aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes')
-rw-r--r--kubernetes/cli/requirements.yaml3
-rw-r--r--kubernetes/cli/templates/deployment.yaml1
-rw-r--r--kubernetes/cli/values.yaml6
-rw-r--r--kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml4
-rw-r--r--kubernetes/vfc/components/vfc-nslcm/values.yaml23
-rw-r--r--kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml6
-rw-r--r--kubernetes/vfc/components/vfc-vnflcm/values.yaml23
-rw-r--r--kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml6
-rw-r--r--kubernetes/vfc/components/vfc-vnfmgr/values.yaml22
-rw-r--r--kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml6
-rw-r--r--kubernetes/vfc/components/vfc-vnfres/values.yaml23
-rw-r--r--kubernetes/vfc/requirements.yaml1
-rw-r--r--kubernetes/vfc/values.yaml39
13 files changed, 94 insertions, 69 deletions
diff --git a/kubernetes/cli/requirements.yaml b/kubernetes/cli/requirements.yaml
index e2ce84d0a3..2394a6700d 100644
--- a/kubernetes/cli/requirements.yaml
+++ b/kubernetes/cli/requirements.yaml
@@ -25,3 +25,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/cli/templates/deployment.yaml b/kubernetes/cli/templates/deployment.yaml
index 735308754f..0a3f967eee 100644
--- a/kubernetes/cli/templates/deployment.yaml
+++ b/kubernetes/cli/templates/deployment.yaml
@@ -75,6 +75,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: lighttpd
configMap:
diff --git a/kubernetes/cli/values.yaml b/kubernetes/cli/values.yaml
index 4dcee4568c..28d227645a 100644
--- a/kubernetes/cli/values.yaml
+++ b/kubernetes/cli/values.yaml
@@ -126,3 +126,9 @@ resources:
cpu: 2
memory: 4Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: cli
+ roles:
+ - read
diff --git a/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml b/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml
index 40ca646e0f..17d8cc263e 100644
--- a/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml
+++ b/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml
@@ -42,7 +42,7 @@ spec:
- /app/ready.py
args:
- --container-name
- - {{ .Values.config.mariadbService }}
+ - '{{ ternary (index .Values "mariadb-galera" "nameOverride") .Values.global.mariadbGalera.service .Values.global.mariadbGalera.localCluster }}'
env:
- name: NAMESPACE
valueFrom:
@@ -83,7 +83,7 @@ spec:
- name: SSL_ENABLED
value: "{{ .Values.global.config.ssl_enabled }}"
- name: MYSQL_ADDR
- value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}"
+ value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}'
- name: MYSQL_ROOT_USER
value: "{{ .Values.global.config.mariadb_admin }}"
- name: MYSQL_ROOT_PASSWORD
diff --git a/kubernetes/vfc/components/vfc-nslcm/values.yaml b/kubernetes/vfc/components/vfc-nslcm/values.yaml
index 5854a370a2..ead1a4ccde 100644
--- a/kubernetes/vfc/components/vfc-nslcm/values.yaml
+++ b/kubernetes/vfc/components/vfc-nslcm/values.yaml
@@ -19,15 +19,20 @@ global:
nodePortPrefix: 302
config:
ssl_enabled: false
+ mariadbGalera:
+ localCluster: false
+ service: mariadb-galera
+ internalPort: 3306
+ nameOverride: mariadb-galera
#################################################################
# Secrets metaconfig
#################################################################
secrets:
- - uid: "db-root-pass"
- externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}'
+ - uid: db-root-pass
+ externalSecret: '{{ ternary (index .Values "mariadb-galera" "rootUser" "externalSecret") (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride))) .Values.global.mariadbGalera.localCluster }}'
type: password
- password: '{{ .Values.config.mariadbRootPassword }}'
+ password: '{{ index .Values "mariadb-galera" "rootUser" "password" }}'
policy: required
#################################################################
@@ -45,13 +50,11 @@ istioSidecar: true
# flag to enable debugging - application support required
debugEnabled: false
-# application configuration
