmentEvent
spring:
datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
+ jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
username: ${DB_USERNAME}
password: ${DB_PASSWORD}
driver-class-name: org.mariadb.jdbc.Driver
@@ -105,7 +105,7 @@ spring:
role: ACTUATOR
request:
datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
+ jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
username: ${DB_USERNAME}
password: ${DB_PASSWORD}
driver-class-name: org.mariadb.jdbc.Driver