aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes')
-rw-r--r--kubernetes/aaf/values.yaml2
-rw-r--r--kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml6
-rw-r--r--kubernetes/aai/charts/aai-sparky-be/templates/service.yaml3
-rw-r--r--kubernetes/aai/charts/aai-sparky-be/values.yaml5
-rw-r--r--kubernetes/aai/resources/config/haproxy/haproxy.cfg8
-rw-r--r--kubernetes/aai/values.yaml2
-rwxr-xr-xkubernetes/appc/resources/config/appc/opt/onap/appc/bin/health_check.sh15
-rwxr-xr-xkubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh12
-rw-r--r--kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaa-app-config.xml120
-rw-r--r--kubernetes/appc/templates/statefulset.yaml13
-rw-r--r--kubernetes/appc/values.yaml5
-rw-r--r--kubernetes/common/dgbuilder/resources/config/svclogic.properties2
-rwxr-xr-xkubernetes/common/dgbuilder/resources/scripts/createReleaseDir.sh4
-rw-r--r--kubernetes/common/dgbuilder/resources/scripts/customSettings.js8
-rw-r--r--kubernetes/common/dgbuilder/values.yaml4
-rw-r--r--kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml2
-rw-r--r--kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/values.yaml2
-rw-r--r--kubernetes/policy/charts/drools/charts/nexus/values.yaml4
-rw-r--r--kubernetes/policy/charts/mariadb/values.yaml4
-rw-r--r--kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/logback.xml7
-rw-r--r--kubernetes/portal/charts/portal-mariadb/values.yaml2
-rw-r--r--kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml10
-rw-r--r--kubernetes/portal/docker/init/mariadb-client/Dockerfile2
-rwxr-xr-xkubernetes/robot/resources/config/eteshare/config/vm_properties.py4
-rw-r--r--kubernetes/robot/templates/deployment.yaml11
-rw-r--r--kubernetes/robot/templates/pv.yaml37
-rw-r--r--kubernetes/robot/templates/pvc.yaml48
-rw-r--r--kubernetes/robot/values.yaml28
-rw-r--r--kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml2
-rw-r--r--kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json2
-rw-r--r--kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties2
-rw-r--r--kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties2
-rw-r--r--kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties.sdnctldb022
-rw-r--r--kubernetes/sdnc/charts/sdnc-portal/values.yaml3
-rw-r--r--kubernetes/sdnc/resources/config/conf/dblib.properties2
-rw-r--r--kubernetes/sdnc/resources/config/conf/svclogic.properties2
-rw-r--r--kubernetes/sdnc/templates/secrets.yaml14
-rw-r--r--kubernetes/sdnc/templates/statefulset.yaml5
-rw-r--r--kubernetes/sdnc/values.yaml4
-rw-r--r--kubernetes/so/charts/mariadb/values.yaml2
40 files changed, 352 insertions, 60 deletions
diff --git a/kubernetes/aaf/values.yaml b/kubernetes/aaf/values.yaml
index 19250d8f69..9a51839241 100644
--- a/kubernetes/aaf/values.yaml
+++ b/kubernetes/aaf/values.yaml
@@ -38,7 +38,7 @@ config:
csServiceName: aaf-cass
# gerrit branch where the latest aaf/auth/sample/public code exists
gerritProject: http://gerrit.onap.org/r/aaf/authz.git
- gerritBranch: master
+ gerritBranch: 2.0.0-ONAP
# default number of instances
replicaCount: 1
diff --git a/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml b/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml
index c1b2c3ccae..b459646a6b 100644
--- a/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml
@@ -46,7 +46,7 @@ spec:
- name: KEYSTORE_PASSWORD
value: {{ .Values.config.keyStorePassword }}
- name: SPARKY_SSL_ENABLED
- value: 'true'
+ value: 'false'
- name: SPARKY_PORTAL_ENABLED
value: 'false'
volumeMounts:
@@ -83,13 +83,13 @@ spec:
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort2 }}
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end -}}
readinessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort2 }}
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
resources:
diff --git a/kubernetes/aai/charts/aai-sparky-be/templates/service.yaml b/kubernetes/aai/charts/aai-sparky-be/templates/service.yaml
index e342a9a688..385cdeabca 100644
--- a/kubernetes/aai/charts/aai-sparky-be/templates/service.yaml
+++ b/kubernetes/aai/charts/aai-sparky-be/templates/service.yaml
@@ -21,5 +21,4 @@ spec:
{{- end}}
selector:
app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- clusterIP: None
+ release: {{ .Release.Name }} \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-sparky-be/values.yaml b/kubernetes/aai/charts/aai-sparky-be/values.yaml
index c87ec5bf02..65aa79a537 100644
--- a/kubernetes/aai/charts/aai-sparky-be/values.yaml
+++ b/kubernetes/aai/charts/aai-sparky-be/values.yaml
@@ -25,7 +25,7 @@ config:
elasticsearchHttpPort: 9200
keyStorePassword: OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
