diff options
Diffstat (limited to 'kubernetes')
117 files changed, 742 insertions, 3954 deletions
diff --git a/kubernetes/README.md b/kubernetes/README.md index 696ede70c0..46636b9385 100644 --- a/kubernetes/README.md +++ b/kubernetes/README.md @@ -54,7 +54,6 @@ Step 5. Display the charts that are available to be deployed: ``` > helm search -l NAME VERSION DESCRIPTION -local/appc 2.0.0 Application Controller local/clamp 2.0.0 ONAP Clamp local/onap 2.0.0 Open Network Automation Platform (ONAP) local/robot 2.0.0 A helm Chart for kubernetes-ONAP Robot diff --git a/kubernetes/aai/components/aai-graphadmin/resources/config/realm.properties b/kubernetes/aai/components/aai-graphadmin/resources/config/realm.properties index ccd9864fb6..4955abd917 100644 --- a/kubernetes/aai/components/aai-graphadmin/resources/config/realm.properties +++ b/kubernetes/aai/components/aai-graphadmin/resources/config/realm.properties @@ -27,7 +27,6 @@ DCAE:OBF:1g8u1f9d1f991g8w,admin POLICY:OBF:1mk61i171ima1im41i0j1mko,admin ASDC:OBF:1f991j0u1j001f9d,admin VID:OBF:1jm91i0v1jl9,admin -APPC:OBF:1f991ksf1ksf1f9d,admin ModelLoader:OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw,admin AaiUI:OBF:1gfr1p571unz1p4j1gg7,admin OOF:OBF:1img1ke71ily,admin @@ -38,7 +37,6 @@ dcae@dcae.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin policy@policy.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin diff --git a/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties b/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties index bc53b4b764..a3e27f5517 100644 --- a/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties +++ b/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties @@ -30,12 +30,14 @@ ml.distribution.KEYSTORE_PASSWORD= ml.distribution.KEYSTORE_FILE= ml.distribution.PASSWORD=OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp {{ end }} -ml.distribution.CONSUMER_GROUP={{ .Values.config.kafka.sdcTopic.consumerGroup }} -ml.distribution.CONSUMER_ID={{ .Values.config.kafka.sdcTopic.clientId }} +{{- with (first .Values.kafkaUser.acls) }} +ml.distribution.CONSUMER_GROUP={{ .name }} +ml.distribution.CONSUMER_ID={{ .name }}-model-loader ml.distribution.ENVIRONMENT_NAME=AUTO ml.distribution.POLLING_INTERVAL=30 ml.distribution.POLLING_TIMEOUT=20 -ml.distribution.USER=aai +ml.distribution.USER={{ .name }} +{{- end }} ml.distribution.ARTIFACT_TYPES=MODEL_QUERY_SPEC,TOSCA_CSAR # Model Loader AAI REST Client Configuration diff --git a/kubernetes/aai/components/aai-modelloader/templates/aai-sdc-list-kafka-user.yaml b/kubernetes/aai/components/aai-modelloader/templates/aai-sdc-list-kafka-user.yaml deleted file mode 100644 index d7e37e215a..0000000000 --- a/kubernetes/aai/components/aai-modelloader/templates/aai-sdc-list-kafka-user.yaml +++ /dev/null @@ -1,37 +0,0 @@ -{{/* - # Copyright © 2022 Nordix Foundation - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - */}} - -apiVersion: kafka.strimzi.io/v1beta2 -kind: KafkaUser -metadata: - name: {{ include "common.release" . }}-{{ .Values.global.aaiSdcListenerKafkaUser }} - labels: - strimzi.io/cluster: {{ include "common.release" . }}-strimzi -spec: - authentication: - type: {{ .Values.config.kafka.saslMechanism | lower }} - authorization: - type: {{ .Values.config.kafka.authType }} - acls: - - resource: - type: group - name: {{ .Values.config.kafka.sdcTopic.consumerGroup }} - operation: All - - resource: - type: topic - patternType: prefix - name: {{ .Values.config.kafka.sdcTopic.pattern }} - operation: All diff --git a/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml b/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml index d3136d8dda..bab0e0cc8f 100644 --- a/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml @@ -102,12 +102,11 @@ spec: env: - name: CONFIG_HOME value: /opt/app/model-loader/config/ - - name: SECURITY_PROTOCOL - value: {{ .Values.config.kafka.securityProtocol }} - - name: SASL_MECHANISM - value: {{ .Values.config.kafka.saslMechanism }} - name: SASL_JAAS_CONFIG - value: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-sdc-kafka-secret" "key" "sasl.jaas.config") | indent 10 }} + valueFrom: + secretKeyRef: + name: {{ include "common.name" . }}-ku + key: sasl.jaas.config volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/health_check.sh b/kubernetes/aai/components/aai-modelloader/templates/kafkauser.yaml index 424074aa8c..324a068cf0 100755..100644 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/health_check.sh +++ b/kubernetes/aai/components/aai-modelloader/templates/kafkauser.yaml @@ -1,7 +1,5 @@ -#!/bin/sh -x - {{/* -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# Copyright © 2022-23 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,16 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -waiting_bundles=$(/opt/opendaylight/current/bin/client bundle:list | grep Waiting | wc -l) -run_level=$(/opt/opendaylight/current/bin/client system:start-level) - - if [ "$run_level" = "Level 100" ] && [ "$waiting_bundles" -lt "1" ] - then - echo APPC is healthy. - else - echo APPC is not healthy. - exit 1 - fi - -exit 0 +{{ include "common.kafkauser" . }} diff --git a/kubernetes/aai/components/aai-modelloader/templates/secret.yaml b/kubernetes/aai/components/aai-modelloader/templates/secret.yaml index 70b0857938..d6013c832e 100644 --- a/kubernetes/aai/components/aai-modelloader/templates/secret.yaml +++ b/kubernetes/aai/components/aai-modelloader/templates/secret.yaml @@ -27,5 +27,3 @@ metadata: type: Opaque data: {{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }} ---- -{{ include "common.secretFast" . }}
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-modelloader/values.yaml b/kubernetes/aai/components/aai-modelloader/values.yaml index 09bb32dd43..825ef06cf1 100644 --- a/kubernetes/aai/components/aai-modelloader/values.yaml +++ b/kubernetes/aai/components/aai-modelloader/values.yaml @@ -18,18 +18,6 @@ # Declare variables to be passed into your templates. global: # global defaults nodePortPrefix: 302 - aaiSdcListenerKafkaUser: aai-sdc-list-user -################################################################# -# Secrets metaconfig -################################################################# -secrets: - - uid: aai-sdc-kafka-secret - externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' - type: genericKV - envs: - - name: sasl.jaas.config - value: '{{ .Values.config.someConfig }}' - policy: generate ################################################################# # Certificate configuration @@ -74,17 +62,16 @@ restartPolicy: Always flavor: small flavorOverride: small -# application configuration -config: - someConfig: blah - kafka: - securityProtocol: SASL_PLAINTEXT - saslMechanism: SCRAM-SHA-512 - authType: simple - sdcTopic: - pattern: SDC-DIST - consumerGroup: aai - clientId: aai-model-loader +# Strimzi KafkaUser config +kafkaUser: + acls: + - name: aai + type: group + operations: [Read] + - name: SDC-DISTR + type: topic + patternType: prefix + operations: [Read, Write] # default number of instances replicaCount: 1 diff --git a/kubernetes/aai/components/aai-resources/resources/config/aaf/bath_config.csv b/kubernetes/aai/components/aai-resources/resources/config/aaf/bath_config.csv index 60a8fb5f0b..5019084560 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/aaf/bath_config.csv +++ b/kubernetes/aai/components/aai-resources/resources/config/aaf/bath_config.csv @@ -25,9 +25,6 @@ Basic QVNEQzpBU0RD,Basic c2RjQHNkYy5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 # VID -> vid@vid.onap.org Basic VklEOlZJRA==,Basic dmlkQHZpZC5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 -# APPC -> appc@appc.onap.org -Basic QVBQQzpBUFBD,Basic YXBwY0BhcHBjLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03 - # OOF -> oof@oof.onap.org Basic T09GOk9PRg==,Basic b29mQG9vZi5vbmFwLm9yZzpkZW1vMTIzNDQ2IQ==,2050-03-03 diff --git a/kubernetes/aai/components/aai-resources/resources/config/realm.properties b/kubernetes/aai/components/aai-resources/resources/config/realm.properties index 9fbd122492..89a9c46382 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/realm.properties +++ b/kubernetes/aai/components/aai-resources/resources/config/realm.properties @@ -22,7 +22,6 @@ DCAE:OBF:1g8u1f9d1f991g8w,admin POLICY:OBF:1mk61i171ima1im41i0j1mko,admin ASDC:OBF:1f991j0u1j001f9d,admin VID:OBF:1jm91i0v1jl9,admin -APPC:OBF:1f991ksf1ksf1f9d,admin ModelLoader:OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw,admin AaiUI:OBF:1gfr1p571unz1p4j1gg7,admin OOF:OBF:1img1ke71ily,admin @@ -33,7 +32,6 @@ dcae@dcae.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin policy@policy.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin diff --git a/kubernetes/aai/components/aai-schema-service/config/realm.properties b/kubernetes/aai/components/aai-schema-service/config/realm.properties index 7c8539dbe7..b5009c36b5 100644 --- a/kubernetes/aai/components/aai-schema-service/config/realm.properties +++ b/kubernetes/aai/components/aai-schema-service/config/realm.properties @@ -5,7 +5,6 @@ DCAE:OBF:1g8u1f9d1f991g8w,admin POLICY:OBF:1mk61i171ima1im41i0j1mko,admin ASDC:OBF:1f991j0u1j001f9d,admin VID:OBF:1jm91i0v1jl9,admin -APPC:OBF:1f991ksf1ksf1f9d,admin ModelLoader:OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw,admin AaiUI:OBF:1gfr1p571unz1p4j1gg7,admin OOF:OBF:1img1ke71ily,admin @@ -17,7 +16,6 @@ dcae@dcae.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin policy@policy.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin diff --git a/kubernetes/aai/components/aai-traversal/resources/config/aaf/bath_config.csv b/kubernetes/aai/components/aai-traversal/resources/config/aaf/bath_config.csv index 60a8fb5f0b..5019084560 100644 --- a/kubernetes/aai/components/aai-traversal/resources/config/aaf/bath_config.csv +++ b/kubernetes/aai/components/aai-traversal/resources/config/aaf/bath_config.csv @@ -25,9 +25,6 @@ Basic QVNEQzpBU0RD,Basic c2RjQHNkYy5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 # VID -> vid@vid.onap.org Basic VklEOlZJRA==,Basic dmlkQHZpZC5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 -# APPC -> appc@appc.onap.org -Basic QVBQQzpBUFBD,Basic YXBwY0BhcHBjLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03 - # OOF -> oof@oof.onap.org Basic T09GOk9PRg==,Basic b29mQG9vZi5vbmFwLm9yZzpkZW1vMTIzNDQ2IQ==,2050-03-03 diff --git a/kubernetes/aai/components/aai-traversal/resources/config/realm.properties b/kubernetes/aai/components/aai-traversal/resources/config/realm.properties index 9fbd122492..89a9c46382 100644 --- a/kubernetes/aai/components/aai-traversal/resources/config/realm.properties +++ b/kubernetes/aai/components/aai-traversal/resources/config/realm.properties @@ -22,7 +22,6 @@ DCAE:OBF:1g8u1f9d1f991g8w,admin POLICY:OBF:1mk61i171ima1im41i0j1mko,admin ASDC:OBF:1f991j0u1j001f9d,admin VID:OBF:1jm91i0v1jl9,admin -APPC:OBF:1f991ksf1ksf1f9d,admin ModelLoader:OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw,admin AaiUI:OBF:1gfr1p571unz1p4j1gg7,admin OOF:OBF:1img1ke71ily,admin @@ -33,7 +32,6 @@ dcae@dcae.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin policy@policy.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index 7f4ef863f2..f30222a2cf 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -277,16 +277,12 @@ global: # global defaults # since when this is enabled, it prints a lot of information to console enabled: false - aaiSdcListenerKafkaUser: aai-sdc-list-user - aai-babel: logConfigMapNamePrefix: '{{ include "common.release" . }}-aai' aai-graphadmin: logConfigMapNamePrefix: '{{ include "common.release" . }}-aai' aai-modelloader: logConfigMapNamePrefix: '{{ include "common.release" . }}-aai' - config: - jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.aaiSdcListenerKafkaUser }}' aai-resources: logConfigMapNamePrefix: '{{ include "common.release" . }}-aai' aai-schema-service: diff --git a/kubernetes/appc/.helmignore b/kubernetes/appc/.helmignore deleted file mode 100644 index 7ddbad7ef4..0000000000 --- a/kubernetes/appc/.helmignore +++ /dev/null @@ -1,22 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -components/ diff --git a/kubernetes/appc/Chart.yaml b/kubernetes/appc/Chart.yaml deleted file mode 100644 index 782a5c6e29..0000000000 --- a/kubernetes/appc/Chart.yaml +++ /dev/null @@ -1,43 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v2 -description: Application Controller -name: appc -version: 12.0.0 - -dependencies: - - name: common - version: ~12.x-0 - repository: '@local' - - name: mariadb-galera - version: ~12.x-0 - repository: '@local' - - name: dgbuilder - version: ~12.x-0 - repository: '@local' - - name: repositoryGenerator - version: ~12.x-0 - repository: '@local' - - name: appc-ansible-server - version: ~12.x-0 - repository: 'file://components/appc-ansible-server' - condition: appc-ansible-server.enabled - - name: appc-cdt - version: ~12.x-0 - repository: 'file://components/appc-cdt' - condition: appc-cdt.enabled diff --git a/kubernetes/appc/Makefile b/kubernetes/appc/Makefile deleted file mode 100644 index 08ed7cb9da..0000000000 --- a/kubernetes/appc/Makefile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright © 2020 Samsung Electronics -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) -OUTPUT_DIR := $(ROOT_DIR)/../dist -PACKAGE_DIR := $(OUTPUT_DIR)/packages -SECRET_DIR := $(OUTPUT_DIR)/secrets - -EXCLUDES := dist resources templates charts docker -HELM_BIN := helm -ifneq ($(SKIP_LINT),TRUE) - HELM_LINT_CMD := $(HELM_BIN) lint -else - HELM_LINT_CMD := echo "Skipping linting of" -endif - -HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) - -.PHONY: $(EXCLUDES) $(HELM_CHARTS) - -all: $(HELM_CHARTS) - -$(HELM_CHARTS): - @echo "\n[$@]" - @make package-$@ - -make-%: - @if [ -f $*/Makefile ]; then make -C $*; fi - -dep-%: make-% - @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi - -lint-%: dep-% - @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi - -package-%: lint-% - @mkdir -p $(PACKAGE_DIR) - @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) cm-push -f $$PACKAGE_NAME local; fi - @sleep 3 - #@$(HELM_BIN) repo index $(PACKAGE_DIR) - -clean: - @rm -f */Chart.lock - @rm -f *tgz */charts/*tgz - @rm -rf $(PACKAGE_DIR) -%: - @: diff --git a/kubernetes/appc/components/Makefile b/kubernetes/appc/components/Makefile deleted file mode 100644 index 9544d70f33..0000000000 --- a/kubernetes/appc/components/Makefile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright © 2020 Samsung Electronics -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) -OUTPUT_DIR := $(ROOT_DIR)/../../dist -PACKAGE_DIR := $(OUTPUT_DIR)/packages -SECRET_DIR := $(OUTPUT_DIR)/secrets - -EXCLUDES := -HELM_BIN := helm -ifneq ($(SKIP_LINT),TRUE) - HELM_LINT_CMD := $(HELM_BIN) lint -else - HELM_LINT_CMD := echo "Skipping linting of" -endif - -HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) - -.PHONY: $(EXCLUDES) $(HELM_CHARTS) - -all: $(HELM_CHARTS) - -$(HELM_CHARTS): - @echo "\n[$@]" - @make package-$@ - -make-%: - @if [ -f $*/Makefile ]; then make -C $*; fi - -dep-%: make-% - @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi - -lint-%: dep-% - @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi - -package-%: lint-% - @mkdir -p $(PACKAGE_DIR) - @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) cm-push -f $$PACKAGE_NAME local; fi - @sleep 3 - #@$(HELM_BIN) repo index $(PACKAGE_DIR) - -clean: - @rm -f */Chart.lock - @rm -f *tgz */charts/*tgz - @rm -rf $(PACKAGE_DIR) -%: - @: diff --git a/kubernetes/appc/components/appc-ansible-server/.helmignore b/kubernetes/appc/components/appc-ansible-server/.helmignore deleted file mode 100644 index f0c1319444..0000000000 --- a/kubernetes/appc/components/appc-ansible-server/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/appc/components/appc-ansible-server/resources/config/RestServer_config b/kubernetes/appc/components/appc-ansible-server/resources/config/RestServer_config deleted file mode 100644 index 090aa557f5..0000000000 --- a/kubernetes/appc/components/appc-ansible-server/resources/config/RestServer_config +++ /dev/null @@ -1,40 +0,0 @@ -{{/* -# Copyright © 2018 AT&T, Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -# Host definition -ip: 0.0.0.0 -port: {{.Values.service.internalPort}} - -# Security (controls use of TLS encrypton and RestServer authentication) -tls: no -auth: no - -# TLS certificates (must be built on application host) -priv: provide_privated_key.pem -pub: provide_public_key.pem - -# Mysql -host: {{.Values.config.mariadbGaleraSVCName}} - -# Playbooks -from_files: yes -ansible_path: /opt/onap/ccsdk/Playbooks -ansible_inv: Ansible_inventory -ansible_temp: PlaybooksTemp -timeout_seconds: 60 - -# Blocking on GetResults -getresults_block: yes diff --git a/kubernetes/appc/components/appc-ansible-server/templates/configmap.yaml b/kubernetes/appc/components/appc-ansible-server/templates/configmap.yaml deleted file mode 100644 index 3bfe84c6e7..0000000000 --- a/kubernetes/appc/components/appc-ansible-server/templates/configmap.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/appc/components/appc-ansible-server/templates/pv.yaml b/kubernetes/appc/components/appc-ansible-server/templates/pv.yaml deleted file mode 100644 index b2acf37393..0000000000 --- a/kubernetes/appc/components/appc-ansible-server/templates/pv.yaml +++ /dev/null @@ -1,45 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -{{- $global := . }} -{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) -}} -{{- if eq "True" (include "common.needPV" .) -}} -{{- range $i, $t := until (int $global.Values.replicaCount)}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" $global }}-playbook-{{$i}} - namespace: {{ include "common.namespace" $global }} - labels: - app: {{ include "common.fullname" $global }} - chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" - release: "{{ include "common.release" $global }}" - heritage: "{{ $global.Release.Service }}" - name: {{ include "common.fullname" $global }} -spec: - capacity: - storage: {{ $global.Values.persistence.size}} - accessModes: - - {{ $global.Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" $global }}-data" - persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}{{$i}} -{{if ne $i (int $global.Values.replicaCount) }} ---- -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/kubernetes/appc/components/appc-ansible-server/templates/service.yaml b/kubernetes/appc/components/appc-ansible-server/templates/service.yaml deleted file mode 100644 index e952357c4c..0000000000 --- a/kubernetes/appc/components/appc-ansible-server/templates/service.yaml +++ /dev/null @@ -1,35 +0,0 @@ -{{/* -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }}
