diff options
Diffstat (limited to 'kubernetes')
56 files changed, 1664 insertions, 130 deletions
diff --git a/kubernetes/aai b/kubernetes/aai -Subproject fde14dd1e9fec136f6ff9489dcb66ed8102ddb1 +Subproject 926a74401db06aa541ef460f9b611be4d341bf2 diff --git a/kubernetes/cds/values.yaml b/kubernetes/cds/values.yaml index cdede47d09..a0dc0e8fbe 100644 --- a/kubernetes/cds/values.yaml +++ b/kubernetes/cds/values.yaml @@ -1,4 +1,5 @@ -# Copyright © 2019 Bell Canada +# Copyright © 2019 Orange, Bell Canada +# Copyright © 2017 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,6 +13,57 @@ # See the License for the specific language governing permissions and # limitations under the License. +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.2 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + persistence: + mountPath: /dockerdata-nfs + +################################################################# +# Application configuration defaults. +################################################################# +# application images +repository: nexus3.onap.org:10001 +pullPolicy: Always + + +subChartsOnly: + enabled: true + +# flag to enable debugging - application support required +debugEnabled: false + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +ingress: + enabled: false + + mariadb-galera: config: userName: sdnctl @@ -25,4 +77,25 @@ mariadb-galera: replicaCount: 1 persistence: enabled: true - mountSubPath: cds/data
\ No newline at end of file + mountSubPath: cds/data + +#Resource Limit flavor -By Default using small +flavor: small +#segregation for different envionment (Small and Large) + +resources: + small: + limits: + cpu: 2 + memory: 4Gi + requests: + cpu: 1 + memory: 2Gi + large: + limits: + cpu: 4 + memory: 8Gi + requests: + cpu: 2 + memory: 4Gi + unlimited: {} diff --git a/kubernetes/clamp/charts/clamp-backend/Chart.yaml b/kubernetes/clamp/charts/clamp-backend/Chart.yaml new file mode 100644 index 0000000000..a6aec46264 --- /dev/null +++ b/kubernetes/clamp/charts/clamp-backend/Chart.yaml @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Clamp +name: clamp-backend +version: 5.0.0 diff --git a/kubernetes/clamp/charts/clamp-backend/requirements.yaml b/kubernetes/clamp/charts/clamp-backend/requirements.yaml new file mode 100644 index 0000000000..05d49a8d7b --- /dev/null +++ b/kubernetes/clamp/charts/clamp-backend/requirements.yaml @@ -0,0 +1,22 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~5.x-0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' diff --git a/kubernetes/clamp/resources/config/log/filebeat/filebeat.yml b/kubernetes/clamp/charts/clamp-backend/resources/config/log/filebeat/filebeat.yml index dab2e44f5e..dab2e44f5e 100644 --- a/kubernetes/clamp/resources/config/log/filebeat/filebeat.yml +++ b/kubernetes/clamp/charts/clamp-backend/resources/config/log/filebeat/filebeat.yml diff --git a/kubernetes/clamp/resources/config/logback.xml b/kubernetes/clamp/charts/clamp-backend/resources/config/logback.xml index 551ed34ee4..551ed34ee4 100644 --- a/kubernetes/clamp/resources/config/logback.xml +++ b/kubernetes/clamp/charts/clamp-backend/resources/config/logback.xml diff --git a/kubernetes/clamp/resources/config/sdc-controllers-config.json b/kubernetes/clamp/charts/clamp-backend/resources/config/sdc-controllers-config.json index 3adda95c11..3adda95c11 100644 --- a/kubernetes/clamp/resources/config/sdc-controllers-config.json +++ b/kubernetes/clamp/charts/clamp-backend/resources/config/sdc-controllers-config.json diff --git a/kubernetes/clamp/charts/clamp-backend/templates/NOTES.txt b/kubernetes/clamp/charts/clamp-backend/templates/NOTES.txt new file mode 100644 index 0000000000..e36d6a5bfb --- /dev/null +++ b/kubernetes/clamp/charts/clamp-backend/templates/NOTES.txt @@ -0,0 +1,32 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit https://127.0.0.1:8443 to use your application" + kubectl port-forward $POD_NAME 8443:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/clamp/charts/clamp-backend/templates/configmap.yaml b/kubernetes/clamp/charts/clamp-backend/templates/configmap.yaml new file mode 100644 index 0000000000..21df037a8a --- /dev/null +++ b/kubernetes/clamp/charts/clamp-backend/templates/configmap.yaml @@ -0,0 +1,41 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} + spring_application_json: {{ tpl .Values.config.springApplicationJson . | quote }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-clamp-filebeat-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }} diff --git a/kubernetes/clamp/charts/clamp-backend/templates/deployment.yaml b/kubernetes/clamp/charts/clamp-backend/templates/deployment.yaml new file mode 100644 index 0000000000..6b6fcc7e56 --- /dev/null +++ b/kubernetes/clamp/charts/clamp-backend/templates/deployment.yaml @@ -0,0 +1,126 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - mariadb + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + # side car containers + - name: {{ include "common.name" . }}-filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + args: + - "-Dcom.att.eelf.logging.file=file:/opt/clamp/logback.xml" + - "" + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + - mountPath: /opt/clamp/sdc-controllers-config.json + name: {{ include "common.fullname" . }}-config + subPath: sdc-controllers-config.json + - mountPath: /opt/clamp/logback.xml + name: {{ include "common.fullname" . }}-config + subPath: logback.xml + env: + - name: SPRING_APPLICATION_JSON + valueFrom: + configMapKeyRef: + name: {{ template "common.fullname" . }} + key: spring_application_json + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }} + items: + - key: sdc-controllers-config.json + path: sdc-controllers-config.json + - key: logback.xml + path: logback.xml + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ .Release.Name }}-clamp-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/clamp/charts/clamp-backend/templates/service.yaml b/kubernetes/clamp/charts/clamp-backend/templates/service.yaml new file mode 100644 index 0000000000..f1438a46c9 --- /dev/null +++ b/kubernetes/clamp/charts/clamp-backend/templates/service.yaml @@ -0,0 +1,40 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/clamp/charts/clamp-backend/values.yaml b/kubernetes/clamp/charts/clamp-backend/values.yaml new file mode 100644 index 0000000000..27d284c582 --- /dev/null +++ b/kubernetes/clamp/charts/clamp-backend/values.yaml @@ -0,0 +1,130 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018-2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: # global defaults + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + persistence: {} + +flavor: small + +# application image +repository: nexus3.onap.org:10001 +image: onap/clamp-backend:4.1.1 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +################################################################# +# Application configuration defaults. +################################################################# +config: + log: + logstashServiceName: log-ls + logstashPort: 5044 + mysqlPassword: strong_pitchou + dataRootDir: /dockerdata-nfs + springApplicationJson: > + { + "spring.datasource.cldsdb.url": "jdbc:mariadb:sequential://clampdb.