keystoreAliasPassword: OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
- gerritBranch: master
+ gerritBranch: 2.0.0-ONAP
gerritProject: http://gerrit.onap.org/r/aai/test-config
portalUsername: aaiui
portalPassword: 1t2v1vfv1unz1vgz1t3b
@@ -61,9 +61,10 @@ readiness:
periodSeconds: 10
service:
- type: ClusterIP
+ type: NodePort
portName: aai-sparky-be
internalPort: 9517
+ nodePort: 20
internalPort2: 8000
ingress:
diff --git a/kubernetes/aai/resources/config/haproxy/haproxy.cfg b/kubernetes/aai/resources/config/haproxy/haproxy.cfg
index b9721ae41a..e90f737bff 100644
--- a/kubernetes/aai/resources/config/haproxy/haproxy.cfg
+++ b/kubernetes/aai/resources/config/haproxy/haproxy.cfg
@@ -22,6 +22,9 @@ defaults
log global
mode http
option httplog
+ option ssl-hello-chk
+ option httpchk GET /aai/util/echo HTTP/1.1\r\nHost:\ aai\r\nX-TransactionId:\ haproxy-0111\r\nX-FromAppId:\ haproxy\r\nAccept:\ application/json\r\nAuthorization:\ Basic\ QUFJOkFBSQ==
+ default-server init-addr none
# option dontlognull
# errorfile 400 /etc/haproxy/errors/400.http
# errorfile 403 /etc/haproxy/errors/403.http
@@ -95,7 +98,8 @@ backend IST_Default_8447
balance roundrobin
http-request set-header X-Forwarded-Port %[src_port]
http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
- server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}:8447 port 8447 ssl verify none
+ server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check check-ssl port 8447 ssl verify none
+
#######################
# BACKEND 8446#########
@@ -105,7 +109,7 @@ backend IST_AAI_8446
balance roundrobin
http-request set-header X-Forwarded-Port %[src_port]
http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
- server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}:8446 port 8446 ssl verify none
+ server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check check-ssl port 8446 ssl verify none
listen IST_AAI_STATS
mode http
diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml
index 017d0c282d..b07048e134 100644
--- a/kubernetes/aai/values.yaml
+++ b/kubernetes/aai/values.yaml
@@ -56,7 +56,7 @@ global: # global defaults
# application image
dockerhubRepository: registry.hub.docker.com
-image: aaionap/haproxy:1.2.3
+image: aaionap/haproxy:1.2.4
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/health_check.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/health_check.sh
new file mode 100755
index 0000000000..544358c1af
--- /dev/null
+++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/health_check.sh
@@ -0,0 +1,15 @@
+#!/bin/bash -x
+
+startODL_status=$(ps -e | grep startODL | wc -l)
+waiting_bundles=$(/opt/opendaylight/current/bin/client bundle:list | grep Waiting | wc -l)
+run_level=$(/opt/opendaylight/current/bin/client system:start-level)
+
+ if [ "$run_level" == "Level 100" ] && [ "$startODL_status" -lt "1" ] && [ "$waiting_bundles" -lt "1" ]
+ then
+ echo APPC is healthy.
+ else
+ echo APPC is not healthy.
+ exit 1
+ fi
+
+exit 0
diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh
index a990739d55..18a2783c5f 100755
--- a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh
+++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh
@@ -55,6 +55,9 @@ APPC_HOME=${APPC_HOME:-/opt/onap/appc}
SLEEP_TIME=${SLEEP_TIME:-120}
MYSQL_PASSWD=${MYSQL_PASSWD:-{{.Values.config.dbRootPassword}}}
ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false}
+ENABLE_AAF=${ENABLE_AAF:-false}
+AAF_EXT_IP=${AAF_EXT_IP:-{{.Values.config.aafExtIP}}}
+AAF_EXT_FQDN=${AAF_EXT_FQDN:-{{.Values.config.aafExtFQDN}}}
appcInstallStartTime=$(date +%s)
@@ -143,8 +146,13 @@ then
echo "" >> ${ODL_HOME}/etc/system.properties
echo "Copying the aaa shiro configuration into opendaylight"
- cp ${APPC_HOME}/data/aaa-app-config.xml ${ODL_HOME}/etc/opendaylight/datastore/initial/config/aaa-app-config.xml
-
+ if $ENABLE_AAF
+ then
+ echo "${AAF_EXT_IP} ${AAF_EXT_FQDN}" >> /etc/hosts
+ cp ${APPC_HOME}/data/properties/aaa-app-config.xml ${ODL_HOME}/etc/opendaylight/datastore/initial/config/aaa-app-config.xml
+ else
+ cp ${APPC_HOME}/data/aaa-app-config.xml ${ODL_HOME}/etc/opendaylight/datastore/initial/config/aaa-app-config.xml
+ fi
echo "Restarting OpenDaylight"
${ODL_HOME}/bin/stop
diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaa-app-config.xml b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaa-app-config.xml
new file mode 100644
index 0000000000..31bc4e31de
--- /dev/null
+++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaa-app-config.xml
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!--
+###
+# ============LICENSE_START=======================================================
+# APPC
+# ================================================================================
+# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+###
+ -->
+
+<shiro-configuration xmlns="urn:opendaylight:aaa:app:config">
+
+ <!--
+ ================================= TokenAuthRealm ==================================
+ = =
+ = Use org.onap.aaf.cadi.shiro.AAFRealm to enable AAF authentication =
+ = Use org.opendaylight.aaa.shiro.realm.TokenAuthRealm =
+ ===================================================================================
+ -->
+ <main>
+ <pair-key>tokenAuthRealm</pair-key>
+<!-- <pair-value>org.opendaylight.aaa.shiro.realm.TokenAuthRealm</pair-value> -->
+ <pair-value>org.onap.aaf.cadi.shiro.AAFRealm</pair-value>
+ </main>
+
+
+ <!-- add tokenAuthRealm as the only default realm -->
+ <main>
+ <pair-key>securityManager.realms</pair-key>
+ <pair-value>$tokenAuthRealm</pair-value>
+ </main>
+
+ <!-- Used to support OAuth2 use case. -->
+ <main>
+ <pair-key>authcBasic</pair-key>
+ <pair-value>org.opendaylight.aaa.shiro.filters.ODLHttpAuthenticationFilter</pair-value>
+ </main>
+
+ <!-- in order to track AAA challenge attempts -->
+ <main>
+ <pair-key>accountingListener</pair-key>
+ <pair-value>org.opendaylight.aaa.shiro.filters.AuthenticationListener</pair-value>
+ </main>
+ <main>
+ <pair-key>securityManager.authenticator.authenticationListeners</pair-key>
+ <pair-value>$accountingListener</pair-value>
+ </main>
+
+ <!-- Model based authorization scheme supporting RBAC for REST endpoints -->
+ <main>
+ <pair-key>dynamicAuthorization</pair-key>
+ <pair-value>org.opendaylight.aaa.shiro.realm.MDSALDynamicAuthorizationFilter</pair-value>
+ </main>
+
+
+ <!--
+ ===================================================================================
+ = URLS =
+ = For AAF use <pair-value> authcBasic, roles[org.onap.appc.odl|odl-api\*] =
+ = org.onap.appc.odl|odl-api|* can be replaced with other AAF permissions =
+ = For default <pair-value> authcBasic, roles[admin] =
+ ===================================================================================
+ -->
+
+ <!-- restrict access to some endpoints by default -->
+ <urls>
+ <pair-key>/auth/**</pair-key>
+<!-- <pair-value>authcBasic, roles[admin], dynamicAuthorization</pair-value> -->
+ <pair-value>authcBasic, roles[org.onap.appc.odl|odl-admin|*]</pair-value>
+ </urls>
+ <urls>
+ <pair-key>/restconf/config/aaa-cert-mdsal**</pair-key>
+<!-- <pair-value>authcBasic, roles[admin]</pair-value> -->
+ <pair-value>authcBasic, roles[org.onap.appc.odl|odl-admin|*]</pair-value>
+ </urls>
+ <urls>
+ <pair-key>/restconf/operational/aaa-cert-mdsal**</pair-key>
+<!-- <pair-value>authcBasic, roles[admin]</pair-value> -->
+ <pair-value>authcBasic, roles[org.onap.appc.odl|odl-admin|*]</pair-value>
+ </urls>
+ <urls>
+ <pair-key>/restconf/operations/aaa-cert-rpc**</pair-key>
+<!-- <pair-value>authcBasic, roles[admin]</pair-value> -->
+ <pair-value>authcBasic, roles[org.onap.appc.odl|odl-admin|*]</pair-value>
+ </urls>
+ <urls>
+ <pair-key>/restconf/config/aaa-authn-model**</pair-key>
+<!-- <pair-value>authcBasic, roles[admin]</pair-value> -->
+ <pair-value>authcBasic, roles[org.onap.appc.odl|odl-admin|*]</pair-value>
+ </urls>
+ <urls>
+ <pair-key>/restconf/operational/aaa-authn-model**</pair-key>
+<!-- <pair-value>authcBasic, roles[admin]</pair-value> -->
+ <pair-value>authcBasic, roles[org.onap.appc.odl|odl-admin|*]</pair-value>
+ </urls>
+ <urls>
+ <pair-key>/restconf/operations/cluster-admin**</pair-key>
+<!-- <pair-value>authcBasic, roles[admin]</pair-value> -->
+ <pair-value>authcBasic, roles[org.onap.appc.odl|odl-admin|*]</pair-value>
+ </urls>
+ <urls>
+ <pair-key>/**</pair-key>
+<!-- <pair-value>authcBasic, roles[admin]</pair-value> -->
+ <pair-value>authcBasic, roles[org.onap.appc.odl|odl-api|*]</pair-value>
+ </urls>
+</shiro-configuration>
+
diff --git a/kubernetes/appc/templates/statefulset.yaml b/kubernetes/appc/templates/statefulset.yaml
index d2da2ec756..791d93393e 100644
--- a/kubernetes/appc/templates/statefulset.yaml
+++ b/kubernetes/appc/templates/statefulset.yaml
@@ -45,8 +45,9 @@ spec:
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.externalPort2 }}
readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
+ exec:
+ command:
+ - /opt/appc/bin/health_check.sh
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
@@ -61,6 +62,8 @@ spec:
value: "{{ .Values.config.configDir }}"
- name: DMAAP_TOPIC_ENV
value: "{{ .Values.config.dmaapTopic }}"
+ - name: ENABLE_AAF
+ value: "{{ .Values.config.enableAAF }}"
- name: ENABLE_ODL_CLUSTER
value: "{{ .Values.config.enableClustering }}"
- name: APPC_REPLICAS
@@ -81,6 +84,9 @@ spec:
- mountPath: /opt/onap/appc/data/properties/aaiclient.properties
name: onap-appc-data-properties
subPath: aaiclient.properties
+ - mountPath: /opt/onap/appc/data/properties/aaa-app-config.xml
+ name: onap-appc-data-properties
+ subPath: aaa-app-config.xml
- mountPath: /opt/onap/appc/svclogic/config/svclogic.properties
name: onap-appc-svclogic-config
subPath: svclogic.properties
@@ -93,6 +99,9 @@ spec:
- mountPath: /opt/onap/appc/bin/installAppcDb.sh
name: onap-appc-bin
subPath: installAppcDb.sh
+ - mountPath: /opt/onap/appc/bin/health_check.sh
+ name: onap-appc-bin
+ subPath: health_check.sh
- mountPath: /opt/onap/ccsdk/data/properties/dblib.properties
name: onap-sdnc-data-properties
subPath: dblib.properties
diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml
index 4b47c63a42..1c20977b90 100644
--- a/kubernetes/appc/values.yaml
+++ b/kubernetes/appc/values.yaml
@@ -29,7 +29,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/appc-image:1.3.0
+image: onap/appc-image:1.4.0-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
@@ -37,7 +37,10 @@ debugEnabled: false
# application configuration
config:
+ aafExtIP: 127.0.0.1
+ aafExtFQDN: aaf-onap-beijing-test.osaaf.org
dbRootPassword: openECOMP1.0
+ enableAAF: false
enableClustering: true
configDir: /opt/onap/appc/data/properties
dmaapTopic: SUCCESS
diff --git a/kubernetes/common/dgbuilder/resources/config/svclogic.properties b/kubernetes/common/dgbuilder/resources/config/svclogic.properties
index dc3980de21..82eeec5e61 100644
--- a/kubernetes/common/dgbuilder/resources/config/svclogic.properties
+++ b/kubernetes/common/dgbuilder/resources/config/svclogic.properties
@@ -2,4 +2,4 @@ org.onap.ccsdk.sli.dbtype=jdbc
org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.dbServiceName}}.{{ include "common.namespace" . }}:3306/sdnctl
org.onap.ccsdk.sli.jdbc.database=sdnctl
org.onap.ccsdk.sli.jdbc.user=sdnctl
-org.onap.ccsdk.sli.jdbc.password=gamma
+org.onap.ccsdk.sli.jdbc.password={{.Values.config.dbSdnctlPassword}}
diff --git a/kubernetes/common/dgbuilder/resources/scripts/createReleaseDir.sh b/kubernetes/common/dgbuilder/resources/scripts/createReleaseDir.sh
index 76d17700b0..961792be3f 100755
--- a/kubernetes/common/dgbuilder/resources/scripts/createReleaseDir.sh
+++ b/kubernetes/common/dgbuilder/resources/scripts/createReleaseDir.sh
@@ -19,7 +19,7 @@ dbHost="{{.Values.config.dbServiceName}}.{{.Release.Namespace}}"
dbPort="3306"
dbName="sdnctl"
dbUser="sdnctl"
-dbPassword="gamma"
+dbPassword="{{.Values.config.dbSdnctlPassword}}"
gitLocalRepository="$4"
lastPort=$(find "releases/" -name "customSettings.js" |xargs grep uiPort|cut -d: -f2|sed -e s/,//|sort|tail -1)
@@ -99,7 +99,7 @@ then
echo "org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.dbServiceName}}.{{.Release.Namespace}}:3306/sdnctl" >>$svclogicPropFile
echo "org.onap.ccsdk.sli.jdbc.database=sdnctl" >>$svclogicPropFile
echo "org.onap.ccsdk.sli.jdbc.user=sdnctl" >>$svclogicPropFile
- echo "org.onap.ccsdk.sli.jdbc.password=gamma" >>$svclogicPropFile
+ echo "org.onap.ccsdk.sli.jdbc.password={{.Values.config.dbSdnctlPassword}}" >>$svclogicPropFile
fi
if [ ! -e "${appDir}/flowShareUsers.js" ]
then
diff --git a/kubernetes/common/dgbuilder/resources/scripts/customSettings.js b/kubernetes/common/dgbuilder/resources/scripts/customSettings.js
index 22810baabd..e3349b9d5a 100644
--- a/kubernetes/common/dgbuilder/resources/scripts/customSettings.js
+++ b/kubernetes/common/dgbuilder/resources/scripts/customSettings.js
@@ -27,25 +27,25 @@ module.exports={
"userDir": "releases/sdnc1.0",
"httpAuth": {
"user": "dguser",
- "pass": "cc03e747a6afbbcbf8be7668acfebee5"
+ "pass": "{{.Values.config.dgUserPassword}}"
},
"dbHost": "{{.Values.config.dbServiceName}}.{{ include "common.namespace" . }}",
"dbPort": "3306",
"dbName": "sdnctl",
"dbUser": "sdnctl",
- "dbPassword": "gamma",
+ "dbPassword": "{{.Values.config.dbSdnctlPassword}}",
"gitLocalRepository": "",
"httpRoot": "/",
"disableEditor": false,
"httpAdminRoot": "/",
"httpAdminAuth": {
"user": "dguser",
- "pass": "cc03e747a6afbbcbf8be7668acfebee5"
+ "pass": "{{.Values.config.dgUserPassword}}"
},
"httpNodeRoot": "/",
"httpNodeAuth": {
"user": "dguser",
- "pass": "cc03e747a6afbbcbf8be7668acfebee5"
+ "pass": "{{.Values.config.dgUserPassword}}"
},
"uiHost": "0.0.0.0",
"version": "0.9.1",
diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml
index e2d0c10709..759b940aea 100644
--- a/kubernetes/common/dgbuilder/values.yaml
+++ b/kubernetes/common/dgbuilder/values.yaml
@@ -42,9 +42,11 @@ debugEnabled: false
# application configuration
config:
dbRootPassword: openECOMP1.0
+ dbSdnctlPassword: gamma
dbPodName: mysql-db
dbServiceName: sdnc-dbhost
-