\ No newline at end of file diff --git a/kubernetes/appc/components/appc-ansible-server/templates/statefulset.yaml b/kubernetes/appc/components/appc-ansible-server/templates/statefulset.yaml deleted file mode 100644 index 0e9e60ab5f..0000000000 --- a/kubernetes/appc/components/appc-ansible-server/templates/statefulset.yaml +++ /dev/null @@ -1,114 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - serviceName: {{ include "common.servicename" . }} - selector: - matchLabels: - app: {{ include "common.name" . }} - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - name: {{ include "common.name" . }}-chown - image: {{ include "repositoryGenerator.image.busybox" . }} - command: ["sh", "-c", "chown -R {{ .Values.config.ansibleUid }}:{{ .Values.config.ansibleGid}} {{ .Values.persistence.playbookPath }}"] - volumeMounts: - - mountPath: {{ .Values.persistence.playbookPath }} - name: {{ include "common.fullname" . }}-playbook - containers: - - name: {{ include "common.name" . }} - command: ["/bin/bash"] - args: ["-c", "cd /opt/onap/ccsdk && ./startAnsibleServer.sh"] - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{ if .Values.liveness.enabled }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: {{ .Values.config.configDir }}/RestServer_config - name: config - subPath: RestServer_config - - mountPath: {{ .Values.persistence.playbookPath }} - name: {{ include "common.fullname" . }}-playbook - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: config - configMap: - name: {{ include "common.fullname" . }} - defaultMode: 0644 -{{ if not .Values.persistence.enabled }} - - name: {{ include "common.fullname" . }}-playbook - emptyDir: {} -{{ else }} - volumeClaimTemplates: - - metadata: - name: {{ include "common.fullname" . }}-playbook - labels: - name: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - spec: - accessModes: - - {{ .Values.persistence.accessMode }} - storageClassName: {{ include "common.storageClass" . }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{ end }} diff --git a/kubernetes/appc/components/appc-ansible-server/values.yaml b/kubernetes/appc/components/appc-ansible-server/values.yaml deleted file mode 100644 index 076cf6b5f2..0000000000 --- a/kubernetes/appc/components/appc-ansible-server/values.yaml +++ /dev/null @@ -1,110 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - persistence: {} - -################################################################# -# Application configuration defaults. -################################################################# -flavor: small - -# application image -image: onap/ccsdk-ansible-server-image:0.4.4 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: - ansibleUid: 100 - ansibleGid: 101 - appcChartName: appc - mysqlServiceName: appc-db - configDir: /opt/onap/ccsdk - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 180 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 60 - periodSeconds: 10 - -service: - type: ClusterIP - name: appc-ansible-server - portName: appc-ansible-server - internalPort: 8000 - externalPort: 8000 - nfsprovisionerPrefix: appc - disableNfsProvisioner: true - -## Persist data to a persitent volume -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: <storageClass> - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - accessMode: ReadWriteOnce - size: 1Gi - mountPath: /dockerdata-nfs - mountSubPath: appc/ansible - playbookPath: /home/ansible - -ingress: - enabled: false - -resources: - small: - limits: - cpu: 1 - memory: 1Gi - requests: - cpu: 0.5 - memory: 0.5Mi - large: - limits: - cpu: 2 - memory: 2Gi - requests: - cpu: 1 - memory: 1Gi - unlimited: {} diff --git a/kubernetes/appc/components/appc-cdt/.helmignore b/kubernetes/appc/components/appc-cdt/.helmignore deleted file mode 100644 index f0c1319444..0000000000 --- a/kubernetes/appc/components/appc-cdt/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/appc/components/appc-cdt/Chart.yaml b/kubernetes/appc/components/appc-cdt/Chart.yaml deleted file mode 100644 index 917bfab546..0000000000 --- a/kubernetes/appc/components/appc-cdt/Chart.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v2 -description: ONAP APPC Self Service Controller Design Tool -name: appc-cdt -version: 12.0.0 - -dependencies: - - name: common - version: ~12.x-0 - repository: '@local' - - name: certInitializer - version: ~12.x-0 - repository: '@local' - - name: repositoryGenerator - version: ~12.x-0 - repository: '@local' diff --git a/kubernetes/appc/components/appc-cdt/resources/entrypoint/startCdt.sh b/kubernetes/appc/components/appc-cdt/resources/entrypoint/startCdt.sh deleted file mode 100755 index b5fa5248fa..0000000000 --- a/kubernetes/appc/components/appc-cdt/resources/entrypoint/startCdt.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/sh - -### -# ============LICENSE_START======================================================= -# APPC -# ================================================================================ -# Copyright (C) 2018-2019 AT&T Intellectual Property. All rights reserved. -# Copyright (C) 2021 Orange Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -### - -if [ -z "$CDT_PORT" ] -then - CDT_PORT="30232" -fi -echo "Setting CDT port to $CDT_PORT" -sed -i -e "s/30290/$CDT_PORT/" /opt/cdt/main.bundle.js - -CDT_HOME=/opt/cdt; export CDT_HOME -LOG_DIR=/opt/cdt/logs; export LOG_DIR -MaxLogSize=3000000; export MaxLogSize -PORT=18080; export PORT -if [ -z "$HTTPS_KEY_FILE" ] -then - HTTPS_KEY_FILE=/opt/cert/cdt-key.pem - export HTTPS_KEY_FILE -fi -if [ -z "$HTTPS_CERT_FILE" ] -then - HTTPS_CERT_FILE=/opt/cert/cdt-cert.pem - export HTTPS_CERT_FILE -fi -echo "*** cert file: ${HTTPS_CERT_FILE}" -echo "*** key file : ${HTTPS_KEY_FILE}" -node $CDT_HOME/app/ndserver.js
\ No newline at end of file diff --git a/kubernetes/appc/components/appc-cdt/templates/NOTES.txt b/kubernetes/appc/components/appc-cdt/templates/NOTES.txt deleted file mode 100644 index 1a7dbc5d13..0000000000 --- a/kubernetes/appc/components/appc-cdt/templates/NOTES.txt +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.fullname" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/appc/components/appc-cdt/templates/configmap.yaml b/kubernetes/appc/components/appc-cdt/templates/configmap.yaml deleted file mode 100644 index fea0ec2f7a..0000000000 --- a/kubernetes/appc/components/appc-cdt/templates/configmap.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{/* -# Copyright © 2021 Orange. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-entrypoint - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/entrypoint/*").AsConfig . | indent 2 }} diff --git a/kubernetes/appc/components/appc-cdt/templates/deployment.yaml b/kubernetes/appc/components/appc-cdt/templates/deployment.yaml deleted file mode 100644 index fb15897ae1..0000000000 --- a/kubernetes/appc/components/appc-cdt/templates/deployment.yaml +++ /dev/null @@ -1,98 +0,0 @@ -{{/* -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }} - containers: - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /opt/startCdt.sh - ports: - - containerPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - # This sets the port that CDT will use to connect to the main appc container. - # The 11 is the node port suffix that is used in the main appc oom templates - # for nodePort3. This value will be configured in appc main chart in appc-cdt section. - - name: CDT_PORT - value: "{{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.nodePort3 }}" - - name: HTTPS_KEY_FILE - value: {{ .Values.certInitializer.credsPath }}/certs/key.pem - - name: HTTPS_CERT_FILE - value: {{ .Values.certInitializer.credsPath }}/certs/cert.pem - volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/startCdt.sh - name: entrypoint - subPath: startCdt.sh - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - - name: localtime - hostPath: - path: /etc/localtime - - name: entrypoint - configMap: - name: {{ include "common.fullname" . }}-entrypoint - defaultMode: 0755 - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/appc/components/appc-cdt/templates/ingress.yaml b/kubernetes/appc/components/appc-cdt/templates/ingress.yaml deleted file mode 100644 index 8f87c68f1e..0000000000 --- a/kubernetes/appc/components/appc-cdt/templates/ingress.yaml +++ /dev/null @@ -1 +0,0 @@ -{{ include "common.ingress" . }} diff --git a/kubernetes/appc/components/appc-cdt/templates/service.yaml b/kubernetes/appc/components/appc-cdt/templates/service.yaml deleted file mode 100644 index 54e239ebc5..0000000000 --- a/kubernetes/appc/components/appc-cdt/templates/service.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{/* -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.name }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/appc/components/appc-cdt/values.yaml b/kubernetes/appc/components/appc-cdt/values.yaml deleted file mode 100644 index 5765d3482d..0000000000 --- a/kubernetes/appc/components/appc-cdt/values.yaml +++ /dev/null @@ -1,118 +0,0 @@ -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - - -################################################################# -# AAF part -################################################################# - -# dependency / sub-chart configuration -certInitializer: - nameOverride: appc-cdt-cert-initializer - truststoreMountpath: /opt/onap/appc/data/stores - fqdn: "appc-cdt" - app_ns: "org.osaaf.aaf" - fqi: "appc-cdt@appc-cdt.onap.org" - fqi_namespace: org.onap.appc-cdt - public_fqdn: "appc-cdt.onap.org" - aafDeployFqi: "deployer@people.osaaf.org" - aafDeployPass: demo123456! - cadi_latitude: "38.0" - cadi_longitude: "-72.0" - credsPath: /opt/app/osaaf/local - aaf_add_config: | - echo "*** transform AAF certs into pem files" - mkdir -p {{ .Values.credsPath }}/certs - openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \ - -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \ - -passin pass:$cadi_keystore_password_p12 \ - -passout pass:$cadi_keystore_password_p12 - echo "*** copy key file" - cp {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \ - {{ .Values.credsPath }}/certs/key.pem - echo "*** change ownership of certificates to targeted user" - chown -R 1000 {{ .Values.credsPath }} - -################################################################# -# Application configuration defaults. -################################################################# - -flavor: small - -# application image -image: onap/appc-cdt-image:1.7.2 -pullPolicy: Always - -# application configuration -config: {} - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: NodePort - name: appc-cdt - externalPort: 18080 - internalPort: 18080 - nodePort: 89 - -ingress: - enabled: false - service: - - baseaddr: appccdt - name: "appc-cdt" - port: 18080 - config: - ssl: "redirect" - -# Configure resource requests and limits -# ref: http://kubernetes.io/docs/user-guide/compute-resources/ -resources: - small: - limits: - cpu: 1 - memory: 1Gi - requests: - cpu: 0.5 - memory: 500Mi - large: - limits: - cpu: 2 - memory: 2Gi - requests: - cpu: 1 - memory: 1Gi - unlimited: {} diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/installAppcDb.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/installAppcDb.sh deleted file mode 100755 index 830708bb39..0000000000 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/installAppcDb.sh +++ /dev/null @@ -1,59 +0,0 @@ -#!/bin/sh - -{{/* -### -# ============LICENSE_START======================================================= -# APPC -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -### -*/}} - -SDNC_HOME=${SDNC_HOME:-/opt/onap/ccsdk} -APPC_HOME=${APPC_HOME:-/opt/onap/appc} -MYSQL_PASSWD=${MYSQL_ROOT_PASSWORD} - -APPC_DB_USER=${APPC_DB_USER} -APPC_DB_PASSWD=${APPC_DB_PASSWD} -APPC_DB_DATABASE={{.Values.config.appcdb.dbName}} -SDNC_DB_DATABASE={{.Values.config.sdncdb.dbName}} - - -# Create tablespace and user account -mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p${MYSQL_PASSWD} mysql <<-END -CREATE DATABASE ${APPC_DB_DATABASE}; -CREATE USER '${APPC_DB_USER}'@'localhost' IDENTIFIED BY '${APPC_DB_PASSWD}'; -CREATE USER '${APPC_DB_USER}'@'%' IDENTIFIED BY '${APPC_DB_PASSWD}'; -GRANT ALL PRIVILEGES ON ${APPC_DB_DATABASE}.* TO '${APPC_DB_USER}'@'localhost' WITH GRANT OPTION; -GRANT ALL PRIVILEGES ON ${APPC_DB_DATABASE}.* TO '${APPC_DB_USER}'@'%' WITH GRANT OPTION; -commit; -END - -if [ -f ${APPC_HOME}/data/appcctl.dump ] -then - mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p${MYSQL_PASSWD} ${APPC_DB_DATABASE} < ${APPC_HOME}/data/appcctl.dump -fi - -if [ -f ${APPC_HOME}/data/sdnctl.dump ] -then - mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p${MYSQL_PASSWD} ${SDNC_DB_DATABASE} < ${APPC_HOME}/data/sdnctl.dump -fi - -if [ -f ${APPC_HOME}/data/sqlData.dump ] -then - mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p${MYSQL_PASSWD} ${SDNC_DB_DATABASE} < ${APPC_HOME}/data/sqlData.dump -fi diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh deleted file mode 100755 index 789f1b38a1..0000000000 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh +++ /dev/null @@ -1,201 +0,0 @@ -#!/bin/sh -x - -{{/* -### -# ============LICENSE_START======================================================= -# APPC -# ================================================================================ -# Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# ECOMP is a trademark and service mark of AT&T Intellectual Property. -### - -# -# This script takes care of installing the SDNC & APPC platform components -# if not already installed, and starts the APPC Docker Container -# -#set -x -*/}} - -enable_odl_cluster () { - if [ -z $APPC_REPLICAS ]; then - echo "APPC_REPLICAS is not configured in Env field" - exit - fi - - echo "Update cluster information statically" - hm=$(hostname) - echo "Get current Hostname ${hm}" - - node=($(echo ${hm} | sed 's/-[0-9]*$//g')) - node_index=($(echo ${hm} | awk -F"-" '{print $NF}')) - node_list="${node}-0.{{ .Values.service.name }}-cluster.{{.Release.Namespace}}"; - - for i in $(seq 1 $((${APPC_REPLICAS}-1))); - do - node_list="${node_list} ${node}-$i.{{ .Values.service.name }}-cluster.{{.Release.Namespace}}" - done - - /opt/opendaylight/current/bin/configure_cluster.sh $((node_index+1)) ${node_list} -} - -ODL_HOME=${ODL_HOME:-/opt/opendaylight/current} -SDNC_HOME=${SDNC_HOME:-/opt/onap/ccsdk} -APPC_HOME=${APPC_HOME:-/opt/onap/appc} -SLEEP_TIME=${SLEEP_TIME:-120} -MYSQL_PASSWD=${MYSQL_ROOT_PASSWORD} -ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false} -ENABLE_AAF=${ENABLE_AAF:-true} -DBINIT_DIR=${DBINIT_DIR:-/opt/opendaylight/current/daexim} - -# -# Wait for database to init properly -# -echo "Waiting for mariadbgalera" -until mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p${MYSQL_PASSWD} mysql >/dev/null 2>&1 -do - printf "." - sleep 1 -done -echo -echo "mariadbgalera ready" - -if [ ! -d ${DBINIT_DIR} ] -then - mkdir -p ${DBINIT_DIR} -fi - -if [ ! -f ${DBINIT_DIR}/.installed ] -then - sdnc_db_exists=$(mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p${MYSQL_PASSWD} mysql <<-END -show databases like 'sdnctl'; -END -) - if [ "${sdnc_db_exists}" = "" ] - then - echo "Installing SDNC database" - ${SDNC_HOME}/bin/installSdncDb.sh - - appc_db_exists=$(mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p${MYSQL_PASSWD} mysql <<-END -show databases like 'appcctl'; -END -) - if [ "${appc_db_exists}" = "" ] - then - echo "Installing APPC database" - ${APPC_HOME}/bin/installAppcDb.sh - fi - else - sleep 30 - fi - - echo "Installed at `date`" > ${DBINIT_DIR}/.installed -fi - - -if [ ! -f ${SDNC_HOME}/.installed ] -then - echo "Installing ODL Host Key" - ${SDNC_HOME}/bin/installOdlHostKey.sh - -# echo "Copying a working version of the logging configuration into the opendaylight etc folder" -# cp ${APPC_HOME}/data/org.ops4j.pax.logging.cfg ${ODL_HOME}/etc/org.ops4j.pax.logging.cfg - - - echo "Waiting ${SLEEP_TIME} seconds for OpenDaylight to initialize" - sleep ${SLEEP_TIME} - - - if [ -x ${SDNC_HOME}/svclogic/bin/install.sh ] - then - echo "Installing directed graphs" - ${SDNC_HOME}/svclogic/bin/install.sh - fi - - if [ -x ${APPC_HOME}/svclogic/bin/install-converted-dgs.sh ] - then - echo "Installing APPC JSON DGs converted to XML using dg-loader" - ${APPC_HOME}/svclogic/bin/install-converted-dgs.sh - fi - - if $ENABLE_ODL_CLUSTER - then - echo "Enabling Opendaylight cluster features" - enable_odl_cluster - fi - - echo "Copying the aaa shiro configuration into opendaylight" - mkdir -p ${ODL_HOME}/etc/opendaylight/datastore/initial/config - if $ENABLE_AAF - then - cp ${APPC_HOME}/data/properties/aaa-app-config.xml ${ODL_HOME}/etc/opendaylight/datastore/initial/config/aaa-app-config.xml - fi - -fi - -# Move journal and snapshots directory to persistent storage - -hostdir=${ODL_HOME}/daexim/$(hostname -s) -if [ ! -d $hostdir ] -then - mkdir -p $hostdir - if [ -d ${ODL_HOME}/journal ] - then - mv ${ODL_HOME}/journal ${hostdir} - else - mkdir ${hostdir}/journal - fi - if [ -d ${ODL_HOME}/snapshots ] - then - mv ${ODL_HOME}/snapshots ${hostdir} - else - mkdir ${hostdir}/snapshots - fi -fi - -ln -s ${hostdir}/journal ${ODL_HOME}/journal -ln -s ${hostdir}/snapshots ${ODL_HOME}/snapshots - -echo "Starting cdt-proxy-service jar, logging to ${APPC_HOME}/cdt-proxy-service/jar.log" -java -jar ${APPC_HOME}/cdt-proxy-service/cdt-proxy-service.jar > ${APPC_HOME}/cdt-proxy-service/jar.log & - -echo "Starting dmaap-event-service jar, logging to ${APPC_HOME}/dmaap-event-service/jar.log" -java -jar -Dorg_onap_appc_bootstrap_path=/opt/onap/appc/data/properties -Dorg_onap_appc_bootstrap_file=appc.properties ${APPC_HOME}/dmaap-event-service/dmaap-event-service.jar > ${APPC_HOME}/dmaap-event-service/jar.log & - -echo "Adding a property system.properties for AAF cadi.properties location" -echo "" >> ${ODL_HOME}/etc/system.properties -echo "cadi_prop_files=${APPC_HOME}/data/properties/cadi.properties" >> ${ODL_HOME}/etc/system.properties -echo "" >> ${ODL_HOME}/etc/system.properties - -echo "Adding a value to property appc.asdc.env in appc.properties for appc-asdc-listener feature" -echo "" >> $APPC_HOME/data/properties/appc.properties -echo "appc.asdc.env=$DMAAP_TOPIC_ENV" >> $APPC_HOME/data/properties/appc.properties -echo "" >> $APPC_HOME/data/properties/appc.properties - -echo "Copying jetty, keystore for https into opendalight" -cp ${APPC_HOME}/data/jetty.xml ${ODL_HOME}/etc/jetty.xml -cp ${APPC_HOME}/data/keystore ${ODL_HOME}/etc/keystore -cp ${APPC_HOME}/data/custom.properties ${ODL_HOME}/etc/custom.properties - -echo "Copying a working version of the logging configuration into the opendaylight etc folder" -cp ${APPC_HOME}/data/org.ops4j.pax.logging.cfg ${ODL_HOME}/etc/org.ops4j.pax.logging.cfg - -ODL_BOOT_FEATURES_EXTRA="odl-netconf-connector,odl-restconf-noauth,odl-netconf-clustered-topology,odl-mdsal-clustering" -sed -i -e "\|featuresBoot[^a-zA-Z]|s|$|,${ODL_BOOT_FEATURES_EXTRA}|" $ODL_HOME/etc/org.apache.karaf.features.cfg - -exec ${APPC_HOME}/bin/dockerInstall.sh & -echo "Starting OpenDaylight" -exec ${ODL_HOME}/bin/karaf server diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaa-app-config.xml b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaa-app-config.xml deleted file mode 100644 index de6e7e4742..0000000000 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaa-app-config.xml +++ /dev/null @@ -1,121 +0,0 @@ -<?xml version="1.0" ?> -<!-- -### -# ============LICENSE_START======================================================= -# APPC -# ================================================================================ -# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -### - --> - -<shiro-configuration xmlns="urn:opendaylight:aaa:app:config"> - - <!-- - ================================= TokenAuthRealm ================================== - = = - = Use org.onap.aaf.cadi.shiro.AAFRealm to enable AAF authentication = - = Use org.opendaylight.aaa.shiro.realm.TokenAuthRealm = - =================================================================================== - --> - <main> - <pair-key>tokenAuthRealm</pair-key> -<!-- <pair-value>org.opendaylight.aaa.shiro.realm.TokenAuthRealm</pair-value> --> - <pair-value>org.onap.aaf.cadi.shiro.AAFRealm</pair-value> - </main> - - - <!-- add tokenAuthRealm as the only default realm --> - <main> - <pair-key>securityManager.realms</pair-key> - <pair-value>$tokenAuthRealm</pair-value> - </main> - - <!-- Used to support OAuth2 use case. --> - <main> - <pair-key>authcBasic</pair-key> - <pair-value>org.opendaylight.aaa.shiro.filters.ODLHttpAuthenticationFilter</pair-value> - </main> - - <!-- in order to track AAA challenge attempts --> - <main> - <pair-key>accountingListener</pair-key> - <pair-value>org.opendaylight.aaa.shiro.filters.AuthenticationListener</pair-value> - </main> - <main> - <pair-key>securityManager.authenticator.authenticationListeners</pair-key> - <pair-value>$accountingListener</pair-value> - </main> - - <!-- Model based authorization scheme supporting RBAC for REST endpoints --> - <main> - <pair-key>dynamicAuthorization</pair-key> - <pair-value>org.opendaylight.aaa.shiro.realm.MDSALDynamicAuthorizationFilter</pair-value> - </main> - - - <!-- - =================================================================================== - = URLS = - = For AAF use <pair-value> authcBasic, roles[org.onap.appc.odl|odl-api\*] = - = org.onap.appc.odl|odl-api|* can be replaced with other AAF permissions = - = For default <pair-value> authcBasic, roles[admin] = - =================================================================================== - --> - - <!-- restrict access to some endpoints by default --> - <urls> - <pair-key>/auth/**</pair-key> -<!-- <pair-value>authcBasic, roles[admin], dynamicAuthorization</pair-value> --> - <pair-value>authcBasic, roles[org.onap.appc.odl:odl-api:*]</pair-value> - </urls> - <urls> - <pair-key>/restconf/config/aaa-cert-mdsal**</pair-key> -<!-- <pair-value>authcBasic, roles[admin]</pair-value> --> - <pair-value>authcBasic, roles[org.onap.appc.odl:odl-api:*]</pair-value> - </urls> - <urls> - <pair-key>/restconf/operational/aaa-cert-mdsal**</pair-key> -<!-- <pair-value>authcBasic, roles[admin]</pair-value> --> - <pair-value>authcBasic, roles[org.onap.appc.odl:odl-api:*]</pair-value> - </urls> - <urls> - <pair-key>/restconf/operations/aaa-cert-rpc**</pair-key> -<!-- <pair-value>authcBasic, roles[admin]</pair-value> --> - <pair-value>authcBasic, roles[org.onap.appc.odl:odl-api:*]</pair-value> - </urls> - <urls> - <pair-key>/restconf/config/aaa-authn-model**</pair-key> -<!-- <pair-value>authcBasic, roles[admin]</pair-value> --> - <pair-value>authcBasic, roles[org.onap.appc.odl:odl-api:*]</pair-value> - </urls> - <urls> - <pair-key>/restconf/operational/aaa-authn-model**</pair-key> -<!-- <pair-value>authcBasic, roles[admin]</pair-value> --> - <pair-value>authcBasic, roles[org.onap.appc.odl:odl-api:*]</pair-value> - </urls> - <urls> - <pair-key>/restconf/operations/cluster-admin**</pair-key> -<!-- <pair-value>authcBasic, roles[admin]</pair-value> --> - <pair-value>authcBasic, roles[org.onap.appc.odl:odl-api:*]</pair-value> - </urls> - <urls> - <pair-key>/**</pair-key> -<!-- <pair-value>authcBasic, roles[admin]</pair-value> --> - <pair-value>authcBasic, roles[org.onap.appc.odl:odl-api:*]</pair-value> - </urls> -</shiro-configuration> - diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaiclient.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaiclient.properties deleted file mode 100644 index 24b10bcb89..0000000000 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaiclient.properties +++ /dev/null @@ -1,251 +0,0 @@ -{{/* -### -# ============LICENSE_START======================================================= -# APPC -# ================================================================================ -# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -### - -# -# Configuration file for A&AI Client -# - -# -# Certificate keystore and truststore -# -*/}} -org.onap.ccsdk.sli.adaptors.aai.ssl.trust=/opt/onap/appc/data/stores/truststoreONAPall.jks -org.onap.ccsdk.sli.adaptors.aai.ssl.trust.psswd=changeit -org.onap.ccsdk.sli.adaptors.aai.ssl.key=/opt/onap/appc/data/stores/truststoreONAPall.jks -org.onap.ccsdk.sli.adaptors.aai.ssl.key.psswd=changeit - -org.onap.ccsdk.sli.adaptors.aai.client.name=appc@appc.onap.org -org.onap.ccsdk.sli.adaptors.aai.client.psswd=demo123456! - -org.onap.ccsdk.sli.adaptors.aai.application=openECOMP -connection.timeout=60000 -read.timeout=60000 - -# -# Configuration file for A&AI Client -# -org.onap.ccsdk.sli.adaptors.aai.uri=https://aai.{{.Release.Namespace}}:8443 - -# query -org.onap.ccsdk.sli.adaptors.aai.path.query=/aai/v14/search/sdn-zone-query -org.onap.ccsdk.sli.adaptors.aai.query.nodes=/aai/v14/search/nodes-query?search-node-type={node-type}&filter={entity-identifier}:EQUALS:{entity-name} -org.onap.ccsdk.sli.adaptors.aai.query.generic=/aai/v14/search/generic-query?key={identifier}:{value}&start-node-type={start-node-type}&include=complex&depth=3 - -# named query -org.onap.ccsdk.sli.adaptors.aai.query.named=/aai/search/named-query - - -#update -org.onap.ccsdk.sli.adaptors.aai.update=/aai/v14/actions/update - -# vce -org.onap.ccsdk.sli.adaptors.aai.path.vce =/aai/v14/network/vces/vce/ -org.onap.ccsdk.sli.adaptors.aai.path.vces=/aai/v14/network/vces/ - -# vpe -org.onap.ccsdk.sli.adaptors.aai.path.vpe =/aai/v14/network/vpes/vpe/ -org.onap.ccsdk.sli.adaptors.aai.path.vpes=/aai/v14/network/vpes/ - -# customer -org.onap.ccsdk.sli.adaptors.aai.path.customer=/aai/v14/business/customers/customer/{customer-id} - -# service subscription -org.onap.ccsdk.sli.adaptors.aai.path.service.subscription=/aai/v14/business/customers/customer/{global-customer-id}/service-subscriptions/service-subscription/{service-type} - -# service instance -org.onap.ccsdk.sli.adaptors.aai.path.svcinst=/aai/v14/business/customers/customer/{customer-id}/service-subscriptions/service-subscription/{service-type}/service-instances -org.onap.ccsdk.sli.adaptors.aai.path.svcinst.query=/aai/v14/search/generic-query?key=service-instance.service-instance-id:{svc-instance-id}&start-node-type=service-instance&include=service-instance -org.onap.ccsdk.sli.adaptors.aai.path.service.instance=/aai/v14/business/customers/customer/{global-customer-id}/service-subscriptions/service-subscription/{service-type}/service-instances/service-instance/{service-instance-id} - -# complex -org.onap.ccsdk.sli.adaptors.aai.path.complexes=/aai/v14/cloud-infrastructure/complexes -org.onap.ccsdk.sli.adaptors.aai.path.complex=/aai/v14/cloud-infrastructure/complexes/complex/{physical-location-id} - -# tenant -org.onap.ccsdk.sli.adaptors.aai.path.tenant=/aai/v14/cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id}/tenants/tenant/{tenant-id} -org.onap.ccsdk.sli.adaptors.aai.path.tenant.query=/aai/v14/cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id}/tenants/tenant?tenant-name={tenant-name} - -# vservers -org.onap.ccsdk.sli.adaptors.aai.path.vservers=/aai/v14/cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id}/tenants/tenant/{tenant-id}/vservers/ -org.onap.ccsdk.sli.adaptors.aai.path.vserver=/aai/v14/cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id}/tenants/tenant/{tenant-id}/vservers/vserver/{vserver-id} - -# vpls-pe -org.onap.ccsdk.sli.adaptors.aai.path.vpls.pes=/aai/v14/network/vpls-pes/ -org.onap.ccsdk.sli.adaptors.aai.path.vpls.pe =/aai/v14/network/vpls-pes/vpls-pe/ - -# ctag-pool -org.onap.ccsdk.sli.adaptors.aai.path.ctag.pools=/aai/v14/cloud-infrastructure/complexes/complex/{physical-location-id}/ctag-pools -org.onap.ccsdk.sli.adaptors.aai.path.ctag.pool=/aai/v14/cloud-infrastructure/complexes/complex/{physical-location-id}/ctag-pools/ctag-pool/{target-pe}/{availability-zone-name} - -# -#-------------- 1510 ---------------------- -# - -# pservers -org.onap.ccsdk.sli.adaptors.aai.path.pservers=/aai/v14/cloud-infrastructure/pservers -org.onap.ccsdk.sli.adaptors.aai.path.pserver=/aai/v14/cloud-infrastructure/pservers/pserver/{hostname} - -# generic-vnf -org.onap.ccsdk.sli.adaptors.aai.path.generic.vnfs=/aai/v14/network/generic-vnfs -org.onap.ccsdk.sli.adaptors.aai.path.generic.vnf=/aai/v14/network/generic-vnfs/generic-vnf/{vnf-id} - -# dvs-switch -org.onap.ccsdk.sli.adaptors.aai.path.dvsswitches=/aai/v14/cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id}/dvs-switches -org.onap.ccsdk.sli.adaptors.aai.path.dvsswitch=/aai/v14/cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id}/dvs-switches/dvs-switch/{switch-name} - -# L3 Networks -org.onap.ccsdk.sli.adaptors.aai.path.l3networks=/aai/v14/network/l3-networks -org.onap.ccsdk.sli.adaptors.aai.path.l3network=/aai/v14/network/l3-networks/l3-network/{network-id} -org.onap.ccsdk.sli.adaptors.aai.path.l3network.query.name=/aai/v14/network/l3-networks/l3-network?network-name={network-name} - -# P-Interfaces -org.onap.ccsdk.sli.adaptors.aai.path.pserver.pinterfaces=/aai/v14/cloud-infrastructure/pservers/pserver/{hostname}/p-interfaces -org.onap.ccsdk.sli.adaptors.aai.path.pserver.pinterface=/aai/v14/cloud-infrastructure/pservers/pserver/{hostname}/p-interfaces/p-interface/{interface-name} - -# Physical Link -org.onap.ccsdk.sli.adaptors.aai.path.physical.links=/aai/v14/network/physical-links -org.onap.ccsdk.sli.adaptors.aai.path.physical.link=/aai/v14/network/physical-links/physical-link/{link-name} - -# VPN Bindings -org.onap.ccsdk.sli.adaptors.aai.path.vpn.bindings=/aai/v14/network/vpn-bindings/ -org.onap.ccsdk.sli.adaptors.aai.path.vpn.binding=/aai/v14/network/vpn-bindings/vpn-binding/{vpn-id} - -# VNF IMAGES -org.onap.ccsdk.sli.adaptors.aai.path.vnf.images=/aai/v14/service-design-and-creation/vnf-images -org.onap.ccsdk.sli.adaptors.aai.path.vnf.image=/aai/v14/service-design-and-creation/vnf-images/vnf-image/{att-uuid} -org.onap.ccsdk.sli.adaptors.aai.path.vnf.image.query=/aai/v14/service-design-and-creation/vnf-images/vnf-image?application={application_model}&application-vendor={application_vendor} - -# UBB Notify -org.onap.ccsdk.sli.adaptors.aai.path.notify=/aai/v14/actions/notify -org.onap.ccsdk.sli.adaptors.aai.notify.selflink.fqdn=https://aai.{{.Release.Namespace}}:8443/restconf/config/L3SDN-API:services/layer3-service-list/{service-instance-id} -org.onap.ccsdk.sli.adaptors.aai.notify.selflink.avpn=https://aai.{{.Release.Namespace}}:8443/restconf/config/L3AVPN-EVC-API:services/service-list/{service-instance-id}/service-data/avpn-logicalchannel-information - -# Service -org.onap.ccsdk.sli.adaptors.aai.path.service=/aai/v14/service-design-and-creation/services/service/{service-id} -org.onap.ccsdk.sli.adaptors.aai.path.services=/aai/v14/service-design-and-creation/services - - -# -#-------------- 1604 ---------------------- -# - -# VNFC -org.onap.ccsdk.sli.adaptors.aai.path.vnfc=/aai/v14/network/vnfcs/vnfc/{vnfc-name} - -# class-of-service -org.onap.ccsdk.sli.adaptors.aai.path.class.of.service=/aai/v14/network/site-pair-sets/site-pair-set/{site-pair-set-id}/routing-instances/routing-instance/{routing-instance-id}/site-pairs/site-pair/{site-pair-id}/classes-of-service/class-of-service/{cos-id} - -# site-pair -org.onap.ccsdk.sli.adaptors.aai.path.site.pair=/aai/v14/network/site-pair-sets/site-pair-set/{site-pair-set-id}/routing-instances/routing-instance/{routing-instance-id}/site-pairs/site-pair/{site-pair-id} - -# routing-instance -org.onap.ccsdk.sli.adaptors.aai.path.routing.instance=/aai/v14/network/site-pair-sets/site-pair-set/{site-pair-set-id}/routing-instances/routing-instance/{routing-instance-id} - -# site-pair-set -org.onap.ccsdk.sli.adaptors.aai.path.site.pair.set=/aai/v14/network/site-pair-sets/site-pair-set/{site-pair-set-id} - -# license key resource -org.onap.ccsdk.sli.adaptors.aai.path.license.acquire=/aai/v14/actions/assignment/license-management/assignment-group-uuid/{assignment-group-uuid} -org.onap.ccsdk.sli.adaptors.aai.path.license=/aai/v14/license-management/license-key-resources/license-key-resource/{att-uuid} - -# logical-link -org.onap.ccsdk.sli.adaptors.aai.path.logical.link =/aai/v14/network/logical-links/logical-link/{link-name} - -# virtual-data-center -org.onap.ccsdk.sli.adaptors.aai.path.virtual.data.center=/aai/v14/cloud-infrastructure/virtual-data-centers/virtual-data-center/{vdc-id} - -# wan-connector -org.onap.ccsdk.sli.adaptors.aai.path.wan.connector=/aai/v14/business/connectors/connector/{resource-instance-id} - -# l-interface -org.onap.ccsdk.sli.adaptors.aai.path.lag.interface.l.interface=/aai/v14/cloud-infrastructure/pservers/pserver/{hostname}/lag-interfaces/lag-interface/{lag-interface.interface-name}/l-interfaces/l-interface/{interface-name} -org.onap.ccsdk.sli.adaptors.aai.path.p.interface.l.interface=/aai/v14/cloud-infrastructure/pservers/pserver/{hostname}/p-interfaces/p-interface/{p-interface.interface-name}/l-interfaces/l-interface/{interface-name} - -# l-interface pnf -org.onap.ccsdk.sli.adaptors.aai.path.lag.interface.l.interface.pnf=/aai/v14/network/pnfs/pnf/{pnf-name}/lag-interfaces/lag-interface/{lag-interface.interface-name}/l-interfaces/l-interface/{interface-name} -org.onap.ccsdk.sli.adaptors.aai.path.p.interface.l.interface.pnf=/aai/v14/network/pnfs/pnf/{pnf-name}/p-interfaces/p-interface/{p-interface.interface-name}/l-interfaces/l-interface/{interface-name} - -# subinterface -org.onap.ccsdk.sli.adaptors.aai.path.pnf.lag.interface.subinterface=/aai/v14/network/pnfs/pnf/{pnf-name}/lag-interfaces/lag-interface/{lag-interface.interface-name}/l-interfaces/l-interface/{interface-name} -org.onap.ccsdk.sli.adaptors.aai.path.pnf.p.interface.l.interface=/aai/v14/network/pnfs/pnf/{pnf-name}/p-interfaces/p-interface/{p-interface.interface-name}/l-interfaces/l-interface/{interface-name} - -# vlans -org.onap.ccsdk.sli.adaptors.aai.path.vlan=/aai/v14/cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id}/tenants/tenant/{tenant-id}/vservers/vserver/{vserver-id}/l-interfaces/l-interface/{interface-name}/vlans/vlan/{vlan-interface} -org.onap.ccsdk.sli.adaptors.aai.path.generic.vnf.vlan=/aai/v14/network/generic-vnfs/generic-vnf/{vnf-id}/l-interfaces/l-interface/{interface-name}/vlans/vlan/{vlan-interface} - -# l3-interface-ipv4-address-list -org.onap.ccsdk.sli.adaptors.aai.path.l3.interface.ipv4.address.list=/aai/v14/network/generic-vnfs/generic-vnf/{vnf-id}/l-interfaces/l-interface/{interface-name}/l3-interface-ipv4-address-list/{l3-interface-ipv4-address} -org.onap.ccsdk.sli.adaptors.aai.path.vlan.l3.interface.ipv4.address.list=/aai/v14/network/generic-vnfs/generic-vnf/{vnf-id}/l-interfaces/l-interface/{interface-name}/vlans/vlan/{vlan-interface}/l3-interface-ipv4-address-list/{l3-interface-ipv4-address} - -# l3-interface-ipv6-address-list -org.onap.ccsdk.sli.adaptors.aai.path.l3.interface.ipv6.address.list=/aai/v14/network/generic-vnfs/generic-vnf/{vnf-id}/l-interfaces/l-interface/{interface-name}/l3-interface-ipv6-address-list/{l3-interface-ipv6-address} -org.onap.ccsdk.sli.adaptors.aai.path.vlan.l3.interface.ipv6.address.list=/aai/v14/network/generic-vnfs/generic-vnf/{vnf-id}/l-interfaces/l-interface/{interface-name}/vlans/vlan/{vlan-interface}/l3-interface-ipv6-address-list/{l3-interface-ipv6-address} - -# ipsec-configuration -org.onap.ccsdk.sli.adaptors.aai.path.ipsec.configuration=/aai/v14/network/ipsec-configurations/ipsec-configuration/{ipsec-configuration-id} - -# vig server -org.onap.ccsdk.sli.adaptors.aai.path.vig.server=/aai/v14/network/ipsec-configurations/ipsec-configuration/{ipsec-configuration-id}/vig-servers/vig-server/{vig-address-type} - -# l3-network -org.onap.ccsdk.sli.adaptors.aai.path.l3.network=/aai/v14/network/l3-networks/l3-network/{network-id} - -# subnet -org.onap.ccsdk.sli.adaptors.aai.path.subnet=/aai/v14/network/l3-networks/l3-network/{network-id}/subnets/subnet/{subnet-id} - -# multicast-configuration -org.onap.ccsdk.sli.adaptors.aai.path.multicast.configuration=/aai/v14/network/multicast-configurations/multicast-configuration/{multicast-configuration-id} - -# org.onap.ccsdk.sli.adaptors.aai.path.l.interface.ipv4.address.list -org.onap.ccsdk.sli.adaptors.aai.path.l3-interface.ipv4.address.list=/aai/v14/network/generic-vnfs/generic-vnf/{vnf-id}/l-interfaces/l-interface/{interface-name}/l3-interface-ipv4-address-list/{l3-interface-ipv4-address} - -# org.onap.ccsdk.sli.adaptors.aai.path.l.interface.vlan.ipv4.address.list -org.onap.ccsdk.sli.adaptors.aai.path.l3-interface.vlan.ipv4.address.list=/aai/v14/network/generic-vnfs/generic-vnf/{vnf-id}/l-interfaces/l-interface/{interface-name}/vlans/vlan/{vlan-interface}/l3-interface-ipv4-address-list/{l3-interface-ipv4-address} - -# org.onap.ccsdk.sli.adaptors.aai.path.l.interface.ipv6.address.list -org.onap.ccsdk.sli.adaptors.aai.path.l3-interface.ipv6.address.list=/aai/v14/network/generic-vnfs/generic-vnf/{vnf-id}/l-interfaces/l-interface/{interface-name}/l3-interface-ipv6-address-list/{l3-interface-ipv6-address} - -# volume.group -org.onap.ccsdk.sli.adaptors.aai.path.volume.group=/aai/v14/cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id}/volume-groups/volume-group/{volume-group-id} - -#cloud region -org.onap.ccsdk.sli.adaptors.aai.path.cloud.region=/aai/v14/cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id} - -# vf-module -org.onap.ccsdk.sli.adaptors.aai.path.vf.module=/aai/v14/network/generic-vnfs/generic-vnf/{vnf-id}/vf-modules/vf-module/{vf-module-id} - -# l-interface through generic-vnf -org.onap.ccsdk.sli.adaptors.aai.path.generic.vnf.linterface=/aai/v14/network/generic-vnfs/generic-vnf/{vnf-id}/l-interfaces/l-interface/{interface-name} - -# network-policy -org.onap.ccsdk.sli.adaptors.aai.path.network.policy=/aai/v14/network/network-policies/network-policy/{network-policy-id} - -# pnf -org.onap.ccsdk.sli.adaptors.aai.path.pnf=/aai/v14/network/pnfs/pnf/{pnf-name} - -# -# Formatting -# -org.onap.ccsdk.sli.adaptors.aai.param.format=filter=%s:%s -org.onap.ccsdk.sli.adaptors.aai.param.vnf_type=vnf-type -org.onap.ccsdk.sli.adaptors.aai.param.physical.location.id=physical-location-id -org.onap.ccsdk.sli.adaptors.aai.param.service.type=service-type diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties deleted file mode 100644 index 3b7f02d6f7..0000000000 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties +++ /dev/null @@ -1,139 +0,0 @@ -{{/* -### -# ============LICENSE_START======================================================= -# APPC -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# ECOMP is a trademark and service mark of AT&T Intellectual Property. -### -*/}} - -### ### -### Properties for demo ### -### ### -appc.demo.poolMembers=message-router.{{.Release.Namespace}}:3904 -appc.demo.topic.read=APPC-CL -appc.demo.topic.write=APPC-CL -appc.demo.client.name=appcDemoEventListener -appc.demo.threads.queuesize.min=1 -appc.demo.threads.queuesize.max=1000 -appc.demo.threads.poolsize.min=1 -appc.demo.threads.poolsize.max=2 -appc.demo.provider.user={{.Values.config.odlUser}} -appc.demo.provider.pass={{.Values.config.odlPassword}} -appc.demo.provider.url=http://localhost:8181/restconf/operations/appc-provider -appc.provider.vfodl.url=http://{{.Values.config.odlUser|urlquery}}:{{.Values.config.odlPassword|urlquery}}@localhost:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/NODE_NAME/yang-ext:mount/stream-count:stream-count/streams/ - -# The properties right below are needed to properly call the Master DG to serve demo purposes -appc.service.logic.module.name=APPC -appc.topology.dg.method=topology-operation-all -appc.topology.dg.version=2.0.0 - -# TEMP - Properties that might be needed to make the AAI-APPC connection -org.onap.appc.db.url.appcctl=jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}:3306/{{.Values.config.appcdb.dbName}} -org.onap.appc.db.user.appcctl=${APPC_DB_USER} -org.onap.appc.db.pass.appcctl=${APPC_DB_PASSWD} - -org.onap.appc.db.url.sdnctl=jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}:3306/{{.Values.config.sdncdb.dbName}} -org.onap.appc.db.user.sdnctl=${SDNC_DB_USER} -org.onap.appc.db.pass.sdnctl=${SDNC_DB_PASSWD} - - -### ### -### OpenStack credentials (these properties also are used in appc-rest-adapter-bundle, appc-chef-adapter-bundle, appc-iaas-adapter-bundle) ### -### ### -provider1.type={{.Values.config.openStackType}} -provider1.name={{.Values.config.openStackName}} -provider1.identity={{.Values.config.openStackKeyStoneUrl}} -provider1.tenant1.name={{.Values.config.openStackServiceTenantName}} -provider1.tenant1.domain={{.Values.config.openStackDomain}} -provider1.tenant1.userid={{.Values.config.openStackUserName}} -provider1.tenant1.password={{.Values.config.openStackEncryptedPassword}} - -### ### -### Properties that are not covered or being replaced from default.properties files. Default value for DMaaP IP is 10.0.11.1:3904 ### -### which is what the Master HEAT Template to instantiate OpenECOMP is pointing to (version R1). All other default values are ### -### left there since these are pre-defined as part of APP-C/OpenECOMP default instantiation with Master HEAT Template ### -### ### - - -# Property below is valid in appc-command-executor-core, appc-license-manager-core, appc-lifecycle-management-core, -# appc-request-handler-core, appc-workflow-management-core (all from the appc-dispatcher package). -dmaap.poolMembers=message-router.{{.Release.Namespace}}:3904 - - -# appc-event-listener-bundle properties (only defined in src/test of default.properties) -appc.LCM.poolMembers=message-router.{{.Release.Namespace}}:3904 -appc.LCM.topic.read=APPC-LCM-READ -appc.LCM.topic.write=APPC-LCM-WRITE -appc.LCM.client.name=APPC-EVENT-LISTENER-TEST -appc.LCM.provider.user={{.Values.config.odlUser}} -appc.LCM.provider.pass={{.Values.config.odlPassword}} -appc.LCM.provider.url=http://localhost:8181/restconf/operations/appc-provider-lcm -appc.LCM.scopeOverlap.endpoint=http://localhost:8181/restconf/operations/interfaces-service:execute-service - -# properties from appc-netconf-adapter-bundle, appc-dg-common, appc-dmaap-adapter-bundle -poolMembers=message-router.{{.Release.Namespace}}:3904 -event.pool.members=message-router.{{.Release.Namespace}}:3904 -restconf.user={{.Values.config.odlUser}} -restconf.pass={{.Values.config.odlPassword}} - - -# properties found in appc-rest-adapter-bundle, appc-chef-adapter-bundle, appc-iaas-adapter-bundle) -#Your OpenStack IP -test.ip=10.0.11.100 -# Your OpenStack Platform's Keystone Port (default is 5000) -test.port=5000 -test.tenantid=test -test.vmid=test -# Port 8774 below is default port for OpenStack's Nova API Service -test.url=http://api.appc.local/vm/9999999/test/99999999-9999-9999-9999-999999999999 -#skips hypervisor check which usually occurs during iaas-adapter-bundle startup -org.onap.appc.iaas.skiphypervisorcheck=true - -# Properties from default.properties in the src/test and src/main paths of appc-asdc-listener-bundle -appc.sdc.host=sdc-be.{{.Release.Namespace}}:8443 -appc.sdc.env=APPC-ASDC-ENV -appc.sdc.user=test -appc.sdc.pass=test -appc.sdc.consumer=APPC-ASDC-CONSUMER -appc.sdc.consumer.id=APPC-ASDC-CONSUMER-ID -appc.sdc.provider.url=http://localhost:8181/restconf/operations/AsdcMessage:configuration-document-request - -# Properties used by EventSenderDmaapImpl.java -DCAE.dmaap.event.topic.write=EventSenderTest -DCAE.dmaap.event.username=test -DCAE.dmaap.event.password=test -DCAE.dmaap.event.poolMembers=message-router.{{.Release.Namespace}}:3904 - -#OAM Listener -appc.OAM.disabled=true -appc.OAM.provider.url=http://localhost:8181/restconf/operations/appc-oam -appc.OAM.poolMembers=message-router.