-config:
- mariadbService: vfc-mariadb
- mariadbPort: 3306
- mariadbRootPassword: secretpassword
- # mariadbRootPasswordExternalSecret: some secret
-
+# Local mariadb galera instance default name
+mariadb-galera:
+ rootUser:
+ externalSecret: '{{ include "common.release" . }}-vfc-db-root-pass'
+ nameOverride: vfc-mariadb
# default number of instances
replicaCount: 1
diff --git a/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml b/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml
index b93d7af02b..75968b2ffe 100644
--- a/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml
+++ b/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml
@@ -42,7 +42,7 @@ spec:
- /app/ready.py
args:
- --container-name
- - {{ .Values.config.mariadbService }}
+ - '{{ ternary (index .Values "mariadb-galera" "nameOverride") .Values.global.mariadbGalera.service .Values.global.mariadbGalera.localCluster }}'
env:
- name: NAMESPACE
valueFrom:
@@ -58,7 +58,7 @@ spec:
- sh
args:
- -c
- - 'MYSQL_AUTH=root:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh'
+ - 'MYSQL_AUTH=${MYSQL_ROOT_USER}:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh'
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
@@ -83,7 +83,7 @@ spec:
- name: SSL_ENABLED
value: "{{ .Values.global.config.ssl_enabled }}"
- name: MYSQL_ADDR
- value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}"
+ value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}'
- name: MYSQL_ROOT_USER
value: "{{ .Values.global.config.mariadb_admin }}"
- name: MYSQL_ROOT_PASSWORD
diff --git a/kubernetes/vfc/components/vfc-vnflcm/values.yaml b/kubernetes/vfc/components/vfc-vnflcm/values.yaml
index acdf006992..cd5e999314 100644
--- a/kubernetes/vfc/components/vfc-vnflcm/values.yaml
+++ b/kubernetes/vfc/components/vfc-vnflcm/values.yaml
@@ -19,15 +19,20 @@ global:
nodePortPrefix: 302
config:
ssl_enabled: false
+ mariadbGalera:
+ localCluster: false
+ service: mariadb-galera
+ internalPort: 3306
+ nameOverride: mariadb-galera
#################################################################
# Secrets metaconfig
#################################################################
secrets:
- - uid: "db-root-pass"
- externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}'
+ - uid: db-root-pass
+ externalSecret: '{{ ternary (index .Values "mariadb-galera" "rootUser" "externalSecret") (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride))) .Values.global.mariadbGalera.localCluster }}'
type: password
- password: '{{ .Values.config.mariadbRootPassword }}'
+ password: '{{ index .Values "mariadb-galera" "rootUser" "password" }}'
policy: required
#################################################################
@@ -45,13 +50,11 @@ istioSidecar: true
# flag to enable debugging - application support required
debugEnabled: false
-# application configuration
-config:
- mariadbService: vfc-mariadb
- mariadbPort: 3306
- mariadbRootPassword: secretpassword
- # mariadbRootPasswordExternalSecret: some secret
-
+# Local mariadb galera instance default name
+mariadb-galera:
+ rootUser:
+ externalSecret: '{{ include "common.release" . }}-vfc-db-root-pass'
+ nameOverride: vfc-mariadb
# default number of instances
replicaCount: 1
diff --git a/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml b/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml
index 9c8430c9fc..f9a8ba71f2 100644
--- a/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml
+++ b/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml
@@ -42,7 +42,7 @@ spec:
- /app/ready.py
args:
- --container-name
- - {{ .Values.config.mariadbService }}
+ - '{{ ternary (index .Values "mariadb-galera" "nameOverride") .Values.global.mariadbGalera.service .Values.global.mariadbGalera.localCluster }}'
env:
- name: NAMESPACE
valueFrom:
@@ -58,7 +58,7 @@ spec:
- sh
args:
- -c
- - 'MYSQL_AUTH=root:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh'