+ # MD5 hash of dguser password ( default: test123 )
+ dgUserPassword: cc03e747a6afbbcbf8be7668acfebee5
# default number of instances
replicaCount: 1
diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml b/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml
index d6a8c2c03c..b2b454d8bc 100644
--- a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml
+++ b/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml
@@ -43,7 +43,7 @@ debugEnabled: false
# application configuration
config:
# gerrit branch where the latest code is checked in
- gerritBranch: master
+ gerritBranch: 2.0.0-ONAP
# gerrit project where the latest code is checked in
gerritProject: http://gerrit.onap.org/r/dmaap/messagerouter/messageservice.git
diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/values.yaml b/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/values.yaml
index a71b14a046..3810cdfe57 100644
--- a/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/values.yaml
+++ b/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/values.yaml
@@ -39,7 +39,7 @@ debugEnabled: false
# application configuration
config:
# gerrit branch where the latest code is checked in
- gerritBranch: master
+ gerritBranch: 2.0.0-ONAP
# gerrit project where the latest code is checked in
gerritProject: http://gerrit.onap.org/r/dmaap/messagerouter/messageservice.git
diff --git a/kubernetes/policy/charts/drools/charts/nexus/values.yaml b/kubernetes/policy/charts/drools/charts/nexus/values.yaml
index 03a03cc198..add7a7c7be 100644
--- a/kubernetes/policy/charts/drools/charts/nexus/values.yaml
+++ b/kubernetes/policy/charts/drools/charts/nexus/values.yaml
@@ -46,14 +46,14 @@ affinity: {}
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 180
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 60
periodSeconds: 10
path: /nexus/service/local/status
diff --git a/kubernetes/policy/charts/mariadb/values.yaml b/kubernetes/policy/charts/mariadb/values.yaml
index 7703234a66..a3dd7676a4 100644
--- a/kubernetes/policy/charts/mariadb/values.yaml
+++ b/kubernetes/policy/charts/mariadb/values.yaml
@@ -45,14 +45,14 @@ affinity: {}
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 120
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 120
periodSeconds: 10
## Persist data to a persitent volume
diff --git a/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/logback.xml b/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/logback.xml
index f242c41e05..5500163ba7 100644
--- a/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/logback.xml
+++ b/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/logback.xml
@@ -33,21 +33,16 @@
limitations under the License.
============LICENSE_END============================================
-
- ECOMP is a trademark and service mark of AT&T Intellectual Property.
-->
<!DOCTYPE xml>
<configuration scan="true" scanPeriod="3 seconds" debug="true">
- <!-- Log-back files for the ECOMP Portal are created in directory
- ${catalina.base}/logs/${componentName}; e.g., apache-tomcat-8.0.35/logs/onapportal/application.log -->
- <!--<jmxConfigurator /> -->
<!-- specify the component name -->
<property name="componentName" value="onapportal"></property>
<!-- specify the base path of the log directory -->
- <property name="logDirPrefix" value="${catalina.base}/logs"></property>
+ <property name="logDirPrefix" value="/var/log/onap"></property>
<!-- The directories where logs are written -->
<property name="logDirectory" value="${logDirPrefix}/${componentName}" />
diff --git a/kubernetes/portal/charts/portal-mariadb/values.yaml b/kubernetes/portal/charts/portal-mariadb/values.yaml
index 49fc36f3a8..fe41734ea7 100644
--- a/kubernetes/portal/charts/portal-mariadb/values.yaml
+++ b/kubernetes/portal/charts/portal-mariadb/values.yaml
@@ -48,7 +48,7 @@ config:
# application's front end hostname. Must be resolvable on the client side environment
vidHostName: "vid.api.simpledemo.onap.org"
# aai sparky ui assignment for port 8080
- aaiSparkyPort: "" # TODO: populate with
+ aaiSparkyPort: "30220"
# application's front end hostname. Must be resolvable on the client side environment
aaiSparkyHostName: "aai.api.sparky.simpledemo.onap.org"
# cli ui assignment for port 8080
diff --git a/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml b/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml
index 864a8b9250..d1465c5f4e 100644
--- a/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml
+++ b/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml
@@ -34,19 +34,13 @@
============LICENSE_END============================================
- ECOMP is a trademark and service mark of AT&T Intellectual Property.
-->
<configuration scan="true" scanPeriod="3 seconds" debug="true">
- <!--
- Logback files for the ONAP Portal SDK Application
- are created in directory ${catalina.base}/logs/${componentName}
- e.g., apache-tomcat-8.0.35/logs/onapsdk/application.log
- -->
<!--<jmxConfigurator /> -->
<!-- specify the component name -->
<property name="componentName" value="onapsdk"></property>
<!-- specify the base path of the log directory -->
- <property name="logDirPrefix" value="${catalina.base}/logs"></property>
+ <property name="logDirPrefix" value="/var/log/onap"></property>
<!-- The directories where logs are written -->
<property name="logDirectory" value="${logDirPrefix}/${componentName}" />
<!-- Can easily relocate debug logs by modifying this path. -->
@@ -223,4 +217,4 @@
<root level="DEBUG">
<appender-ref ref="asyncEELF" />
</root>
-</configuration> \ No newline at end of file
+</configuration>
diff --git a/kubernetes/portal/docker/init/mariadb-client/Dockerfile b/kubernetes/portal/docker/init/mariadb-client/Dockerfile
index 009f2fa757..e64b1e2d87 100644
--- a/kubernetes/portal/docker/init/mariadb-client/Dockerfile
+++ b/kubernetes/portal/docker/init/mariadb-client/Dockerfile
@@ -1,6 +1,6 @@
FROM boxfuse/flyway:5.0.7-alpine
-ARG branch=master
+ARG branch=2.0.0-ONAP
ENV no_proxy "localhost,127.0.0.1,.cluster.local,$KUBERNETES_SERVICE_HOST"
# Setup Corporate proxy
ENV https_proxy ${HTTP_PROXY}
diff --git a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py
index 261d345c84..62f0b630a2 100755
--- a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py
+++ b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py
@@ -12,7 +12,7 @@ GLOBAL_INJECTED_DCAE_IP_ADDR = "dcae-healthcheck.{{include "common.namespace" .}
GLOBAL_INJECTED_DNS_IP_ADDR = "N/A"
GLOBAL_INJECTED_DOCKER_VERSION = "1.2-STAGING-latest"
GLOBAL_INJECTED_EXTERNAL_DNS = "N/A"
-GLOBAL_INJECTED_GERRIT_BRANCH = "master"
+GLOBAL_INJECTED_GERRIT_BRANCH = "2.0.0-ONAP"
GLOBAL_INJECTED_LOG_ELASTICSEARCH_IP_ADDR = "log-es.{{include "common.namespace" .}}"
GLOBAL_INJECTED_LOG_KIBANA_IP_ADDR = "log-kibana.{{include "common.namespace" .}}"
GLOBAL_INJECTED_LOG_LOGSTASH_IP_ADDR = "log-ls-http.{{include "common.namespace" .}}"
@@ -67,7 +67,7 @@ GLOBAL_INJECTED_PROPERTIES = {
"GLOBAL_INJECTED_DNS_IP_ADDR" : "N/A",
"GLOBAL_INJECTED_DOCKER_VERSION" : "1.2-STAGING-latest",
"GLOBAL_INJECTED_EXTERNAL_DNS" : "N/A",
- "GLOBAL_INJECTED_GERRIT_BRANCH" : "master",
+ "GLOBAL_INJECTED_GERRIT_BRANCH" : "2.0.0-ONAP",
"GLOBAL_INJECTED_KEYSTONE" : "{{ .Values.openStackKeyStoneUrl }}",
"GLOBAL_INJECTED_LOG_ELASTICSEARCH_IP_ADDR" : "log-es.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_LOG_KIBANA_IP_ADDR" : "log-kibana.{{include "common.namespace" .}}",
diff --git a/kubernetes/robot/templates/deployment.yaml b/kubernetes/robot/templates/deployment.yaml
index 0b658093bf..e5cc1d3a0f 100644
--- a/kubernetes/robot/templates/deployment.yaml
+++ b/kubernetes/robot/templates/deployment.yaml
@@ -77,12 +77,14 @@ spec:
subPath: sdngc_interface.robot
- name: robot-resources
mountPath: /var/opt/OpenECOMP_ETE/robot/resources/oof_interface.robot
- subPath: oof_interface.robot
+ subPath: oof_interface.robot
- name: robot-lighttpd-authorization
mountPath: /etc/lighttpd/authorization
subPath: authorization
- name: demodir
mountPath: /share
+ - name: robot-logs
+ mountPath: /share/logs
resources:
{{ toYaml .Values.resources | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -94,6 +96,13 @@ spec:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
volumes:
+ {{- if .Values.persistence.enabled }}
+ - name: robot-logs
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
- name: localtime
hostPath:
path: /etc/localtime
diff --git a/kubernetes/robot/templates/pv.yaml b/kubernetes/robot/templates/pv.yaml
new file mode 100644
index 0000000000..184728f8ad
--- /dev/null
+++ b/kubernetes/robot/templates/pv.yaml
@@ -0,0 +1,37 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+spec:
+ capacity:
+ storage: {{ .Values.persistence.size}}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+{{- end -}}
diff --git a/kubernetes/robot/templates/pvc.yaml b/kubernetes/robot/templates/pvc.yaml
new file mode 100644
index 0000000000..e27c3311e9
--- /dev/null
+++ b/kubernetes/robot/templates/pvc.yaml
@@ -0,0 +1,48 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ selector:
+ matchLabels:
+ name: {{ include "common.fullname" . }}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml
index cc81b9d110..aea67c84aa 100644
--- a/kubernetes/robot/values.yaml
+++ b/kubernetes/robot/values.yaml
@@ -18,6 +18,7 @@
global: # global defaults
nodePortPrefix: 302
ubuntuInitRepository: registry.hub.docker.com
+ persistence: {}
# application image
repository: nexus3.onap.org:10001
@@ -38,7 +39,7 @@ config:
# Password of the lighthttpd server. Used for HTML auth for webpage access
lightHttpdPassword: robot
# gerrit branch where the latest heat code is checked in
- gerritBranch: master
+ gerritBranch: 2.0.0-ONAP
# gerrit project where the latest heat code is checked in
gerritProject: http://gerrit.onap.org/r/demo.git
@@ -79,7 +80,7 @@ openStackPrivateNetCidr: "10.0.0.0/8"
openStackOamNetworkCidrPrefix: "10.0"
# Override with Pub Key for access to VNF
vnfPubKey: "FILL_IN_WITH_PUB_KEY"
-# Override with DCAE VES Collector external IP
+# Override with DCAE VES Collector external IP
dcaeCollectorIp: "FILL_IN_WITH_DCAE_VES_COLLECTOR_IP"
# default number of instances
@@ -133,3 +134,26 @@ resources: {}
# requests:
# cpu: 2
# memory: 4Gi
+
+## Persist data to a persitent volume
+persistence:
+ enabled: true
+
+ ## A manually managed Persistent Volume and Claim
+ ## Requires persistence.enabled: true
+ ## If defined, PVC must be created manually before volume will be bound
+ # existingClaim:
+ volumeReclaimPolicy: Retain
+
+ ## database data Persistent Volume Storage Class
+ ## If defined, storageClassName: <storageClass>
+ ## If set to "-", storageClassName: "", which disables dynamic provisioning
+ ## If undefined (the default) or set to null, no storageClassName spec is
+ ## set, choosing the default provisioner. (gp2 on AWS, standard on
+ ## GKE, AWS & OpenStack)
+ ##
+ # storageClass: "-"
+ accessMode: ReadWriteMany
+ size: 2Gi
+ mountPath: /dockerdata-nfs
+ mountSubPath: robot/logs \ No newline at end of file
diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
index f69ae0ff80..ca708937ee 100644
--- a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
+++ b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
@@ -49,7 +49,7 @@ affinity: {}
# probe configuration parameters
liveness:
- initialDelaySeconds: 60
+ initialDelaySeconds: 180
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
diff --git a/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json b/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json
index f6d202ef09..a6950fdd70 100644
--- a/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json
+++ b/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json
@@ -36,7 +36,7 @@
"dbFabricPassword": "admin",
"dbFabricDB": "mysql",
"dbUser": "sdnctl",
- "dbPassword": "gamma",
+ "dbPassword": "{{.Values.config.dbSdnctlPassword}}",
"dbName": "sdnctl",
"odlProtocol": "http",
"odlHost": "sdnc.{{.Release.Namespace}}",
diff --git a/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties b/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties
index 9e4c88a879..68357baae6 100644
--- a/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties
+++ b/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties
@@ -22,7 +22,7 @@ org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.mysql.service.name}}.{{.Relea
org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver
org.onap.ccsdk.sli.jdbc.database=sdnctl
org.onap.ccsdk.sli.jdbc.user=sdnctl
-org.onap.ccsdk.sli.jdbc.password=gamma
+org.onap.ccsdk.sli.jdbc.password={{.Values.config.dbSdnctlPassword}}
org.onap.ccsdk.sli.jdbc.connection.name=sdnctldb01
org.onap.ccsdk.sli.jdbc.connection.timeout=50
org.onap.ccsdk.sli.jdbc.request.timeout=100
diff --git a/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties b/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties
index e0e3295735..cc13a9d707 100644
--- a/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties
+++ b/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties
@@ -2,4 +2,4 @@ org.openecomp.sdnctl.sli.dbtype = jdbc
org.openecomp.sdnctl.sli.jdbc.url = jdbc:mysql://sdnc-sdnctldb01:3306/sdnctl
org.openecomp.sdnctl.sli.jdbc.database = sdnctl
org.openecomp.sdnctl.sli.jdbc.user = sdnctl
-org.openecomp.sdnctl.sli.jdbc.password = gamma \ No newline at end of file
+org.openecomp.sdnctl.sli.jdbc.password = {{.Values.config.dbSdnctlPassword}} \ No newline at end of file
diff --git a/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties.sdnctldb02 b/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties.sdnctldb02
index e665a56d75..c75c603f22 100644
--- a/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties.sdnctldb02
+++ b/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties.sdnctldb02
@@ -2,4 +2,4 @@ org.openecomp.sdnctl.sli.dbtype = jdbc
org.openecomp.sdnctl.sli.jdbc.url = jdbc:mysql://sdnc-sdnctldb02:3306/sdnctl
org.openecomp.sdnctl.sli.jdbc.database = sdnctl
org.openecomp.sdnctl.sli.jdbc.user = sdnctl
-org.openecomp.sdnctl.sli.jdbc.password = gamma \ No newline at end of file
+org.openecomp.sdnctl.sli.jdbc.password = {{.Values.config.dbSdnctlPassword}} \ No newline at end of file
diff --git a/kubernetes/sdnc/charts/sdnc-portal/values.yaml b/kubernetes/sdnc/charts/sdnc-portal/values.yaml
index e741db312a..147d391041 100644
--- a/kubernetes/sdnc/charts/sdnc-portal/values.yaml
+++ b/kubernetes/sdnc/charts/sdnc-portal/values.yaml
@@ -37,6 +37,7 @@ debugEnabled: false
config:
mysqlChartName: sdnc-db
dbRootPassword: openECOMP1.0
+ dbSdnctlPassword: gamma
sdncChartName: sdnc
configDir: /opt/onap/sdnc/data/properties
odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
@@ -50,7 +51,7 @@ affinity: {}
# probe configuration parameters
liveness:
- initialDelaySeconds: 60
+ initialDelaySeconds: 180
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
diff --git a/kubernetes/sdnc/resources/config/conf/dblib.properties b/kubernetes/sdnc/resources/config/conf/dblib.properties
index 362726a6d8..dd2bcabcc5 100644
--- a/kubernetes/sdnc/resources/config/conf/dblib.properties
+++ b/kubernetes/sdnc/resources/config/conf/dblib.properties
@@ -22,7 +22,7 @@ org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.mysql.service.name}}.{{.Relea
org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver
org.onap.ccsdk.sli.jdbc.database=sdnctl
org.onap.ccsdk.sli.jdbc.user=sdnctl
-org.onap.ccsdk.sli.jdbc.password=gamma
+org.onap.ccsdk.sli.jdbc.password={{.Values.config.dbSdnctlPassword}}
org.onap.ccsdk.sli.jdbc.connection.name=sdnctldb01
org.onap.ccsdk.sli.jdbc.connection.timeout=50
org.onap.ccsdk.sli.jdbc.request.timeout=100
diff --git a/kubernetes/sdnc/resources/config/conf/svclogic.properties b/kubernetes/sdnc/resources/config/conf/svclogic.properties
index 99f6cf84b7..e564012c8f 100644
--- a/kubernetes/sdnc/resources/config/conf/svclogic.properties
+++ b/kubernetes/sdnc/resources/config/conf/svclogic.properties
@@ -23,5 +23,5 @@ org.onap.ccsdk.sli.dbtype = jdbc
org.onap.ccsdk.sli.jdbc.url = jdbc:mysql://{{.Values.mysql.service.name}}.{{.Release.Namespace}}:{{.Values.mysql.service.internalPort}}/sdnctl
org.onap.ccsdk.sli.jdbc.database = sdnctl
org.onap.ccsdk.sli.jdbc.user = sdnctl
-org.onap.ccsdk.sli.jdbc.password = gamma
+org.onap.ccsdk.sli.jdbc.password = {{.Values.config.dbSdnctlPassword}}
diff --git a/kubernetes/sdnc/templates/secrets.yaml b/kubernetes/sdnc/templates/secrets.yaml
index 754f117e38..a900132c31 100644
--- a/kubernetes/sdnc/templates/secrets.yaml
+++ b/kubernetes/sdnc/templates/secrets.yaml
@@ -25,3 +25,17 @@ metadata:
type: Opaque
data:
odl-password: {{ .Values.config.odlPassword | b64enc | quote }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-sdnctl
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+ db-sdnctl-password: {{ .Values.config.dbSdnctlPassword | b64enc | quote }}
diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml
index 69816dffb4..03ae8800bd 100644
--- a/kubernetes/sdnc/templates/statefulset.yaml
+++ b/kubernetes/sdnc/templates/statefulset.yaml
@@ -74,6 +74,11 @@ spec:
secretKeyRef:
name: {{ template "common.fullname" . }}-odl
key: odl-password
+ - name: SDNC_DB_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}-sdnctl
+ key: db-sdnctl-password
- name: SDNC_CONFIG_DIR
value: "{{ .Values.config.configDir }}"
- name: ENABLE_ODL_CLUSTER
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index 58adf48f99..0c602e50cd 100644
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -40,6 +40,7 @@ debugEnabled: false
config:
odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
dbRootPassword: openECOMP1.0
+ dbSdnctlPassword: gamma
enableClustering: true
binDir: /opt/onap/sdnc/bin
geoEnabled: false
@@ -83,6 +84,7 @@ sdnc-portal:
mysqlChartName: sdnc-db
configDir: /opt/onap/sdnc/data/properties
dbRootPassword: openECOMP1.0
+ dbSdnctlPassword: gamma
odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
sdnc-ansible-server:
@@ -112,6 +114,8 @@ dgbuilder:
dbPodName: sdnc-db
dbServiceName: sdnc-dbhost
dbRootPassword: openECOMP1.0
+ dbSdnctlPassword: gamma
+ dgUserPassword: cc03e747a6afbbcbf8be7668acfebee5
service:
name: sdnc-dgbuilder
nodePort: "03"
diff --git a/kubernetes/so/charts/mariadb/values.yaml b/kubernetes/so/charts/mariadb/values.yaml
index a46b31a44e..693e3dd689 100644
--- a/kubernetes/so/charts/mariadb/values.yaml
+++ b/kubernetes/so/charts/mariadb/values.yaml
@@ -32,7 +32,7 @@ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
config:
mariadbRootPassword: password
# gerrit branch where the latest heat code is checked in
- gerritBranch: master
+ gerritBranch: 2.0.0-ONAP
# gerrit project where the latest heat code is checked in
gerritProject: http://gerrit.onap.org/r/so/docker-config.git