{{.Release.Namespace}}:3904 -appc.OAM.service=ueb -appc.OAM.topic.read=testOAM -appc.OAM.topic.write=testOAM -appc.OAM.client.name=testOAM -appc.OAM.provider.user={{.Values.config.odlUser}} -appc.OAM.provider.pass={{.Values.config.odlPassword}} - -appc.asdc.env={{.Values.config.dmaapTopicEnv}} - -#Properties for communication between appc dmaap microservice and appc -appc.srvcomm.messaging.username={{.Values.config.dmaapServiceUser}} -appc.srvcomm.messaging.password={{.Values.config.dmaapServicePassword}} -appc.srvcomm.messaging.url={{.Values.config.dmaapServiceUrl}} diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/bath_config.csv b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/bath_config.csv deleted file mode 100644 index 24a3dff7e2..0000000000 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/bath_config.csv +++ /dev/null @@ -1,8 +0,0 @@ -# APPC HELM CHART APPC_RESTCONF_UI -> appc@appc.onap.org -Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ==,Basic YXBwY0BhcHBjLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03 -# jolokiaall = demo@people.osaaf.org -Basic am9sb2tpYWFsbDpqb2xva2lhYWxs,Basic ZGVtb0BwZW9wbGUub3NhYWYub3JnOmRlbW8xMjM0NTYh,2050-03-03 -# restall = aaf_admin@people.osaaf.org -Basic cmVzdGFsbDpyZXN0YWxs,Basic YWFmX2FkbWluQHBlb3BsZS5vc2FhZi5vcmc6ZGVtbzEyMzQ1NiE=,2050-03-03 -# odlro = mmmanger@people.osaaf.org -Basic b2Rscm86b2Rscm8=,Basic bW1tYW5nZXJAcGVvcGxlLm9zYWFmLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties deleted file mode 100644 index 0592f8b06f..0000000000 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties +++ /dev/null @@ -1,60 +0,0 @@ -{{/* -### -# ============LICENSE_START======================================================= -# APPC -# ================================================================================ -# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -### -#hostname=localhost -*/}} - -cadi_loglevel=DEBUG -cadi_bath_convert=/opt/onap/appc/data/properties/bath_config.csv - -############################################################ -# Properties Generated by AT&T Certificate Manager -# @copyright 2016, AT&T -############################################################ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US -cadi_keyfile=/opt/onap/appc/data/stores/org.onap.appc.keyfile -cadi_keystore=/opt/onap/appc/data/stores/org.onap.appc.p12 -cadi_keystore_password=enc:j5wAY4JjI6Gg8KbPRT3CK55kCaBZcrSq9XMe0vU2Hj3_TWfhln414p_og8-0u4EV -#cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)> -cadi_alias=appc@appc.onap.org -cadi_truststore=/opt/onap/appc/data/stores/truststoreONAPall.jks -cadi_truststore_password=enc:9WJ6CRlrFmHiQrFlckhHybFXOwPW3tRetofp3AZ5nyt - -## -## org.osaaf.location.props -## -## Localized Machine Information -## -# Almeda California ? -cadi_latitude=37.78187 -cadi_longitude=-122.26147 - -# Locate URL (which AAF Env) -aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 - -# AAF URL -aaf_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1 - -# AAF Environment Designation -aaf_env=DEV - -# OAuth2 Endpoints -aaf_oauth2_token_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.token:2.1/token -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.introspect:2.1/introspect diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/dblib.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/dblib.properties deleted file mode 100644 index 3c19fb44e3..0000000000 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/dblib.properties +++ /dev/null @@ -1,39 +0,0 @@ -{{/* -### -# ============LICENSE_START======================================================= -# APPC -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -### -*/}} - -# dblib.properrties -org.onap.ccsdk.sli.dbtype=jdbc - -org.onap.ccsdk.sli.jdbc.hosts=dbhost -org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}:3306/{{.Values.config.sdncdb.dbName}} -org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver -org.onap.ccsdk.sli.jdbc.database={{.Values.config.sdncdb.dbName}} -org.onap.ccsdk.sli.jdbc.user=${SDNC_DB_USER} -org.onap.ccsdk.sli.jdbc.password=${SDNC_DB_PASSWD} -org.onap.ccsdk.sli.jdbc.connection.name=sdnctldb01 -org.onap.ccsdk.sli.jdbc.connection.timeout=50 -org.onap.ccsdk.sli.jdbc.request.timeout=100 -org.onap.ccsdk.sli.jdbc.limit.init=10 -org.onap.ccsdk.sli.jdbc.limit.min=10 -org.onap.ccsdk.sli.jdbc.limit.max=20 -org.onap.dblib.connection.recovery=false diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/svclogic.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/svclogic.properties deleted file mode 100644 index 95f672c2e2..0000000000 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/svclogic.properties +++ /dev/null @@ -1,31 +0,0 @@ -{{/* -### -# ============LICENSE_START======================================================= -# APPC -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -### -*/}} - -org.onap.ccsdk.sli.dbtype = dblib -#Note : the next 4 fields are only used if org.onap.ccsdk.sli.dbtype = jdbc -org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}:3306/{{.Values.config.sdncdb.dbName}} -org.onap.ccsdk.sli.jdbc.database={{.Values.config.sdncdb.dbName}} -org.onap.ccsdk.sli.jdbc.user=${SDNC_DB_USER} -org.onap.ccsdk.sli.jdbc.password=${SDNC_DB_PASSWD} - -org.xml.sax.driver=org.apache.xerces.parsers.SAXParser diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/svclogic/bin/showActiveGraphs.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/svclogic/bin/showActiveGraphs.sh deleted file mode 100755 index b6fb2d88a9..0000000000 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/svclogic/bin/showActiveGraphs.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh - -{{/* -### -# ============LICENSE_START======================================================= -# APPC -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# ECOMP is a trademark and service mark of AT&T Intellectual Property. -### -*/}} - -MYSQL_USER=${SDNC_DB_USER} -MYSQL_PWD=${SDNC_DB_PASSWD} -MYSQL_DB={{.Values.config.sdncdb.dbName}} -MYSQL_HOST=${MYSQL_HOST:-{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}} - -mysql --user=${MYSQL_USER} --password=${MYSQL_PWD} --host=${MYSQL_HOST} ${MYSQL_DB} <<-END -SELECT module, rpc, version, mode from SVC_LOGIC where active='Y'; -END diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/svclogic/config/svclogic.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/svclogic/config/svclogic.properties deleted file mode 100644 index a6f7f50026..0000000000 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/svclogic/config/svclogic.properties +++ /dev/null @@ -1,29 +0,0 @@ -{{/* -### -# ============LICENSE_START======================================================= -# APPC -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# ECOMP is a trademark and service mark of AT&T Intellectual Property. -### -*/}} - -org.onap.ccsdk.sli.dbtype = jdbc -org.onap.ccsdk.sli.jdbc.url = jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}:3306/{{.Values.config.sdncdb.dbName}} -org.onap.ccsdk.sli.jdbc.database = {{.Values.config.sdncdb.dbName}} -org.onap.ccsdk.sli.jdbc.user = ${SDNC_DB_USER} -org.onap.ccsdk.sli.jdbc.password = ${SDNC_DB_PASSWD} diff --git a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/bin/installSdncDb.sh b/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/bin/installSdncDb.sh deleted file mode 100755 index 7257d186e6..0000000000 --- a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/bin/installSdncDb.sh +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/sh - -{{/* - -### -# ============LICENSE_START======================================================= -# openECOMP : SDN-C -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights -# reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -### -*/}} - -SDNC_HOME=${SDNC_HOME:-/opt/onap/ccsdk} -MYSQL_PASSWD=${MYSQL_ROOT_PASSWORD} - -SDNC_DB_USER=${SDNC_DB_USER} -SDNC_DB_PASSWD=${SDNC_DB_PASSWD} -SDNC_DB_DATABASE={{.Values.config.sdncdb.dbName}} - - -# Create tablespace and user account -mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p${MYSQL_PASSWD} mysql <<-END -CREATE DATABASE ${SDNC_DB_DATABASE}; -CREATE USER '${SDNC_DB_USER}'@'localhost' IDENTIFIED BY '${SDNC_DB_PASSWD}'; -CREATE USER '${SDNC_DB_USER}'@'%' IDENTIFIED BY '${SDNC_DB_PASSWD}'; -GRANT ALL PRIVILEGES ON ${SDNC_DB_DATABASE}.* TO '${SDNC_DB_USER}'@'localhost' WITH GRANT OPTION; -GRANT ALL PRIVILEGES ON ${SDNC_DB_DATABASE}.* TO '${SDNC_DB_USER}'@'%' WITH GRANT OPTION; -commit; -END - -if [ -f ${SDNC_HOME}/data/odlsli.dump ] -then -mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p${MYSQL_PASSWD} ${SDNC_DB_DATABASE} < ${SDNC_HOME}/data/odlsli.dump -fi diff --git a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/data/properties/aaiclient.properties b/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/data/properties/aaiclient.properties deleted file mode 100644 index fb56680a1d..0000000000 --- a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/data/properties/aaiclient.properties +++ /dev/null @@ -1,251 +0,0 @@ -{{/* -### -# ============LICENSE_START======================================================= -# APPC -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -### -*/}} - -# -# Configuration file for A&AI Client -# - -# -# Certificate keystore and truststore -# -org.onap.ccsdk.sli.adaptors.aai.ssl.trust=/opt/openecomp/appc/data/stores/truststore.openecomp.client.jks -org.onap.ccsdk.sli.adaptors.aai.ssl.trust.psswd=adminadmin -org.onap.ccsdk.sli.adaptors.aai.host.certificate.ignore=true - -org.onap.ccsdk.sli.adaptors.aai.client.name=AAI -org.onap.ccsdk.sli.adaptors.aai.client.psswd=AAI - -org.onap.ccsdk.sli.adaptors.aai.application=openECOMP -#connection.timeout=1000 -#read.timeout=2000 - -# -# Configuration file for A&AI Client -# -org.onap.ccsdk.sli.adaptors.aai.uri=https://aai.{{.Release.Namespace}}:8443 - - -# query -org.onap.ccsdk.sli.adaptors.aai.path.query=/aai/v11/search/sdn-zone-query -org.onap.ccsdk.sli.adaptors.aai.query.nodes=/aai/v11/search/nodes-query?search-node-type={node-type}&filter={entity-identifier}:EQUALS:{entity-name} -org.onap.ccsdk.sli.adaptors.aai.query.generic=/aai/v11/search/generic-query?key={identifier}:{value}&start-node-type={start-node-type}&include=complex&depth=3 - -# named query -org.onap.ccsdk.sli.adaptors.aai.query.named=/aai/search/named-query - - -#update -org.onap.ccsdk.sli.adaptors.aai.update=/aai/v11/actions/update - -# vce -org.onap.ccsdk.sli.adaptors.aai.path.vce =/aai/v11/network/vces/vce/ -org.onap.ccsdk.sli.adaptors.aai.path.vces=/aai/v11/network/vces/ - -# vpe -org.onap.ccsdk.sli.adaptors.aai.path.vpe =/aai/v11/network/vpes/vpe/ -org.onap.ccsdk.sli.adaptors.aai.path.vpes=/aai/v11/network/vpes/ - -# customer -org.onap.ccsdk.sli.adaptors.aai.path.customer=/aai/v11/business/customers/customer/{customer-id} - -# service subscription -org.onap.ccsdk.sli.adaptors.aai.path.service.subscription=/aai/v11/business/customers/customer/{global-customer-id}/service-subscriptions/service-subscription/{service-type} - -# service instance -org.onap.ccsdk.sli.adaptors.aai.path.svcinst=/aai/v11/business/customers/customer/{customer-id}/service-subscriptions/service-subscription/{service-type}/service-instances -org.onap.ccsdk.sli.adaptors.aai.path.svcinst.query=/aai/v11/search/generic-query?key=service-instance.service-instance-id:{svc-instance-id}&start-node-type=service-instance&include=service-instance -org.onap.ccsdk.sli.adaptors.aai.path.service.instance=/aai/v11/business/customers/customer/{global-customer-id}/service-subscriptions/service-subscription/{service-type}/service-instances/service-instance/{service-instance-id} - -# complex -org.onap.ccsdk.sli.adaptors.aai.path.complexes=/aai/v11/cloud-infrastructure/complexes -org.onap.ccsdk.sli.adaptors.aai.path.complex=/aai/v11/cloud-infrastructure/complexes/complex/{physical-location-id} - -# tenant -org.onap.ccsdk.sli.adaptors.aai.path.tenant=/aai/v11/cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id}/tenants/tenant/{tenant-id} -org.onap.ccsdk.sli.adaptors.aai.path.tenant.query=/aai/v11/cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id}/tenants/tenant?tenant-name={tenant-name} - -# vservers -org.onap.ccsdk.sli.adaptors.aai.path.vservers=/aai/v11/cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id}/tenants/tenant/{tenant-id}/vservers/ -org.onap.ccsdk.sli.adaptors.aai.path.vserver=/aai/v11/cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id}/tenants/tenant/{tenant-id}/vservers/vserver/{vserver-id} - -# vpls-pe -org.onap.ccsdk.sli.adaptors.aai.path.vpls.pes=/aai/v11/network/vpls-pes/ -org.onap.ccsdk.sli.adaptors.aai.path.vpls.pe =/aai/v11/network/vpls-pes/vpls-pe/ - -# ctag-pool -org.onap.ccsdk.sli.adaptors.aai.path.ctag.pools=/aai/v11/cloud-infrastructure/complexes/complex/{physical-location-id}/ctag-pools -org.onap.ccsdk.sli.adaptors.aai.path.ctag.pool=/aai/v11/cloud-infrastructure/complexes/complex/{physical-location-id}/ctag-pools/ctag-pool/{target-pe}/{availability-zone-name} - -# -#-------------- 1510 ---------------------- -# - -# pservers -org.onap.ccsdk.sli.adaptors.aai.path.pservers=/aai/v11/cloud-infrastructure/pservers -org.onap.ccsdk.sli.adaptors.aai.path.pserver=/aai/v11/cloud-infrastructure/pservers/pserver/{hostname} - -# generic-vnf -org.onap.ccsdk.sli.adaptors.aai.path.generic.vnfs=/aai/v11/network/generic-vnfs -org.onap.ccsdk.sli.adaptors.aai.path.generic.vnf=/aai/v11/network/generic-vnfs/generic-vnf/{vnf-id} - -# dvs-switch -org.onap.ccsdk.sli.adaptors.aai.path.dvsswitches=/aai/v11/cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id}/dvs-switches -org.onap.ccsdk.sli.adaptors.aai.path.dvsswitch=/aai/v11/cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id}/dvs-switches/dvs-switch/{switch-name} - -# L3 Networks -org.onap.ccsdk.sli.adaptors.aai.path.l3networks=/aai/v11/network/l3-networks -org.onap.ccsdk.sli.adaptors.aai.path.l3network=/aai/v11/network/l3-networks/l3-network/{network-id} -org.onap.ccsdk.sli.adaptors.aai.path.l3network.query.name=/aai/v11/network/l3-networks/l3-network?network-name={network-name} - -# P-Interfaces -org.onap.ccsdk.sli.adaptors.aai.path.pserver.pinterfaces=/aai/v11/cloud-infrastructure/pservers/pserver/{hostname}/p-interfaces -org.onap.ccsdk.sli.adaptors.aai.path.pserver.pinterface=/aai/v11/cloud-infrastructure/pservers/pserver/{hostname}/p-interfaces/p-interface/{interface-name} - -# Physical Link -org.onap.ccsdk.sli.adaptors.aai.path.physical.links=/aai/v11/network/physical-links -org.onap.ccsdk.sli.adaptors.aai.path.physical.link=/aai/v11/network/physical-links/physical-link/{link-name} - -# VPN Bindings -org.onap.ccsdk.sli.adaptors.aai.path.vpn.bindings=/aai/v11/network/vpn-bindings/ -org.onap.ccsdk.sli.adaptors.aai.path.vpn.binding=/aai/v11/network/vpn-bindings/vpn-binding/{vpn-id} - -# VNF IMAGES -org.onap.ccsdk.sli.adaptors.aai.path.vnf.images=/aai/v11/service-design-and-creation/vnf-images -org.onap.ccsdk.sli.adaptors.aai.path.vnf.image=/aai/v11/service-design-and-creation/vnf-images/vnf-image/{att-uuid} -org.onap.ccsdk.sli.adaptors.aai.path.vnf.image.query=/aai/v11/service-design-and-creation/vnf-images/vnf-image?application={application_model}&application-vendor={application_vendor} - -# UBB Notify -org.onap.ccsdk.sli.adaptors.aai.path.notify=/aai/v11/actions/notify -org.onap.ccsdk.sli.adaptors.aai.notify.selflink.fqdn=https://aai.{{.Release.Namespace}}:8443/restconf/config/L3SDN-API:services/layer3-service-list/{service-instance-id} -org.onap.ccsdk.sli.adaptors.aai.notify.selflink.avpn=https://aai.{{.Release.Namespace}}:8443/restconf/config/L3AVPN-EVC-API:services/service-list/{service-instance-id}/service-data/avpn-logicalchannel-information - -# Service -org.onap.ccsdk.sli.adaptors.aai.path.service=/aai/v11/service-design-and-creation/services/service/{service-id} -org.onap.ccsdk.sli.adaptors.aai.path.services=/aai/v11/service-design-and-creation/services - - -# -#-------------- 1604 ---------------------- -# - -# VNFC -org.onap.ccsdk.sli.adaptors.aai.path.vnfc=/aai/v11/network/vnfcs/vnfc/{vnfc-name} - -# class-of-service -org.onap.ccsdk.sli.adaptors.aai.path.class.of.service=/aai/v11/network/site-pair-sets/site-pair-set/{site-pair-set-id}/routing-instances/routing-instance/{routing-instance-id}/site-pairs/site-pair/{site-pair-id}/classes-of-service/class-of-service/{cos-id} - -# site-pair -org.onap.ccsdk.sli.adaptors.aai.path.site.pair=/aai/v11/network/site-pair-sets/site-pair-set/{site-pair-set-id}/routing-instances/routing-instance/{routing-instance-id}/site-pairs/site-pair/{site-pair-id} - -# routing-instance -org.onap.ccsdk.sli.adaptors.aai.path.routing.instance=/aai/v11/network/site-pair-sets/site-pair-set/{site-pair-set-id}/routing-instances/routing-instance/{routing-instance-id} - -# site-pair-set -org.onap.ccsdk.sli.adaptors.aai.path.site.pair.set=/aai/v11/network/site-pair-sets/site-pair-set/{site-pair-set-id} - -# license key resource -org.onap.ccsdk.sli.adaptors.aai.path.license.acquire=/aai/v11/actions/assignment/license-management/assignment-group-uuid/{assignment-group-uuid} -org.onap.ccsdk.sli.adaptors.aai.path.license=/aai/v11/license-management/license-key-resources/license-key-resource/{att-uuid} - -# logical-link -org.onap.ccsdk.sli.adaptors.aai.path.logical.link =/aai/v11/network/logical-links/logical-link/{link-name} - -# virtual-data-center -org.onap.ccsdk.sli.adaptors.aai.path.virtual.data.center=/aai/v11/cloud-infrastructure/virtual-data-centers/virtual-data-center/{vdc-id} - -# wan-connector -org.onap.ccsdk.sli.adaptors.aai.path.wan.connector=/aai/v11/business/connectors/connector/{resource-instance-id} - -# l-interface -org.onap.ccsdk.sli.adaptors.aai.path.lag.interface.l.interface=/aai/v11/cloud-infrastructure/pservers/pserver/{hostname}/lag-interfaces/lag-interface/{lag-interface.interface-name}/l-interfaces/l-interface/{interface-name} -org.onap.ccsdk.sli.adaptors.aai.path.p.interface.l.interface=/aai/v11/cloud-infrastructure/pservers/pserver/{hostname}/p-interfaces/p-interface/{p-interface.interface-name}/l-interfaces/l-interface/{interface-name} - -# l-interface pnf -org.onap.ccsdk.sli.adaptors.aai.path.lag.interface.l.interface.pnf=/aai/v11/network/pnfs/pnf/{pnf-name}/lag-interfaces/lag-interface/{lag-interface.interface-name}/l-interfaces/l-interface/{interface-name} -org.onap.ccsdk.sli.adaptors.aai.path.p.interface.l.interface.pnf=/aai/v11/network/pnfs/pnf/{pnf-name}/p-interfaces/p-interface/{p-interface.interface-name}/l-interfaces/l-interface/{interface-name} - -# subinterface -org.onap.ccsdk.sli.adaptors.aai.path.pnf.lag.interface.subinterface=/aai/v11/network/pnfs/pnf/{pnf-name}/lag-interfaces/lag-interface/{lag-interface.interface-name}/l-interfaces/l-interface/{interface-name} -org.onap.ccsdk.sli.adaptors.aai.path.pnf.p.interface.l.interface=/aai/v11/network/pnfs/pnf/{pnf-name}/p-interfaces/p-interface/{p-interface.interface-name}/l-interfaces/l-interface/{interface-name} - -# vlans -org.onap.ccsdk.sli.adaptors.aai.path.vlan=/aai/v11/cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id}/tenants/tenant/{tenant-id}/vservers/vserver/{vserver-id}/l-interfaces/l-interface/{interface-name}/vlans/vlan/{vlan-interface} -org.onap.ccsdk.sli.adaptors.aai.path.generic.vnf.vlan=/aai/v11/network/generic-vnfs/generic-vnf/{vnf-id}/l-interfaces/l-interface/{interface-name}/vlans/vlan/{vlan-interface} - -# l3-interface-ipv4-address-list -org.onap.ccsdk.sli.adaptors.aai.path.l3.interface.ipv4.address.list=/aai/v11/network/generic-vnfs/generic-vnf/{vnf-id}/l-interfaces/l-interface/{interface-name}/l3-interface-ipv4-address-list/{l3-interface-ipv4-address} -org.onap.ccsdk.sli.adaptors.aai.path.vlan.l3.interface.ipv4.address.list=/aai/v11/network/generic-vnfs/generic-vnf/{vnf-id}/l-interfaces/l-interface/{interface-name}/vlans/vlan/{vlan-interface}/l3-interface-ipv4-address-list/{l3-interface-ipv4-address} - -# l3-interface-ipv6-address-list -org.onap.ccsdk.sli.adaptors.aai.path.l3.interface.ipv6.address.list=/aai/v11/network/generic-vnfs/generic-vnf/{vnf-id}/l-interfaces/l-interface/{interface-name}/l3-interface-ipv6-address-list/{l3-interface-ipv6-address} -org.onap.ccsdk.sli.adaptors.aai.path.vlan.l3.interface.ipv6.address.list=/aai/v11/network/generic-vnfs/generic-vnf/{vnf-id}/l-interfaces/l-interface/{interface-name}/vlans/vlan/{vlan-interface}/l3-interface-ipv6-address-list/{l3-interface-ipv6-address} - -# ipsec-configuration -org.onap.ccsdk.sli.adaptors.aai.path.ipsec.configuration=/aai/v11/network/ipsec-configurations/ipsec-configuration/{ipsec-configuration-id} - -# vig server -org.onap.ccsdk.sli.adaptors.aai.path.vig.server=/aai/v11/network/ipsec-configurations/ipsec-configuration/{ipsec-configuration-id}/vig-servers/vig-server/{vig-address-type} - -# l3-network -org.onap.ccsdk.sli.adaptors.aai.path.l3.network=/aai/v11/network/l3-networks/l3-network/{network-id} - -# subnet -org.onap.ccsdk.sli.adaptors.aai.path.subnet=/aai/v11/network/l3-networks/l3-network/{network-id}/subnets/subnet/{subnet-id} - -# multicast-configuration -org.onap.ccsdk.sli.adaptors.aai.path.multicast.configuration=/aai/v11/network/multicast-configurations/multicast-configuration/{multicast-configuration-id} - -# org.onap.ccsdk.sli.adaptors.aai.path.l.interface.ipv4.address.list -org.onap.ccsdk.sli.adaptors.aai.path.l3-interface.ipv4.address.list=/aai/v11/network/generic-vnfs/generic-vnf/{vnf-id}/l-interfaces/l-interface/{interface-name}/l3-interface-ipv4-address-list/{l3-interface-ipv4-address} - -# org.onap.ccsdk.sli.adaptors.aai.path.l.interface.vlan.ipv4.address.list -org.onap.ccsdk.sli.adaptors.aai.path.l3-interface.vlan.ipv4.address.list=/aai/v11/network/generic-vnfs/generic-vnf/{vnf-id}/l-interfaces/l-interface/{interface-name}/vlans/vlan/{vlan-interface}/l3-interface-ipv4-address-list/{l3-interface-ipv4-address} - -# org.onap.ccsdk.sli.adaptors.aai.path.l.interface.ipv6.address.list -org.onap.ccsdk.sli.adaptors.aai.path.l3-interface.ipv6.address.list=/aai/v11/network/generic-vnfs/generic-vnf/{vnf-id}/l-interfaces/l-interface/{interface-name}/l3-interface-ipv6-address-list/{l3-interface-ipv6-address} - -# volume.group -org.onap.ccsdk.sli.adaptors.aai.path.volume.group=/aai/v11/cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id}/volume-groups/volume-group/{volume-group-id} - -#cloud region -org.onap.ccsdk.sli.adaptors.aai.path.cloud.region=/aai/v11/cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id} - -# vf-module -org.onap.ccsdk.sli.adaptors.aai.path.vf.module=/aai/v11/network/generic-vnfs/generic-vnf/{vnf-id}/vf-modules/vf-module/{vf-module-id} - -# l-interface through generic-vnf -org.onap.ccsdk.sli.adaptors.aai.path.generic.vnf.linterface=/aai/v11/network/generic-vnfs/generic-vnf/{vnf-id}/l-interfaces/l-interface/{interface-name} - -# network-policy -org.onap.ccsdk.sli.adaptors.aai.path.network.policy=/aai/v11/network/network-policies/network-policy/{network-policy-id} - -# pnf -org.onap.ccsdk.sli.adaptors.aai.path.pnf=/aai/v11/network/pnfs/pnf/{pnf-name} - -# -# Formatting -# -org.onap.ccsdk.sli.adaptors.aai.param.format=filter=%s:%s -org.onap.ccsdk.sli.adaptors.aai.param.vnf_type=vnf-type -org.onap.ccsdk.sli.adaptors.aai.param.physical.location.id=physical-location-id -org.onap.ccsdk.sli.adaptors.aai.param.service.type=service-type diff --git a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/data/properties/dblib.properties b/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/data/properties/dblib.properties deleted file mode 100644 index a46920f001..0000000000 --- a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/data/properties/dblib.properties +++ /dev/null @@ -1,40 +0,0 @@ -{{/* -### -# ============LICENSE_START======================================================= -# openECOMP : SDN-C -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights -# reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -### -*/}} - -# dblib.properrties -org.onap.ccsdk.sli.dbtype=jdbc - -org.onap.ccsdk.sli.jdbc.hosts=dbhost -org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}:3306/{{.Values.config.sdncdb.dbName}} -org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver -org.onap.ccsdk.sli.jdbc.database={{.Values.config.sdncdb.dbName}} -org.onap.ccsdk.sli.jdbc.user=${SDNC_DB_USER} -org.onap.ccsdk.sli.jdbc.password=${SDNC_DB_PASSWD} -org.onap.ccsdk.sli.jdbc.connection.name=sdnctldb01 -org.onap.ccsdk.sli.jdbc.connection.timeout=50 -org.onap.ccsdk.sli.jdbc.request.timeout=100 -org.onap.ccsdk.sli.jdbc.limit.init=10 -org.onap.ccsdk.sli.jdbc.limit.min=10 -org.onap.ccsdk.sli.jdbc.limit.max=20 -org.onap.dblib.connection.recovery=false diff --git a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/data/properties/svclogic.properties b/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/data/properties/svclogic.properties deleted file mode 100644 index a0df862636..0000000000 --- a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/data/properties/svclogic.properties +++ /dev/null @@ -1,32 +0,0 @@ -{{/* -### -# ============LICENSE_START======================================================= -# openECOMP : SDN-C -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights -# reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -### -*/}} - -org.onap.ccsdk.sli.dbtype = dblib -#Note : the next 4 fields are only used if org.onap.ccsdk.sli.dbtype = jdbc -org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}:3306/{{.Values.config.sdncdb.dbName}} -org.onap.ccsdk.sli.jdbc.database={{.Values.config.sdncdb.dbName}} -org.onap.ccsdk.sli.jdbc.user=${SDNC_DB_USER} -org.onap.ccsdk.sli.jdbc.password=${SDNC_DB_PASSWD} - -org.xml.sax.driver=org.apache.xerces.parsers.SAXParser diff --git a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/svclogic/bin/showActiveGraphs.sh b/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/svclogic/bin/showActiveGraphs.sh deleted file mode 100755 index d0e6c3ee71..0000000000 --- a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/svclogic/bin/showActiveGraphs.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh - -{{/* -### -# ============LICENSE_START======================================================= -# openECOMP : SDN-C -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights -# reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -### -*/}} - -MYSQL_USER=${SDNC_DB_USER} -MYSQL_PWD=${SDNC_DB_PASSWD} -MYSQL_DB={{.Values.config.sdncdb.dbName}} -MYSQL_HOST=${MYSQL_HOST:-{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}} - -mysql --user=${MYSQL_USER} --password=${MYSQL_PWD} --host=${MYSQL_HOST} ${MYSQL_DB} <<-END -SELECT module, rpc, version, mode from SVC_LOGIC where active='Y'; -END diff --git a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/svclogic/config/svclogic.properties b/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/svclogic/config/svclogic.properties deleted file mode 100644 index 5be5b8ddab..0000000000 --- a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/svclogic/config/svclogic.properties +++ /dev/null @@ -1,29 +0,0 @@ -{{/* -### -# ============LICENSE_START======================================================= -# openECOMP : SDN-C -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights -# reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -### -*/}} - -org.onap.ccsdk.sli.dbtype = jdbc -org.onap.ccsdk.sli.jdbc.url = jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}:3306/{{.Values.config.sdncdb.dbName}} -org.onap.ccsdk.sli.jdbc.database = {{.Values.config.sdncdb.dbName}} -org.onap.ccsdk.sli.jdbc.user = ${SDNC_DB_USER} -org.onap.ccsdk.sli.jdbc.password = ${SDNC_DB_PASSWD} diff --git a/kubernetes/appc/resources/config/certs/org.onap.appc.keyfile b/kubernetes/appc/resources/config/certs/org.onap.appc.keyfile deleted file mode 100644 index b7dd5ff9e7..0000000000 --- a/kubernetes/appc/resources/config/certs/org.onap.appc.keyfile +++ /dev/null @@ -1,27 +0,0 @@ -EVYIj42lKzRyMicebf8OOUa9CVwvaKie3N7fTGeDT-GjiR6M6AHQCwBD9Bj95VxgVWOyXGAYy7eT -SSfnkVBgcdZWXlRL7HSUocs52DneRTGYcYGIBGz24O6EpmeZQyWluCKBcVCALKClPzqBNsHa2W06 -XwAccZzYPkDV-taGqF5kP10RiYvKe5YoZEQYBfauS3lDqf47AP-Dh1wLUIpvTSAUfBgDW9FBx9Ay -8Wy2geTuAXcPduBtTGIj3law-5ePDFRqwVVkXmSaEmEn34NvJ4z6Ww7VHqzqBxKAvLErV-KCEHEa -L3L1CCqNCXjUUa_D8CReDA-LPAG_v0yrjQxrdqzcYJ76Q0uIlNmEi_85AlAUXx6KGC03TqaGqICW -nNs4ouxM6U4ekiDi9qbFh7RlTEXw6bHhJPCq-G5ID-crWDHSarQ3IUR5qOmgIFIxpkPksBSGmUI4 -OIScgb2TtqG94EAZ3qu3PmzVlJrxbHYHVFlNLEecu7tGtiQJTLUHpJ0Z8O2GOc8bBz6o6NBT72Pv -i068VkLyUyrSNnVo9rNVFWAc3HREFi85KszBdk58kPTr2AQFH9iK2hmrXTdnPMjhmQgRh4xiAn4J -v5Gsb4DL2si3ZjD2E36Fy5XlPhyFFc8gdB6-v-Et1XJTU6mwV5DgKgg5o3WdHTuHZjYgWmcATZiQ -yLOQ6ZdjTF_004yOSkUzHbArOEmS6LIPTuLibvN6CY1Q0u_ucl5iaIbcwo_sVFisnVXQBHYXblBm -MgZZFg0n5ugL-bdUSdJtU7yIU5t79n0aMxnN84QhuREMSvCUioCrBD5c5H22iqbY7UCPO9Yy7lM- -aPVDRPwHAKEVjYqf4Z4k0Jthn7wqWS2iAKVOEi4R1oniAuuIcM9xoha0-LdRe8hWTV-qXDbtCVDz -h6Rw3dqtS5mCGBMC0TCrLJzG5n3Ed_4kGl5Emb3SXHWNqI_BuIalU4uot7seCv464E3QWQgAkv8w -wTk_IEWIFZhKJIcy5Brsw7Fz-XWQWkExEU3xKButC9hFXpdszF0y8CYUI6EPt2mPqaxB6zu3s4Bv -bKrVxFPX97mOeD8TpmxElmF0vpdhJ9Ee8clvBrGtLl1UIP6B80PrAPEZMLNhLV8S-ZJMKL5PTZh0 -_HNpj1EfiXnBz02cbes5Fuq9M8Dk7f16tP8prYzJ1JbnLTNHHcW4Z1quKrN8RIoYw3qzlXuYRm6Y -8rbuPlZ1wTllIxf00omnonJw8Fx9XzArv_UvqTvAYrv22YliUSl-lcFi8cOK58bmM5rBmkWoFObK -DsCMicfyPWhKf3DEwg1Y0j0qKppFqtKcSxnIbQ-VPRCrRv2yTjauEW6iNlq3RQKSJqFjUVmSUn2w -7tYQzeNv0tYgfRtHgSy_CA9q_ANJFFlxDtqtrFTsgrEH4jOlLs2_UN96RNUhVqSu95X5hEukI574 -kQBUMc5gGQvQ2_Xug15O_-cFfhtalI7NBZkGNNPY5K8h7xYZp2aAl-pNPwKHAmrOWAvFwy64A1NT -_RrZxrtVkj-k3f8Mv_p56yChUpujZ_ZDwLgYKWraqDxyEctpXyMMgjOYRy2CZ6oZfuAygrN5Gw4k -zMKBDkz_5LO_rYU2RUa2NRDLlh2Y47Gxt90IEw_i8y7nxn7K6y3nApI11tfsiiotYq8DLk6jYh07 -mJg-D8lb0q9JRYmnJcNkIQNVJ06bmJnaJQZ7GXUz9MF8_zuTdm4D8m_Ly2Ai4KFq_lw5CBVrLM5k -pfJveSw_6_uF5pda_EZoR4bBoWdrFvLNwob3lsdgiIYGTafQx2SFfQiiEB_CwpGuj4_Dv-TkUT2O -Ui2UWI9Gr-HxSITnvUR0UHStrDb5miXEr8E_Znwc4Db2juh30L57aEtl5N0TYwKI925qLNLHbFg0 -FKEvIt-o7HmvPY6UqajwAtIAdKpxWpWD-hl-eNVNsT4mVzdegIrM2wzzKIcLOvCEEvyWei_E8mIp -nqYw9LoFrQf3dCh8XeamqYkbPE00E8p1zXPNRow5iz9NQ-BNksp1e-ghqF_xr3L4eh7BkEu2
\ No newline at end of file diff --git a/kubernetes/appc/resources/config/certs/org.onap.appc.p12 b/kubernetes/appc/resources/config/certs/org.onap.appc.p12 Binary files differdeleted file mode 100644 index 352c4f562a..0000000000 --- a/kubernetes/appc/resources/config/certs/org.onap.appc.p12 +++ /dev/null diff --git a/kubernetes/appc/resources/config/log/filebeat/filebeat.yml b/kubernetes/appc/resources/config/log/filebeat/filebeat.yml deleted file mode 100644 index 98df709639..0000000000 --- a/kubernetes/appc/resources/config/log/filebeat/filebeat.yml +++ /dev/null @@ -1,65 +0,0 @@ -{{/* -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -filebeat.prospectors: -#it is mandatory, in our case it's log -- input_type: log - #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. - paths: - - /var/log/onap/*/*/*/*.log - - /var/log/onap/*/*/*.log - - /var/log/onap/*/*.log - - # The below commented properties are for time-based rolling policy. But as the log4j 1.2x does not support time-based rolling these properties are not set - #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive - #ignore_older: 48h - # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit - #clean_inactive: 96h - - #Multiline properties for log4j xml log events - multiline.pattern: '</log4j:event>' - multiline.negate: true - multiline.match: before - #multiline.max_lines: 500 - #multiline.timeout: 5s - -# Name of the registry file. If a relative path is used, it is considered relative to the -# data path. Else full qualified file name. -#filebeat.registry_file: ${path.data}/registry - - -output.logstash: - #List of logstash server ip addresses with port number. - #But, in our case, this will be the loadbalancer IP address. - #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. - hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] - #If enable will do load balancing among availabe Logstash, automatically. - loadbalance: true - - #The list of root certificates for server verifications. - #If certificate_authorities is empty or not set, the trusted - #certificate authorities of the host system are used. - #ssl.certificate_authorities: $ssl.certificate_authorities - - #The path to the certificate for SSL client authentication. If the certificate is not specified, - #client authentication is not available. - #ssl.certificate: $ssl.certificate - - #The client certificate key used for client authentication. - #ssl.key: $ssl.key - - #The passphrase used to decrypt an encrypted key stored in the configured key file - #ssl.key_passphrase: $ssl.key_passphrase diff --git a/kubernetes/appc/resources/config/log/org.ops4j.pax.logging.cfg b/kubernetes/appc/resources/config/log/org.ops4j.pax.logging.cfg deleted file mode 100644 index b74cc995fd..0000000000 --- a/kubernetes/appc/resources/config/log/org.ops4j.pax.logging.cfg +++ /dev/null @@ -1,97 +0,0 @@ -{{/* -################################################################################ -# -# ============LICENSE_START======================================================= -# ONAP : APPC -# ================================================================================ -# Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# -################################################################################ -*/}} - -# Common pattern layout for appenders -log4j2.pattern = %d{ISO8601} | %-5p | %-16t | %-32c{1} | %X{bundle.id} - %X{bundle.name} - %X{bundle.version} | %m%n - -# Root logger -log4j2.rootLogger.level = INFO -# uncomment to use asynchronous loggers, which require mvn:com.lmax/disruptor/3.3.2 library -#log4j2.rootLogger.type = asyncRoot -#log4j2.rootLogger.includeLocation = false -log4j2.rootLogger.appenderRef.RollingFile.ref = RollingFile -log4j2.rootLogger.appenderRef.PaxOsgi.ref = PaxOsgi -log4j2.rootLogger.appenderRef.Console.ref = Console -log4j2.rootLogger.appenderRef.Console.filter.threshold.type = ThresholdFilter -log4j2.rootLogger.appenderRef.Console.filter.threshold.level = ${karaf.log.console:-OFF} - -# Loggers configuration - -# Spifly logger -log4j2.logger.spifly.name = org.apache.aries.spifly -log4j2.logger.spifly.level = WARN - -# Security audit logger -log4j2.logger.audit.name = org.apache.karaf.jaas.modules.audit -log4j2.logger.audit.level = INFO -log4j2.logger.audit.additivity = false -log4j2.logger.audit.appenderRef.AuditRollingFile.ref = AuditRollingFile - -# Appenders configuration - -# Console appender not used by default (see log4j2.rootLogger.appenderRefs) -log4j2.appender.console.type = Console -log4j2.appender.console.name = Console -log4j2.appender.console.layout.type = PatternLayout -log4j2.appender.console.layout.pattern = ${log4j2.pattern} - -# Rolling file appender -log4j2.appender.rolling.type = RollingRandomAccessFile -log4j2.appender.rolling.name = RollingFile -log4j2.appender.rolling.fileName = ${karaf.data}/log/karaf.log -log4j2.appender.rolling.filePattern = ${karaf.data}/log/karaf.log.%i -# uncomment to not force a disk flush -#log4j2.appender.rolling.immediateFlush = false -log4j2.appender.rolling.append = true -log4j2.appender.rolling.layout.type = PatternLayout -log4j2.appender.rolling.layout.pattern = ${log4j2.pattern} -log4j2.appender.rolling.policies.type = Policies -log4j2.appender.rolling.policies.size.type = SizeBasedTriggeringPolicy -log4j2.appender.rolling.policies.size.size = 16MB - -# Audit file appender -log4j2.appender.audit.type = RollingRandomAccessFile -log4j2.appender.audit.name = AuditRollingFile -log4j2.appender.audit.fileName = ${karaf.data}/security/audit.log -log4j2.appender.audit.filePattern = ${karaf.data}/security/audit.log.%i -log4j2.appender.audit.append = true -log4j2.appender.audit.layout.type = PatternLayout -log4j2.appender.audit.layout.pattern = ${log4j2.pattern} -log4j2.appender.audit.policies.type = Policies -log4j2.appender.audit.policies.size.type = SizeBasedTriggeringPolicy -log4j2.appender.audit.policies.size.size = 8MB - -# OSGi appender -log4j2.appender.osgi.type = PaxOsgi -log4j2.appender.osgi.name = PaxOsgi -log4j2.appender.osgi.filter = * - -# help with identification of maven-related problems with pax-url-aether -#log4j2.logger.aether.name = shaded.org.eclipse.aether -#log4j2.logger.aether.level = TRACE -#log4j2.logger.http-headers.name = shaded.org.apache.http.headers -#log4j2.logger.http-headers.level = DEBUG -#log4j2.logger.maven.name = org.ops4j.pax.url.mvn -#log4j2.logger.maven.level = TRACE - diff --git a/kubernetes/appc/templates/NOTES.txt b/kubernetes/appc/templates/NOTES.txt deleted file mode 100644 index 455b030b0a..0000000000 --- a/kubernetes/appc/templates/NOTES.txt +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/appc/templates/configmap.yaml b/kubernetes/appc/templates/configmap.yaml deleted file mode 100644 index 6ebf0b1026..0000000000 --- a/kubernetes/appc/templates/configmap.yaml +++ /dev/null @@ -1,134 +0,0 @@ -{{/* -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-onap-sdnc-bin - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/appc/opt/onap/ccsdk/bin/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-onap-sdnc-data-properties - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/appc/opt/onap/ccsdk/data/properties/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-onap-sdnc-svclogic-bin - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/appc/opt/onap/ccsdk/svclogic/bin/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-onap-sdnc-svclogic-config - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/appc/opt/onap/ccsdk/svclogic/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-onap-appc-bin - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/appc/opt/onap/appc/bin/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-onap-appc-data-properties - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/appc/opt/onap/appc/data/properties/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-onap-appc-svclogic-bin - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/appc/opt/onap/appc/svclogic/bin/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-onap-appc-svclogic-config - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/appc/opt/onap/appc/svclogic/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-logging-cfg - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }} - -{{ include "common.log.configMap" . }} diff --git a/kubernetes/appc/templates/ingress.yaml b/kubernetes/appc/templates/ingress.yaml deleted file mode 100644 index 8f87c68f1e..0000000000 --- a/kubernetes/appc/templates/ingress.yaml +++ /dev/null @@ -1 +0,0 @@ -{{ include "common.ingress" . }} diff --git a/kubernetes/appc/templates/pv.yaml b/kubernetes/appc/templates/pv.yaml deleted file mode 100644 index 0df2dbf378..0000000000 --- a/kubernetes/appc/templates/pv.yaml +++ /dev/null @@ -1,45 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -{{- $global := . }} -{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) -}} -{{- if eq "True" (include "common.needPV" .) -}} -{{- range $i, $t := until (int $global.Values.replicaCount)}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" $global }}-data-{{$i}} - namespace: {{ include "common.namespace" $global }} - labels: - app: {{ include "common.fullname" $global }} - chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" - release: "{{ include "common.release" $global }}" - heritage: "{{ $global.Release.Service }}" - name: {{ include "common.fullname" $global }} -spec: - capacity: - storage: {{ $global.Values.persistence.size}} - accessModes: - - {{ $global.Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" $global }}-data" - persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}{{$i}} -{{if ne $i (int $global.Values.replicaCount) }} ---- -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/kubernetes/appc/templates/secrets.yaml b/kubernetes/appc/templates/secrets.yaml deleted file mode 100644 index 3cccd128eb..0000000000 --- a/kubernetes/appc/templates/secrets.