+ - 'MYSQL_AUTH=${MYSQL_ROOT_USER}:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh'
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
@@ -83,7 +83,7 @@ spec:
- name: SSL_ENABLED
value: "{{ .Values.global.config.ssl_enabled }}"
- name: MYSQL_ADDR
- value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}"
+ value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}'
- name: REDIS_HOST
value: "{{ .Values.global.config.redisServiceName }}"
- name: REDIS_PORT
diff --git a/kubernetes/vfc/components/vfc-vnfmgr/values.yaml b/kubernetes/vfc/components/vfc-vnfmgr/values.yaml
index aa327792b3..35aa0aacd0 100644
--- a/kubernetes/vfc/components/vfc-vnfmgr/values.yaml
+++ b/kubernetes/vfc/components/vfc-vnfmgr/values.yaml
@@ -19,15 +19,20 @@ global:
nodePortPrefix: 302
config:
ssl_enabled: false
+ mariadbGalera:
+ localCluster: false
+ service: mariadb-galera
+ internalPort: 3306
+ nameOverride: mariadb-galera
#################################################################
# Secrets metaconfig
#################################################################
secrets:
- - uid: "db-root-pass"
- externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}'
+ - uid: db-root-pass
+ externalSecret: '{{ ternary (index .Values "mariadb-galera" "rootUser" "externalSecret") (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride))) .Values.global.mariadbGalera.localCluster }}'
type: password
- password: '{{ .Values.config.mariadbRootPassword }}'
+ password: '{{ index .Values "mariadb-galera" "rootUser" "password" }}'
policy: required
#################################################################
@@ -45,12 +50,11 @@ istioSidecar: true
# flag to enable debugging - application support required
debugEnabled: false
-# application configuration
-config:
- mariadbService: vfc-mariadb
- mariadbPort: 3306
- mariadbRootPassword: secretpassword
- # mariadbRootPasswordExternalSecret: some secret
+# Local mariadb galera instance default name
+mariadb-galera:
+ rootUser:
+ externalSecret: '{{ include "common.release" . }}-vfc-db-root-pass'
+ nameOverride: vfc-mariadb
# default number of instances
replicaCount: 1
diff --git a/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml b/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml
index 2577887523..06258a0d7e 100644
--- a/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml
+++ b/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml
@@ -42,7 +42,7 @@ spec:
- /app/ready.py
args:
- --container-name
- - {{ .Values.config.mariadbService }}
+ - '{{ ternary (index .Values "mariadb-galera" "nameOverride") .Values.global.mariadbGalera.service .Values.global.mariadbGalera.localCluster }}'
env:
- name: NAMESPACE
valueFrom:
@@ -58,7 +58,7 @@ spec:
- sh
args:
- -c
- - 'MYSQL_AUTH=root:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh'
+ - 'MYSQL_AUTH=${MYSQL_ROOT_USER}:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh'
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
@@ -83,7 +83,7 @@ spec:
- name: SSL_ENABLED
value: "{{ .Values.global.config.ssl_enabled }}"
- name: MYSQL_ADDR
- value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}"
+ value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}'
- name: REDIS_HOST
value: "{{ .Values.global.config.redisServiceName }}"
- name: REDIS_PORT
diff --git a/kubernetes/vfc/components/vfc-vnfres/values.yaml b/kubernetes/vfc/components/vfc-vnfres/values.yaml
index 7683912aa2..204d414e7d 100644
--- a/kubernetes/vfc/components/vfc-vnfres/values.yaml
+++ b/kubernetes/vfc/components/vfc-vnfres/values.yaml
@@ -19,15 +19,20 @@ global:
nodePortPrefix: 302
config:
ssl_enabled: false
+ mariadbGalera:
+ localCluster: false
+ service: mariadb-galera
+ internalPort: 3306
+ nameOverride: mariadb-galera
#################################################################