{{ include "common.namespace" . }}:3306/cldsdb4?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3", + "clamp.config.sdc.catalog.url": "http://sdc-be.{{ include "common.namespace" . }}:8080/sdc/v1/catalog/", + "clamp.config.sdc.hostUrl": "http://sdc-be.{{ include "common.namespace" . }}:8080/", + "clamp.config.sdc.serviceUrl": "http://sdc-be.{{ include "common.namespace" . }}:8080/sdc/v1/catalog/services", + "clamp.config.sdc.serviceUsername": "clamp", + "clamp.config.sdc.servicePassword": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981", + "clamp.config.files.sdcController": "file:/opt/clamp/sdc-controllers-config.json", + "clamp.config.dcae.inventory.url": "https://inventory.{{ include "common.namespace" . }}:8080", + "clamp.config.dcae.dispatcher.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443", + "clamp.config.dcae.deployment.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443", + "clamp.config.dcae.deployment.userName": "none", + "clamp.config.dcae.deployment.password": "none", + "clamp.config.policy.api.url": "https4://policy-api.{{ include "common.namespace" . }}:6969", + "clamp.config.policy.api.userName": "healthcheck", + "clamp.config.policy.api.password": "zb!XztG34", + "clamp.config.policy.pap.url": "https4://policy-pap.{{ include "common.namespace" . }}:6969", + "clamp.config.policy.pap.userName": "healthcheck", + "clamp.config.policy.pap.password": "zb!XztG34", + "clamp.config.policy.pdpUrl1": "https://pdp.{{ include "common.namespace" . }}:8081/pdp/ , testpdp, alpha123", + "clamp.config.policy.pdpUrl2": "https://pdp.{{ include "common.namespace" . }}:8081/pdp/ , testpdp, alpha123", + "clamp.config.policy.papUrl": "https://pap.{{ include "common.namespace" . }}:9091/pap/ , testpap, alpha123", + "clamp.config.policy.clientKey": "dGVzdA==", + "clamp.config.cadi.aafLocateUrl": "https://aaf-locate.{{ include "common.namespace" . }}:8095", + "com.att.eelf.logging.path": "/opt/clamp", + "com.att.eelf.logging.file": "logback.xml" + } + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + + +service: + type: ClusterIP + name: clamp-backend + portName: clamp-backend + internalPort: 8443 + externalPort: 443 + +ingress: + enabled: false + +#resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +resources: + small: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + large: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/clamp/charts/clamp-dash-es/resources/config/elasticsearch.yml b/kubernetes/clamp/charts/clamp-dash-es/resources/config/elasticsearch.yml index 996d218ada..26affe600c 100644 --- a/kubernetes/clamp/charts/clamp-dash-es/resources/config/elasticsearch.yml +++ b/kubernetes/clamp/charts/clamp-dash-es/resources/config/elasticsearch.yml @@ -129,18 +129,26 @@ http.port: {{.Values.service.externalPort}} # Defaults to 9300-9400. # More info: transport.tcp.port: {{.Values.service.externalPort2}} - #xpack.graph.enabled: false #Set to false to disable X-Pack graph features. - #xpack.ml.enabled: false #Set to false to disable X-Pack machine learning features. - #xpack.monitoring.enabled: false #Set to false to disable X-Pack monitoring features. -#xpack.security.enabled: false -#Set to false to disable X-Pack security features. #xpack.watcher.enabled: false #Set to false to disable Watcher. + +#xpack.license.self_generated.type: basic +#xpack.security.enabled: false + +## Search Guard +# +searchguard.enterprise_modules_enabled: false +searchguard.ssl.transport.keystore_filepath: sg/node-0-keystore.jks +searchguard.ssl.transport.truststore_filepath: sg/truststore.jks +searchguard.ssl.transport.enforce_hostname_verification: false + +searchguard.authcz.admin_dn: + - "CN=kirk,OU=client,O=client,l=tEst,C=De" diff --git a/kubernetes/clamp/charts/clamp-dash-es/templates/deployment.yaml b/kubernetes/clamp/charts/clamp-dash-es/templates/deployment.yaml index d1504e0c04..5070f24ba3 100644 --- a/kubernetes/clamp/charts/clamp-dash-es/templates/deployment.yaml +++ b/kubernetes/clamp/charts/clamp-dash-es/templates/deployment.yaml @@ -58,7 +58,7 @@ spec: mountPath: /usr/share/elasticsearch/data/ containers: - name: {{ include "common.name" . }} - image: "{{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.image }}" + image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - containerPort: {{ .Values.service.internalPort }} diff --git a/kubernetes/clamp/charts/clamp-dash-es/values.yaml b/kubernetes/clamp/charts/clamp-dash-es/values.yaml index 33ea865b38..2d67048844 100644 --- a/kubernetes/clamp/charts/clamp-dash-es/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-es/values.yaml @@ -32,7 +32,7 @@ busyboxImage: library/busybox:latest # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-elasticsearch:4.1.0 +image: onap/clamp-dashboard-elasticsearch:4.1.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml b/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml index 2173039252..55df82b0f1 100644 --- a/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml +++ b/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml @@ -128,7 +128,7 @@ server.ssl.key: {{.Values.config.sslPemkeyFilePath}} ## Search Guard # -xpack.security.enabled: false +#xpack.security.enabled: false elasticsearch.username: {{.Values.config.elasticUSR}} elasticsearch.password: {{.Values.config.elasticPWD}} diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml index 276ac5d32a..a8225c0895 100644 --- a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml @@ -20,7 +20,7 @@ global: nodePortPrefix: 302 repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== readinessRepository: oomk8s - readinessImage: readiness-check:1.1.0 + readinessImage: readiness-check:2.0.0 persistence: {} flavor: small @@ -34,7 +34,7 @@ busyboxImage: library/busybox:latest # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-kibana:4.1.0 +image: onap/clamp-dashboard-kibana:4.1.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml index e7ab68fc5b..b798a44f7f 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml @@ -20,7 +20,7 @@ global: nodePortPrefix: 302 repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== readinessRepository: oomk8s - readinessImage: readiness-check:1.1.0 + readinessImage: readiness-check:2.0.0 persistence: {} flavor: small @@ -30,7 +30,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-logstash:4.1.0 +image: onap/clamp-dashboard-logstash:4.1.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql index 5d6f14f5c6..9b12b1804c 100644 --- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql +++ b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql @@ -20,6 +20,7 @@ create table loop_logs ( id bigint not null, + log_component varchar(255) not null, log_instant datetime(6) not null, log_type varchar(255) not null, message MEDIUMTEXT not null, @@ -36,6 +37,7 @@ global_properties_json json, last_computed_state varchar(255) not null, model_properties_json json, + operational_policy_schema json, svg_representation MEDIUMTEXT, primary key (name) ) engine=InnoDB; diff --git a/kubernetes/clamp/resources/config/nginx.conf b/kubernetes/clamp/resources/config/nginx.conf new file mode 100644 index 0000000000..ce94eff70f --- /dev/null +++ b/kubernetes/clamp/resources/config/nginx.conf @@ -0,0 +1,23 @@ +server { + + listen 443 default ssl; + ssl_protocols TLSv1.2; + ssl_certificate /etc/ssl/clamp.pem; + ssl_certificate_key /etc/ssl/clamp.key; + location /restservices/clds/ { + proxy_pass https://clamp-backend:443; + } + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + try_files $uri $uri/ /index.html; + } + + error_page 500 502 503 504 /50x.html; + + location = /50x.html { + root /usr/share/nginx/html; + } + +} diff --git a/kubernetes/clamp/templates/configmap.yaml b/kubernetes/clamp/templates/configmap.yaml index 21df037a8a..9186cd919a 100644 --- a/kubernetes/clamp/templates/configmap.yaml +++ b/kubernetes/clamp/templates/configmap.yaml @@ -25,17 +25,3 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} - spring_application_json: {{ tpl .Values.config.springApplicationJson . | quote }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-clamp-filebeat-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }} diff --git a/kubernetes/clamp/templates/deployment.yaml b/kubernetes/clamp/templates/deployment.yaml index 4e6d1d13a3..9585e1fe6c 100644 --- a/kubernetes/clamp/templates/deployment.yaml +++ b/kubernetes/clamp/templates/deployment.yaml @@ -36,7 +36,7 @@ spec: - /root/ready.py args: - --container-name - - {{ .Values.mariadb.nameOverride }} + - clamp-backend env: - name: NAMESPACE valueFrom: @@ -58,13 +58,10 @@ spec: - name: {{ include "common.fullname" . }}-data-filebeat mountPath: /usr/share/filebeat/data - name: {{ include "common.fullname" . }}-logs - mountPath: /var/log/onap + mountPath: /var/log/nginx/ - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - args: - - "-Dcom.att.eelf.logging.file=file:/opt/clamp/logback.xml" - - "" ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger @@ -83,19 +80,10 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: - name: {{ include "common.fullname" . }}-logs - mountPath: /var/log/onap - - mountPath: /opt/clamp/sdc-controllers-config.json + mountPath: /var/log/nginx/ + - mountPath: /etc/nginx/conf.d/nginx.conf name: {{ include "common.fullname" . }}-config - subPath: sdc-controllers-config.json - - mountPath: /opt/clamp/logback.xml - name: {{ include "common.fullname" . }}-config - subPath: logback.xml - env: - - name: SPRING_APPLICATION_JSON - valueFrom: - configMapKeyRef: - name: {{ template "common.fullname" . }} - key: spring_application_json + subPath: nginx.conf resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -111,10 +99,8 @@ spec: configMap: name: {{ include "common.fullname" . }} items: - - key: sdc-controllers-config.json - path: sdc-controllers-config.json - - key: logback.xml - path: logback.xml + - key: nginx.conf + path: nginx.conf - name: {{ include "common.fullname" . }}-filebeat-conf configMap: name: {{ .Release.Name }}-clamp-filebeat-configmap diff --git a/kubernetes/clamp/templates/service.yaml b/kubernetes/clamp/templates/service.yaml index f1438a46c9..3a08db01d5 100644 --- a/kubernetes/clamp/templates/service.yaml +++ b/kubernetes/clamp/templates/service.yaml @@ -16,7 +16,7 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "common.servicename" . }} + name: {{ .Values.service.name }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -38,3 +38,30 @@ spec: selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name2 }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type2 }} + ports: + {{if eq .Values.service.type2 "NodePort" -}} + - port: {{ .Values.service.internalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.config.portName2 }} + {{- else -}} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.config.portName2 }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }}
\ No newline at end of file diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml index 030460401f..ee89923ed5 100644 --- a/kubernetes/clamp/values.yaml +++ b/kubernetes/clamp/values.yaml @@ -1,5 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2018-2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -30,7 +30,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp:4.1.0 +image: onap/clamp-frontend:4.1.1 pullPolicy: Always # flag to enable debugging - application support required @@ -43,41 +43,7 @@ config: log: logstashServiceName: log-ls logstashPort: 5044 - mysqlPassword: strong_pitchou dataRootDir: /dockerdata-nfs - springApplicationJson: > - { - "spring.datasource.cldsdb.url": "jdbc:mariadb:sequential://clampdb.{{ include "common.namespace" . }}:3306/cldsdb4?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3", - "clamp.config.sdc.catalog.url": "http://sdc-be.{{ include "common.namespace" . }}:8080/sdc/v1/catalog/", - "clamp.config.sdc.hostUrl": "http://sdc-be.{{ include "common.namespace" . }}:8080/", - "clamp.config.sdc.serviceUrl": "http://sdc-be.{{ include "common.namespace" . }}:8080/sdc/v1/catalog/services", - "clamp.config.sdc.serviceUsername": "clamp", - "clamp.config.sdc.servicePassword": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981", - "clamp.config.files.sdcController": "file:/opt/clamp/sdc-controllers-config.json", - "clamp.config.dcae.inventory.url": "https://inventory.{{ include "common.namespace" . }}:8080", - "clamp.config.dcae.dispatcher.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443", - "clamp.config.dcae.deployment.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443", - "clamp.config.dcae.deployment.userName": "none", - "clamp.config.dcae.deployment.password": "none", - "clamp.config.policy.api.url": "https4://policy-api.{{ include "common.namespace" . }}:6969", - "clamp.config.policy.api.userName": "healthcheck", - "clamp.config.policy.api.password": "zb!XztG34", - "clamp.config.policy.pap.url": "https4://policy-pap.{{ include "common.namespace" . }}:6969", - "clamp.config.policy.pap.userName": "healthcheck", - "clamp.config.policy.pap.password": "zb!XztG34", - "clamp.config.policy.pdpUrl1": "https://pdp.{{ include "common.namespace" . }}:8081/pdp/ , testpdp, alpha123", - "clamp.config.policy.pdpUrl2": "https://pdp.{{ include "common.namespace" . }}:8081/pdp/ , testpdp, alpha123", - "clamp.config.policy.papUrl": "https://pap.{{ include "common.namespace" . }}:9091/pap/ , testpap, alpha123", - "clamp.config.policy.clientKey": "dGVzdA==", - "clamp.config.cadi.aafLocateUrl": "https://aaf-locate.{{ include "common.namespace" . }}:8095", - "com.att.eelf.logging.path": "/opt/clamp", - "com.att.eelf.logging.file": "logback.xml" - } - -# subchart configuration -mariadb: - nameOverride: clampdb - # default number of instances replicaCount: 1 @@ -101,14 +67,19 @@ readiness: service: type: NodePort - name: clamp - portName: clamp - internalPort: 8443 - externalPort: 8443 + name: clamp-external + portName: clamp-external + internalPort: 443 nodePort: 58 + # as of 20180904 port 58 is reserved for clamp from log/logdemonode # see https://wiki.onap.org/display/DW/OOM+NodePort+List + type2: ClusterIP + name2: clamp + portName2: clamp-internal + internalPort2: 443 + externalPort2: 8443 ingress: enabled: false @@ -128,15 +99,15 @@ resources: small: limits: cpu: 1 - memory: 1.2Gi + memory: 200Mi requests: cpu: 10m - memory: 800Mi + memory: 50Mi large: limits: cpu: 1 - memory: 1.2Gi + memory: 500Mi requests: cpu: 10m - memory: 800Mi + memory: 50Mi unlimited: {} diff --git a/kubernetes/common/cassandra/resources/exec.py b/kubernetes/common/cassandra/resources/exec.py new file mode 100644 index 0000000000..5b3ae33371 --- /dev/null +++ b/kubernetes/common/cassandra/resources/exec.py @@ -0,0 +1,122 @@ +#!/usr/bin/python +import getopt +import logging +import os +import sys +import time + +from kubernetes import config +from kubernetes.client import Configuration +from kubernetes.client.apis import core_v1_api +from kubernetes.client.rest import ApiException +from kubernetes.stream import stream + +from kubernetes import client + +# extract env variables. +namespace = os.environ['NAMESPACE'] +cert = os.environ['CERT'] +host = os.environ['KUBERNETES_SERVICE_HOST'] +token_path = os.environ['TOKEN'] + +with open(token_path, 'r') as token_file: + token = token_file.read().replace('\n', '') + +# setup logging +log = logging.getLogger(__name__) +handler = logging.StreamHandler(sys.stdout) +handler.setFormatter(logging.Formatter('%(asctime)s - %(levelname)s - %(message)s')) +handler.setLevel(logging.INFO) +log.addHandler(handler) +log.setLevel(logging.INFO) + +configuration = client.Configuration() +configuration.host = "https://" + host +configuration.ssl_ca_cert = cert +configuration.api_key['authorization'] = token +configuration.api_key_prefix['authorization'] = 'Bearer' +configuration.assert_hostname = False +coreV1Api = client.CoreV1Api(client.ApiClient(configuration)) +api_instance = client.CoreV1Api(client.ApiClient(configuration)) + +def run_command( pod_name, command ): + try: + exec_command = [ + '/bin/sh', + '-c', + command] + resp = stream(api_instance.connect_get_namespaced_pod_exec, pod_name, namespace, + command=exec_command, + stderr=True, stdin=False, + stdout=True, tty=False) + except ApiException as e: + print("Exception when calling CoreV1Api->connect_get_namespaced_pod_exec: %s\n" % e) + return False + print(resp) + return True + +def find_pod(container_name,command,pods): + ready = False + try: + response = coreV1Api.list_namespaced_pod(namespace=namespace, watch=False) + for i in response.items: + # container_statuses can be None, which is non-iterable. + if i.status.container_statuses is None: + continue + for s in i.status.container_statuses: + if s.name == container_name: + if pods == True: + print (i.metadata.name) + else: + ready = run_command(i.metadata.name,command) + else: + continue + except Exception as e: + log.error("Exception when calling list_namespaced_pod: %s\n" % e) + + return ready + + +DESCRIPTION = "Kubernetes container readiness check utility" +USAGE = "Usage: ready.py [-t <timeout>] -c <container_name> [-c <container_name> ...]\n" \ + "where\n" \ + "<container_name> - name of the container to wait for\n" + +def main(argv): + pods = False + command = "" + container_name = "" + try: + opts, args = getopt.getopt(argv, "ghp:c:", ["pod-container-name=", "command=", "help","getpods"]) + for opt, arg in opts: + if opt in ("-h", "--help"): + print("%s\n\n%s" % (DESCRIPTION, USAGE)) + sys.exit() + elif opt in ("-p", "--pod-container-name"): + container_name = arg + elif opt in ("-c", "--command"): + command = arg + elif opt in ("-g", "--getpods"): + pods = True + except (getopt.GetoptError, ValueError) as e: + print("Error parsing input parameters: %s\n" % e) + print(USAGE) + sys.exit(2) + if container_name.__len__() == 0: + print("Missing required input parameter(s)\n") + print(USAGE) + sys.exit(2) + + if pods == False: + if command.__len__() == 0: + print("Missing required input parameter(s)\n") + print(USAGE) + sys.exit(2) + ready = find_pod(container_name,command,pods) + if ready == False: + sys.exit(2) + +if __name__ == "__main__": + main(sys.argv[1:]) + + diff --git a/kubernetes/common/cassandra/resources/restore.sh b/kubernetes/common/cassandra/resources/restore.sh new file mode 100644 index 0000000000..b9deb32316 --- /dev/null +++ b/kubernetes/common/cassandra/resources/restore.sh @@ -0,0 +1,119 @@ +#!/bin/bash + +# Initialize variables +ss_dir="" +base_db_dir="" +ss_name="" +ss="snapshots" +me=`basename $0` + +function find_target_table_name() +{ + dest_path=$1 + keyspace_name=$2 + src_table_name=$3 + find_in_dir=$dest_path/$keyspace_name + tname_without_uuid=$(echo $src_table_name | cut -d '-' -f 1) + dest_table_name=$(ls -td -- $find_in_dir/$tname_without_uuid-* | head -n 1 | rev | cut -d'/' -f1 | rev) + printf $dest_table_name +} + +function print_usage() +{ + echo "NAME" + echo " Script to restore Cassandra database from Nuvo/Cain snapshot" + echo "SYNOPSIS" + echo " $me [--help|-h] [--base_db_dir|-b] [--snapshot_dir|-s] [--keyspace|-k] [--tag|-t]" + echo " MUST OPTIONS: base_db_dir, snapshot_dir, keyspace_name" + echo "DESCRIPTION" + echo " --base_db_dir, -b" + echo " Location of running Cassandra database" + echo " --snapshot_dir, -s" + echo " Snapshot location of Cassandra database taken by Nuvo/Cain" + echo " --keyspace, -k" + echo " Name of the keyspace to restore" + echo "EXAMPLE" + echo " $me -b /var/lib/cassandra/data -s /root/data.ss -k DISCOVERY_SERVER -t 1234567" + exit +} +if [ $# -eq 0 ] +then + print_usage +fi + +while [[ $# -gt 0 ]] +do +key="$1" +shift + +case $key in + -h|--help) + print_usage + ;; + -b|--base_db_dir) + base_db_dir="$1" + shift + ;; + -s|--snapshot_dir) + ss_dir="$1" + shift + ;; + -k|--keyspace) + keyspace_name="$1" + ;; + -t|--tag) + tag_name="$1" + ;; + --default) + DEFAULT=YES + shift + ;; + *) + # unknown option + ;; +esac +done + +# Validate inputs +if [ "$base_db_dir" == "" ] || [ "$ss_dir" == "" ] || [ "$keyspace_name" == "" ] +then + echo "" + echo ">>>>>>>>>>Not all inputs provided, please check usage >>>>>>>>>>" + echo "" + print_usage +fi + +# Remove commit logs from current data dir +#/var/lib/cassandra/commitlog/CommitLog*.log +find $base_db_dir/../ -name "CommitLog*.log" -delete + +# Remove *.db from current data dir excluding skipped keyspaces +find $base_db_dir/$keyspace_name -name "*.db" -delete + +# Copy snapshots to data dir +echo "----------db files in snapshots--------------" +dirs_to_be_restored=`ls $ss_dir` +for i in ${dirs_to_be_restored} +do + src_path=$ss_dir/$i/snapshots/$tag_name + # Find the destination + table_name=$i + dest_table=$(find_target_table_name $base_db_dir $keyspace_name $table_name) + dest_path=$base_db_dir/$keyspace_name/$dest_table + # Create keyspace/table directory if not exists + #if [ ! -d "$dest_path" ]; then + # mkdir -p $dest_path + #fi + db_files=$(ls $src_path/*.db 2> /dev/null | wc -l) + if [ $db_files -ne 0 ] + then + cp $src_path/*.db $dest_path + if [ $? -ne 0 ] + then + echo "=====ERROR: Unable to restore $src_path/*.db to $dest_path=====" + exit 1 + fi + echo "=======check $dest_path ===============" + ls $dest_path + fi +done diff --git a/kubernetes/common/cassandra/templates/backup/configmap.yaml b/kubernetes/common/cassandra/templates/backup/configmap.yaml new file mode 100644 index 0000000000..e9e1012811 --- /dev/null +++ b/kubernetes/common/cassandra/templates/backup/configmap.yaml @@ -0,0 +1,30 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{- if .Values.backup.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/restore.sh").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/exec.py").AsConfig . | indent 2 }} +{{- end -}} diff --git a/kubernetes/common/cassandra/templates/backup/cronjob.yaml b/kubernetes/common/cassandra/templates/backup/cronjob.yaml new file mode 100644 index 0000000000..630ac43ba3 --- /dev/null +++ b/kubernetes/common/cassandra/templates/backup/cronjob.yaml @@ -0,0 +1,242 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{- if .Values.backup.enabled }} +apiVersion: batch/v1beta1 +kind: CronJob +metadata: + name: {{ include "common.fullname" . }}-backup + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + schedule: {{ .Values.backup.cron | quote }} + concurrencyPolicy: Forbid + startingDeadlineSeconds: 120 + jobTemplate: + spec: + template: + spec: + restartPolicy: Never + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - {{ include "common.name" . }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + - name: "cassandra-backup-init" + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /bin/bash + - -c + - | + clearSnapshot(){ + curr_time=$1 + echo "Clearing snapshots!!!" + command="nodetool clearsnapshot -t $curr_time" + /root/exec.py -p "cassandra" -c "$command" + } + {{ $root := . }} + curr_time=`date +%s` + pids="" + set -x + + echo "Copying data" + {{ range $i, $e := until (int .Values.replicaCount) }} + target_dir=/backup/temp/cassandra-{{ $i }} + mkdir -p $target_dir + cp -Ra /onap-data/cassandra-{{ $i }}/data/ $target_dir/ + {{- end }} + + echo "Executing cleanup!!" + command="nodetool cleanup" + /root/exec.py -p "cassandra" -c "$command" + echo "Cleaned Node!! Backing up database now!!!" + + command="nodetool snapshot -t $curr_time" + /root/exec.py -p "cassandra" -c "$command" + retCode=$? + if [ $retCode -ne 0 ]; then + echo "Backup Failed!!!" + rm -rf /backup/temp + clearSnapshot $curr_time + echo "Failed" > /backup/backup.log + exit 0 + fi + + backup_dir=/backup/temp + {{ range $i, $e := until (int .Values.replicaCount) }} + for d in $backup_dir/cassandra-{{ $i }}/data/*/ ; do + d=$(echo $d | sed 's:/*$::') + keyspace_name=$(echo "$d" | awk -F/ '{ print $NF }') + if [ 1 ] {{- range $t, $keyspace := $root.Values.backup.keyspacesToSkip }} && [ "{{ $keyspace.name }}" != "$keyspace_name" ] {{- end }}; then + /root/restore.sh -b $backup_dir/cassandra-{{ $i }}/data -s /onap-data/cassandra-{{ $i }}/data/$keyspace_name -k $keyspace_name -t $curr_time & + pids="$pids $!" + fi + done + {{- end }} + + for p in $pids; do + wait $p + if [ $? -ne 0 ]; then + rm -rf /backup/temp + echo "Creation of Backup Failed!!!" + clearSnapshot $curr_time + echo "Failed" > /backup/backup.log + exit 0 + fi + done + + clearSnapshot $curr_time + + exit_code=$? + if [ $exit_code -ne 0 ]; then + rm -rf /backup/temp + echo "Backup Failed!!!" + echo "Failed" > /backup/backup.log + exit 0 + fi + + mv /backup/temp /backup/backup-${curr_time} + echo "Success" > /backup/backup.log + echo "Cassandra Backup Succeeded" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /onap-data + name: data-dir + - mountPath: /backup + name: backup-dir + - name: scripts + mountPath: /root/restore.sh + subPath: restore.sh + - name: scripts + mountPath: /root/exec.py + subPath: exec.py + containers: + - name: cassandra-backup-validate + image: "{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /bin/bash + - -c + - | + remove_dir(){ + dirToRemove=$1 + rm -rf $dirToRemove + } + + backup_result=`cat /backup/backup.log` + rm -rf /backup/backup.log + + if [ "$backup_result" == "Failed" ]; then + echo "Backup Failed!!! So Validation Failed!!!"; + exit 0 + fi + + target_dir=$(ls -td -- /backup/*/ | head -n 1) + chown -R cassandra.cassandra $target_dir + {{- $root := . -}} + {{ range $i, $e := until (int .Values.replicaCount) }} + dbSize=$(du -ks $target_dir/cassandra-{{ $i }}/data|awk -F " " '{ printf $1 }') + minDbSize={{ (int $root.Values.backup.dbSize) }} + if [ $dbSize -lt $minDbSize ]; then + remove_dir $target_dir + echo "Validation Failed!!! dbSize ($dbSize) is less than minimum size (1)!!!" + exit 0 + fi + rm -rf /var/lib/cassandra/* + cp -Ra $target_dir/cassandra-{{ $i }}/data /var/lib/cassandra + export CASSANDRA_LISTEN_ADDRESS="127.0.0.1" + /docker-entrypoint.sh -Dcassandra.ignore_dc=true -Dcassandra.ignore_rack=true & + CASS_PID=$! + sleep 45 + + for d in $target_dir/cassandra-{{ $i }}/data/*/; do + d=$(echo $d | sed 's:/*$::') + keyspace_name=$(echo "$d" | awk -F/ '{ print $NF }') + if [ 1 ] {{- range $t, $keyspace := $root.Values.backup.keyspacesToSkip }} && [ "{{ $keyspace.name }}" != "$keyspace_name" ] {{- end }}; then + echo "Verifying the data for $keyspace_name " + nodetool verify -e $keyspace_name + ret=$? + if [ $ret -ne 0 ]; then + remove_dir $target_dir + echo "Validation Failed!!!" + exit 0 + fi + fi + done + kill -9 $CASS_PID + {{- end }} + echo "Validation Successful!!!" + cd /backup + totalFiles=`ls -t | grep "backup-" | wc -l` + if [ $totalFiles -gt {{ .Values.backup.retentionPeriod }} ]; then + filestoDelete=`expr $totalFiles - {{ .Values.backup.retentionPeriod }}` + ls -tr | grep backup | head -$filestoDelete | xargs rm -rf + fi + env: + - name: CASSANDRA_CLUSTER_NAME + value: {{ .Values.config.clusterName }} + - name: MAX_HEAP_SIZE + value: {{ .Values.config.heap.max }} + - name: HEAP_NEWSIZE + value: {{ .Values.config.heap.min }} + - name: HOST_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + volumeMounts: + - name: backup-dir + mountPath: /backup + - name: localtime + mountPath: /etc/localtime + readOnly: true + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: scripts + configMap: + name: {{ include "common.fullname" $ }}-configmap + defaultMode: 0755 + - name: data-dir + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-db-data + - name: backup-dir + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-backup-data +{{- end -}} + diff --git a/kubernetes/common/cassandra/templates/backup/pv.yaml b/kubernetes/common/cassandra/templates/backup/pv.yaml new file mode 100644 index 0000000000..332dc95e05 --- /dev/null +++ b/kubernetes/common/cassandra/templates/backup/pv.yaml @@ -0,0 +1,57 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{- if .Values.backup.enabled }} +{{ if .Values.persistence.enabled }} +apiVersion: v1 +kind: PersistentVolume +metadata: + name: {{ include "common.fullname" . }}-db-data + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }}-db-data +spec: + capacity: + storage: {{ .Values.persistence.size }} + accessModes: + - {{ .Values.persistence.accessMode }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: {{ include "common.fullname" . }}-backup-data + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }}-backup-data +spec: + capacity: + storage: {{ .Values.persistence.size }} + accessModes: + - {{ .Values.persistence.accessMode }} + hostPath: + path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" $ }}/{{ include "common.fullname" $ }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} +{{ end }} +{{- end -}} + diff --git a/kubernetes/common/cassandra/templates/backup/pvc.yaml b/kubernetes/common/cassandra/templates/backup/pvc.yaml new file mode 100644 index 0000000000..1f848c3315 --- /dev/null +++ b/kubernetes/common/cassandra/templates/backup/pvc.yaml @@ -0,0 +1,80 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{- if .Values.backup.enabled }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-db-data + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-backup + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }}-db-data + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +--- +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-backup-data + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-backup + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }}-backup-data + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} +{{- end -}} diff --git a/kubernetes/common/cassandra/values.yaml b/kubernetes/common/cassandra/values.yaml index f5fe589309..f078bd17ce 100644 --- a/kubernetes/common/cassandra/values.yaml +++ b/kubernetes/common/cassandra/values.yaml @@ -17,7 +17,13 @@ # Declare variables to be passed into your templates. global: # global defaults nodePortPrefix: 302 - + persistence: + mountPath: /dockerdata-nfs + backup: + mountPath: /dockerdata-nfs/backup + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.2 # application image repository: nexus3.onap.org:10001 @@ -115,6 +121,8 @@ persistence: mountSubPath: cassandra storageType: local storageClass: "" + backup: + mountPath: /dockerdata-nfs/backup configOverrides: {} @@ -136,3 +144,12 @@ resources: {} # requests: # cpu: 2 # memory: 4Gi +backup: + enabled: false + cron: "00 00 * * *" + retentionPeriod: 3 + dbSize: 1 + keyspacesToSkip: + - name: system_traces + - name: system_auth + - name: system_distributed diff --git a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml new file mode 100644 index 0000000000..7d3ec75c00 --- /dev/null +++ b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml @@ -0,0 +1,178 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{- if .Values.backup.enabled }} +apiVersion: batch/v1beta1 +kind: CronJob +metadata: + name: {{ include "common.fullname" . }}-backup + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + schedule: {{ .Values.backup.cron | quote }} + concurrencyPolicy: Forbid + startingDeadlineSeconds: 120 + jobTemplate: + spec: + template: + spec: + restartPolicy: Never + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - {{ include "common.name" . }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + - name: mariadb-galera-backup-init + image: "{{ include "common.repository" . }}/{{ .Values.backupImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /bin/bash + - -c + - | + remove_dir(){ + dirToRemove=$1 + rm -rf $dirToRemove + echo "Failed" > /backup/backup.log + echo "Backup failed!!!" + } + + target_dir=/backup/backup-`date +%s` + mkdir -p $target_dir + + mysqlhost={{ include "common.fullname" . }}-{{ sub .Values.replicaCount 1 }}.{{ .Values.service.name }} + + mariabackup --backup --target-dir=$target_dir --user=root --password=$DB_PASS --host=$mysqlhost + + ret_code=$? + if [ $ret_code -ne 0 ]; then + remove_dir $target_dir + exit 0 + fi + + echo "Starting Backup Preparation!!!" + mariabackup --prepare --target-dir=$target_dir + ret_code=$? + if [ $ret_code -ne 0 ]; then + remove_dir $target_dir + exit 0 + fi + echo "Success" > /backup/backup.log + echo "Backup Successful!!!" + env: + - name: DB_PASS + valueFrom: + secretKeyRef: + name: {{ include "common.fullname" . }} + key: db-root-password + volumeMounts: + - name: backup-data + mountPath: /backup + - name: db-data + mountPath: /var/lib/mysql + containers: + - name: mariadb-backup-validate + image: "{{ include "common.repository" . }}/{{ .Values.backupImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "common.fullname" . }} + key: db-root-password + command: + - /bin/bash + - -c + - | + remove_dir(){ + dirToRemove=$1 + rm -rf $dirToRemove + echo "Validation Failed!!!"; + } + + backup_result=`cat /backup/backup.log` + rm -rf /backup/backup.log + + if [ "$backup_result" == "Failed" ]; then + echo "Backup Failed!!! So Validation Failed!!!"; + exit 0 + fi + + target_dir=$(ls -td -- /backup/backup-* | head -n 1) + cp -Ra $target_dir/* /var/lib/mysql/ + + if [ ! "$(ls -A /var/lib/mysql)" ]; then + remove_dir $target_dir + exit 0 + fi + + /docker-entrypoint.sh mysqld & + + count=0 + until mysql --user=root --password=$MYSQL_ROOT_PASSWORD -e "SELECT 1"; + do sleep 3; + count=`expr $count + 1`; + if [ $count -ge 30 ]; then + remove_dir $target_dir + exit 0; + fi; + done + + mysqlcheck -A --user=root --password=$MYSQL_ROOT_PASSWORD > /tmp/output.log + error_lines=`cat /tmp/output.log| grep -v "OK" | wc -l` + + cat /tmp/output.log + + if [ $error_lines -gt 1 ];then + remove_dir $target_dir + else + echo "Validation successful!!!" + cd /backup + totalFiles=`ls -t | grep "backup-" | wc -l` + if [ $totalFiles -gt {{ .Values.backup.retentionPeriod }} ]; then + filestoDelete=`expr $totalFiles - {{ .Values.backup.retentionPeriod }}` + ls -tr | grep backup | head -$filestoDelete | xargs rm -rf + fi + fi + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: backup-data + mountPath: /backup + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: db-data + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-db-data + - name: backup-data + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-backup +{{- end }} diff --git a/kubernetes/common/mariadb-galera/templates/backup/pv.yaml b/kubernetes/common/mariadb-galera/templates/backup/pv.yaml new file mode 100644 index 0000000000..2972191563 --- /dev/null +++ b/kubernetes/common/mariadb-galera/templates/backup/pv.yaml @@ -0,0 +1,59 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{- if .Values.backup.enabled }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-backup + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-backup +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" . }}/{{include "common.name" . }} +--- +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-db-data + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-db-data +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}{{ sub .Values.replicaCount 1 }} +{{- end -}} +{{- end -}} + diff --git a/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml b/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml new file mode 100644 index 0000000000..a983c8af98 --- /dev/null +++ b/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml @@ -0,0 +1,81 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{- if .Values.backup.enabled }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-backup + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-backup + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }}-backup + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +--- +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-db-data + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-db-data + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }}-db-data + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} +{{- end -}} + diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index 6b1e186e8b..a662b1e04a 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -17,9 +17,16 @@ ################################################################# global: nodePortPrefix: 302 - persistence: {} + persistence: + mountPath: /dockerdata-nfs + backup: + mountPath: /dockerdata-nfs/backup + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.2 + ################################################################# # Application configuration defaults. @@ -28,6 +35,7 @@ global: #repository: mysql repository: nexus3.onap.org:10001 image: adfinissygroup/k8s-mariadb-galera-centos:v002 +backupImage: library/mariadb:10.1.38 imageInit: busybox pullPolicy: IfNotPresent @@ -82,6 +90,8 @@ persistence: mountPath: /dockerdata-nfs mountSubPath: "mariadb-galera/data" mysqlPath: /var/lib/mysql + backup: + mountPath: /dockerdata-nfs/backup service: internalPort: 3306 @@ -139,3 +149,8 @@ nameOverride: mariadb-galera # DNS name for mariadb-galera cluster - should be unique accross all projects other clusters #dnsnameOverride: mariadb-galera + +backup: + enabled: false + cron: "00 00 * * *" + retentionPeriod: 3 diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/job.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/job.yaml new file mode 100644 index 0000000000..bd0ea517f6 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/job.yaml @@ -0,0 +1,42 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-cleanup + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": hook-succeeded,hook-failed +spec: + template: + metadata: + name: {{ include "common.fullname" . }}-cleanup + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + restartPolicy: Never + containers: + - name: dcae-cleanup + image: {{ include "common.repository" . }}/{{ .Values.cleanupImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml index 70504efd75..d8db056f96 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml @@ -53,6 +53,9 @@ multisiteConfigMapName: multisite-kubeconfig-configmap # image for init container to initialize shared ConfigMap multisiteInitImage: onap/org.onap.dcaegen2.deployments.multisite-init-container:1.0.0 +# image for cleanup job container +cleanupImage: onap/org.onap.dcaegen2.deployments.dcae-k8s-cleanup-container:1.0.0 + # probe configuration parameters liveness: initialDelaySeconds: 10 diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml index 5496aee2cb..c3e63fb968 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml @@ -104,25 +104,17 @@ spec: value: "/opt/tls/cert.pem" - name: HTTPS_KEY_PATH value: "/opt/tls/key.pem" - - name: TRUST_STORE_PATH - value: "/opt/app/prh/etc/cert/trust.jks" - - name: TRUST_STORE_PASS_PATH - value: "/opt/app/prh/etc/cert/trust.pass" - - name: KEY_STORE_PATH - value: "/opt/app/prh/etc/cert/key.p12" - - name: KEY_STORE_PASS_PATH - value: "/opt/app/prh/etc/cert/key.pass" - - name: {{ include "common.name" . }}-filebeat-onap + - name: {{ include "common.name" . }}-fb-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - - name: {{ include "common.fullname" . }}-filebeat-conf + - name: {{ include "common.fullname" . }}-fb-conf mountPath: /usr/share/filebeat/filebeat.yml subPath: filebeat.yml - - name: {{ include "common.fullname" . }}-data-filebeat + - name: {{ include "common.fullname" . }}-data-fb mountPath: /usr/share/filebeat/data - name: {{ include "common.fullname" . }}-logs - mountPath: /var/log/onap + mountPath: /var/log/onap/config-binding-service {{ end }} {{- if .Values.service.insecure.enabled }} - name: {{ include "common.name" . }}-insecure @@ -149,29 +141,29 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: - - name: {{ include "common.fullname" . }}-logs-insecure + - name: {{ include "common.fullname" . }}-logs-i mountPath: /opt/logs env: - name: CONSUL_HOST value: consul.{{ include "common.namespace" . }} - - name: {{ include "common.name" . }}-filebeat-onap-insecure + - name: {{ include "common.name" . }}-fb-onap-i image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - - name: {{ include "common.fullname" . }}-filebeat-conf + - name: {{ include "common.fullname" . }}-fb-conf mountPath: /usr/share/filebeat/filebeat.yml subPath: filebeat.yml - - name: {{ include "common.fullname" . }}-data-filebeat-insecure + - name: {{ include "common.fullname" . }}-data-fb-i mountPath: /usr/share/filebeat/data - - name: {{ include "common.fullname" . }}-logs-insecure - mountPath: /var/log/onap + - name: {{ include "common.fullname" . }}-logs-i + mountPath: /var/log/onap/config-binding-service {{ end }} volumes: - - name: {{ include "common.fullname" . }}-filebeat-conf + - name: {{ include "common.fullname" . }}-fb-conf configMap: name: {{ .Release.Name }}-cbs-filebeat-configmap {{- if .Values.service.secure.enabled }} - - name: {{ include "common.fullname" . }}-data-filebeat + - name: {{ include "common.fullname" . }}-data-fb emptyDir: {} - name: {{ include "common.fullname" . }}-logs emptyDir: {} @@ -179,9 +171,9 @@ spec: emptyDir: {} {{ end }} {{- if .Values.service.insecure.enabled }} - - name: {{ include "common.fullname" . }}-data-filebeat-insecure + - name: {{ include "common.fullname" . }}-data-fb-i emptyDir: {} - - name: {{ include "common.fullname" . }}-logs-insecure + - name: {{ include "common.fullname" . }}-logs-i emptyDir: {} {{ end }} diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml index c7db0d5518..8cff544d93 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml @@ -45,7 +45,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.configbinding:2.5.1 +image: onap/org.onap.dcaegen2.platform.configbinding:2.5.2 pullPolicy: Always # probe configuration parameters diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/deployment.yaml index a6b87bf3eb..8c1c8741aa 100644 --- a/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/deployment.yaml +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/deployment.yaml @@ -131,7 +131,7 @@ spec: imagePullPolicy: IfNotPresent resources: {} volumeMounts: - - mountPath: /var/log/onap/deployment-handler + - mountPath: /var/log/onap/policy-handler name: component-log - mountPath: /usr/share/filebeat/data name: filebeat-data diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index 872482b3d6..b5e459b6b9 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -24,7 +24,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-node:2.1.1 +image: onap/dmaap/datarouter-node:2.1.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index aca2c83adb..195bcb47be 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -23,7 +23,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-prov:2.1.1 +image: onap/dmaap/datarouter-prov:2.1.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/modeling/charts/modeling-genericparser/values.yaml b/kubernetes/modeling/charts/modeling-genericparser/values.yaml index 37f4c427ba..467d7315b5 100644 --- a/kubernetes/modeling/charts/modeling-genericparser/values.yaml +++ b/kubernetes/modeling/charts/modeling-genericparser/values.yaml @@ -76,7 +76,7 @@ persistence: ## GKE, AWS & OpenStack) ## # storageClass: "-" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 2Gi mountPath: /dockerdata-nfs mountSubPath: modeling/genericparser diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index aef2e599fa..494cf7372d 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -28,7 +28,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/externalapi/nbi:5.0.0 +image: onap/externalapi/nbi:5.0.1 pullPolicy: Always sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU= aai_authorization: Basic QUFJOkFBSQ== diff --git a/kubernetes/onap/Chart.yaml b/kubernetes/onap/Chart.yaml index fa2ed65617..640efa6719 100644 --- a/kubernetes/onap/Chart.yaml +++ b/kubernetes/onap/Chart.yaml @@ -21,3 +21,4 @@ home: https://www.onap.org/ sources: - https://gerrit.onap.org/r/#/admin/projects/ icon: https://wiki.onap.org/download/thumbnails/1015829/onap_704x271%20copy.png?version=1&modificationDate=1488326334000&api=v2 +kubeVersion: ">=1.11.5-0" diff --git a/kubernetes/onap/requirements.yaml b/kubernetes/onap/requirements.yaml index 1d1dd8b7a5..8b186c01d6 100755 --- a/kubernetes/onap/requirements.yaml +++ b/kubernetes/onap/requirements.yaml @@ -33,6 +33,10 @@ dependencies: version: ~5.x-0 repository: '@local' condition: cassandra.enabled + - name: cds + version: ~5.x-0 + repository: '@local' + condition: cds.enabled - name: clamp version: ~5.x-0 repository: '@local' diff --git a/kubernetes/onap/resources/overrides/onap-all.yaml b/kubernetes/onap/resources/overrides/onap-all.yaml index 04fbc97f54..c93f2c44f7 100644 --- a/kubernetes/onap/resources/overrides/onap-all.yaml +++ b/kubernetes/onap/resources/overrides/onap-all.yaml @@ -26,6 +26,8 @@ aai: enabled: true appc: enabled: true +cds: + enabled: true clamp: enabled: true cli: diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index c0095049b5..672ae2ef9e 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -77,6 +77,8 @@ appc: openStackEncryptedPassword: admin cassandra: enabled: false +cds: + enabled: false clamp: enabled: false cli: diff --git a/kubernetes/portal/charts/portal-app/templates/deployment.yaml b/kubernetes/portal/charts/portal-app/templates/deployment.yaml index 5503328df4..dc27fdb6db 100644 --- a/kubernetes/portal/charts/portal-app/templates/deployment.yaml +++ b/kubernetes/portal/charts/portal-app/templates/deployment.yaml @@ -55,6 +55,8 @@ spec: - "" - -n - "" + - -b + - "{{ .Values.global.env.tomcatDir }}" env: - name: CATALINA_OPTS value: > diff --git a/kubernetes/portal/charts/portal-cassandra/values.yaml b/kubernetes/portal/charts/portal-cassandra/values.yaml index c46ca4238c..e08f59b971 100644 --- a/kubernetes/portal/charts/portal-cassandra/values.yaml +++ b/kubernetes/portal/charts/portal-cassandra/values.yaml @@ -69,7 +69,7 @@ persistence: ## GKE, AWS & OpenStack) ## # storageClass: "-" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 2Gi mountPath: /dockerdata-nfs mountSubPath: portal/cassandra/data diff --git a/kubernetes/portal/charts/portal-mariadb/values.yaml b/kubernetes/portal/charts/portal-mariadb/values.yaml index e00f0fcebb..8869b94467 100644 --- a/kubernetes/portal/charts/portal-mariadb/values.yaml +++ b/kubernetes/portal/charts/portal-mariadb/values.yaml @@ -111,7 +111,7 @@ persistence: ## GKE, AWS & OpenStack) ## # storageClass: "-" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 2Gi mountPath: /dockerdata-nfs mountSubPath: portal/mariadb/data diff --git a/kubernetes/portal/values.yaml b/kubernetes/portal/values.yaml index f8eccf7b27..9dbdd7cfd9 100644 --- a/kubernetes/portal/values.yaml +++ b/kubernetes/portal/values.yaml @@ -15,7 +15,7 @@ global: env: - tomcatDir: "/opt/apache-tomcat-8.0.37" + tomcatDir: "/usr/local/tomcat" # portal frontend port portalPort: "8989" portalFEPort: "30225" diff --git a/kubernetes/robot b/kubernetes/robot -Subproject b6b5b0e6f8880e3a922a2fef97e95e501347522 +Subproject db5b5ffbd1e2281664a42ea128cde83f3dd6c8f diff --git a/kubernetes/sdc/charts/sdc-be/values.yaml b/kubernetes/sdc/charts/sdc-be/values.yaml index b20288072b..928252d334 100644 --- a/kubernetes/sdc/charts/sdc-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-be/values.yaml @@ -36,7 +36,7 @@ pullPolicy: Always debugEnabled: false config: - javaOptions: "-Xdebug -agentlib:jdwp=transport=dt_socket,address=4000,server=y,suspend=n -Xmx1536m -Xms1536m" + javaOptions: "-Xmx1536m -Xms1536m" cassandraSslEnabled: "false" # default number of instances diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index 2df38b74e7..0cde728e67 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -103,7 +103,7 @@ config: # dependency / sub-chart configuration cds: - enabled: true + enabled: false dmaap-listener: nameOverride: sdnc-dmaap-listener diff --git a/kubernetes/vid/values.yaml b/kubernetes/vid/values.yaml index 6d365a4493..c74f4177c9 100644 --- a/kubernetes/vid/values.yaml +++ b/kubernetes/vid/values.yaml @@ -27,7 +27,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/vid:5.0.1 +image: onap/vid:5.0.2 pullPolicy: Always # mariadb image for initializing |