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{/* -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.secretFast" . }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-certs - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/config/certs/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/appc/templates/service.yaml b/kubernetes/appc/templates/service.yaml deleted file mode 100644 index eb95ffc405..0000000000 --- a/kubernetes/appc/templates/service.yaml +++ /dev/null @@ -1,89 +0,0 @@ -{{/* -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: - msb.onap.org/service-info: '[ - { - "serviceName": "appc", - "version": "v1", - "url": "/", - "protocol": "REST", - "port": "{{ .Values.service.externalPort }}", - "visualRange":"1", - "path": "/" - } - ]' -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: "{{ .Values.service.portName }}-8443" - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: "{{ .Values.service.portName }}-1830" - - port: {{ .Values.service.externalPort3 }} - targetPort: {{ .Values.service.internalPort3 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} - name: "{{ .Values.service.portName }}-9090" - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }}-8443 - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName }}-1830 - - port: {{ .Values.service.externalPort3 }} - targetPort: {{ .Values.service.internalPort3 }} - name: {{ .Values.service.portName }}-9090 - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }}-cluster - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - annotations: - service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" -spec: - ports: - - name: "{{ .Values.service.portName }}-cluster-port" - port: {{ .Values.service.clusterPort }} - clusterIP: None - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - sessionAffinity: None - type: ClusterIP diff --git a/kubernetes/appc/templates/statefulset.yaml b/kubernetes/appc/templates/statefulset.yaml deleted file mode 100644 index d67e1687ba..0000000000 --- a/kubernetes/appc/templates/statefulset.yaml +++ /dev/null @@ -1,292 +0,0 @@ -{{/* -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - serviceName: "{{ .Values.service.name }}-cluster" - replicas: {{ .Values.replicaCount }} - podManagementPolicy: Parallel - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - command: - - sh - args: - - -c - - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config/${PFILE}; chmod 0755 /config/${PFILE}; done" - env: - - name: APPC_DB_USER - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "appcdb-user-creds" "key" "login") | indent 10 }} - - name: APPC_DB_PASSWD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "appcdb-user-creds" "key" "password") | indent 10 }} - - name: SDNC_DB_USER - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdncdb-user-creds" "key" "login") | indent 10 }} - - name: SDNC_DB_PASSWD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdncdb-user-creds" "key" "password") | indent 10 }} - volumeMounts: - - mountPath: /config-input/appc-data-properties - name: onap-appc-data-properties-input - - mountPath: /config-input/appc-svclogic-config - name: onap-appc-svclogic-config-input - - mountPath: /config-input/sdnc-data-properties - name: onap-sdnc-data-properties-input - - mountPath: /config-input/sdnc-svclogic-config - name: onap-sdnc-svclogic-config-input - - mountPath: /config/appc-data-properties - name: onap-appc-data-properties - - mountPath: /config/appc-svclogic-config - name: onap-appc-svclogic-config - - mountPath: /config/sdnc-data-properties - name: onap-sdnc-data-properties - - mountPath: /config/sdnc-svclogic-config - name: onap-sdnc-svclogic-config - image: {{ include "repositoryGenerator.image.envsubst" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-update-config - - - name: {{ include "common.name" . }}-readiness - command: - - /app/ready.py - args: - - --container-name - - {{.Values.config.mariadbGaleraContName}} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - name: {{ include "common.name" . }}-chown - image: {{ include "repositoryGenerator.image.busybox" . }} - command: ["sh", "-c", "chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }}"] - volumeMounts: - - mountPath: {{ .Values.persistence.mdsalPath }} - name: {{ include "common.fullname" . }}-data - containers: - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /opt/appc/bin/startODL.sh - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.externalPort2 }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: MYSQL_ROOT_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 14}} - - name: APPC_DB_USER - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "appcdb-user-creds" "key" "login") | indent 14 }} - - name: APPC_DB_PASSWD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "appcdb-user-creds" "key" "password") | indent 14 }} - - name: SDNC_DB_USER - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdncdb-user-creds" "key" "login") | indent 14 }} - - name: SDNC_DB_PASSWD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdncdb-user-creds" "key" "password") | indent 14 }} - - name: SDNC_CONFIG_DIR - value: "{{ .Values.config.configDir }}" - - name: APPC_CONFIG_DIR - value: "{{ .Values.config.configDir }}" - - name: DMAAP_TOPIC_ENV - value: "{{ .Values.config.dmaapTopic }}" - - name: ENABLE_AAF - value: "{{ .Values.config.enableAAF }}" - - name: ENABLE_ODL_CLUSTER - value: "{{ .Values.config.enableClustering }}" - - name: APPC_REPLICAS - value: "{{ .Values.replicaCount }}" - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/onap/appc/data/properties/dblib.properties - name: onap-appc-data-properties - subPath: dblib.properties - - mountPath: /opt/onap/appc/data/properties/svclogic.properties - name: onap-appc-data-properties - subPath: svclogic.properties - - mountPath: /opt/onap/appc/data/properties/appc.properties - name: onap-appc-data-properties - subPath: appc.properties - - mountPath: /opt/onap/appc/data/properties/aaiclient.properties - name: onap-appc-data-properties - subPath: aaiclient.properties - - mountPath: /opt/onap/appc/data/properties/cadi.properties - name: onap-appc-data-properties - subPath: cadi.properties - - mountPath: /opt/onap/appc/data/properties/aaa-app-config.xml - name: onap-appc-data-properties-input - subPath: aaa-app-config.xml - - mountPath: /opt/onap/appc/data/properties/bath_config.csv - name: onap-appc-data-properties - subPath: bath_config.csv - - mountPath: /opt/onap/appc/svclogic/config/svclogic.properties - name: onap-appc-svclogic-config - subPath: svclogic.properties - - mountPath: /opt/onap/appc/svclogic/bin/showActiveGraphs.sh - name: onap-appc-svclogic-bin - subPath: showActiveGraphs.sh - - mountPath: /opt/onap/appc/bin/startODL.sh - name: onap-appc-bin - subPath: startODL.sh - - mountPath: /opt/onap/appc/bin/installAppcDb.sh - name: onap-appc-bin - subPath: installAppcDb.sh - - mountPath: /opt/onap/appc/bin/health_check.sh - name: onap-appc-bin - subPath: health_check.sh - - mountPath: /opt/onap/ccsdk/data/properties/dblib.properties - name: onap-sdnc-data-properties - subPath: dblib.properties - - mountPath: /opt/onap/ccsdk/data/properties/svclogic.properties - name: onap-sdnc-data-properties - subPath: svclogic.properties - - mountPath: /opt/onap/ccsdk/data/properties/aaiclient.properties - name: onap-sdnc-data-properties - subPath: aaiclient.properties - - mountPath: /opt/onap/ccsdk/svclogic/config/svclogic.properties - name: onap-sdnc-svclogic-config - subPath: svclogic.properties - - mountPath: /opt/onap/ccsdk/svclogic/bin/showActiveGraphs.sh - name: onap-sdnc-svclogic-bin - subPath: showActiveGraphs.sh - - mountPath: /opt/onap/ccsdk/bin/installSdncDb.sh - name: onap-sdnc-bin - subPath: installSdncDb.sh - - mountPath: {{ .Values.persistence.mdsalPath }} - name: {{ include "common.fullname" . }}-data - - mountPath: {{ .Values.log.path }} - name: logs - - mountPath: /opt/onap/appc/data/org.ops4j.pax.logging.cfg - name: log-config - subPath: org.ops4j.pax.logging.cfg - - mountPath: /opt/onap/appc/data/stores/org.onap.appc.p12 - name: p12-certs - subPath: org.onap.appc.p12 - - mountPath: /opt/onap/appc/data/stores/org.onap.appc.keyfile - name: keyfile-certs - subPath: org.onap.appc.keyfile - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - - # side car containers - {{ include "common.log.sidecar" . | nindent 8 }} - volumes: - - name: keyfile-certs - secret: - secretName: {{ include "common.fullname" . }}-certs - - name: p12-certs - secret: - secretName: {{ include "common.fullname" . }}-certs - - name: localtime - hostPath: - path: /etc/localtime - - name: log-config - configMap: - name: {{ include "common.fullname" . }}-logging-cfg - - name: logs - emptyDir: {} - {{ include "common.log.volumes" . | nindent 8 }} - - name: onap-appc-data-properties-input - configMap: - name: {{ include "common.fullname" . }}-onap-appc-data-properties - - name: onap-appc-svclogic-config-input - configMap: - name: {{ include "common.fullname" . }}-onap-appc-svclogic-config - - name: onap-appc-svclogic-bin - configMap: - name: {{ include "common.fullname" . }}-onap-appc-svclogic-bin - defaultMode: 0755 - - name: onap-appc-bin - configMap: - name: {{ include "common.fullname" . }}-onap-appc-bin - defaultMode: 0755 - - name: onap-sdnc-data-properties-input - configMap: - name: {{ include "common.fullname" . }}-onap-sdnc-data-properties - - name: onap-sdnc-svclogic-config-input - configMap: - name: {{ include "common.fullname" . }}-onap-sdnc-svclogic-config - - name: onap-sdnc-svclogic-bin - configMap: - name: {{ include "common.fullname" . }}-onap-sdnc-svclogic-bin - defaultMode: 0755 - - name: onap-sdnc-bin - configMap: - name: {{ include "common.fullname" . }}-onap-sdnc-bin - defaultMode: 0755 - - name: onap-appc-data-properties - emptyDir: - medium: Memory - - name: onap-appc-svclogic-config - emptyDir: - medium: Memory - - name: onap-sdnc-data-properties - emptyDir: - medium: Memory - - name: onap-sdnc-svclogic-config - emptyDir: - medium: Memory -{{ if not .Values.persistence.enabled }} - - name: {{ include "common.fullname" . }}-data - emptyDir: {} -{{ else }} - volumeClaimTemplates: - - metadata: - name: {{ include "common.fullname" . }}-data - labels: - name: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - spec: - accessModes: - - {{ .Values.persistence.accessMode }} - storageClassName: {{ include "common.storageClass" . }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{ end }} diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml deleted file mode 100644 index d224030db3..0000000000 --- a/kubernetes/appc/values.yaml +++ /dev/null @@ -1,371 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - centralizedLoggingEnabled: false - persistence: - mountPath: /dockerdata-nfs - -################################################################# -# Secrets metaconfig -################################################################# -secrets: - - uid: "db-root-pass" - name: '{{ include "common.release" . }}-appc-db-root-pass' - externalSecret: '{{ .Values.config.dbRootPassExternalSecret }}' - type: password - password: '{{ .Values.config.dbRootPass }}' - - uid: 'appcdb-user-creds' - name: '{{ include "common.release" . }}-appcdb-user-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.config.appcdb.userCredentialsExternalSecret) . }}' - login: '{{ .Values.config.appcdb.userName }}' - password: '{{ .Values.config.appcdb.password }}' - - uid: 'sdncdb-user-creds' - name: '{{ include "common.release" . }}-sdncdb-user-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.config.sdncdb.userCredentialsExternalSecret) . }}' - login: '{{ .Values.config.sdncdb.userName }}' - password: '{{ .Values.config.sdncdb.password }}' - - -################################################################# -# Application configuration defaults. -################################################################# -flavor: small -# application image -image: onap/appc-image:1.7.2 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -# log configuration -log: - path: /var/log/onap - -# application configuration -config: -# dbRootPassExternalSecret: some secret -# dbRootPass: password - appcdb: - # Warning: changing this config option may not work. - # It seems that the DB name is hardcoded. - dbName: appcctl - userName: appcctl - # password: appcctl - # userCredsExternalSecret: some secret - sdncdb: - # Warning: changing this config option may not work. - # It seems that the DB name is hardcoded. - dbName: sdnctl - userName: sdnctl - # password: gamma - # userCredsExternalSecret: some secret - odlUid: 100 - odlGid: 101 - ansibleServiceName: appc-ansible-server - ansiblePort: 8000 - mariadbGaleraSVCName: &appc-db appc-db - mariadbGaleraContName: *appc-db - enableAAF: true - enableClustering: false - configDir: /opt/onap/appc/data/properties - dmaapTopic: SUCCESS - dmaapTopicEnv: AUTO - logstashServiceName: log-ls - logstashPort: 5044 - odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U - openStackType: OpenStackProvider - openStackName: OpenStack - openStackKeyStoneUrl: http://localhost:8181/apidoc/explorer/index.html - openStackServiceTenantName: default - openStackDomain: default - openStackUserName: admin - openStackEncryptedPassword: enc:LDEbHEAvTF1R - odlUser: admin - dmaapServiceUrl: http://localhost:8080/publish - dmaapServiceUser: appc - dmaapServicePassword: onapappc - -appc-ansible-server: - enabled: true - service: - name: appc-ansible-server - internalPort: 8000 - config: - mysqlServiceName: *appc-db - -appc-cdt: - enabled: true - -mariadb-galera: - nameOverride: *appc-db - rootUser: - externalSecret: '{{ include "common.release" . }}-appc-db-root-pass' - service: - name: *appc-db - nfsprovisionerPrefix: appc - sdnctlPrefix: appc - persistence: - mountSubPath: appc/data - enabled: true - disableNfsProvisioner: true - serviceAccount: - nameOverride: *appc-db - replicaCount: 1 - - mariadbConfiguration: |- - [client] - port=3306 - socket=/opt/bitnami/mariadb/tmp/mysql.sock - plugin_dir=/opt/bitnami/mariadb/plugin - - [mysqld] - lower_case_table_names = 1 - default_storage_engine=InnoDB - basedir=/opt/bitnami/mariadb - datadir=/bitnami/mariadb/data - plugin_dir=/opt/bitnami/mariadb/plugin - tmpdir=/opt/bitnami/mariadb/tmp - socket=/opt/bitnami/mariadb/tmp/mysql.sock - pid_file=/opt/bitnami/mariadb/tmp/mysqld.pid - bind_address=0.0.0.0 - - ## Character set - collation_server=utf8_unicode_ci - init_connect='SET NAMES utf8' - character_set_server=utf8 - - ## MyISAM - key_buffer_size=32M - myisam_recover_options=FORCE,BACKUP - - ## Safety - skip_host_cache - skip_name_resolve - max_allowed_packet=16M - max_connect_errors=1000000 - sql_mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE - sysdate_is_now=1 - - ## Binary Logging - log_bin=mysql-bin - expire_logs_days=14 - # Disabling for performance per http://severalnines.com/blog/9-tips-going-production-galera-cluster-mysql - sync_binlog=0 - # Required for Galera - binlog_format=row - - ## Caches and Limits - tmp_table_size=32M - max_heap_table_size=32M - # Re-enabling as now works with Maria 10.1.2 - query_cache_type=1 - query_cache_limit=4M - query_cache_size=256M - max_connections=500 - thread_cache_size=50 - open_files_limit=65535 - table_definition_cache=4096 - table_open_cache=4096 - - ## InnoDB - innodb=FORCE - innodb_strict_mode=1 - # Mandatory per https://github.com/codership/documentation/issues/25 - innodb_autoinc_lock_mode=2 - # Per https://www.percona.com/blog/2006/08/04/innodb-double-write/ - innodb_doublewrite=1 - innodb_flush_method=O_DIRECT - innodb_log_files_in_group=2 - innodb_log_file_size=128M - innodb_flush_log_at_trx_commit=1 - innodb_file_per_table=1 - # 80% Memory is default reco. - # Need to re-evaluate when DB size grows - innodb_buffer_pool_size=2G - innodb_file_format=Barracuda - - ## Logging - log_error=/opt/bitnami/mariadb/logs/mysqld.log - slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log - log_queries_not_using_indexes=1 - slow_query_log=1 - - ## SSL - ## Use extraVolumes and extraVolumeMounts to mount /certs filesystem - # ssl_ca=/certs/ca.pem - # ssl_cert=/certs/server-cert.pem - # ssl_key=/certs/server-key.pem - - [galera] - wsrep_on=ON - wsrep_provider=/opt/bitnami/mariadb/lib/libgalera_smm.so - wsrep_sst_method=mariabackup - wsrep_slave_threads=4 - wsrep_cluster_address=gcomm:// - wsrep_cluster_name=galera - wsrep_sst_auth="root:" - # Enabled for performance per https://mariadb.com/kb/en/innodb-system-variables/#innodb_flush_log_at_trx_commit - innodb_flush_log_at_trx_commit=2 - # MYISAM REPLICATION SUPPORT # - wsrep_replicate_myisam=ON - binlog_format=row - default_storage_engine=InnoDB - innodb_autoinc_lock_mode=2 - transaction-isolation=READ-COMMITTED - wsrep_causal_reads=1 - wsrep_sync_wait=7 - - [mariadb] - plugin_load_add=auth_pam - - ## Data-at-Rest Encryption - ## Use extraVolumes and extraVolumeMounts to mount /encryption filesystem - # plugin_load_add=file_key_management - # file_key_management_filename=/encryption/keyfile.enc - # file_key_management_filekey=FILE:/encryption/keyfile.key - # file_key_management_encryption_algorithm=AES_CTR - # encrypt_binlog=ON - # encrypt_tmp_files=ON - - ## InnoDB/XtraDB Encryption - # innodb_encrypt_tables=ON - # innodb_encrypt_temporary_tables=ON - # innodb_encrypt_log=ON - # innodb_encryption_threads=4 - # innodb_encryption_rotate_key_age=1 - - ## Aria Encryption - # aria_encrypt_tables=ON - # encrypt_tmp_disk_tables=ON - -dgbuilder: - nameOverride: appc-dgbuilder - certInitializer: - nameOverride: appc-dgbuilder-cert-initializer - config: - db: - rootPasswordExternalSecret: '{{ include "common.release" . }}-appc-db-root-pass' - userCredentialsExternalSecret: '{{ include "common.release" . }}-sdncdb-user-creds' - dbPodName: *appc-db - dbServiceName: *appc-db - service: - name: appc-dgbuilder - serviceAccount: - nameOverride: appc-dgbuilder - ingress: - enabled: false - service: - - baseaddr: "appc-dgbuilder" - name: "appc-dgbuilder" - port: 3000 - config: - ssl: "redirect" - -#passing value to cdt chart. value of nodePort3 will be same as appc.service.nodePort3. -appc-cdt: - nodePort3: 11 -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 300 - periodSeconds: 60 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 300 - periodSeconds: 60 - -service: - type: NodePort - name: appc - portName: appc - - internalPort: 8443 - externalPort: 8443 - nodePort: 30 - - externalPort2: 1830 - nodePort2: 31 - clusterPort: 2550 - - internalPort3: 9191 - externalPort3: 9090 - nodePort3: 11 - -## Persist data to a persitent volume -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: <storageClass> - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - accessMode: ReadWriteOnce - size: 1Gi - mountPath: /dockerdata-nfs - mountSubPath: appc/mdsal - mdsalPath: /opt/opendaylight/current/daexim - -ingress: - enabled: false - service: - - baseaddr: "appc-api" - name: "appc" - port: 8443 - plain_port: 1830 - config: - ssl: "redirect" - -# Configure resource requests and limits -# ref: http://kubernetes.io/docs/user-guide/compute-resources/ -resources: - small: - limits: - cpu: 2 - memory: 4Gi - requests: - cpu: 1 - memory: 2Gi - large: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 2 - memory: 4Gi - unlimited: {} diff --git a/kubernetes/cds/components/cds-blueprints-processor/values.yaml b/kubernetes/cds/components/cds-blueprints-processor/values.yaml index 87a1b03ada..cd12c5c8d1 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/values.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/values.yaml @@ -108,7 +108,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-blueprintsprocessor:1.4.1 +image: onap/ccsdk-blueprintsprocessor:1.4.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/cds/components/cds-command-executor/values.yaml b/kubernetes/cds/components/cds-command-executor/values.yaml index 75a9915399..9b8e864bfb 100755 --- a/kubernetes/cds/components/cds-command-executor/values.yaml +++ b/kubernetes/cds/components/cds-command-executor/values.yaml @@ -32,7 +32,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-commandexecutor:1.4.1 +image: onap/ccsdk-commandexecutor:1.4.2 pullPolicy: Always # application configuration diff --git a/kubernetes/cds/components/cds-py-executor/values.yaml b/kubernetes/cds/components/cds-py-executor/values.yaml index 96056294e5..224609d6ee 100755 --- a/kubernetes/cds/components/cds-py-executor/values.yaml +++ b/kubernetes/cds/components/cds-py-executor/values.yaml @@ -30,7 +30,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-py-executor:1.4.1 +image: onap/ccsdk-py-executor:1.4.2 pullPolicy: Always # default number of instances diff --git a/kubernetes/cds/components/cds-ui/values.yaml b/kubernetes/cds/components/cds-ui/values.yaml index 204e1cc611..8742bdd4ce 100644 --- a/kubernetes/cds/components/cds-ui/values.yaml +++ b/kubernetes/cds/components/cds-ui/values.yaml @@ -44,7 +44,7 @@ certInitializer: {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop # application image -image: onap/ccsdk-cds-ui-server:1.4.1 +image: onap/ccsdk-cds-ui-server:1.4.2 pullPolicy: Always # application configuration diff --git a/kubernetes/consul/resources/config/consul-agent-config/appc-dbbuilder.json b/kubernetes/consul/resources/config/consul-agent-config/appc-dbbuilder.json deleted file mode 100644 index c86361743a..0000000000 --- a/kubernetes/consul/resources/config/consul-agent-config/appc-dbbuilder.json +++ /dev/null @@ -1,22 +0,0 @@ -{ - "service": { - "name": "Health Check: APPC - Dgbuilder", - "checks": [ - { - "id": "appc-dgbuilder", - "name": "APPC-Dgbuilder Server Health Check", - "http": "http://appc-dgbuilder:3000/", - "method": "HEAD", - "header": { - "Authorization": ["Basic ZGd1c2VyOnRlc3QxMjM="], - "Cache-Control": ["no-cache"], - "Content-Type": ["application/json"], - "Accept": ["application/json"] - }, - "tls_skip_verify": true, - "interval": "15s", - "timeout": "1s" - } - ] - } -} diff --git a/kubernetes/consul/resources/config/consul-agent-config/appc-health.json b/kubernetes/consul/resources/config/consul-agent-config/appc-health.json deleted file mode 100644 index 86f2ce8da0..0000000000 --- a/kubernetes/consul/resources/config/consul-agent-config/appc-health.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "service": { - "name": "Health Check: APPC", - "checks": [ - { - "id": "appc-dbhost-healthcheck", - "name": "APPC DBHost Health Check", - "script": "/consul/scripts/appc-dbhost-script.sh", - "interval": "10s", - "timeout": "1s" - } - ] - } -} diff --git a/kubernetes/consul/resources/config/consul-agent-config/appc-sdnctldb01-healthcheck.json b/kubernetes/consul/resources/config/consul-agent-config/appc-sdnctldb01-healthcheck.json deleted file mode 100644 index 230d31f509..0000000000 --- a/kubernetes/consul/resources/config/consul-agent-config/appc-sdnctldb01-healthcheck.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "service": { - "name": "Health Check: APPC-SDN-CTL-DB-01", - "checks": [ - { - "id": "appc-sdnctldb01", - "name": "APPC SDNCTLDB01 Health Check", - "tcp": "appc-sdnctldb01:3306", - "interval": "10s", - "timeout": "1s" - } - ] - } -} diff --git a/kubernetes/consul/resources/config/consul-agent-config/appc-sdnctldb02-healthcheck.json b/kubernetes/consul/resources/config/consul-agent-config/appc-sdnctldb02-healthcheck.json deleted file mode 100644 index da669e3ac0..0000000000 --- a/kubernetes/consul/resources/config/consul-agent-config/appc-sdnctldb02-healthcheck.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "service": { - "name": "Health Check: APPC-SDN-CTL-DB-02", - "checks": [ - { - "id": "appc-sdnctldb02", - "name": "APPC SDNCTLDB02 Health Check", - "tcp": "appc-sdnctldb02:3306", - "interval": "10s", - "timeout": "1s" - } - ] - } -} diff --git a/kubernetes/consul/resources/config/consul-agent-config/appc-sdnhost.json b/kubernetes/consul/resources/config/consul-agent-config/appc-sdnhost.json deleted file mode 100644 index 1548cab909..0000000000 --- a/kubernetes/consul/resources/config/consul-agent-config/appc-sdnhost.json +++ /dev/null @@ -1,22 +0,0 @@ -{ - "service": { - "name": "Health Check: APPC - SDN Host", - "checks": [ - { - "id": "appc-sdnhost", - "name": "APPC SDN Host Health Check", - "http": "http://appc-sdnhost:8282/apidoc/explorer/index.html", - "method": "HEAD", - "header": { - "Authorization": ["Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ=="], - "Cache-Control": ["no-cache"], - "Content-Type": ["application/json"], - "Accept": ["application/json"] - }, - "tls_skip_verify": true, - "interval": "15s", - "timeout": "1s" - } - ] - } -} diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/appc-dbhost-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/appc-dbhost-script.sh deleted file mode 100755 index 96e4864514..0000000000 --- a/kubernetes/consul/resources/config/consul-agent-config/scripts/appc-dbhost-script.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/sh - -{{/* -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -APPC_DBHOST_POD=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "appc-dbhost-[^[:space:]]*") -if [ -n "$APPC_DBHOST_POD" ]; then - if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $APPC_DBHOST_POD -- ./healthcheck.sh |grep -i "mysqld is alive"; then - echo Success. APPC DBHost is running. 2>&1 - exit 0 - else - echo Failed. APPC DBHost is not running. 2>&1 - exit 1 - fi -else - echo Failed. APPC DBHost is offline. 2>&1 - exit 1 -fi diff --git a/kubernetes/onap/Chart.yaml b/kubernetes/onap/Chart.yaml index 951543473a..6627e02bbb 100644 --- a/kubernetes/onap/Chart.yaml +++ b/kubernetes/onap/Chart.yaml @@ -33,10 +33,6 @@ dependencies: version: ~12.x-0 repository: '@local' condition: aai.enabled - - name: appc - version: ~12.x-0 - repository: '@local' - condition: appc.enabled - name: cassandra version: ~12.x-0 repository: '@local' diff --git a/kubernetes/onap/resources/environments/core-onap.yaml b/kubernetes/onap/resources/environments/core-onap.yaml index 8a4bb706d9..a0abc2256c 100644 --- a/kubernetes/onap/resources/environments/core-onap.yaml +++ b/kubernetes/onap/resources/environments/core-onap.yaml @@ -54,8 +54,6 @@ aai: replicaCount: 1 aaf: enabled: false -appc: - enabled: false cassandra: enabled: true replicaCount: 3 diff --git a/kubernetes/onap/resources/environments/dev.yaml b/kubernetes/onap/resources/environments/dev.yaml index 2caad2d530..01c2b5c6be 100644 --- a/kubernetes/onap/resources/environments/dev.yaml +++ b/kubernetes/onap/resources/environments/dev.yaml @@ -58,8 +58,6 @@ aai: enabled: false aai-cassandra: replicaCount: 1 -appc: - enabled: false cassandra: enabled: false replicaCount: 1 diff --git a/kubernetes/onap/resources/environments/disable-allcharts.yaml b/kubernetes/onap/resources/environments/disable-allcharts.yaml index 43aa4c8c05..2d1466fa7e 100644 --- a/kubernetes/onap/resources/environments/disable-allcharts.yaml +++ b/kubernetes/onap/resources/environments/disable-allcharts.yaml @@ -29,8 +29,6 @@ aaf: enabled: false aai: enabled: false -appc: - enabled: false cassandra: enabled: false clamp: diff --git a/kubernetes/onap/resources/environments/minimal-onap.yaml b/kubernetes/onap/resources/environments/minimal-onap.yaml index 7bfa258e5a..4035cb39d5 100644 --- a/kubernetes/onap/resources/environments/minimal-onap.yaml +++ b/kubernetes/onap/resources/environments/minimal-onap.yaml @@ -49,8 +49,6 @@ aai: replicaCount: 1 aaf: enabled: false -appc: - enabled: false cassandra: enabled: true replicaCount: 1 diff --git a/kubernetes/onap/resources/overrides/environment.yaml b/kubernetes/onap/resources/overrides/environment.yaml index cb43e2e094..c22a3eee30 100644 --- a/kubernetes/onap/resources/overrides/environment.yaml +++ b/kubernetes/onap/resources/overrides/environment.yaml @@ -75,11 +75,6 @@ aai: periodSeconds: 120 readiness: periodSeconds: 60 -appc: - mariadb-galera: - liveness: - initialDelaySeconds: 180 - periodSeconds: 60 cassandra: liveness: timeoutSeconds: 30 diff --git a/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml b/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml index 506dd4f7fe..b20d7eb618 100644 --- a/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml +++ b/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml @@ -72,16 +72,6 @@ aaf: enabled: true aai: enabled: true -appc: - enabled: false - config: - openStackType: OpenStackProvider - openStackName: OpenStack - openStackKeyStoneUrl: http://localhost:8181/apidoc/explorer/index.html - openStackServiceTenantName: default - openStackDomain: default - openStackUserName: admin - openStackEncryptedPassword: admin cassandra: enabled: true cds: @@ -137,7 +127,7 @@ portal: robot: enabled: true config: - # openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment + # openStackEncryptedPasswordHere should match the encrypted string used in SO and overridden per environment openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" sdc: enabled: true diff --git a/kubernetes/onap/resources/overrides/onap-all-ingress-istio.yaml b/kubernetes/onap/resources/overrides/onap-all-ingress-istio.yaml index c78ac8abd2..74ec06e0df 100644 --- a/kubernetes/onap/resources/overrides/onap-all-ingress-istio.yaml +++ b/kubernetes/onap/resources/overrides/onap-all-ingress-istio.yaml @@ -49,8 +49,6 @@ aaf: enabled: true aai: enabled: true -appc: - enabled: false cds: enabled: true cli: diff --git a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml index 9a090c1a41..0aeb207dbd 100644 --- a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml +++ b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml @@ -37,8 +37,6 @@ aaf: enabled: true aai: enabled: true -appc: - enabled: false cds: enabled: true clamp: diff --git a/kubernetes/onap/resources/overrides/onap-all.yaml b/kubernetes/onap/resources/overrides/onap-all.yaml index aeac83f7ef..a287f303fa 100644 --- a/kubernetes/onap/resources/overrides/onap-all.yaml +++ b/kubernetes/onap/resources/overrides/onap-all.yaml @@ -36,8 +36,6 @@ aaf: enabled: true aai: enabled: true -appc: - enabled: false cds: enabled: true clamp: diff --git a/kubernetes/onap/resources/overrides/onap-vfw.yaml b/kubernetes/onap/resources/overrides/onap-vfw.yaml index fc0c94de24..565c9bca74 100644 --- a/kubernetes/onap/resources/overrides/onap-vfw.yaml +++ b/kubernetes/onap/resources/overrides/onap-vfw.yaml @@ -25,8 +25,6 @@ aaf: enabled: true aai: enabled: true -appc: - enabled: true clamp: enabled: true consul: diff --git a/kubernetes/onap/resources/overrides/openstack.yaml b/kubernetes/onap/resources/overrides/openstack.yaml index 5e09d7cfe9..9c0fc539c3 100644 --- a/kubernetes/onap/resources/overrides/openstack.yaml +++ b/kubernetes/onap/resources/overrides/openstack.yaml @@ -15,19 +15,7 @@ ################################################################# # This override file configures openstack parameters for ONAP ################################################################# -appc: - config: - enableClustering: false - openStackType: "OpenStackProvider" - openStackName: "OpenStack" - openStackKeyStoneUrl: "http://10.12.25.2:5000/v2.0" - openStackServiceTenantName: "OPENSTACK_TENANTNAME_HERE" - openStackDomain: "Default" - openStackUserName: "OPENSTACK_USERNAME_HERE" - openStackEncryptedPassword: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_PASSWORD_HERE_XXXXXXXXXXXXXXXX" robot: - appcUsername: "appc@appc.onap.org" - appcPassword: "demo123456!" openStackKeyStoneUrl: "http://10.12.25.2:5000" openStackPublicNetId: "971040b2-7059-49dc-b220-4fab50cb2ad4" openStackTenantId: "09d8566ea45e43aa974cf447ed591d77" @@ -46,7 +34,7 @@ robot: scriptVersion: "1.4.0-SNAPSHOT" rancherIpAddress: "10.12.5.127" config: - # openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment + # openStackEncryptedPasswordHere should match the encrypted string used in SO and overridden per environment openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HERE_XXXXXXXXXXXXXXXX" so: # so server configuration diff --git a/kubernetes/onap/resources/overrides/sm-onap.yaml b/kubernetes/onap/resources/overrides/sm-onap.yaml index 1d3b2eb5c9..e1cf186da5 100644 --- a/kubernetes/onap/resources/overrides/sm-onap.yaml +++ b/kubernetes/onap/resources/overrides/sm-onap.yaml @@ -66,8 +66,6 @@ aaf: cps: # you must always set the same values as value set in cps.enabled enabled: false -appc: - enabled: false cassandra: enabled: true replicaCount: 3 diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index bdbf5ab323..9755e91fce 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -285,16 +285,6 @@ aaf: enabled: false aai: enabled: false -appc: - enabled: false - config: - openStackType: OpenStackProvider - openStackName: OpenStack - openStackKeyStoneUrl: http://localhost:8181/apidoc/explorer/index.html - openStackServiceTenantName: default - openStackDomain: default - openStackUserName: admin - openStackEncryptedPassword: admin cassandra: enabled: false cds: @@ -358,7 +348,7 @@ portal: robot: enabled: false config: - # openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment + # openStackEncryptedPasswordHere should match the encrypted string used in SO and overridden per environment openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" sdc: enabled: false diff --git a/kubernetes/policy/Chart.yaml b/kubernetes/policy/Chart.yaml index 8f2723e72e..8c41754da5 100755 --- a/kubernetes/policy/Chart.yaml +++ b/kubernetes/policy/Chart.yaml @@ -63,6 +63,10 @@ dependencies: version: ~12.x-0 repository: 'file://components/policy-clamp-ac-http-ppnt' condition: policy-clamp-ac-http-ppnt.enabled + - name: policy-clamp-ac-a1pms-ppnt + version: ~12.x-0 + repository: 'file://components/policy-clamp-ac-a1pms-ppnt' + condition: policy-clamp-ac-a1pms-ppnt.enabled - name: policy-clamp-ac-pf-ppnt version: ~12.x-0 repository: 'file://components/policy-clamp-ac-pf-ppnt' diff --git a/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/Chart.yaml b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/Chart.yaml new file mode 100755 index 0000000000..9f9bef2ddf --- /dev/null +++ b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/Chart.yaml @@ -0,0 +1,33 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2022 Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v2 +description: ONAP Policy Clamp A1PMS Participant +name: policy-clamp-ac-a1pms-ppnt +version: 12.0.0 + +dependencies: + - name: common + version: ~12.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~12.x-0 + repository: '@local' + - name: serviceAccount + version: ~12.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/resources/config/A1pmsParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/resources/config/A1pmsParticipantParameters.yaml new file mode 100755 index 0000000000..918f9af6cd --- /dev/null +++ b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/resources/config/A1pmsParticipantParameters.yaml @@ -0,0 +1,70 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2022 Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +spring: + security: + user: + name: ${RESTSERVER_USER} + password: ${RESTSERVER_PASSWORD} + autoconfigure: + exclude: + - org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration + - org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration + - org.springframework.boot.autoconfigure.jdbc.DataSourceTransactionManagerAutoConfiguration + - org.springframework.boot.autoconfigure.data.web.SpringDataWebAutoConfiguration +security: + enable-csrf: false + +participant: + intermediaryParameters: + reportingTimeIntervalMs: 120000 + description: Participant Description + participantId: + name: A1PMSParticipant0 + version: 1.0.0 + participantType: + name: org.onap.policy.clamp.acm.A1PMSParticipant + version: 2.3.4 + clampAutomationCompositionTopics: + topicSources: + - topic: POLICY-ACRUNTIME-PARTICIPANT + servers: + - ${topicServer:message-router} + topicCommInfrastructure: dmaap + fetchTimeout: 15000 + + topicSinks: + - topic: POLICY-ACRUNTIME-PARTICIPANT + servers: + - ${topicServer:message-router} + topicCommInfrastructure: dmaap + + +management: + endpoints: + web: + base-path: / + exposure: + include: health, metrics, prometheus +server: + port: 8086 + servlet: + context-path: /onap/policy/clamp/acm/a1pmsparticipant + ssl: + enabled: false + + diff --git a/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/resources/config/logback.xml b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/resources/config/logback.xml new file mode 100755 index 0000000000..b0d310e3de --- /dev/null +++ b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/resources/config/logback.xml @@ -0,0 +1,103 @@ +<!-- + ============LICENSE_START======================================================= + Copyright (C) 2022 Nordix Foundation. All rights reserved. + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + SPDX-License-Identifier: Apache-2.0 + ============LICENSE_END========================================================= +--> + +<configuration scan="true" scanPeriod="30 seconds" debug="false"> + + <appender name="ErrorOut" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>/var/log/onap/policy/a1pms-participant/error.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> + <fileNamePattern>/var/log/onap/policy/a1pms-participant/error.%d{yyyy-MM-dd}.%i.log.zip + </fileNamePattern> + <maxFileSize>50MB</maxFileSize> + <maxHistory>30</maxHistory> + <totalSizeCap>10GB</totalSizeCap> + </rollingPolicy> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>WARN</level> + </filter> + <encoder> + <pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n</pattern> + </encoder> + </appender> + + <appender name="AsyncErrorOut" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="ErrorOut" /> + </appender> + + <appender name="DebugOut" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>/var/log/onap/policy/a1pms-participant/debug.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> + <fileNamePattern>/var/log/onap/policy/a1pms-participant/debug.%d{yyyy-MM-dd}.%i.log.zip + </fileNamePattern> + <maxFileSize>50MB</maxFileSize> + <maxHistory>30</maxHistory> + <totalSizeCap>10GB</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n</pattern> + </encoder> + </appender> + + <appender name="AsyncDebugOut" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="DebugOut" /> + </appender> + + <appender name="NetworkOut" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>/var/log/onap/policy/a1pms-participant/network.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> + <fileNamePattern>/var/log/onap/policy/a1pms-participant/network.%d{yyyy-MM-dd}.%i.log.zip + </fileNamePattern> + <maxFileSize>50MB</maxFileSize> + <maxHistory>30</maxHistory> + <totalSizeCap>10GB</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%t]%m%n</pattern> + </encoder> + </appender> + + <appender name="AsyncNetworkOut" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="NetworkOut" /> + </appender> + + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <Pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n</Pattern> + </encoder> + </appender> + + <appender name="AsyncStdOut" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="STDOUT" /> + </appender> + + <logger name="network" level="INFO" additivity="false"> + <appender-ref ref="AsyncNetworkOut" /> + <appender-ref ref="AsyncStdOut" /> + </logger> + + <logger name="org.eclipse.jetty.server.RequestLog" level="info" additivity="false"> + <appender-ref ref="AsyncNetworkOut" /> + <appender-ref ref="AsyncStdOut" /> + </logger> + + <root level="INFO"> + <appender-ref ref="AsyncDebugOut" /> + <appender-ref ref="AsyncErrorOut" /> + <appender-ref ref="AsyncStdOut" /> + </root> + +</configuration> diff --git a/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/templates/configmap.yaml b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/templates/configmap.yaml new file mode 100755 index 0000000000..adb025592d --- /dev/null +++ b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/templates/configmap.yaml @@ -0,0 +1,37 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2022 Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*.{xml,yaml}").AsConfig . | indent 2 }} +{{- if .Values.a1pmsconfig }} +{{ tpl (.Files.Glob "resources/config/A1pmsParticipantParameters.yaml").AsConfig . | indent 2 }} +{{ toYaml .Values.a1pmsconfig | indent 4 }} +{{ tpl (.Files.Glob "resources/config/*.{json,xml,sh}").AsConfig . | indent 2 }} +{{- end }} diff --git a/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/templates/deployment.yaml new file mode 100755 index 0000000000..f7b6dbecd9 --- /dev/null +++ b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/templates/deployment.yaml @@ -0,0 +1,124 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2022 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +apiVersion: apps/v1 +kind: Deployment +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +spec: + selector: {{- include "common.selectors" . | nindent 4 }} + replicas: {{ .Values.replicaCount }} + template: + metadata: {{- include "common.templateMetadata" . | nindent 6 }} + spec: + initContainers: +{{- if .Values.config.useStrimziKafka }} + - command: + - /app/ready.py + args: + - --container-name + - message-router + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ include "repositoryGenerator.image.readiness" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness +{{- end }} + - command: + - sh + args: + - -c + - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done" + env: + - name: RESTSERVER_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }} + - name: RESTSERVER_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }} +{{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }} +{{- end }} + volumeMounts: + - mountPath: /config-input + name: ac-a1pms-ppnt-config + - mountPath: /config + name: ac-a1pms-ppnt-config-processed + image: {{ include "repositoryGenerator.image.envsubst" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-update-config + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/opt/app/policy/clamp/bin/a1pms-participant.sh"] + args: ["/opt/app/policy/clamp/etc/mounted/A1pmsParticipantParameters.yaml"] + env: + - name: KEYSTORE_PASSWD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }} + - name: TRUSTSTORE_PASSWD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }} + ports: {{ include "common.containerPorts" . | nindent 12 }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.liveness.port }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.readiness.port }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/policy/clamp/etc/mounted + name: ac-a1pms-ppnt-config-processed + resources: +{{ include "common.resources" . }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "create" "dot" . )}} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: ac-a1pms-ppnt-config + configMap: + name: {{ include "common.fullname" . }}-configmap + defaultMode: 0755 + - name: ac-a1pms-ppnt-config-processed + emptyDir: + medium: Memory + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/appc/components/appc-ansible-server/Chart.yaml b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/templates/secrets.yaml index 1929d389f2..3401d7f01f 100644..100755 --- a/kubernetes/appc/components/appc-ansible-server/Chart.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/templates/secrets.yaml @@ -1,6 +1,5 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation +{{/* +# Copyright (C) 2022 Nordix Foundation. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,16 +12,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} -apiVersion: v2 -description: ONAP APPC Ansible Server -name: appc-ansible-server -version: 12.0.0 - -dependencies: - - name: common - version: ~12.x-0 - repository: '@local' - - name: repositoryGenerator - version: ~12.x-0 - repository: '@local' +{{ include "common.secretFast" . }} diff --git a/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/templates/service.yaml b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/templates/service.yaml new file mode 100644 index 0000000000..19f522a71e --- /dev/null +++ b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/templates/service.yaml @@ -0,0 +1,21 @@ +{{/*
+# ============LICENSE_START=======================================================
+# Copyright (C) 2022 Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "common.service" . }}
diff --git a/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/values.yaml new file mode 100755 index 0000000000..7d8ff23433 --- /dev/null +++ b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/values.yaml @@ -0,0 +1,162 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2022 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration defaults. +################################################################# +global: + persistence: {} + aafEnabled: false + +################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: restserver-secret + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.restServer.credsExternalSecret) . }}' + login: '{{ .Values.restServer.user }}' + password: '{{ .Values.restServer.password }}' + passwordPolicy: required + - uid: keystore-password + type: password + externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}' + password: '{{ .Values.certStores.keyStorePassword }}' + passwordPolicy: required + - uid: truststore-password + type: password + externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}' + password: '{{ .Values.certStores.trustStorePassword }}' + passwordPolicy: required + - uid: policy-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate + +certStores: + keyStorePassword: Pol1cy_0nap + trustStorePassword: Pol1cy_0nap + +################################################################# +# Application configuration defaults. +################################################################# +# application image +image: onap/policy-clamp-ac-a1pms-ppnt:6.4.0 +pullPolicy: Always + +# application configuration +restServer: + user: participantUser + password: zb!XztG34 + +a1pmsconfig: + a1pms: + baseUrl: http://a1policymanagement.onap:8081 + headers: + content-type: application/json + endpoints: + health: /a1-policy/v2/rics + services: /a1-policy/v2/services + service: /a1-policy/v2/services/{service_id} + +# flag to enable debugging - application support required +debugEnabled: false + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} +ingress: + enabled: false + +# probe configuration parameters +liveness: + initialDelaySeconds: 20 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + port: a1pms-api + +readiness: + initialDelaySeconds: 20 + periodSeconds: 10 + port: a1pms-api + +service: + type: ClusterIP + name: policy-clamp-ac-a1pms-ppnt + ports: + - name: a1pms-api + port: 8086 + nodePort: 42 + + +flavor: small +resources: + small: + limits: + cpu: 1 + memory: 4Gi + requests: + cpu: 100m + memory: 1Gi + large: + limits: + cpu: 2 + memory: 8Gi + requests: + cpu: 200m + memory: 2Gi + unlimited: {} +#Pods Service Account +serviceAccount: + nameOverride: policy-clamp-ac-a1pms-ppnt + roles: + - create + +config: +# Event consumption (kafka) properties + useStrimziKafka: true + kafkaBootstrap: strimzi-kafka-bootstrap + kafka: + consumer: + groupId: policy-group + app: + listener: + acRuntimeTopic: policy-acruntime-participant +# If targeting a custom kafka cluster, ie useStrimziKakfa: false +# uncomment below config and target your kafka bootstrap servers, +# along with any other security config. +# +# eventConsumption: +# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092 +# spring.kafka.security.protocol: PLAINTEXT +# spring.kafka.consumer.group-id: policy-group +# +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format instead of yaml. +# additional: +# spring.config.max-size: 200 +# spring.config.min-size: 10 + diff --git a/kubernetes/policy/components/policy-distribution/resources/config/config.json b/kubernetes/policy/components/policy-distribution/resources/config/config.json index 1aa9044eab..94fc37b4ad 100755 --- a/kubernetes/policy/components/policy-distribution/resources/config/config.json +++ b/kubernetes/policy/components/policy-distribution/resources/config/config.json @@ -56,27 +56,23 @@ "sdcConfiguration":{ "parameterClassName":"org.onap.policy.distribution.reception.handling.sdc.SdcReceptionHandlerConfigurationParameterGroup", "parameters":{ - "asdcAddress": "sdc-be.{{ include "common.namespace" . }}:{{ (eq "true" (include "common.needTLS" .)) | ternary 8443 8080 }}", - "messageBusAddress": [ - "message-router.{{ include "common.namespace" . }}" - ], + "environmentName": "AUTO", + "isUseHttpsWithSDC": {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}, + "keyStorePath": "null", + "keyStorePassword": "null", + "activeserverTlsAuth": false, + "sdcAddress": "sdc-be.{{ include "common.namespace" . }}:{{ (eq "true" (include "common.needTLS" .)) | ternary 8443 8080 }}", "user": "${SDCBE_USER}", "password": "${SDCBE_PASSWORD}", + "consumerGroup": "{{ .Values.config.kafka.sdcTopic.consumerGroup }}", + "consumerId": "{{ .Values.config.kafka.sdcTopic.clientId }}", "pollingInterval":20, "pollingTimeout":30, - "consumerId": "policy-id", "artifactTypes": [ "TOSCA_CSAR", "HEAT" ], - "consumerGroup": "policy-group", - "environmentName": "AUTO", - "keyStorePath": "null", - "keyStorePassword": "null", - "activeserverTlsAuth": false, - "isFilterinEmptyResources": true, - "isUseHttpsWithDmaap": {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}, - "isUseHttpsWithSDC": {{ (eq "true" (include "common.needTLS" .)) | ternary true false }} + "isFilterinEmptyResources": true } } }, diff --git a/kubernetes/policy/components/policy-distribution/templates/deployment.yaml b/kubernetes/policy/components/policy-distribution/templates/deployment.yaml index 4745aac23b..9c71ac1920 100755 --- a/kubernetes/policy/components/policy-distribution/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-distribution/templates/deployment.yaml @@ -75,6 +75,13 @@ spec: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: SECURITY_PROTOCOL + value: {{ .Values.config.kafka.securityProtocol }} + - name: SASL_MECHANISM + value: {{ .Values.config.kafka.saslMechanism }} + - name: SASL_JAAS_CONFIG + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-dist-kafka-user" "key" "sasl.jaas.config") | indent 12 }} {{- if .Values.global.aafEnabled }} command: ["sh","-c"] args: ["source {{ .Values.certInitializer.credsPath }}/.ci;\ diff --git a/kubernetes/policy/components/policy-distribution/templates/policy-dist-kafka-user.yaml b/kubernetes/policy/components/policy-distribution/templates/policy-dist-kafka-user.yaml new file mode 100644 index 0000000000..eb721b07bb --- /dev/null +++ b/kubernetes/policy/components/policy-distribution/templates/policy-dist-kafka-user.yaml @@ -0,0 +1,36 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaUser +metadata: + name: {{ include "common.release" . }}-{{ .Values.global.policyDistKafkaUser }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + authentication: + type: {{ .Values.config.kafka.saslMechanism | lower }} + authorization: + type: {{ .Values.config.kafka.authType }} + acls: + - resource: + type: group + name: {{ .Values.config.kafka.sdcTopic.consumerGroup }} + operation: Read + - resource: + type: topic + patternType: prefix + name: {{ .Values.config.kafka.sdcTopic.pattern }} + operation: All diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml index d9df88ce79..5cdda2f0b8 100755 --- a/kubernetes/policy/components/policy-distribution/values.yaml +++ b/kubernetes/policy/components/policy-distribution/values.yaml @@ -55,7 +55,13 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}' password: '{{ .Values.certStores.trustStorePassword }}' passwordPolicy: required - + - uid: policy-dist-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate ################################################################# # Global configuration defaults. ################################################################# @@ -67,13 +73,24 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/policy-distribution:2.8.2 +image: onap/policy-distribution:2.9.0 pullPolicy: Always # flag to enable debugging - application support required debugEnabled: false # application configuration +config: + someConfig: blah + kafka: + bootstrapServer: strimzi-kafka-bootstrap:9092 + securityProtocol: SASL_PLAINTEXT + saslMechanism: SCRAM-SHA-512 + authType: simple + sdcTopic: + pattern: SDC-DIST + consumerGroup: policy-group + clientId: policy-distribution restServer: user: healthcheck diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index b3297278a9..c9e236a65c 100755 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -38,6 +38,7 @@ global: name: postgres kafkaBootstrap: strimzi-kafka-bootstrap policyKafkaUser: policy-kafka-user + policyDistKafkaUser: policy-dist-kafka-user ################################################################# # Secrets metaconfig @@ -128,7 +129,7 @@ policy-distribution: enabled: true db: *dbSecretsHook config: - jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyDistKafkaUser }}' policy-clamp-ac-k8s-ppnt: enabled: true config: @@ -144,6 +145,10 @@ policy-clamp-ac-http-ppnt: enabled: true config: jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' +policy-clamp-ac-a1pms-ppnt: + enabled: true + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-nexus: enabled: false config: diff --git a/kubernetes/portal/docker/init/mariadb-client/Dockerfile b/kubernetes/portal/docker/init/mariadb-client/Dockerfile index 72f60d35ad..a46b225be0 100644 --- a/kubernetes/portal/docker/init/mariadb-client/Dockerfile +++ b/kubernetes/portal/docker/init/mariadb-client/Dockerfile @@ -32,7 +32,6 @@ ENV portal_branch=$branch #ENV vid_branch: $branch #ENV clamp_branch: $branch -#ENV appc_repo: http://gerrit.onap.org/r/appc/deployment.git ENV so_repo=http://gerrit.onap.org/r/so/docker-config.git #ENV policy_repo: http://gerrit.onap.org/r/policy/docker.git ENV portal_repo=http://gerrit.onap.org/r/portal.git diff --git a/kubernetes/robot/demo-k8s.sh b/kubernetes/robot/demo-k8s.sh index 3f8ac9deec..0e8f11afcc 100755 --- a/kubernetes/robot/demo-k8s.sh +++ b/kubernetes/robot/demo-k8s.sh @@ -55,9 +55,6 @@ usage () echo " demo-k8s.sh <namespace> preload <vnf_name> <module_name>" echo " - Preload data for VNF for the <module_name>" echo " " - echo " demo-k8s.sh <namespace> appc <module_name>" - echo " - provide APPC with vFW module mount point for closed loop" - echo " " echo " demo-k8s.sh <namespace> init_robot [ <etc_hosts_prefix> ]" echo " - Initialize robot after all ONAP VMs have started" echo " " @@ -168,16 +165,6 @@ do VARIABLES="$VARIABLES -v MODULE_NAME:$1" shift ;; - appc) - TAG="APPCMountPointDemo" - shift - if [ $# -ne 1 ];then - echo "Usage: demo-k8s.sh <namespace> appc <module_name>" - exit - fi - VARIABLES="$VARIABLES -v MODULE_NAME:$1" - shift - ;; instantiateVFW) TAG="instantiateVFW" VARIABLES="$VARIABLES -v GLOBAL_BUILD_NUMBER:$$" diff --git a/kubernetes/robot/ete-k8s.sh b/kubernetes/robot/ete-k8s.sh index 82bf836ade..aa02e17867 100755 --- a/kubernetes/robot/ete-k8s.sh +++ b/kubernetes/robot/ete-k8s.sh @@ -31,7 +31,7 @@ if [ "$1" = "" ] || [ "$2" = "" ]; then echo " InitDistribution, PreloadDemo, deleteVNF, instantiateDemoVFWCL, instantiateVFW, " echo " instantiateVFWCL, instantiateVFWDT, instantiateVFWCLDN" echo "" - echo " health-check.robot: health, core, small, medium, 3rdparty, api, datarouter, externalapi, health-aaf, health-aai, health-appc," + echo " health-check.robot: health, core, small, medium, 3rdparty, api, datarouter, externalapi, health-aaf, health-aai," echo " health-clamp, health-cli, health-dcae, health-dmaap, health-log, health-modeling, health-msb," echo " health-multicloud, health-oof, health-policy, health-pomba, health-portal, health-sdc, health-sdnc," echo " health-so, health-uui, health-vfc, health-vid, health-vnfsdk, healthdist, healthlogin, healthmr," diff --git a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py index 8365c68297..5accf3800f 100644 --- a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py @@ -16,8 +16,6 @@ GLOBAL_INJECTED_AAF_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "aaf-service") }}' GLOBAL_INJECTED_AAI_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "aai") }}' -GLOBAL_INJECTED_APPC_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "appc") }}' -GLOBAL_INJECTED_APPC_CDT_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "appc-cdt") }}' GLOBAL_INJECTED_ARTIFACTS_VERSION = '{{.Values.demoArtifactsVersion}}' GLOBAL_INJECTED_ARTIFACTS_REPO_URL = "{{ .Values.demoArtifactsRepoUrl }}" GLOBAL_INJECTED_CLAMP_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "policy-gui") }}' @@ -133,15 +131,6 @@ GLOBAL_AAI_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostnam GLOBAL_AAI_USERNAME = '{{ .Values.aaiUsername }}' GLOBAL_AAI_PASSWORD = '{{ .Values.aaiPassword}}' GLOBAL_AAI_AUTHENTICATION = [GLOBAL_AAI_USERNAME, GLOBAL_AAI_PASSWORD] -# appc info - everything is from the private oam network (also called onap private network) -GLOBAL_APPC_SERVER_PROTOCOL = "https" -GLOBAL_APPC_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "appc" "port" 8443) }}' -GLOBAL_APPC_USERNAME = '{{ .Values.appcUsername }}' -GLOBAL_APPC_PASSWORD = '{{ .Values.appcPassword }}' -GLOBAL_APPC_AUTHENTICATION = [GLOBAL_APPC_USERNAME, GLOBAL_APPC_PASSWORD] -GLOBAL_APPC_CDT_SERVER_PROTOCOL = "https" -GLOBAL_APPC_CDT_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "appc-cdt" "port" 18080) }}' -GLOBAL_APPC_CDT_USERNAME = "demo" # sdc info - everything is from the private oam network (also called onap private network) GLOBAL_SDC_SERVER_PROTOCOL = 'http{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}' GLOBAL_SDC_FE_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdc-fe" "port" ( ternary 9443 8181 (eq "true" (include "common.needTLS" . )))) }}' diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml index bf11e1306e..87b117dc35 100644 --- a/kubernetes/robot/values.yaml +++ b/kubernetes/robot/values.yaml @@ -44,14 +44,6 @@ config: enabled: true https: true hostname: aai.api.sparky - appc: - enabled: true - https: true - hostname: appc.api - appc_cdt: - enabled: true - https: true - hostname: appccdt clamp: enabled: true https: true @@ -319,9 +311,6 @@ aafPassword: "demo123456!" # AAI aaiUsername: "aai@aai.onap.org" aaiPassword: "demo123456!" -# APPC -appcUsername: "appc@appc.onap.org" -appcPassword: "demo123456!" # SDC sdcUsername: "beep" sdcPassword: "boop" diff --git a/kubernetes/sdnc/components/dmaap-listener/values.yaml b/kubernetes/sdnc/components/dmaap-listener/values.yaml index 4273a31c53..d53c2df6cc 100644 --- a/kubernetes/sdnc/components/dmaap-listener/values.yaml +++ b/kubernetes/sdnc/components/dmaap-listener/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-dmaap-listener-image:2.4.1 +image: onap/sdnc-dmaap-listener-image:2.4.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml index ee5d498f56..77cb521dee 100644 --- a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml +++ b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-ansible-server-image:2.4.1 +image: onap/sdnc-ansible-server-image:2.4.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/components/sdnc-web/values.yaml b/kubernetes/sdnc/components/sdnc-web/values.yaml index 979698ffef..82c7cce559 100644 --- a/kubernetes/sdnc/components/sdnc-web/values.yaml +++ b/kubernetes/sdnc/components/sdnc-web/values.yaml @@ -23,7 +23,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: "onap/sdnc-web-image:2.4.1" +image: "onap/sdnc-web-image:2.4.2" pullPolicy: Always config: diff --git a/kubernetes/sdnc/components/ueb-listener/values.yaml b/kubernetes/sdnc/components/ueb-listener/values.yaml index 7c85f39fcc..53ce54dcc2 100644 --- a/kubernetes/sdnc/components/ueb-listener/values.yaml +++ b/kubernetes/sdnc/components/ueb-listener/values.yaml @@ -55,7 +55,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-ueb-listener-image:2.4.1 +image: onap/sdnc-ueb-listener-image:2.4.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index 1fd5bf3363..dd70295740 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -210,7 +210,7 @@ certificates: # application images pullPolicy: Always -image: onap/sdnc-image:2.4.1 +image: onap/sdnc-image:2.4.2 # flag to enable debugging - application support required debugEnabled: false diff --git a/kubernetes/so/components/so-appc-orchestrator/templates/configmap.yaml b/kubernetes/so/components/so-appc-orchestrator/templates/configmap.yaml index 6abb1673d5..6abb1673d5 100755..100644 --- a/kubernetes/so/components/so-appc-orchestrator/templates/configmap.yaml +++ b/kubernetes/so/components/so-appc-orchestrator/templates/configmap.yaml diff --git a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml index 29a1cf7443..50cf231a20 100755 --- a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml @@ -74,26 +74,28 @@ mso: asdc-connections: asdc-controller1: user: mso - consumerGroup: SO-OpenSource-Env11 - consumerId: SO-COpenSource-Env11 + consumerGroup: {{ .Values.config.kafka.sdcTopic.consumerGroup }} + consumerId: {{ .Values.config.kafka.sdcTopic.clientId }} environmentName: AUTO {{ if (include "common.needTLS" .) }} - asdcAddress: sdc-be.{{ include "common.namespace" . }}:8443 + sdcAddress: sdc-be.{{ include "common.namespace" . }}:8443 {{ else }} - asdcAddress: sdc-be.{{ include "common.namespace" . }}:8080 + sdcAddress: sdc-be.{{ include "common.namespace" . }}:8080 {{ end }} password: {{ index .Values "mso" "asdc-connections" "asdc-controller1" "password" }} pollingInterval: 60 pollingTimeout: 60 relevantArtifactTypes: HEAT,HEAT_ENV,HEAT_VOL - useHttpsWithDmaap: false useHttpsWithSdc: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }} activateServerTLSAuth: false keyStorePassword: keyStorePath: watchDogTimeout: 300 isFitlerInEmptyResources: true - messageBusAddress: message-router.{{ include "common.namespace" . }},message-router.{{ include "common.namespace" . }} + httpsProxyHost: + httpProxyHost: + httpsProxyPort: 0 + httpProxyPort: 0 asdc: config: activity: diff --git a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml index 55493f7c42..0d1977beff 100755 --- a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml +++ b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml @@ -71,6 +71,12 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }} - name: DB_ADMIN_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }} + - name: SECURITY_PROTOCOL + value: {{ .Values.config.kafka.securityProtocol }} + - name: SASL_MECHANISM + value: {{ .Values.config.kafka.saslMechanism }} + - name: SASL_JAAS_CONFIG + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-sdc-kafka-secret" "key" "sasl.jaas.config") | indent 10 }} {{ include "so.certificates.env" . | indent 8 | trim }} envFrom: - configMapRef: diff --git a/kubernetes/so/components/so-sdc-controller/templates/so-sdc-dist-kakfa-user.yaml b/kubernetes/so/components/so-sdc-controller/templates/so-sdc-dist-kakfa-user.yaml new file mode 100644 index 0000000000..4619c8ebc0 --- /dev/null +++ b/kubernetes/so/components/so-sdc-controller/templates/so-sdc-dist-kakfa-user.yaml @@ -0,0 +1,36 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaUser +metadata: + name: {{ include "common.release" . }}-{{ .Values.global.soSdcListenerKafkaUser }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + authentication: + type: {{ .Values.config.kafka.saslMechanism | lower }} + authorization: + type: {{ .Values.config.kafka.authType }} + acls: + - resource: + type: group + name: {{ .Values.config.kafka.sdcTopic.consumerGroup }} + operation: All + - resource: + type: topic + patternType: prefix + name: {{ .Values.config.kafka.sdcTopic.pattern }} + operation: All diff --git a/kubernetes/so/components/so-sdc-controller/values.yaml b/kubernetes/so/components/so-sdc-controller/values.yaml index f006c0772c..63a641c359 100755 --- a/kubernetes/so/components/so-sdc-controller/values.yaml +++ b/kubernetes/so/components/so-sdc-controller/values.yaml @@ -28,6 +28,7 @@ global: mariadbGalera: serviceName: mariadb-galera servicePort: '3306' + soSdcListenerKafkaUser: so-sdc-list-user readinessCheck: wait_for: @@ -50,6 +51,13 @@ secrets: login: '{{ .Values.db.adminName }}' password: '{{ .Values.db.adminPassword }}' passwordPolicy: required + - uid: so-sdc-kafka-secret + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate #secretsFilePaths: | # - 'my file 1' @@ -58,7 +66,7 @@ secrets: ################################################################# # Application configuration defaults. ################################################################# -image: onap/so/sdc-controller:1.11.0 +image: onap/so/sdc-controller:1.12.0 pullPolicy: Always db: @@ -81,6 +89,16 @@ mso: asdc-connections: asdc-controller1: password: 76966BDD3C7414A03F7037264FF2E6C8EEC6C28F2B67F2840A1ED857C0260FEE731D73F47F828E5527125D29FD25D3E0DE39EE44C058906BF1657DE77BF897EECA93BDC07FA64F +config: + someConfig: blah + kafka: + securityProtocol: SASL_PLAINTEXT + saslMechanism: SCRAM-SHA-512 + authType: simple + sdcTopic: + pattern: SDC-DIST + consumerGroup: so + clientId: SO-sdc-controller replicaCount: 1 minReadySeconds: 10 diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index cc63ca50c0..32e6e4776d 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -62,6 +62,8 @@ global: path: /etc/ssl/certs share_path: /usr/local/share/ca-certificates/ + soSdcListenerKafkaUser: so-sdc-list-user + readinessCheck: wait_for: jobs: @@ -387,6 +389,8 @@ so-sdc-controller: db: <<: *dbSecrets logConfigMapNamePrefix: '{{ include "common.release" . }}-so' + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.soSdcListenerKafkaUser }}' so-sdnc-adapter: enabled: true |