# Secrets metaconfig
#################################################################
secrets:
- - uid: "db-root-pass"
- externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}'
+ - uid: db-root-pass
+ externalSecret: '{{ ternary (index .Values "mariadb-galera" "rootUser" "externalSecret") (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride))) .Values.global.mariadbGalera.localCluster }}'
type: password
- password: '{{ .Values.config.mariadbRootPassword }}'
+ password: '{{ index .Values "mariadb-galera" "rootUser" "password" }}'
policy: required
#################################################################
@@ -45,13 +50,11 @@ istioSidecar: true
# flag to enable debugging - application support required
debugEnabled: false
-# application configuration
-config:
- mariadbService: vfc-mariadb
- mariadbPort: 3306
- mariadbRootPassword: secretpassword
- # mariadbRootPasswordExternalSecret: some secret
-
+# Local mariadb galera instance default name
+mariadb-galera:
+ rootUser:
+ externalSecret: '{{ include "common.release" . }}-vfc-db-root-pass'
+ nameOverride: vfc-mariadb
# default number of instances
replicaCount: 1
diff --git a/kubernetes/vfc/requirements.yaml b/kubernetes/vfc/requirements.yaml
index ab3f4ae979..7f65b021f9 100644
--- a/kubernetes/vfc/requirements.yaml
+++ b/kubernetes/vfc/requirements.yaml
@@ -19,6 +19,7 @@ dependencies:
- name: mariadb-galera
version: ~8.x-0
repository: '@local'
+ condition: global.mariadbGalera.localCluster
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
diff --git a/kubernetes/vfc/values.yaml b/kubernetes/vfc/values.yaml
index 0560832a5f..64bd029bd1 100644
--- a/kubernetes/vfc/values.yaml
+++ b/kubernetes/vfc/values.yaml
@@ -26,42 +26,47 @@ global:
# we use this flag to determine who is responbile for serice registeration
# and it can reduce duplicate registration.
reg_to_msb_when_start: False
- mariadb_admin: root
+ mariadb_admin: &mariadbAdmin root
persistence:
mountPath: /dockerdata-nfs
+ mariadbGalera: &mariadbGalera
+ #This flag allows VFC to instantiate its own mariadb-galera cluster
+ localCluster: false
+ service: mariadb-galera
+ internalPort: 3306
+ nameOverride: mariadb-galera
#################################################################
# Secrets metaconfig
#################################################################
secrets:
- - uid: "db-root-pass"
+ - uid: db-root-pass
name: &dbRootPassSecret '{{ include "common.release" . }}-vfc-db-root-pass'
+ externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .) (hasSuffix "db-root-pass" (index .Values "mariadb-galera" "rootUser" "externalSecret"))}}'
+ login: '{{ index .Values "mariadb-galera" "rootUser" "user" }}'
+ password: '{{ index .Values "mariadb-galera" "rootUser" "password" }}'
type: password
- password: '{{ .Values.config.mariadbRootPassword }}'
# application configuration
config:
logstashServiceName: log-ls
logstashPort: 5044
-mariadb-galera:
+mariadb-galera: &localMariadb
rootUser:
+ user: *mariadbAdmin
+ # password:
externalSecret: *dbRootPassSecret
- nameOverride: &vfc-mariadb vfc-mariadb
+ nameOverride: &dbServer vfc-mariadb
nfsprovisionerPrefix: vfc
persistence:
mountSubPath: vfc/data
enabled: true
disableNfsProvisioner: true
serviceAccount:
- nameOverride: *vfc-mariadb
+ nameOverride: *dbServer
replicaCount: 1
-db: &dbConfig
- mariadbService: vfc-mariadb
- mariadbPort: 3306
- mariadbRootPasswordExternalSecret: *dbRootPassSecret
-
vfc-generic-vnfm-driver:
enabled: true
@@ -70,26 +75,22 @@ vfc-huawei-vnfm-driver:
vfc-nslcm:
enabled: true
- config:
- << : *dbConfig
+ mariadb-galera: *localMariadb
vfc-redis:
enabled: true
vfc-vnflcm:
enabled: true
- config:
- << : *dbConfig
+ mariadb-galera: *localMariadb
vfc-vnfmgr:
enabled: true
- config:
- << : *dbConfig
+ mariadb-galera: *localMariadb
vfc-vnfres:
enabled: true
- config:
- << : *dbConfig
+ mariadb-galera: *localMariadb
# sub-chart configuration
vfc-workflow: