diff options
Diffstat (limited to 'kubernetes')
116 files changed, 659 insertions, 1901 deletions
diff --git a/kubernetes/a1policymanagement/values.yaml b/kubernetes/a1policymanagement/values.yaml index f70deefaff..17fa320472 100644 --- a/kubernetes/a1policymanagement/values.yaml +++ b/kubernetes/a1policymanagement/values.yaml @@ -63,7 +63,7 @@ certInitializer: echo "*** change ownership of certificates to targeted user" chown -R 1000 . -image: onap/ccsdk-oran-a1policymanagementservice:1.3.0 +image: onap/ccsdk-oran-a1policymanagementservice:1.3.2 userID: 1000 #Should match with image-defined user ID groupID: 999 #Should match with image-defined group ID pullPolicy: IfNotPresent diff --git a/kubernetes/aaf/components/Makefile b/kubernetes/aaf/components/Makefile index f4c9784bc4..4a15d0251b 100644 --- a/kubernetes/aaf/components/Makefile +++ b/kubernetes/aaf/components/Makefile @@ -19,7 +19,10 @@ SECRET_DIR := $(OUTPUT_DIR)/secrets EXCLUDES := HELM_BIN := helm -HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) +PROCESSED_FIRST := aaf-templates +TO_FILTER := $(PROCESSED_FIRST) $(EXCLUDES) + +HELM_CHARTS := $(PROCESSED_FIRST) $(filter-out $(TO_FILTER), $(sort $(patsubst %/.,%,$(wildcard */.)))) .PHONY: $(EXCLUDES) $(HELM_CHARTS) diff --git a/kubernetes/aaf/components/aaf-sms/templates/job.yaml b/kubernetes/aaf/components/aaf-sms/templates/job.yaml index 8dbe276d97..2370cf60de 100644 --- a/kubernetes/aaf/components/aaf-sms/templates/job.yaml +++ b/kubernetes/aaf/components/aaf-sms/templates/job.yaml @@ -201,6 +201,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + {{ include "common.waitForJobContainer" . | indent 6 | trim }} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: diff --git a/kubernetes/aaf/components/aaf-sms/values.yaml b/kubernetes/aaf/components/aaf-sms/values.yaml index da268ccf06..114ad23672 100644 --- a/kubernetes/aaf/components/aaf-sms/values.yaml +++ b/kubernetes/aaf/components/aaf-sms/values.yaml @@ -276,3 +276,8 @@ resources: cpu: 25m memory: 100Mi unlimited: {} + +wait_for_job_container: + containers: + - '{{ include "common.name" . }}-preload' + diff --git a/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl index 50da519a89..c0614b255e 100644 --- a/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl +++ b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl @@ -23,6 +23,10 @@ spec: replicas: {{ .Values.replicaCount }} template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} + {{- if (include "common.onServiceMesh" .) }} + annotations: + sidecar.istio.io/inject: "false" + {{- end }} spec: {{ include "aaf.initContainers" . | nindent 6 }} containers: - name: {{ include "common.name" . }} diff --git a/kubernetes/common/common/templates/_kafkaNodes.tpl b/kubernetes/common/common/templates/_kafkaNodes.tpl deleted file mode 100644 index f428b58d63..0000000000 --- a/kubernetes/common/common/templates/_kafkaNodes.tpl +++ /dev/null @@ -1,34 +0,0 @@ -{{/* -# Copyright © 2021 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} -{{/* - Generate comma separated list of kafka or zookeper nodes to reuse in message router charts. - How to use: - - zookeeper servers list: {{ include "common.kafkaNodes" (dict "dot" . "replicaCount" (index .Values "message-router-zookeeper" "replicaCount") "componentName" .Values.zookeeper.name "port" .Values.zookeeper.port ) }} - kafka servers list: {{ include "common.kafkaNodes" (dict "dot" . "replicaCount" (index .Values "message-router-kafka" "replicaCount") "componentName" .Values.kafka.name "port" .Values.kafka.port ) }} - -*/}} -{{- define "common.kafkaNodes" -}} -{{- $dot := .dot -}} -{{- $replicaCount := .replicaCount -}} -{{- $componentName := .componentName -}} -{{- $port := .port -}} -{{- $kafkaNodes := list -}} -{{- range $i, $e := until (int $replicaCount) -}} -{{- $kafkaNodes = print (include "common.release" $dot) "-" $componentName "-" $i "." $componentName "." (include "common.namespace" $dot) ".svc.cluster.local:" $port | append $kafkaNodes -}} -{{- end -}} -{{- $kafkaNodes | join "," -}} -{{- end -}} diff --git a/kubernetes/common/common/templates/_serviceMonitor.tpl b/kubernetes/common/common/templates/_serviceMonitor.tpl index 81d7a74578..907d9c6a9c 100644 --- a/kubernetes/common/common/templates/_serviceMonitor.tpl +++ b/kubernetes/common/common/templates/_serviceMonitor.tpl @@ -135,7 +135,7 @@ spec: {{- else if $dot.Values.metrics.serviceMonitor.targetPort }} targetPort: {{ $dot.Values.metrics.serviceMonitor.targetPort }} {{- else }} - port: metrics + port: tcp-metrics {{- end }} {{- if $dot.Values.metrics.serviceMonitor.isHttps }} scheme: https diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml index 9257dc89f9..ddad8d7360 100644 --- a/kubernetes/common/dgbuilder/values.yaml +++ b/kubernetes/common/dgbuilder/values.yaml @@ -69,7 +69,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-dgbuilder-image:1.3.1 +image: onap/ccsdk-dgbuilder-image:1.3.4 pullPolicy: Always # flag to enable debugging - application support required @@ -130,7 +130,7 @@ readiness: service: type: NodePort name: dgbuilder - portName: dgbuilder + portName: http externalPort: 3000 internalPort: 3100 nodePort: 28 diff --git a/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml b/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml index ea805c1813..a7278ba104 100644 --- a/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml +++ b/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml @@ -111,6 +111,12 @@ spec: value: "yes" - name: ELASTICSEARCH_NODE_TYPE value: "data" + - name: network.bind_host + value: 127.0.0.1 + - name: network.publish_host + valueFrom: + fieldRef: + fieldPath: status.podIP ports: {{- include "common.containerPorts" . |indent 12 }} {{- if .Values.livenessProbe.enabled }} livenessProbe: diff --git a/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml b/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml index a35b4bf741..85ea2bbc54 100644 --- a/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml +++ b/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml @@ -115,6 +115,12 @@ spec: value: {{ .Values.dedicatednode | quote }} - name: ELASTICSEARCH_NODE_TYPE value: "master" + - name: network.bind_host + value: 127.0.0.1 + - name: network.publish_host + valueFrom: + fieldRef: + fieldPath: status.podIP ports: {{- include "common.containerPorts" . |indent 12 }} {{- if .Values.livenessProbe.enabled }} livenessProbe: diff --git a/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml b/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml index 22de4dbf37..05e09cb696 100644 --- a/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml +++ b/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml @@ -113,6 +113,12 @@ spec: value: "coordinating" - name: ELASTICSEARCH_PORT_NUMBER value: "9000" + - name: network.bind_host + value: 127.0.0.1 + - name: network.publish_host + valueFrom: + fieldRef: + fieldPath: status.podIP {{/*ports: {{- include "common.containerPorts" . | indent 12 -}} */}} {{- if .Values.livenessProbe.enabled }} livenessProbe: diff --git a/kubernetes/common/etcd-init/templates/job.yaml b/kubernetes/common/etcd-init/templates/job.yaml index 69bcfaaf99..9d7dcc26da 100644 --- a/kubernetes/common/etcd-init/templates/job.yaml +++ b/kubernetes/common/etcd-init/templates/job.yaml @@ -55,6 +55,8 @@ spec: - /bin/sh - -ec - | + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} # Create users export ETCDCTL_ENDPOINTS=http://${ETCD_HOST}:${ETCD_PORT} export ETCDCTL_API=3 @@ -89,6 +91,7 @@ spec: name: localtime readOnly: true resources: {{ include "common.resources" . | nindent 12 }} + {{ include "common.waitForJobContainer" . | indent 6 | trim }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} {{- end -}} diff --git a/kubernetes/common/etcd-init/values.yaml b/kubernetes/common/etcd-init/values.yaml index c99c9f1e5b..6ccfb3e5d7 100644 --- a/kubernetes/common/etcd-init/values.yaml +++ b/kubernetes/common/etcd-init/values.yaml @@ -72,3 +72,7 @@ resources: cpu: 20m memory: 20Mi unlimited: {} + +wait_for_job_container: + containers: + - '{{ include "common.name" . }}' diff --git a/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml b/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml index e71351e9cb..841aab3e17 100644 --- a/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml +++ b/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml @@ -27,8 +27,8 @@ metadata: spec: type: {{ .Values.metrics.service.type }} ports: - - name: metrics + - name: tcp-metrics port: {{ .Values.metrics.service.port }} - targetPort: metrics + targetPort: tcp-metrics selector: {{- include "common.matchLabels" . | nindent 4 }} {{- end }} diff --git a/kubernetes/common/mariadb-galera/templates/service.yaml b/kubernetes/common/mariadb-galera/templates/service.yaml index 75aff985e5..9b4c05ef70 100644 --- a/kubernetes/common/mariadb-galera/templates/service.yaml +++ b/kubernetes/common/mariadb-galera/templates/service.yaml @@ -18,3 +18,20 @@ {{ include "common.service" . }} --- {{ include "common.headlessService" . }} +{{- if (include "common.onServiceMesh" .) }} +{{- if eq (default "istio" .Values.global.serviceMesh.engine) "istio" }} +--- +apiVersion: security.istio.io/v1beta1 +kind: PeerAuthentication +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "common.servicename" . }} + portLevelMtls: + {{ .Values.service.internalPort }}: + mode: DISABLE +{{- end}} +{{- end}} diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml index 22832c936d..c95b572465 100644 --- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml +++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml @@ -197,12 +197,12 @@ spec: - | DATA_SOURCE_NAME="$MARIADB_ROOT_USER:$MARIADB_ROOT_PASSWORD@(localhost:3306)/" /bin/mysqld_exporter $MARIADB_METRICS_EXTRA_FLAGS ports: - - name: metrics + - name: tcp-metrics containerPort: 9104 livenessProbe: httpGet: path: /metrics - port: metrics + port: tcp-metrics initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }} @@ -211,7 +211,7 @@ spec: readinessProbe: httpGet: path: /metrics - port: metrics + port: tcp-metrics initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }} diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index 38f3e6e423..d719fb30bd 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -89,14 +89,14 @@ service: headless: {} internalPort: &dbPort 3306 ports: - - name: mysql + - name: tcp-mysql port: *dbPort headlessPorts: - - name: galera + - name: tcp-galera port: 4567 - - name: ist + - name: tcp-ist port: 4568 - - name: sst + - name: tcp-sst port: 4444 @@ -380,8 +380,12 @@ updateStrategy: ## Additional pod annotations for MariaDB Galera pods ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +## -> here required to enable mariadb-galera in istio ## -podAnnotations: {} +podAnnotations: + # sidecar.istio.io/inject: "false" + traffic.sidecar.istio.io/excludeInboundPorts: "4568" + traffic.sidecar.istio.io/includeInboundPorts: '*' ## Pod affinity preset ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity @@ -504,14 +508,14 @@ livenessProbe: enabled: true initialDelaySeconds: 1 periodSeconds: 10 - timeoutSeconds: 1 + timeoutSeconds: 180 successThreshold: 1 failureThreshold: 3 readinessProbe: enabled: true initialDelaySeconds: 1 periodSeconds: 10 - timeoutSeconds: 1 + timeoutSeconds: 180 successThreshold: 1 failureThreshold: 3 startupProbe: @@ -520,7 +524,7 @@ startupProbe: enabled: true initialDelaySeconds: 10 periodSeconds: 10 - timeoutSeconds: 1 + timeoutSeconds: 180 successThreshold: 1 # will wait up for initialDelaySeconds + failureThreshold*periodSeconds before # stating startup wasn't good (910s per default) @@ -644,7 +648,7 @@ metrics: release: prometheus ## Rules as a map. - rules: {} + rules: [] # - alert: MariaDB-Down # annotations: # message: 'MariaDB instance {{ $labels.instance }} is down' diff --git a/kubernetes/common/mariadb-init/templates/job.yaml b/kubernetes/common/mariadb-init/templates/job.yaml index 96d1dc54a4..e911d46d12 100644 --- a/kubernetes/common/mariadb-init/templates/job.yaml +++ b/kubernetes/common/mariadb-init/templates/job.yaml @@ -59,6 +59,8 @@ spec: - /bin/sh - -c - | + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} /db_init/db_init.sh {{ if or .Values.dbScriptConfigMap .Values.dbScript }} && /db_config/db_cmd.sh{{ end }} env: @@ -91,6 +93,7 @@ spec: {{- end }} resources: {{ include "common.resources" . | indent 12 }} + {{ include "common.waitForJobContainer" . | indent 6 | trim }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/common/mariadb-init/values.yaml b/kubernetes/common/mariadb-init/values.yaml index b2c0a05e46..9104dd84d6 100644 --- a/kubernetes/common/mariadb-init/values.yaml +++ b/kubernetes/common/mariadb-init/values.yaml @@ -117,3 +117,7 @@ resources: cpu: 20m memory: 20Mi unlimited: {} + +wait_for_job_container: + containers: + - '{{ include "common.name" . }}' diff --git a/kubernetes/common/network-name-gen/templates/deployment.yaml b/kubernetes/common/network-name-gen/templates/deployment.yaml index 9bdf19c7ec..97fece8a54 100644 --- a/kubernetes/common/network-name-gen/templates/deployment.yaml +++ b/kubernetes/common/network-name-gen/templates/deployment.yaml @@ -80,7 +80,11 @@ spec: - name: POL_BASIC_AUTH_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pol-basic-auth-secret" "key" "password") | indent 10}} - name: POL_URL - value: "{{ .Values.config.polUrl }}" + {{- if (include "common.needTLS" .) }} + value: "{{ .Values.config.polUrl.https }}" + {{- else }} + value: "{{ .Values.config.polUrl.http }}" + {{- end }} - name: POL_ENV value: "{{ .Values.config.polEnv }}" - name: POL_REQ_ID @@ -90,7 +94,11 @@ spec: - name: AAI_CERT_PATH value: "{{ .Values.config.aaiCertPath }}" - name: AAI_URI - value: "{{ .Values.config.aaiUri }}" + {{- if (include "common.needTLS" .) }} + value: "{{ .Values.config.aaiUri.https }}" + {{- else }} + value: "{{ .Values.config.aaiUri.http }}" + {{- end }} - name: AAI_AUTH value: "{{ .Values.config.aaiAuth }}" - name: DISABLE_HOST_VERIFICATION diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml index 5f864a6555..e5e2a7a338 100644 --- a/kubernetes/common/network-name-gen/values.yaml +++ b/kubernetes/common/network-name-gen/values.yaml @@ -87,14 +87,18 @@ config: polClientAuth: cHl0aG9uOnRlc3Q= polBasicAuthUser: healthcheck polBasicAuthPassword: zb!XztG34 - polUrl: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision + polUrl: + https: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision + http: http://policy-xacml-pdp:8080/policy/pdpx/v1/decision polEnv: TEST polReqId: xx disableHostVerification: true aaiCertPass: changeit aaiCertPath: /opt/etc/config/aai_keystore aaiAuth: QUFJOkFBSQ== - aaiUri: https://aai:8443/aai/v14/ + aaiUri: + https: https://aai:8443/aai/v14/ + http: http://aai:8080/aai/v14/ # default number of instances replicaCount: 1 @@ -118,7 +122,7 @@ readiness: service: type: ClusterIP name: neng-serv - portName: neng-serv-port + portName: http internalPort: 8080 externalPort: 8080 diff --git a/kubernetes/common/postgres-init/templates/job.yaml b/kubernetes/common/postgres-init/templates/job.yaml index 01151bb4a9..d9a7386f83 100644 --- a/kubernetes/common/postgres-init/templates/job.yaml +++ b/kubernetes/common/postgres-init/templates/job.yaml @@ -59,6 +59,8 @@ spec: } export PG_PASSWORD=`prepare_password $PG_PASSWORD_INPUT`; export PG_ROOT_PASSWORD=`prepare_password $PG_ROOT_PASSWORD_INPUT`; + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done; psql "postgresql://postgres:$PG_ROOT_PASSWORD@$PG_HOST" < /config/setup.sql env: @@ -98,6 +100,7 @@ spec: name: pgconf resources: {{ include "common.resources" . | indent 12 }} + {{ include "common.waitForJobContainer" . | indent 6 | trim }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/common/postgres-init/values.yaml b/kubernetes/common/postgres-init/values.yaml index 7bcd8e23b4..d6d51f0b51 100644 --- a/kubernetes/common/postgres-init/values.yaml +++ b/kubernetes/common/postgres-init/values.yaml @@ -89,3 +89,7 @@ resources: cpu: 1 memory: 2Gi unlimited: {} + +wait_for_job_container: + containers: + - '{{ include "common.name" . }}-update-config'
\ No newline at end of file diff --git a/kubernetes/contrib/components/ejbca/templates/deployment.yaml b/kubernetes/contrib/components/ejbca/templates/deployment.yaml index 6bd5b259ea..a36dcacb23 100644 --- a/kubernetes/contrib/components/ejbca/templates/deployment.yaml +++ b/kubernetes/contrib/components/ejbca/templates/deployment.yaml @@ -22,6 +22,16 @@ spec: selector: {{- include "common.selectors" . | nindent 4 }} template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} + {{- if (include "common.onServiceMesh" . ) }} + annotations: + {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }} + linkerd.io/inject: disabled + {{- end }} + {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }} + sidecar.istio.io/rewriteAppHTTPProbers: "false" + proxy.istio.io/config: '{ "holdApplicationUntilProxyStarts": true }' + {{- end }} + {{- end }} spec: imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" @@ -51,7 +61,11 @@ spec: lifecycle: postStart: exec: - command: ["/bin/sh", "-c", "/opt/primekey/scripts/ejbca-config.sh"] + command: + - sh + - -c + - | + sleep 60; /opt/primekey/scripts/ejbca-config.sh volumeMounts: - name: "{{ include "common.fullname" . }}-volume" mountPath: /opt/primekey/scripts/ diff --git a/kubernetes/contrib/components/ejbca/values.yaml b/kubernetes/contrib/components/ejbca/values.yaml index 52e0e750a0..b777a7d388 100644 --- a/kubernetes/contrib/components/ejbca/values.yaml +++ b/kubernetes/contrib/components/ejbca/values.yaml @@ -86,14 +86,14 @@ affinity: {} # probe configuration parameters liveness: path: /ejbca/publicweb/healthcheck/ejbcahealth - port: api - initialDelaySeconds: 30 + port: 8443 + initialDelaySeconds: 180 periodSeconds: 30 readiness: path: /ejbca/publicweb/healthcheck/ejbcahealth - port: api - initialDelaySeconds: 30 + port: 8443 + initialDelaySeconds: 180 periodSeconds: 30 service: @@ -106,7 +106,7 @@ service: port_protocol: http # Resource Limit flavor -By Default using small -flavor: small +flavor: unlimited # Segregation for Different environment (Small and Large) resources: small: diff --git a/kubernetes/cps/components/cps-core/templates/deployment.yaml b/kubernetes/cps/components/cps-core/templates/deployment.yaml index 54e2cc6cdf..a247f148a7 100644 --- a/kubernetes/cps/components/cps-core/templates/deployment.yaml +++ b/kubernetes/cps/components/cps-core/templates/deployment.yaml @@ -88,6 +88,12 @@ spec: path: {{ .Values.readiness.path }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + startupProbe: + httpGet: + path: {{ .Values.startup.path }} + port: {{ .Values.startup.port }} + failureThreshold: {{ .Values.startup.failureThreshold }} + periodSeconds: {{ .Values.startup.periodSeconds }} env: - name: SPRING_PROFILES_ACTIVE value: {{ .Values.config.spring.profile }} diff --git a/kubernetes/cps/components/cps-core/values.yaml b/kubernetes/cps/components/cps-core/values.yaml index 2afc1fd6f4..5a10b2f4ae 100644 --- a/kubernetes/cps/components/cps-core/values.yaml +++ b/kubernetes/cps/components/cps-core/values.yaml @@ -75,7 +75,7 @@ global: container: name: postgres -image: onap/cps-and-ncmp:3.0.0 +image: onap/cps-and-ncmp:3.0.1 containerPort: &svc_port 8080 managementPort: &mgt_port 8081 @@ -145,6 +145,12 @@ readiness: path: /manage/health port: *mgt_port +startup: + failureThreshold: 5 + periodSeconds: 60 + path: /manage/health + port: *mgt_port + ingress: enabled: true service: diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl index fbaaedf0dd..9781e33f1f 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl @@ -58,7 +58,7 @@ the the literal string "An example value". {{- range $envName, $envValue := .Values.applicationEnv }} {{- if kindIs "string" $envValue }} - name: {{ $envName }} - value: {{ $envValue | quote }} + value: {{ tpl $envValue $global | quote }} {{- else }} {{ if or (not $envValue.secretUid) (not $envValue.key) }} {{ fail (printf "Env %s definition is not a string and does not contain secretUid or key fields" $envName) }} diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml new file mode 100644 index 0000000000..ff977aaa32 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml @@ -0,0 +1,47 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaUser +metadata: + name: {{ include "common.release" . }}-{{ .Values.hvVesKafkaUser }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + authentication: + type: scram-sha-512 + authorization: + type: simple + acls: + - resource: + type: topic + name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-fault-supervision" "kafka_info" "topic_name" }} + operation: Write + - resource: + type: topic + name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-provisioning" "kafka_info" "topic_name" }} + operation: Write + - resource: + type: topic + name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-heartbeat" "kafka_info" "topic_name" }} + operation: Write + - resource: + type: topic + name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-performance-assurance" "kafka_info" "topic_name" }} + operation: Write + - resource: + type: topic + name: {{ .Values.applicationConfig.streams_publishes.perf3gpp.kafka_info.topic_name }} + operation: Write diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml new file mode 100644 index 0000000000..e40775833a --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml @@ -0,0 +1,79 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: ves-3gpp-fault-supervision + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-fault-supervision" "kafka_info" "topic_name" }} + partitions: 10 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: ves-3gpp-provisioning + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-provisioning" "kafka_info" "topic_name" }} + partitions: 10 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: ves-3gpp-heartbeat + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-heartbeat" "kafka_info" "topic_name" }} + partitions: 10 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: ves-3gpp-performance-assurance + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-performance-assurance" "kafka_info" "topic_name" }} + partitions: 10 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: perf3gpp + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + topicName: {{ .Values.applicationConfig.streams_publishes.perf3gpp.kafka_info.topic_name }} + partitions: 10 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml index 5a6283697c..67add37cea 100644 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml @@ -2,6 +2,7 @@ # ================================================================================ # Copyright (c) 2021-2022 J. F. Lucas. All rights reserved. # Copyright (c) 2021-2022 Nokia. All rights reserved. +# Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -61,11 +62,15 @@ certDirectory: /etc/ves-hv/ssl tlsServer: true secrets: - - uid: &aafCredsUID aafcreds - type: basicAuth - login: '{{ .Values.aafCreds.user }}' - password: '{{ .Values.aafCreds.password }}' - passwordPolicy: required + - uid: hv-ves-kafka-secret + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate +config: + someConfig: blah # CMPv2 certificate # It is used only when: @@ -113,17 +118,8 @@ service: port_protocol: http nodePort: 22 -aafCreds: - user: admin - password: admin_secret - -credentials: -- name: AAF_USER - uid: *aafCredsUID - key: login -- name: AAF_PASSWORD - uid: *aafCredsUID - key: password +#strimzi kafka config +hvVesKafkaUser: dcae-hv-ves-kafka-user # initial application configuration applicationConfig: @@ -139,48 +135,38 @@ applicationConfig: streams_publishes: ves-3gpp-fault-supervision: type: kafka - aaf_credentials: - username: ${AAF_USER} - password: ${AAF_PASSWORD} kafka_info: - bootstrap_servers: message-router-kafka:9092 + bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} topic_name: SEC_3GPP_FAULTSUPERVISION_OUTPUT ves-3gpp-provisioning: type: kafka - aaf_credentials: - username: ${AAF_USER} - password: ${AAF_PASSWORD} kafka_info: - bootstrap_servers: message-router-kafka:9092 + bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} topic_name: SEC_3GPP_PROVISIONING_OUTPUT ves-3gpp-heartbeat: type: kafka - aaf_credentials: - username: ${AAF_USER} - password: ${AAF_PASSWORD} kafka_info: - bootstrap_servers: message-router-kafka:9092 + bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} topic_name: SEC_3GPP_HEARTBEAT_OUTPUT ves-3gpp-performance-assurance: type: kafka - aaf_credentials: - username: ${AAF_USER} - password: ${AAF_PASSWORD} kafka_info: - bootstrap_servers: message-router-kafka:9092 + bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} topic_name: SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT perf3gpp: type: kafka - aaf_credentials: - username: ${AAF_USER} - password: ${AAF_PASSWORD} kafka_info: - bootstrap_servers: message-router-kafka:9092 + bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} topic_name: HV_VES_PERF3GPP applicationEnv: JAVA_OPTS: '-Dlogback.configurationFile=/etc/ONAP/dcae-hv-ves-collector/logback.xml' CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml' + KAFKA_BOOTSTRAP_SERVERS: '{{ include "common.release" . }}-strimzi-kafka-bootstrap:9092' + USE_SCRAM: 'true' + JAAS_CONFIG: + secretUid: hv-ves-kafka-secret + key: sasl.jaas.config # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml index ef272eef23..b5959ae765 100644 --- a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml @@ -58,7 +58,7 @@ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.1.1 +image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.1.3 # Log directory where logging sidecar should look for log files # if path is set to null sidecar won't be deployed in spite of diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml index 5e487e27a9..66731578e3 100644 --- a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml @@ -62,7 +62,7 @@ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.son-handler:2.1.6 +image: onap/org.onap.dcaegen2.services.son-handler:2.1.7 pullPolicy: Always # Log directory where logging sidecar should look for log files diff --git a/kubernetes/dcaegen2-services/values.yaml b/kubernetes/dcaegen2-services/values.yaml index a7e24d1d9b..1652f04f0f 100644 --- a/kubernetes/dcaegen2-services/values.yaml +++ b/kubernetes/dcaegen2-services/values.yaml @@ -16,6 +16,7 @@ global: centralizedLoggingEnabled: true + hvVesKafkaUser: dcae-hv-ves-kafka-user ################################################################# # Filebeat Configuration Defaults. @@ -46,6 +47,8 @@ dcae-heartbeat: dcae-hv-ves-collector: enabled: true logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services' + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.hvVesKafkaUser }}' dcae-kpi-ms: enabled: false logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services' diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml index 7609ba6568..99160210d0 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml @@ -22,13 +22,6 @@ global: nodePortPrefixExt: 304 ################################################################# -# Filebeat configuration defaults. -################################################################# -filebeatConfig: - logstashServiceName: log-ls - logstashPort: 5044 - -################################################################# # initContainer images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 @@ -66,12 +59,8 @@ mongo: # log directory where logging sidecar should look for log files # if absent, no sidecar will be deployed -#logDirectory: TBD #/opt/app/VESCollector/logs #DONE - -# Following requires manual override until fix for DCAEGEN2-3087 -# is available to switch logDirectory setting to log.path -log: - path: /opt/app/ +#log: +# path: TBD #/opt/app/VESCollector/logs #DONE logConfigMapNamePrefix: '{{ include "common.fullname" . }}' # directory where TLS certs should be stored diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml index 5c50381309..64d196d908 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml @@ -93,7 +93,7 @@ readiness: # application image -image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.3.2 +image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.3.3 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dmaap/Chart.yaml b/kubernetes/dmaap/Chart.yaml index 7ae20adaf9..481b48f5d9 100644 --- a/kubernetes/dmaap/Chart.yaml +++ b/kubernetes/dmaap/Chart.yaml @@ -1,7 +1,7 @@ # Copyright © 2018 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs,Bell Canada # Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation +# Modifications Copyright © 2021-2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -24,6 +24,10 @@ dependencies: - name: common version: ~10.x-0 repository: '@local' + - name: dmaap-strimzi + version: ~10.x-0 + repository: 'file://components/dmaap-strimzi' + condition: dmaap-strimzi.enabled - name: message-router version: ~10.x-0 repository: 'file://components/message-router' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/.helmignore b/kubernetes/dmaap/components/dmaap-strimzi/.helmignore index f0c1319444..0f976e9ff3 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/.helmignore +++ b/kubernetes/dmaap/components/dmaap-strimzi/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +Chart.lock diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/Chart.yaml b/kubernetes/dmaap/components/dmaap-strimzi/Chart.yaml index 699722c6e0..d8f607e41f 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/Chart.yaml +++ b/kubernetes/dmaap/components/dmaap-strimzi/Chart.yaml @@ -1,7 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation +# Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,8 +13,8 @@ # limitations under the License. apiVersion: v2 -description: ONAP Dmaap Message Router Zookeeper Service -name: message-router-zookeeper +description: ONAP Dmaap Strimzi Kafka Bridge +name: dmaap-strimzi version: 10.0.0 dependencies: diff --git a/kubernetes/dmaap/components/message-router/components/Makefile b/kubernetes/dmaap/components/dmaap-strimzi/Makefile index f4c9784bc4..51d7de122c 100644 --- a/kubernetes/dmaap/components/message-router/components/Makefile +++ b/kubernetes/dmaap/components/dmaap-strimzi/Makefile @@ -13,11 +13,11 @@ # limitations under the License. ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) -OUTPUT_DIR := $(ROOT_DIR)/../../dist +OUTPUT_DIR := $(ROOT_DIR)/../dist PACKAGE_DIR := $(OUTPUT_DIR)/packages SECRET_DIR := $(OUTPUT_DIR)/secrets -EXCLUDES := +EXCLUDES := dist resources templates charts docker HELM_BIN := helm HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service-hs.yaml b/kubernetes/dmaap/components/dmaap-strimzi/templates/dmaap-strimzi-kb.yaml index 60e4df90f5..8dd7eb97cb 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service-hs.yaml +++ b/kubernetes/dmaap/components/dmaap-strimzi/templates/dmaap-strimzi-kb.yaml @@ -1,6 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,11 +13,10 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -apiVersion: v1 -kind: Service +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaBridge metadata: - name: {{ .Values.service.name }} + name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -26,11 +24,14 @@ metadata: release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - clusterIP: None - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - + replicas: {{ .Values.kafkaBridgeReplicaCount }} + enableMetrics: false + bootstrapServers: {{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}:{{ .Values.global.kafkaInternalPort }} + authentication: + type: {{ .Values.global.saslMechanism }} + username: {{ .Values.global.kafkaStrimziAdminUser }} + passwordSecret: + secretName: {{ .Values.global.kafkaStrimziAdminUser }} + password: password + http: + port: {{ .Values.kafkaBridgePort }} diff --git a/kubernetes/dmaap/components/dmaap-strimzi/values.yaml b/kubernetes/dmaap/components/dmaap-strimzi/values.yaml new file mode 100644 index 0000000000..8e8802d8c5 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-strimzi/values.yaml @@ -0,0 +1,37 @@ +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + kafkaBootstrap: strimzi-kafka-bootstrap + kafkaStrimziAdminUser: strimzi-kafka-admin + kafkaInternalPort: 9092 + saslMechanism: scram-sha-512 + +################################################################# +# Application configuration defaults. +################################################################# +kafkaBridgeReplicaCount: 1 +kafkaBridgePort: 8080 + +ingress: + enabled: false + +#Pods Service Account +serviceAccount: + nameOverride: dmaap-strimzi + roles: + - read diff --git a/kubernetes/dmaap/components/message-router/Chart.yaml b/kubernetes/dmaap/components/message-router/Chart.yaml index 7ecad8b222..549fb728fc 100644 --- a/kubernetes/dmaap/components/message-router/Chart.yaml +++ b/kubernetes/dmaap/components/message-router/Chart.yaml @@ -1,7 +1,7 @@ # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T # Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation +# Modifications Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -33,12 +33,6 @@ dependencies: - name: repositoryGenerator version: ~10.x-0 repository: '@local' - - name: message-router-kafka - version: ~10.x-0 - repository: 'file://components/message-router-kafka' - - name: message-router-zookeeper - version: ~10.x-0 - repository: 'file://components/message-router-zookeeper' - name: serviceAccount version: ~10.x-0 repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/Chart.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/Chart.yaml deleted file mode 100644 index 2a24b7dbd9..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/Chart.yaml +++ /dev/null @@ -1,38 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v2 -description: ONAP Message Router Kafka Service -name: message-router-kafka -version: 10.0.0 - -dependencies: - - name: common - version: ~10.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' - - name: certInitializer - version: ~10.x-0 - repository: '@local' - - name: repositoryGenerator - version: ~10.x-0 - repository: '@local' - - name: serviceAccount - version: ~10.x-0 - repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/config/jmx-kafka-prometheus.yml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/config/jmx-kafka-prometheus.yml deleted file mode 100644 index 2ab713e789..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/config/jmx-kafka-prometheus.yml +++ /dev/null @@ -1,23 +0,0 @@ -jmxUrl: service:jmx:rmi:///jndi/rmi://localhost:{{ .Values.jmx.port }}/jmxrmi -lowercaseOutputName: true -lowercaseOutputLabelNames: true -ssl: false -rules: -- pattern : kafka.server<type=ReplicaManager, name=(.+)><>(Value|OneMinuteRate) - name: "cp_kafka_server_replicamanager_$1" -- pattern : kafka.controller<type=KafkaController, name=(.+)><>Value - name: "cp_kafka_controller_kafkacontroller_$1" -- pattern : kafka.server<type=BrokerTopicMetrics, name=(.+)><>OneMinuteRate - name: "cp_kafka_server_brokertopicmetrics_$1" -- pattern : kafka.network<type=RequestMetrics, name=RequestsPerSec, request=(.+)><>OneMinuteRate - name: "cp_kafka_network_requestmetrics_requestspersec_$1" -- pattern : kafka.network<type=SocketServer, name=NetworkProcessorAvgIdlePercent><>Value - name: "cp_kafka_network_socketserver_networkprocessoravgidlepercent" -- pattern : kafka.server<type=ReplicaFetcherManager, name=MaxLag, clientId=(.+)><>Value - name: "cp_kafka_server_replicafetchermanager_maxlag_$1" -- pattern : kafka.server<type=KafkaRequestHandlerPool, name=RequestHandlerAvgIdlePercent><>OneMinuteRate - name: "cp_kafka_kafkarequesthandlerpool_requesthandleravgidlepercent" -- pattern : kafka.controller<type=ControllerStats, name=(.+)><>OneMinuteRate - name: "cp_kafka_controller_controllerstats_$1" -- pattern : kafka.server<type=SessionExpireListener, name=(.+)><>OneMinuteRate - name: "cp_kafka_server_sessionexpirelistener_$1" diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/jaas/kafka_server_jaas.conf b/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/jaas/kafka_server_jaas.conf deleted file mode 100644 index ff43fbb141..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/jaas/kafka_server_jaas.conf +++ /dev/null @@ -1,11 +0,0 @@ -KafkaServer { - org.onap.dmaap.kafkaAuthorize.PlainLoginModule1 required - username="${KAFKA_ADMIN}" - password="${KAFKA_PSWD}" - user_${KAFKA_ADMIN}="${KAFKA_PSWD}"; -}; -Client { - org.apache.zookeeper.server.auth.DigestLoginModule required - username="${ZK_ADMIN}" - password="${ZK_PSWD}"; - }; diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/jaas/zk_client_jaas.conf b/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/jaas/zk_client_jaas.conf deleted file mode 100644 index 0755c1e2b7..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/jaas/zk_client_jaas.conf +++ /dev/null @@ -1,5 +0,0 @@ -Client { - org.apache.zookeeper.server.auth.DigestLoginModule required - username="${ZK_ADMIN}" - password="${ZK_PSWD}"; - };
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/NOTES.txt b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/NOTES.txt deleted file mode 100644 index a44d0f76ee..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/NOTES.txt +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/configmap.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/configmap.yaml deleted file mode 100644 index d881fef128..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/configmap.yaml +++ /dev/null @@ -1,61 +0,0 @@ -{{/* -# Copyright © 2019 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if .Values.global.aafEnabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-jaas-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/jaas/kafka_server_jaas.conf").AsConfig . | indent 2 }} ---- -{{- else }} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-jaas-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/jaas/zk_client_jaas.conf").AsConfig . | indent 2 }} ---- -{{- end }} -{{- if .Values.prometheus.jmx.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-prometheus-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/jmx-kafka-prometheus.yml").AsConfig . | indent 2 }} ---- -{{- end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/poddisruptionbudget.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/poddisruptionbudget.yaml deleted file mode 100644 index d12ec126f9..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/poddisruptionbudget.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{/* -# Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget -metadata: - name: {{ include "common.fullname" . }}-pdb - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - maxUnavailable: 1 diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/pv.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/pv.yaml deleted file mode 100644 index c386163735..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/pv.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- $global := . -}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if eq "True" (include "common.needPV" .) -}} -{{ range $i, $e := until (int $global.Values.replicaCount) }} ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: {{ include "common.release" $global }}-{{ $global.Values.service.name }}-{{ $i }} - namespace: {{ include "common.namespace" $global }} - labels: - app: {{ $global.Values.service.name }} - chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }} - release: {{ include "common.release" $global }} - heritage: {{ $global.Release.Service }} -spec: - capacity: - storage: {{ $global.Values.persistence.size }} - accessModes: - - {{ $global.Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" $global }}-data" - hostPath: - path: {{ $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }} - persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} -{{ end }} -{{ end }} -{{ end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/secrets.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/secrets.yaml deleted file mode 100644 index 033d8d5441..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/secrets.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{/* -# Copyright © 2020 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.secretFast" . }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service.yaml deleted file mode 100644 index 9a20f9c517..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{/* -# Copyright © 2019 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- $root := . -}} -{{ range $i, $e := until (int $root.Values.replicaCount) }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ $root.Values.service.name }}-{{ $i }} - namespace: {{ include "common.namespace" $root }} - labels: - app: {{ $root.Values.service.name }} - chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} - release: {{ include "common.release" $root }} - heritage: {{ $root.Release.Service }} - -spec: - type: {{ $root.Values.service.type }} - externalTrafficPolicy: Local - selector: - statefulset.kubernetes.io/pod-name: {{ include "common.release" $root }}-{{ $root.Values.service.name }}-{{ $i }} - ports: - - port: {{ $root.Values.service.externalPort }} - targetPort: {{ $root.Values.service.externalPort }} - nodePort: {{ $root.Values.service.baseNodePort | add $i }} - name: {{ $root.Values.service.name }}-{{ $i }} -{{ end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml deleted file mode 100644 index ebb5f7e392..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml +++ /dev/null @@ -1,267 +0,0 @@ -{{/* -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - serviceName: {{ .Values.service.name }} - replicas: {{ .Values.replicaCount }} - podManagementPolicy: Parallel - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - {{- if .Values.prometheus.jmx.enabled }} - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: {{ .Values.prometheus.jmx.port | quote }} - {{- end }} - spec: - {{- if .Values.nodeAffinity }} - nodeAffinity: - {{ toYaml .Values.nodeAffinity | indent 10 }} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" - initContainers: - - command: - - /app/ready.py - args: - - --container-name - - {{ .Values.zookeeper.name }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - - command: - - sh - - -exec - - | - rm -rf '/var/lib/kafka/data/lost+found'; - chown -R 1000:0 /var/lib/kafka/data; - image: {{ include "repositoryGenerator.image.busybox" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /var/lib/kafka/data - name: kafka-data - name: {{ include "common.name" . }}-permission-fixer - - command: - - sh - args: - - -c - - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/etc/kafka/secrets/jaas/${PFILE}; done" - env: - - name: ZK_ADMIN - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-client" "key" "login") | indent 10 }} - - name: ZK_PSWD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-client" "key" "password") | indent 10 }} - - name: KAFKA_ADMIN - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "kafka-admin" "key" "login") | indent 10 }} - - name: KAFKA_PSWD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "kafka-admin" "key" "password") | indent 10 }} - volumeMounts: - - mountPath: /etc/kafka/secrets/jaas - name: jaas-config - - mountPath: /config-input - name: jaas - image: {{ include "repositoryGenerator.image.envsubst" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-update-config - {{ include "common.certInitializer.initContainer" . | indent 6 | trim }} - containers: - {{- if .Values.prometheus.jmx.enabled }} - - name: prometheus-jmx-exporter - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.prometheus.jmx.image }}:{{ .Values.prometheus.jmx.imageTag }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - java - - -XX:+UnlockExperimentalVMOptions - - -XX:+UseCGroupMemoryLimitForHeap - - -XX:MaxRAMFraction=1 - - -XshowSettings:vm - - -jar - - jmx_prometheus_httpserver.jar - - {{ .Values.prometheus.jmx.port | quote }} - - /etc/jmx-kafka/jmx-kafka-prometheus.yml - ports: - - containerPort: {{ .Values.prometheus.jmx.port }} - resources: -{{ toYaml .Values.prometheus.jmx.resources | indent 10 }} - volumeMounts: - - name: jmx-config - mountPath: /etc/jmx-kafka - {{- end }} - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - sh - - -exc - - | - export KAFKA_BROKER_ID=${HOSTNAME##*-} && \ - {{- if .Values.global.aafEnabled }} - cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.final_cadi_files }} /etc/kafka/data/{{ .Values.certInitializer.final_cadi_files }} && \ - export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_SASL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_SASL_PLAINTEXT://:{{ .Values.service.internalPort }} && \ - {{ else }} - export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_PLAINTEXT://:{{ .Values.service.internalPort }} && \ - {{- end }} - exec /etc/confluent/docker/run - resources: -{{ include "common.resources" . | indent 12 }} - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.externalPort }} - {{- if .Values.prometheus.jmx.enabled }} - - containerPort: {{ .Values.jmx.port }} - name: jmx - {{- end }} - {{ if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - {{ end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} - env: - - name: HOST_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.hostIP - - name: KAFKA_ZOOKEEPER_CONNECT - value: "{{ include "common.kafkaNodes" (dict "dot" . "replicaCount" .Values.zookeeper.replicaCount "componentName" .Values.zookeeper.name "port" .Values.zookeeper.port ) }}" - - name: KAFKA_CONFLUENT_SUPPORT_METRICS_ENABLE - value: "{{ .Values.kafka.enableSupport }}" - - name: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR - value: "{{ .Values.config.offsets_topic_replication_factor | default .Values.replicaCount }}" - - name: KAFKA_NUM_PARTITIONS - value: "{{ .Values.config.num_partition | default .Values.replicaCount }}" - - name: KAFKA_DEFAULT_REPLICATION_FACTOR - value: "{{ .Values.config.default_replication_factor | default .Values.replicaCount }}" - {{- if .Values.global.aafEnabled }} - - name: KAFKA_OPTS - value: "{{ .Values.kafka.jaasOptionsAaf }}" - - name: aaf_locate_url - value: https://aaf-locate.{{ include "common.namespace" . }}:8095 - - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP - value: "{{ .Values.kafka.protocolMapAaf }}" - - name: KAFKA_LISTENERS - value: "{{ .Values.kafka.listenersAaf }}" - - name: KAFKA_SASL_ENABLED_MECHANISMS - value: "{{ .Values.kafka.saslMech }}" - - name: KAFKA_INTER_BROKER_LISTENER_NAME - value: "{{ .Values.kafka.interBrokerListernerAaf }}" - - name: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL - value: "{{ .Values.kafka.saslInterBrokerProtocol }}" - - name: KAFKA_AUTHORIZER_CLASS_NAME - value: "{{ .Values.kafka.authorizer }}" - {{ else }} - - name: KAFKA_OPTS - value: "{{ .Values.kafka.jaasOptions }}" - - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP - value: "{{ .Values.kafka.protocolMap }}" - - name: KAFKA_LISTENERS - value: "{{ .Values.kafka.listeners }}" - - name: KAFKA_INTER_BROKER_LISTENER_NAME - value: "{{ .Values.kafka.interBrokerListerner }}" - {{- end }} - {{- range $key, $value := .Values.configurationOverrides }} - - name: {{ printf "KAFKA_%s" $key | replace "." "_" | upper | quote }} - value: {{ $value | quote }} - {{- end }} - {{- if .Values.jmx.port }} - - name: KAFKA_JMX_PORT - value: "{{ .Values.jmx.port }}" - {{- end }} - - name: enableCadi - value: "{{ .Values.global.aafEnabled }}" - volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /var/run/docker.sock - name: docker-socket - - name: jaas-config - mountPath: /etc/kafka/secrets/jaas - - mountPath: /var/lib/kafka/data - name: kafka-data - {{- if .Values.tolerations }} - tolerations: - {{ toYaml .Values.tolerations | indent 10 }} - {{- end }} - serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - - name: localtime - hostPath: - path: /etc/localtime - - name: jaas-config - emptyDir: - medium: Memory - - name: docker-socket - hostPath: - path: /var/run/docker.sock - - name: jaas - configMap: - name: {{ include "common.fullname" . }}-jaas-configmap - {{- if .Values.prometheus.jmx.enabled }} - - name: jmx-config - configMap: - name: {{ include "common.fullname" . }}-prometheus-configmap - {{- end }} -{{ if not .Values.persistence.enabled }} - - name: kafka-data - emptyDir: {} -{{ else }} - volumeClaimTemplates: - - metadata: - name: kafka-data - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - storageClassName: {{ include "common.storageClass" . }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} -{{ end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml deleted file mode 100644 index c998e9ec67..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml +++ /dev/null @@ -1,226 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - persistence: {} - - -################################################################# -# AAF part -################################################################# -certInitializer: - nameOverride: dmaap-mr-kafka-cert-initializer - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - # aafDeployCredsExternalSecret: some secret - fqdn: dmaap-mr - fqi: dmaapmr@mr.dmaap.onap.org - public_fqdn: mr.dmaap.onap.org - cadi_longitude: "-122.26147" - cadi_latitude: "37.78187" - app_ns: org.osaaf.aaf - credsPath: /opt/app/osaaf/local - fqi_namespace: org.onap.dmaap.mr - final_cadi_files: cadi.properties - aaf_add_config: | - echo "*** concat the three prop files" - cd {{ .Values.credsPath }} - cat {{ .Values.fqi_namespace }}.props > {{ .Values.final_cadi_files }} - cat {{ .Values.fqi_namespace }}.cred.props >> {{ .Values.final_cadi_files }} - cat {{ .Values.fqi_namespace }}.location.props >> {{ .Values.final_cadi_files }} - echo "*** configuration result:" - cat {{ .Values.final_cadi_files }} - chown -R 1000 . - - -################################################################# -# Application configuration defaults. -################################################################# -# application image -image: onap/dmaap/kafka111:1.1.1 -pullPolicy: Always - - -zookeeper: - name: message-router-zookeeper - port: 2181 - replicaCount: 1 - -kafka: - heapOptions: -Xmx5G -Xms1G - jaasOptions: -Djava.security.auth.login.config=/etc/kafka/secrets/jaas/zk_client_jaas.conf - jaasOptionsAaf: -Djava.security.auth.login.config=/etc/kafka/secrets/jaas/kafka_server_jaas.conf - enableSupport: false - protocolMapAaf: INTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT,EXTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT - protocolMap: INTERNAL_PLAINTEXT:PLAINTEXT,EXTERNAL_PLAINTEXT:PLAINTEXT - listenersAaf: EXTERNAL_SASL_PLAINTEXT://0.0.0.0:9091,INTERNAL_SASL_PLAINTEXT://0.0.0.0:9092 - listeners: EXTERNAL_PLAINTEXT://0.0.0.0:9091,INTERNAL_PLAINTEXT://0.0.0.0:9092 - authorizer: org.onap.dmaap.kafkaAuthorize.KafkaCustomAuthorizer - saslInterBrokerProtocol: PLAIN - saslMech: PLAIN - interBrokerListernerAaf: INTERNAL_SASL_PLAINTEXT - interBrokerListerner: INTERNAL_PLAINTEXT - -config: {} - # offsets_topic_replication_factor: - # num_partition: - # default_replication_factor: - -configurationOverrides: - "log.dirs": "/var/lib/kafka/data" - "log.retention.hours": "168" - "transaction.state.log.replication.factor": "1" - "transaction.state.log.min.isr": "1" - "num.recovery.threads.per.data.dir": "5" - "zookeeper.connection.timeout.ms": "6000" - "zookeeper.set.acl": "true" - -jmx: - port: 5555 - -prometheus: - jmx: - enabled: false - image: solsson/kafka-prometheus-jmx-exporter@sha256 - imageTag: 6f82e2b0464f50da8104acd7363fb9b995001ddff77d248379f8788e78946143 - port: 5556 - -jaas: - config: - zkClient: kafka - zkClientPassword: kafka_secret - kafkaAdminUser: admin - kafkaAdminPassword: admin_secret - #kafkaAdminUserExternal: some secret - #zkClientPasswordExternal: some secret - - -secrets: - - uid: zk-client - type: basicAuth - externalSecret: '{{ .Values.jaas.config.zkClientPasswordExternal}}' - login: '{{ .Values.jaas.config.zkClient }}' - password: '{{ .Values.jaas.config.zkClientPassword }}' - passwordPolicy: required - - uid: kafka-admin - type: basicAuth - externalSecret: '{{ .Values.jaas.config.kafkaAdminUserExternal}}' - login: '{{ .Values.jaas.config.kafkaAdminUser }}' - password: '{{ .Values.jaas.config.kafkaAdminPassword }}' - passwordPolicy: required - -# flag to enable debugging - application support required -debugEnabled: false - -# default number of instances -replicaCount: 1 - - -# To access Kafka outside cluster, this value must be set to hard and the number of nodes in K8S cluster must be equal or greater then replica count -podAntiAffinityType: soft - -# defult partitions -defaultpartitions: 3 - -nodeSelector: {} - -nodeAffinity: {} - -affinity: {} - -tolerations: {} - - - -# probe configuration parameters -liveness: - initialDelaySeconds: 90 - periodSeconds: 20 - timeoutSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 90 - periodSeconds: 20 - timeoutSeconds: 100 - -## Persist data to a persitent volume -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: <storageClass> - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessMode: ReadWriteOnce - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: message-router/data-kafka - -service: - type: NodePort - name: message-router-kafka - portName: tcp-message-router-kafka - internalPort: 9092 - internalSSLPort: 9093 - externalPort: 9091 - baseNodePort: 30490 - - - -ingress: - enabled: false - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 2000m - memory: 4Gi - requests: - cpu: 500m - memory: 1Gi - large: - limits: - cpu: 4000m - memory: 8Gi - requests: - cpu: 1000m - memory: 2Gi - unlimited: {} - -#Pods Service Account -serviceAccount: - nameOverride: message-router-kafka - roles: - - read diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/.helmignore b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/.helmignore deleted file mode 100644 index f0c1319444..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/resources/config/jmx-zookeeper-prometheus.yml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/resources/config/jmx-zookeeper-prometheus.yml deleted file mode 100644 index a75b644c5f..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/resources/config/jmx-zookeeper-prometheus.yml +++ /dev/null @@ -1,21 +0,0 @@ -jmxUrl: service:jmx:rmi:///jndi/rmi://localhost:{{ .Values.jmx.port }}/jmxrmi -lowercaseOutputName: true -lowercaseOutputLabelNames: true -ssl: false -rules: -- pattern: "org.apache.ZooKeeperService<name0=ReplicatedServer_id(\\d+)><>(\\w+)" - name: "message-router-zookeeper_$2" -- pattern: "org.apache.ZooKeeperService<name0=ReplicatedServer_id(\\d+), name1=replica.(\\d+)><>(\\w+)" - name: "message-router-zookeeper_$3" - labels: - replicaId: "$2" -- pattern: "org.apache.ZooKeeperService<name0=ReplicatedServer_id(\\d+), name1=replica.(\\d+), name2=(\\w+)><>(\\w+)" - name: "message-router-zookeeper_$4" - labels: - replicaId: "$2" - memberType: "$3" -- pattern: "org.apache.ZooKeeperService<name0=ReplicatedServer_id(\\d+), name1=replica.(\\d+), name2=(\\w+), name3=(\\w+)><>(\\w+)" - name: "message-router-zookeeper_$4_$5" - labels: - replicaId: "$2" - memberType: "$3" diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/resources/config/zk_server_jaas.conf b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/resources/config/zk_server_jaas.conf deleted file mode 100644 index 8266f6b2c6..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/resources/config/zk_server_jaas.conf +++ /dev/null @@ -1,4 +0,0 @@ -Server { - org.apache.zookeeper.server.auth.DigestLoginModule required - user_${ZK_ADMIN}="${ZK_PSWD}"; -};
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/NOTES.txt b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/NOTES.txt deleted file mode 100644 index a44d0f76ee..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/NOTES.txt +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/_zkquorum.tpl b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/_zkquorum.tpl deleted file mode 100644 index 9af910eb89..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/_zkquorum.tpl +++ /dev/null @@ -1,34 +0,0 @@ -{{/* -# Copyright © 2019 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- /* - Calculate the maximum number of zk server down in order to guarantee ZK quorum. - For guaranteeing ZK quorum we need half of the server + 1 up. - - div in go template cast return an int64 - so we need to know if it is an even number or an odd. - For this we are doing (n/2)*2=n? - if true it is even else it is even -*/ -}} -{{- define "zk.maxUnavailable" -}} -{{- $halfReplica := div .Values.replicaCount 2 -}} - {{/* divide by 2 and multiply by 2 in order to know if it is an even number*/}} - {{if eq (mul $halfReplica 2) (int .Values.replicaCount) }} - {{- toYaml (sub $halfReplica 1) -}} - {{else}} - {{- toYaml $halfReplica -}} - {{end}} -{{- end -}} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/_zkservers.tpl b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/_zkservers.tpl deleted file mode 100644 index 8b88d7bb36..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/_zkservers.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{/* -Create a server list string based on fullname, namespace, # of zookeeperServers -in a format like "zkhost1:port:port;zkhost2:port:port" -*/}} -{{- define "zookeeper.serverlist" -}} -{{- $namespace := include "common.namespace" . }} -{{- $fullname := include "common.fullname" . -}} -{{- $name := include "common.name" . -}} -{{- $serverPort := .Values.service.serverPort -}} -{{- $leaderElectionPort := .Values.service.leaderElectionPort -}} -{{- $zk := dict "zookeeperServers" (list) -}} -{{- range $idx, $v := until (int .Values.zookeeperServers) }} -{{- $noop := printf "%s-%d.%s.%s.svc.cluster.local:%d:%d" $fullname $idx $name $namespace (int $serverPort) (int $leaderElectionPort) | append $zk.zookeeperServers | set $zk "zookeeperServers" -}} -{{- end }} -{{- printf "%s" (join ";" $zk.zookeeperServers) | quote -}} -{{- end -}}
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/configmap.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/configmap.yaml deleted file mode 100644 index 7a26053d11..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/configmap.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{/* -# Copyright © 2020 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if .Values.prometheus.jmx.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-prometheus-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/jmx-zookeeper-prometheus.yml").AsConfig . | indent 2 }} ---- -{{ end }} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-jaas-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ (.Files.Glob "resources/config/zk_server_jaas.conf").AsConfig | indent 2 }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/poddisruptionbudget.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/poddisruptionbudget.yaml deleted file mode 100644 index db81b890ef..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/poddisruptionbudget.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{/* -# Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget -metadata: - name: {{ include "common.fullname" . }}-pdb - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - maxUnavailable: {{ include "zk.maxUnavailable" . }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/pv.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/pv.yaml deleted file mode 100644 index c386163735..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/pv.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- $global := . -}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if eq "True" (include "common.needPV" .) -}} -{{ range $i, $e := until (int $global.Values.replicaCount) }} ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: {{ include "common.release" $global }}-{{ $global.Values.service.name }}-{{ $i }} - namespace: {{ include "common.namespace" $global }} - labels: - app: {{ $global.Values.service.name }} - chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }} - release: {{ include "common.release" $global }} - heritage: {{ $global.Release.Service }} -spec: - capacity: - storage: {{ $global.Values.persistence.size }} - accessModes: - - {{ $global.Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" $global }}-data" - hostPath: - path: {{ $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }} - persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} -{{ end }} -{{ end }} -{{ end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/secrets.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/secrets.yaml deleted file mode 100644 index 033d8d5441..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/secrets.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{/* -# Copyright © 2020 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.secretFast" . }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/service.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/service.yaml deleted file mode 100644 index 6bd13f0594..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/service.yaml +++ /dev/null @@ -1,40 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.clientPort }} - name: {{ .Values.service.clientPortName }} - - port: {{ .Values.service.serverPort }} - name: {{ .Values.service.serverPortName }} - - port: {{ .Values.service.leaderElectionPort }} - name: {{ .Values.service.leaderElectionPortName }} - clusterIP: None - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml deleted file mode 100644 index cac75b1565..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml +++ /dev/null @@ -1,230 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - serviceName: {{ .Values.service.name }} - replicas: {{ .Values.replicaCount }} - updateStrategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: {{ .Values.maxUnavailable }} - podManagementPolicy: Parallel - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - {{- if .Values.prometheus.jmx.enabled }} - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: {{ .Values.prometheus.jmx.port | quote }} - {{- end }} - spec: - {{- if .Values.nodeAffinity }} - nodeAffinity: - {{ toYaml .Values.nodeAffinity | indent 10 }} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" - initContainers: - - name: {{ include "common.name" . }}-permission-fixer - command: - - sh - - -exec - - > - chown -R 1000:0 /tmp/zookeeper/apikeys; - image: {{ include "repositoryGenerator.image.busybox" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /tmp/zookeeper/apikeys - name: zookeeper-data - - command: - - sh - args: - - -c - - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/etc/zookeeper/secrets/jaas/${PFILE}; done" - env: - - name: ZK_ADMIN - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-admin" "key" "login") | indent 10 }} - - name: ZK_PSWD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-admin" "key" "password") | indent 10 }} - volumeMounts: - - mountPath: /etc/zookeeper/secrets/jaas - name: jaas-config - - mountPath: /config-input - name: jaas - image: {{ include "repositoryGenerator.image.envsubst" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-update-config - containers: - {{- if .Values.prometheus.jmx.enabled }} - - name: prometheus-jmx-exporter - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.prometheus.jmx.image }}:{{ .Values.prometheus.jmx.imageTag }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - java - - -XX:+UnlockExperimentalVMOptions - - -XX:+UseCGroupMemoryLimitForHeap - - -XX:MaxRAMFraction=1 - - -XshowSettings:vm - - -jar - - jmx_prometheus_httpserver.jar - - {{ .Values.prometheus.jmx.port | quote }} - - /etc/jmx-zookeeper/jmx-zookeeper-prometheus.yml - ports: - - containerPort: {{ .Values.prometheus.jmx.port }} - resources: -{{ toYaml .Values.prometheus.jmx.resources | indent 10 }} - volumeMounts: - - name: jmx-config - mountPath: /etc/jmx-zookeeper - {{- end }} - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - resources: -{{ include "common.resources" . | indent 12 }} - ports: - - containerPort: {{ .Values.service.clientPort }} - name: {{ .Values.service.clientPortName }} - - containerPort: {{ .Values.service.serverPort }} - name: {{ .Values.service.serverPortName }} - - containerPort: {{ .Values.service.leaderElectionPort }} - name: {{ .Values.service.leaderElectionPortName }} - {{- if .Values.prometheus.jmx.enabled }} - - containerPort: {{ .Values.jmx.port }} - name: jmx - {{- end }} - {{ if eq .Values.liveness.enabled true }} - livenessProbe: - exec: - command: ['/bin/bash', '-c', 'echo "ruok" | nc -w 2 localhost 2181 | grep imok'] - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - {{ end }} - readinessProbe: - exec: - command: ['/bin/bash', '-c', 'echo "ruok" | nc -w 2 localhost 2181 | grep imok'] - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} - resources: -{{ include "common.resources" . | indent 10 }} - env: - - name : KAFKA_HEAP_OPTS - value: "{{ .Values.zkConfig.heapOptions }}" - {{- if .Values.jmx.port }} - - name : KAFKA_JMX_PORT - value: "{{ .Values.jmx.port }}" - {{- end }} - - name : ZOOKEEPER_REPLICAS - value: "{{ .Values.replicaCount }}" - - name : ZOOKEEPER_TICK_TIME - value: "{{ .Values.zkConfig.tickTime }}" - - name : ZOOKEEPER_SYNC_LIMIT - value: "{{ .Values.zkConfig.syncLimit }}" - - name : ZOOKEEPER_INIT_LIMIT - value: "{{ .Values.zkConfig.initLimit }}" - - name : ZOOKEEPER_MAX_CLIENT_CNXNS - value: "{{ .Values.zkConfig.maxClientCnxns }}" - - name : ZOOKEEPER_AUTOPURGE_SNAP_RETAIN_COUNT - value: "{{ .Values.zkConfig.autoPurgeSnapRetainCount}}" - - name : ZOOKEEPER_AUTOPURGE_PURGE_INTERVAL - value: "{{ .Values.zkConfig.autoPurgePurgeInterval}}" - - name: ZOOKEEPER_CLIENT_PORT - value: "{{ .Values.zkConfig.clientPort }}" - - name: KAFKA_OPTS - value: "{{ .Values.zkConfig.kafkaOpts }}" - - name: ZOOKEEPER_QUORUM_LISTEN_ON_ALL_IPS - value: "true" - - name: ZOOKEEPER_SERVERS - value: {{ template "zookeeper.serverlist" . }} - - name: ZOOKEEPER_SERVER_ID - valueFrom: - fieldRef: - fieldPath: metadata.name - command: - - "bash" - - "-c" - - | - ZOOKEEPER_SERVER_ID=$((${HOSTNAME##*-}+1)) \ - /etc/confluent/docker/run - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /var/lib/zookeeper/data - name: zookeeper-data - - name: jaas-config - mountPath: /etc/zookeeper/secrets/jaas - {{- if .Values.tolerations }} - tolerations: - {{ toYaml .Values.tolerations | indent 10 }} - {{- end }} - serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: jaas-config - emptyDir: - medium: Memory - - name: docker-socket - hostPath: - path: /var/run/docker.sock - - name: jaas - configMap: - name: {{ include "common.fullname" . }}-jaas-configmap - {{- if .Values.prometheus.jmx.enabled }} - - name: jmx-config - configMap: - name: {{ include "common.fullname" . }}-prometheus-configmap - {{- end }} -{{ if not .Values.persistence.enabled }} - - name: zookeeper-data - emptyDir: {} -{{ else }} - volumeClaimTemplates: - - metadata: - name: zookeeper-data - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - storageClassName: {{ include "common.storageClass" . }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} -{{ end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml deleted file mode 100644 index 79ced4dde2..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml +++ /dev/null @@ -1,161 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - persistence: {} - -################################################################# -# Application configuration defaults. -################################################################# -# application image -image: onap/dmaap/zookeeper:6.1.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - - -# default number of instances -replicaCount: 1 - -zookeeperServers: 1 - -nodeSelector: {} - -nodeAffinity: {} - -affinity: {} - -tolerations: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 60 - periodSeconds: 20 - timeoutSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 60 - periodSeconds: 20 - timeoutSeconds: 10 - -#Zookeeper properties -zkConfig: - tickTime: 2000 - syncLimit: 5 - initLimit: 20 - maxClientCnxns: 200 - autoPurgeSnapRetainCount: 3 - autoPurgePurgeInterval: 24 - heapOptions: -Xmx2G -Xms2G - kafkaOpts: -Djava.security.auth.login.config=/etc/zookeeper/secrets/jaas/zk_server_jaas.conf -Dzookeeper.kerberos.removeHostFromPrincipal=true -Dzookeeper.kerberos.removeRealmFromPrincipal=true -Dzookeeper.authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider -Dzookeeper.requireClientAuthScheme=sasl -Dzookeeper.4lw.commands.whitelist=* - clientPort: 2181 - -jmx: - port: 5555 - -prometheus: - jmx: - enabled: false - image: solsson/kafka-prometheus-jmx-exporter@sha256 - imageTag: 6f82e2b0464f50da8104acd7363fb9b995001ddff77d248379f8788e78946143 - port: 5556 - -jaas: - config: - zkAdminUser: kafka - zkAdminPassword: kafka_secret - #zkAdminPasswordExternal= some password - -secrets: - - uid: zk-admin - type: basicAuth - externalSecret: '{{ .Values.jaas.config.zkAdminPasswordExternal}}' - login: '{{ .Values.jaas.config.zkAdminUser }}' - password: '{{ .Values.jaas.config.zkAdminPassword }}' - passwordPolicy: required - -## Persist data to a persitent volume -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: <storageClass> - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessMode: ReadWriteOnce - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: message-router/data-zookeeper - - -rollingUpdate: - maxUnavailable: 1 -service: - type: ClusterIP - name: message-router-zookeeper - portName: message-router-zookeeper - clientPortName: tcp-client - clientPort: 2181 - serverPortName: tcp-server - serverPort: 2888 - leaderElectionPortName: tcp-leader - leaderElectionPort: 3888 - -ingress: - enabled: false - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 2000m - memory: 4Gi - requests: - cpu: 500m - memory: 1Gi - large: - limits: - cpu: 4000m - memory: 8Gi - requests: - cpu: 1000m - memory: 2Gi - unlimited: {} - -#Pods Service Account -serviceAccount: - nameOverride: message-router-zookeeper - roles: - - read diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties index 4256b3b723..d2ee8356d7 100755 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties @@ -3,6 +3,7 @@ # org.onap.dmaap # ================================================================================ # Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2021-2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -20,41 +21,16 @@ # ############################################################################### ############################################################################### -## -## Cambria API Server config -## -## Default values are shown as commented settings. -## -############################################################################### -## -## HTTP service -## -## 3904 is standard as of 7/29/14. -# -## Zookeeper Connection -## -## Both Cambria and Kafka make use of Zookeeper. -## -#config.zk.servers=172.18.1.1 -#config.zk.servers={{.Values.zookeeper.name}}:{{.Values.zookeeper.port}} */}} -config.zk.servers={{ include "common.kafkaNodes" (dict "dot" . "replicaCount" (index .Values "message-router-zookeeper" "replicaCount") "componentName" .Values.zookeeper.name "port" .Values.zookeeper.port ) }} -#config.zk.root=/fe3c/cambria/config - - -############################################################################### ## ## Kafka Connection ## ## Items below are passed through to Kafka's producer and consumer ## configurations (after removing "kafka.") ## if you want to change request.required.acks it can take this one value -#kafka.metadata.broker.list=localhost:9092,localhost:9093 -#kafka.metadata.broker.list={{.Values.kafka.name}}:{{.Values.kafka.port}} -kafka.metadata.broker.list={{ include "common.kafkaNodes" (dict "dot" . "replicaCount" (index .Values "message-router-kafka" "replicaCount") "componentName" .Values.kafka.name "port" .Values.kafka.port ) }} - -##kafka.request.required.acks=-1 -#kafka.client.zookeeper=${config.zk.servers} +kafka.metadata.broker.list={{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}:{{ .Values.global.kafkaInternalPort }} +config.zk.servers=127.0.0.1:{{ .Values.global.zkTunnelService.internalPort }} +#kafka.request.required.acks=-1 consumer.timeout.ms=100 zookeeper.connection.timeout.ms=6000 zookeeper.session.timeout.ms=20000 @@ -143,7 +119,7 @@ cambria.consumer.cache.touchFreqMs=120000 cambria.consumer.cache.zkBasePath=/fe3c/cambria/consumerCache consumer.timeout=17 default.partitions=3 -default.replicas={{ index .Values "message-router-kafka" "replicaCount" }} +default.replicas=3 ############################################################################## #100mb maxcontentlength=10000 diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml b/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml index ad2ce2b92a..949a893197 100644 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml @@ -1,6 +1,7 @@ <!-- ============LICENSE_START======================================================= Copyright © 2019 AT&T Intellectual Property. All rights reserved. + Modifications Copyright © 2021-2022 Nordix Foundation ================================================================================ Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -15,7 +16,7 @@ ============LICENSE_END========================================================= --> -<configuration scan="true" scanPeriod="3 seconds" debug="false"> +<configuration scan="true" scanPeriod="3 seconds" debug="true"> <contextName>${module.ajsc.namespace.name}</contextName> <jmxConfigurator /> <property name="logDirectory" value="${AJSC_HOME}/log" /> @@ -41,7 +42,7 @@ </encoder> </appender> - <appender name="ERROR" class="ch.qos.logback.core.ConsoleAppender"> class="ch.qos.logback.core.ConsoleAppender"> + <appender name="ERROR" class="ch.qos.logback.core.ConsoleAppender"> <filter class="ch.qos.logback.classic.filter.LevelFilter"> <level>ERROR</level> <onMatch>ACCEPT</onMatch> @@ -54,105 +55,105 @@ <!-- Msgrtr related loggers --> - <logger name="org.onap.dmaap.dmf.mr.service" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.service.impl" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.service" level="TRACE" /> + <logger name="org.onap.dmaap.dmf.mr.service.impl" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.resources" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.resources.streamReaders" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.resources" level="TRACE" /> + <logger name="org.onap.dmaap.dmf.mr.resources.streamReaders" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.backends" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.backends.kafka" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.backends.memory" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.backends" level="TRACE" /> + <logger name="org.onap.dmaap.dmf.mr.backends.kafka" level="TRACE" /> + <logger name="org.onap.dmaap.dmf.mr.backends.memory" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.beans" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.beans" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.constants" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.constants" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.exception" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.exception" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.listener" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.listener" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.metabroker" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.metrics.publisher" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.metrics.publisher.impl" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.metrics.publisher" level="TRACE" /> + <logger name="org.onap.dmaap.dmf.mr.metrics.publisher.impl" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.security" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.security.impl" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.security" level="TRACE" /> + <logger name="org.onap.dmaap.dmf.mr.security.impl" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.transaction" level="INFO" /> - <logger name="com.att.dmf.mr.transaction.impl" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.transaction" level="TRACE" /> + <logger name="com.att.dmf.mr.transaction.impl" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" /> - <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.metabroker" level="TRACE" /> + <logger name="org.onap.dmaap.dmf.mr.metabroker" level="TRACE" /> - <logger name="org.onap.dmaap.dmf.mr.utils" level="INFO" /> - <logger name="org.onap.dmaap.mr.filter" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.utils" level="TRACE" /> + <logger name="org.onap.dmaap.mr.filter" level="TRACE" /> - <!--<logger name="com.att.nsa.cambria.*" level="INFO" />--> + <!--<logger name="com.att.nsa.cambria.*" level="TRACE" />--> <!-- Msgrtr loggers in ajsc --> - <logger name="org.onap.dmaap.service" level="INFO" /> - <logger name="org.onap.dmaap" level="INFO" /> + <logger name="org.onap.dmaap.service" level="TRACE" /> + <logger name="org.onap.dmaap" level="TRACE" /> <!-- Spring related loggers --> - <logger name="org.springframework" level="WARN" additivity="false"/> - <logger name="org.springframework.beans" level="WARN" additivity="false"/> - <logger name="org.springframework.web" level="WARN" additivity="false" /> - <logger name="com.blog.spring.jms" level="WARN" additivity="false" /> + <logger name="org.springframework" level="TRACE" additivity="false"/> + <logger name="org.springframework.beans" level="TRACE" additivity="false"/> + <logger name="org.springframework.web" level="TRACE" additivity="false" /> + <logger name="com.blog.spring.jms" level="TRACE" additivity="false" /> <!-- AJSC Services (bootstrap services) --> - <logger name="ajsc" level="WARN" additivity="false"/> - <logger name="ajsc.RouteMgmtService" level="INFO" additivity="false"/> - <logger name="ajsc.ComputeService" level="INFO" additivity="false" /> - <logger name="ajsc.VandelayService" level="WARN" additivity="false"/> - <logger name="ajsc.FilePersistenceService" level="WARN" additivity="false"/> - <logger name="ajsc.UserDefinedJarService" level="WARN" additivity="false" /> - <logger name="ajsc.UserDefinedBeansDefService" level="WARN" additivity="false" /> - <logger name="ajsc.LoggingConfigurationService" level="WARN" additivity="false" /> + <logger name="ajsc" level="TRACE" additivity="false"/> + <logger name="ajsc.RouteMgmtService" level="TRACE" additivity="false"/> + <logger name="ajsc.ComputeService" level="TRACE" additivity="false" /> + <logger name="ajsc.VandelayService" level="TRACE" additivity="false"/> + <logger name="ajsc.FilePersistenceService" level="TRACE" additivity="false"/> + <logger name="ajsc.UserDefinedJarService" level="TRACE" additivity="false" /> + <logger name="ajsc.UserDefinedBeansDefService" level="TRACE" additivity="false" /> + <logger name="ajsc.LoggingConfigurationService" level="TRACE" additivity="false" /> <!-- AJSC related loggers (DME2 Registration, csi logging, restlet, servlet logging) --> - <logger name="ajsc.utils" level="WARN" additivity="false"/> - <logger name="ajsc.utils.DME2Helper" level="INFO" additivity="false" /> - <logger name="ajsc.filters" level="DEBUG" additivity="false" /> - <logger name="ajsc.beans.interceptors" level="DEBUG" additivity="false" /> - <logger name="ajsc.restlet" level="DEBUG" additivity="false" /> - <logger name="ajsc.servlet" level="DEBUG" additivity="false" /> - <logger name="com.att" level="WARN" additivity="false" /> - <logger name="com.att.ajsc.csi.logging" level="WARN" additivity="false" /> - <logger name="com.att.ajsc.filemonitor" level="WARN" additivity="false"/> + <logger name="ajsc.utils" level="TRACE" additivity="false"/> + <logger name="ajsc.utils.DME2Helper" level="TRACE" additivity="false" /> + <logger name="ajsc.filters" level="TRACE" additivity="false" /> + <logger name="ajsc.beans.interceptors" level="TRACE" additivity="false" /> + <logger name="ajsc.restlet" level="TRACE" additivity="false" /> + <logger name="ajsc.servlet" level="TRACE" additivity="false" /> + <logger name="com.att" level="TRACE" additivity="false" /> + <logger name="com.att.ajsc.csi.logging" level="TRACE" additivity="false" /> + <logger name="com.att.ajsc.filemonitor" level="TRACE" additivity="false"/> - <logger name="com.att.nsa.dmaap.util" level="INFO" additivity="false"/> - <logger name="com.att.cadi.filter" level="INFO" additivity="false" /> + <logger name="com.att.nsa.dmaap.util" level="TRACE" additivity="false"/> + <logger name="com.att.cadi.filter" level="TRACE" additivity="false" /> <!-- Other Loggers that may help troubleshoot --> - <logger name="net.sf" level="WARN" additivity="false" /> - <logger name="org.apache.commons.httpclient" level="WARN" additivity="false"/> - <logger name="org.apache.commons" level="WARN" additivity="false" /> - <logger name="org.apache.coyote" level="WARN" additivity="false"/> - <logger name="org.apache.jasper" level="WARN" additivity="false"/> + <logger name="net.sf" level="TRACE" additivity="false" /> + <logger name="org.apache.commons.httpclient" level="TRACE" additivity="false"/> + <logger name="org.apache.commons" level="TRACE" additivity="false" /> + <logger name="org.apache.coyote" level="TRACE" additivity="false"/> + <logger name="org.apache.jasper" level="TRACE" additivity="false"/> <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging. May aid in troubleshooting) --> - <logger name="org.apache.camel" level="WARN" additivity="false" /> - <logger name="org.apache.cxf" level="WARN" additivity="false" /> - <logger name="org.apache.camel.processor.interceptor" level="WARN" additivity="false"/> - <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" additivity="false" /> - <logger name="org.apache.cxf.service" level="WARN" additivity="false" /> - <logger name="org.restlet" level="DEBUG" additivity="false" /> - <logger name="org.apache.camel.component.restlet" level="DEBUG" additivity="false" /> - <logger name="org.apache.kafka" level="DEBUG" additivity="false" /> - <logger name="org.apache.zookeeper" level="INFO" additivity="false" /> - <logger name="org.I0Itec.zkclient" level="DEBUG" additivity="false" /> + <logger name="org.apache.camel" level="TRACE" additivity="false" /> + <logger name="org.apache.cxf" level="TRACE" additivity="false" /> + <logger name="org.apache.camel.processor.interceptor" level="TRACE" additivity="false"/> + <logger name="org.apache.cxf.jaxrs.interceptor" level="TRACE" additivity="false" /> + <logger name="org.apache.cxf.service" level="TRACE" additivity="false" /> + <logger name="org.restlet" level="TRACE" additivity="false" /> + <logger name="org.apache.camel.component.restlet" level="TRACE" additivity="false" /> + <logger name="org.apache.kafka" level="TRACE" additivity="false" /> + <logger name="org.apache.zookeeper" level="TRACE" additivity="false" /> + <logger name="org.I0Itec.zkclient" level="TRACE" additivity="false" /> <!-- logback internals logging --> - <logger name="ch.qos.logback.classic" level="INFO" additivity="false"/> - <logger name="ch.qos.logback.core" level="INFO" additivity="false" /> + <logger name="ch.qos.logback.classic" level="TRACE" additivity="false"/> + <logger name="ch.qos.logback.core" level="TRACE" additivity="false" /> <!-- logback jms appenders & loggers definition starts here --> <!-- logback jms appenders & loggers definition starts here --> @@ -176,10 +177,10 @@ <appender-ref ref="Audit-Record-Queue" /> </appender> - <logger name="AuditRecord" level="INFO" additivity="FALSE"> + <logger name="AuditRecord" level="TRACE" additivity="FALSE"> <appender-ref ref="STDOUT" /> </logger> - <logger name="AuditRecord_DirectCall" level="INFO" additivity="FALSE"> + <logger name="AuditRecord_DirectCall" level="TRACE" additivity="FALSE"> <appender-ref ref="STDOUT" /> </logger> <appender name="ASYNC-perf" class="ch.qos.logback.classic.AsyncAppender"> @@ -187,13 +188,13 @@ <discardingThreshold>0</discardingThreshold> <appender-ref ref="Performance-Tracker-Queue" /> </appender> - <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE"> + <logger name="PerfTrackerRecord" level="TRACE" additivity="FALSE"> <appender-ref ref="ASYNC-perf" /> <appender-ref ref="perfLogs" /> </logger> <!-- logback jms appenders & loggers definition ends here --> - <root level="DEBUG"> + <root level="TRACE"> <appender-ref ref="DEBUG" /> <appender-ref ref="ERROR" /> <appender-ref ref="INFO" /> diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/mykey b/kubernetes/dmaap/components/message-router/resources/config/dmaap/mykey deleted file mode 100755 index c2b8b8779b..0000000000 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/mykey +++ /dev/null @@ -1,27 +0,0 @@ -_sNOLphPzrU7L0L3oWv0pYwgV_ddGF1XoBsQEIAp34jfP-fGJFPfFYaMpDEZ3gwH59rNw6qyMZHk -k-4irklvVcWk36lC3twNvc0DueRCVrws1bkuhOLCXdxHJx-YG-1xM8EJfRmzh79WPlPkbAdyPmFF -Ah44V0GjAnInPOFZA6MHP9rNx9B9qECHRfmvzU13vJCcgTsrmOr-CEiWfRsnzPjsICxpq9OaVT_D -zn6rNaroGm1OiZNCrCgvRkCUHPOOCw3j9G1GeaImoZNYtozbz9u4sj13PU-MxIIAa64b1bMMMjpz -Upc8lVPI4FnJKg6axMmEGn5zJ6JUq9mtOVyPj__2GEuDgpx5H4AwodXXVjFsVgR8UJwI_BvS2JVp -JoQk0J1RqXmAXVamlsMAfzmmbARXgmrBfnuhveZnh9ymFVU-YZeujdANniXAwBGI7c6hG_BXkH7i -Eyf4Fn41_SV78PskP6qgqJahr9r3bqdjNbKBztIKCOEVrE_w3IM5r02l-iStk_NBRkj6cq_7VCpG -afxZ2CtZMwuZMiypO_wOgbdpCSKNzsL-NH2b4b08OlKiWb263gz634KJmV5WEfCl-6eH-JUFbWOS -JwQfActLNT2ZQPl2MyZQNBzJEWoJRgS6k7tPRO-zqeUtYYHGHVMCxMuMHGQcoilNNHEFeBCG_fBh -yAKb9g9F86Cbx9voMLiyTX2T3rwVHiSJFOzfNxGmfN5JWOthIun_c5hEY1tLQ15BomzkDwk7BAj7 -VbRCrVD45B6xrmSTMBSWYmLyr6mnQxQqeh9cMbD-0ZAncE3roxRnRvPKjFFa208ykYUp2V83r_PJ -fV5I9ZPKSjk9DwFyrjkcQQEYDhdK6IFqcd6nEthjYVkmunu2fsX0bIOm9GGdIbKGqBnpdgBO5hyT -rBr9HSlZrHcGdti1R823ckDF0Ekcl6kioDr5NLIpLtg9zUEDRm3QrbX2mv5Zs8W0pYnOqglxy3lz -bJZTN7oR7VasHUtjmp0RT9nLZkUs5TZ6MHhlIq3ZsQ6w_Q9Rv1-ofxfwfCC4EBrWKbWAGCf6By4K -Ew8321-2YnodhmsK5BrT4zQ1DZlmUvK8BmYjZe7wTljKjgYcsLTBfX4eMhJ7MIW1kpnl8AbiBfXh -QzN56Mki51Q8PSQWHm0W9tnQ0z6wKdck6zBJ8JyNzewZahFKueDTn-9DOqIDfr3YHvQLLzeXyJ8e -h4AgjW-hvlLzRGtkCknjLIgXVa3rMTycseAwbW-mgdCqqkw3SdEG8feAcyntmvE8j2jbtSDStQMB -9JdvyNLuQdNG4pxpusgvVso0-8NQF0YVa9VFwg9U6IPSx5p8FcW68OAHt_fEgT4ZtiH7o9aur4o9 -oYqUh2lALCY-__9QLq1KkNjMKs33Jz9E8LbRerG9PLclkTrxCjYAeUWBjCwSI7OB7xkuaYDSjkjj -a46NLpdBN1GNcsFFcZ79GFAK0_DsyxGLX8Tq6q0Bvhs8whD8wlSxpTGxYkyqNX-vcb7SDN_0WkCE -XSdZWkqTHXcYbOvoCOb_e6SFAztuMenuHWY0utX0gBfx_X5lPDFyoYXErxFQHiA7t27keshXNa6R -ukQRRS8kMjre1U74sc-fRNXkXpl57rG4rgxaEX0eBeowa53KAsVvUAoSac2aC_nfzXrDvoyf9Xi3 -JpEZNhUDLpFCEycV4I7jGQ9wo9qNaosvlsr6kbLDNdb_1xrGVgjT3xEvRNJNPqslSAu-yD-UFhC3 -AmCdYUnugw_eEFqXCHTARcRkdPPvl2XsmEKY2IqEeO5tz4DyXQFaL-5hEVh6lYEU1EOWHk3UGIXe -Vc5_Ttp82qNLmlJPbZvgmNTJzYTHDQ_27KBcp7IVVZgPDjVKdWqQvZ18KhxvfF3Idgy82LBZniFV -IbtxllXiPRxoPQriSXMnXjh3XkvSDI2pFxXfEvLRn1tvcFOwPNCz3QfPIzYg8uYXN5bRt3ZOrR_g -ZhIlrc7HO0VbNbeqEVPKMZ-cjkqGj4VAuDKoQc0eQ6X_wCoAGO78nPpLeIvZPx1X3z5YoqNA
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/templates/configmap.yaml b/kubernetes/dmaap/components/message-router/templates/configmap.yaml index 75a5e22d40..c999b79183 100644 --- a/kubernetes/dmaap/components/message-router/templates/configmap.yaml +++ b/kubernetes/dmaap/components/message-router/templates/configmap.yaml @@ -1,6 +1,7 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2021-2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -56,32 +57,6 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-dbc-mrclusters - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/mr_clusters/*.json").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-dbc-topics - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/topics/*.json").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: name: {{ include "common.fullname" . }}-sys-props namespace: {{ include "common.namespace" . }} labels: diff --git a/kubernetes/dmaap/components/message-router/templates/secrets.yaml b/kubernetes/dmaap/components/message-router/templates/secrets.yaml index 9456c15994..50dda8a8f9 100644 --- a/kubernetes/dmaap/components/message-router/templates/secrets.yaml +++ b/kubernetes/dmaap/components/message-router/templates/secrets.yaml @@ -1,6 +1,7 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2021-2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -28,3 +29,5 @@ metadata: data: {{ (.Files.Glob "resources/config/dmaap/mykey").AsSecrets | indent 2 }} type: Opaque +--- +{{ include "common.secretFast" . }} diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index f0832add80..e9d890e432 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -1,6 +1,7 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2021-2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -26,22 +27,6 @@ spec: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - - command: - - /app/ready.py - args: - - --container-name - - {{ .Values.kafka.name }} - - --container-name - - {{ .Values.zookeeper.name }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness {{ include "common.certInitializer.initContainer" . | indent 6 | trim }} {{- if .Values.global.aafEnabled }} - name: {{ include "common.name" . }}-update-config @@ -82,6 +67,45 @@ spec: - name: jmx-config mountPath: /etc/jmx-kafka {{- end }} + - name: srimzi-zk-entrance + image: 'docker.io/scholzj/zoo-entrance:latest' + command: + - /opt/stunnel/stunnel_run.sh + ports: + - containerPort: {{ .Values.global.zkTunnelService.internalPort }} + name: zoo + protocol: TCP + env: + - name: LOG_LEVEL + value: debug + - name: STRIMZI_ZOOKEEPER_CONNECT + value: '{{ include "common.release" . }}-strimzi-zookeeper-client:{{ .Values.global.zkTunnelService.internalPort }}' + imagePullPolicy: Always + livenessProbe: + exec: + command: + - /opt/stunnel/stunnel_healthcheck.sh + - '{{ .Values.global.zkTunnelService.internalPort }}' + failureThreshold: 3 + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + readinessProbe: + exec: + command: + - /opt/stunnel/stunnel_healthcheck.sh + - '{{ .Values.global.zkTunnelService.internalPort }}' + failureThreshold: 3 + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + volumeMounts: + - mountPath: /etc/cluster-operator-certs/ + name: cluster-operator-certs + - mountPath: /etc/cluster-ca-certs/ + name: cluster-ca-certs - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -123,6 +147,10 @@ spec: successThreshold: {{ .Values.startup.successThreshold }} failureThreshold: {{ .Values.startup.failureThreshold }} env: + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "mr-kafka-admin-secret" "key" "sasl.jaas.config") | indent 12 }} + - name: SASLMECH + value: {{ .Values.global.saslMechanism }} - name: enableCadi value: "{{ .Values.global.aafEnabled }}" volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} @@ -135,9 +163,6 @@ spec: - mountPath: /appl/dmaapMR1/bundleconfig/etc/logback.xml subPath: logback.xml name: logback - - mountPath: /appl/dmaapMR1/etc/keyfile - subPath: mykey - name: mykey {{- if .Values.global.aafEnabled }} - mountPath: /appl/dmaapMR1/etc/runner-web.xml subPath: runner-web.xml @@ -168,13 +193,38 @@ spec: configMap: name: {{ include "common.fullname" . }}-prometheus-configmap {{- end }} - - name: mykey - secret: - secretName: {{ include "common.fullname" . }}-secret - name: sys-props configMap: name: {{ include "common.fullname" . }}-sys-props - name: jetty emptyDir: {} + - name: cluster-operator-certs + secret: + defaultMode: 288 + secretName: {{ include "common.release" . }}-strimzi-cluster-operator-certs + - name: cluster-ca-certs + secret: + defaultMode: 288 + secretName: {{ include "common.release" . }}-strimzi-cluster-ca-cert imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "common.fullname" . }}-zk-network-policy + namespace: {{ include "common.namespace" . }} +spec: + podSelector: + matchLabels: + strimzi.io/name: {{ include "common.release" . }}-strimzi-zookeeper + ingress: + - from: + - podSelector: + matchLabels: + app.kubernetes.io/name: {{ include "common.name" . }} + ports: + - port: {{ .Values.global.zkTunnelService.internalPort }} + protocol: TCP + policyTypes: + - Ingress
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index 34b7a8822a..372665243e 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -1,5 +1,6 @@ # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2021-2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,7 +19,14 @@ ################################################################# global: nodePortPrefix: 302 - + kafkaBootstrap: strimzi-kafka-bootstrap + saslMechanism: scram-sha-512 + kafkaInternalPort: 9092 + zkTunnelService: + type: ClusterIP + name: zk-tunnel-svc + portName: tcp-zk-tunnel + internalPort: 2181 ################################################################# # AAF part @@ -63,18 +71,21 @@ certInitializer: image: onap/dmaap/dmaap-mr:1.3.2 pullPolicy: Always -kafka: - name: message-router-kafka - port: 9092 -zookeeper: - name: message-router-zookeeper - port: 2181 +secrets: + - uid: mr-kafka-admin-secret + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate # flag to enable debugging - application support required debugEnabled: false # application configuration -config: {} +config: + someConfig: blah # default number of instances replicaCount: 1 diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index b7f0735c8d..d34efae312 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -1,5 +1,6 @@ # Copyright © 2018 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs,Bell Canada +# Modifications Copyright © 2021-2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -45,15 +46,25 @@ global: aafAppNs: org.osaaf.aaf aafLocatorContainer: oom + #Strimzi config + kafkaBootstrap: strimzi-kafka-bootstrap + kafkaStrimziAdminUser: strimzi-kafka-admin + kafkaInternalPort: 9092 + saslMechanism: scram-sha-512 + #Component overrides message-router: enabled: true + config: + jaasConfExternalSecret: '{{ .Values.global.kafkaStrimziAdminUser }}' dmaap-bc: enabled: true dmaap-dr-node: enabled: true dmaap-dr-prov: enabled: true +dmaap-strimzi: + enabled: true #Pods Service Account serviceAccount: diff --git a/kubernetes/helm/plugins/deploy/deploy.sh b/kubernetes/helm/plugins/deploy/deploy.sh index 36853baa1f..347c7689e4 100755 --- a/kubernetes/helm/plugins/deploy/deploy.sh +++ b/kubernetes/helm/plugins/deploy/deploy.sh @@ -70,21 +70,21 @@ generate_overrides() { resolve_deploy_flags() { - flags=($1) - n=${#flags[*]} - i=0 ; while [ "$i" -lt "$n" ]; do - PARAM=${flags[i]} - if [ "$PARAM" = "-f" ] || \ - [ "$PARAM" = "--values" ] || \ - [ "$PARAM" = "--set" ] || \ - [ "$PARAM" = "--set-string" ] || \ - [ "$PARAM" = "--version" ]; then - # skip param and its value - i=$((i + 1)) + skip="false" + for param in $1; do + if [ "$skip" = "false" ]; then + if [ "$param" = "-f" ] || \ + [ "$param" = "--values" ] || \ + [ "$param" = "--set" ] || \ + [ "$param" = "--set-string" ] || \ + [ "$param" = "--version" ]; then + skip="true" + else + DEPLOY_FLAGS="$DEPLOY_FLAGS $param" + fi else - DEPLOY_FLAGS="$DEPLOY_FLAGS $PARAM" + skip="false" fi - i=$((i+1)) done echo "$DEPLOY_FLAGS" } @@ -93,8 +93,9 @@ resolve_deploy_flags() { check_for_dep() { try=0 retries=60 - until (kubectl get deployment -n $HELM_NAMESPACE | grep -P "\b$1\b") &>/dev/null; do - (( ++try > retries )) && exit 1 + until (kubectl get deployment -n $HELM_NAMESPACE | grep -P "\b$1\b") >/dev/null 2>&1; do + try=$(($try + 1)) + [ $try -gt $retries ] && exit 1 echo "$1 not found. Retry $try/$retries" sleep 10 done @@ -284,14 +285,19 @@ deploy() { if [ $SUBCHART_ENABLED -eq 1 ]; then deploy_subchart else - array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}")) - n=${#array[*]} - for i in $(seq $(($n-1)) -1 0); do - helm del "${array[i]}" + reverse_list= + for item in $(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}") + do + reverse_list="$item $reverse_list" + done + for item in $reverse_list + do + helm del $item done fi done + for subchart in * ; do SUBCHART_OVERRIDES=$CACHE_SUBCHART_DIR/$subchart/subchart-overrides.yaml @@ -306,10 +312,14 @@ deploy() { if [ $SUBCHART_ENABLED -eq 1 ]; then deploy_subchart else - array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}")) - n=${#array[*]} - for i in $(seq $(($n-1)) -1 0); do - helm del "${array[i]}" + reverse_list= + for item in $(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}") + do + reverse_list="$item $reverse_list" + done + for item in $reverse_list + do + helm del $item done fi done diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml index 5781dabb85..50df26f946 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml @@ -28,7 +28,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/holmes/engine-management:10.0.3 +image: onap/holmes/engine-management:10.0.5 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 ################################################################# diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml index fbe873b184..84c2108521 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml @@ -28,7 +28,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/holmes/rule-management:10.0.3 +image: onap/holmes/rule-management:10.0.5 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 ################################################################# diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index 92788e430f..9b69a4356f 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -65,7 +65,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/externalapi/nbi:8.0.1 +image: onap/externalapi/nbi:10.0.0 pullPolicy: IfNotPresent sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU= aai_authorization: Basic QUFJOkFBSQ== diff --git a/kubernetes/onap/resources/overrides/environment.yaml b/kubernetes/onap/resources/overrides/environment.yaml index 50703fbf4a..c9ae94a136 100644 --- a/kubernetes/onap/resources/overrides/environment.yaml +++ b/kubernetes/onap/resources/overrides/environment.yaml @@ -136,7 +136,7 @@ dmaap: initialDelaySeconds: 120 mariadb-galera: liveness: - initialDelaySeconds: 180 + initialDelaySeconds: 30 periodSeconds: 60 mariadb-galera-server: liveness: diff --git a/kubernetes/oof/resources/config/conf/common_config.yaml b/kubernetes/oof/resources/config/conf/common_config.yaml index 8f00ac72da..57e8e27a19 100644 --- a/kubernetes/oof/resources/config/conf/common_config.yaml +++ b/kubernetes/oof/resources/config/conf/common_config.yaml @@ -162,4 +162,5 @@ nxi_termination: - "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'AN') > service-instance*('service-role','nsi')" - "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'AN_NF') > service-instance*('workload-context','AN')" - "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'TN_MH') > service-instance*('workload-context','AN')" + - "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'TN_FH') > service-instance*('workload-context','AN')" - "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'AN_NF') > service-instance*('workload-context','AN')" diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml b/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml index c49762202b..ce5e410abe 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml @@ -32,6 +32,16 @@ spec: metadata: labels: control-plane: controller-manager + {{- if (include "common.onServiceMesh" . | nindent 6 ) }} + annotations: + {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }} + linkerd.io/inject: disabled + {{- end }} + {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }} + traffic.sidecar.istio.io/excludeInboundPorts: "8080,8443" + traffic.sidecar.istio.io/includeInboundPorts: '*' + {{- end }} + {{- end }} spec: imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml b/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml index 8215ed949e..5f80a7dc75 100644 --- a/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml +++ b/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml @@ -22,6 +22,16 @@ spec: selector: {{- include "common.selectors" . | nindent 4 }} template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} + {{- if (include "common.onServiceMesh" . ) }} + annotations: + {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }} + linkerd.io/inject: disabled + {{- end }} + {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }} + traffic.sidecar.istio.io/excludeInboundPorts: "8080,8443" + traffic.sidecar.istio.io/includeInboundPorts: '*' + {{- end }} + {{- end }} spec: imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml index ad2d954088..db5251913e 100755 --- a/kubernetes/policy/components/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-apex-pdp:2.7.2 +image: onap/policy-apex-pdp:2.7.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml index 72c5c498ba..0e3ada8956 100755 --- a/kubernetes/policy/components/policy-api/values.yaml +++ b/kubernetes/policy/components/policy-api/values.yaml @@ -79,7 +79,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-api:2.6.2 +image: onap/policy-api:2.6.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml index 844b3d78c2..c93520a290 100644 --- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml @@ -71,7 +71,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-http-ppnt:6.2.2 +image: onap/policy-clamp-ac-http-ppnt:6.2.3 pullPolicy: Always # application configuration diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/service.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/service.yaml index 73381c9e3b..2439223192 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/service.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/service.yaml @@ -18,16 +18,10 @@ # ============LICENSE_END========================================================= */}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: policy-clamp-cl-k8s-ppnt - namespace: {{ include "common.namespace" . }} ---- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ include "common.namespace" . }}-policy-clamp-cl-k8s-ppnt-binding + name: {{ include "common.namespace" . }}-policy-clamp-ac-k8s-ppnt-binding namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -40,6 +34,6 @@ roleRef: name: cluster-admin subjects: - kind: ServiceAccount - name: policy-clamp-cl-k8s-ppnt + name: {{ include "common.fullname" (dict "suffix" "create" "dot" . )}} namespace: {{ include "common.namespace" . }} diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml index 5592edcc3c..5920bdaaf2 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml @@ -72,7 +72,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-k8s-ppnt:6.2.2 +image: onap/policy-clamp-ac-k8s-ppnt:6.2.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml index 70f2a0fa75..b99b60e397 100644 --- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml @@ -83,7 +83,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-pf-ppnt:6.2.2 +image: onap/policy-clamp-ac-pf-ppnt:6.2.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-be/values.yaml b/kubernetes/policy/components/policy-clamp-be/values.yaml index d40a2a9695..c23657c421 100644 --- a/kubernetes/policy/components/policy-clamp-be/values.yaml +++ b/kubernetes/policy/components/policy-clamp-be/values.yaml @@ -71,7 +71,7 @@ secrets: flavor: small # application image -image: onap/policy-clamp-backend:6.2.2 +image: onap/policy-clamp-backend:6.2.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml index f989715c41..7e30372d7e 100644 --- a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml @@ -78,7 +78,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-runtime-acm:6.2.2 +image: onap/policy-clamp-runtime-acm:6.2.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml index 9e0b11d3a2..d36f1c2275 100755 --- a/kubernetes/policy/components/policy-distribution/values.yaml +++ b/kubernetes/policy/components/policy-distribution/values.yaml @@ -67,7 +67,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/policy-distribution:2.7.2 +image: onap/policy-distribution:2.7.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml index e15ce66359..74c743cb2b 100755 --- a/kubernetes/policy/components/policy-drools-pdp/values.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml @@ -41,7 +41,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pdpd-cl:1.10.2 +image: onap/policy-pdpd-cl:1.10.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-gui/values.yaml b/kubernetes/policy/components/policy-gui/values.yaml index aa2b9d3122..60a6ce38c4 100644 --- a/kubernetes/policy/components/policy-gui/values.yaml +++ b/kubernetes/policy/components/policy-gui/values.yaml @@ -73,7 +73,7 @@ subChartsOnly: flavor: small # application image -image: onap/policy-gui:2.2.2 +image: onap/policy-gui:2.2.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml index 41978331a4..415239a4ac 100755 --- a/kubernetes/policy/components/policy-pap/values.yaml +++ b/kubernetes/policy/components/policy-pap/values.yaml @@ -92,7 +92,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pap:2.6.2 +image: onap/policy-pap:2.6.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml index 4b97dbb01d..e7e7eebefe 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml @@ -83,7 +83,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-xacml-pdp:2.6.2 +image: onap/policy-xacml-pdp:2.6.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index a315bc251c..7707985a88 100755 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -150,7 +150,7 @@ mariadb: image: mariadb:10.5.8 dbmigrator: - image: onap/policy-db-migrator:2.4.2 + image: onap/policy-db-migrator:2.4.3 schema: policyadmin policy_home: "/opt/app/policy" diff --git a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py index 700b17a970..3c5f9ce73a 100644 --- a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py @@ -188,6 +188,9 @@ GLOBAL_DMAAP_KAFKA_SERVER_NAME = '{{include "robot.ingress.svchost" (dict "root" GLOBAL_DMAAP_KAFKA_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "message-router-kafka" "port" 9092) }}' GLOBAL_DMAAP_KAFKA_JAAS_USERNAME = '{{ .Values.kafkaJaasUsername }}' GLOBAL_DMAAP_KAFKA_JAAS_PASSWORD = '{{ .Values.kafkaJaasPassword }}' +# strimzi kafka +GLOBAL_KAFKA_BOOTSTRAP_SERVICE = '{{ include "common.release" . }}-strimzi-kafka-bootstrap:9092' +GLOBAL_KAFKA_USER = '{{ .Values.strimziKafkaJaasUsername }}' # DROOL server port and credentials GLOBAL_DROOLS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "policy-drools-pdp" "port" 9696) }}' GLOBAL_DROOLS_USERNAME = '{{ .Values.droolsUsername }}' diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml index d8beeedb2a..0b1aa0e71d 100644 --- a/kubernetes/robot/values.yaml +++ b/kubernetes/robot/values.yaml @@ -364,10 +364,14 @@ vidHealthPassword: "AppPassword!1" # DMAAP BC bcUsername: "dmaap-bc@dmaap-bc.onap.org" bcPassword: "demo123456!" + # DMAAP KAFKA JAAS kafkaJaasUsername: "admin" kafkaJaasPassword: "admin_secret" +# STRIMZI KAFKA JAAS +strimziKafkaJaasUsername: "strimzi-kafka-admin" + #OOF oofUsername: "oof@oof.onap.org" oofPassword: "demo123456!" diff --git a/kubernetes/sdc/components/sdc-fe/templates/service.yaml b/kubernetes/sdc/components/sdc-fe/templates/service.yaml index 968a09c77e..30c3d1122f 100644 --- a/kubernetes/sdc/components/sdc-fe/templates/service.yaml +++ b/kubernetes/sdc/components/sdc-fe/templates/service.yaml @@ -39,17 +39,15 @@ metadata: spec: type: {{ .Values.service.type }} ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - targetPort: {{ .Values.service.internalPort }} - {{ if (include "common.needTLS" .) }} - - port: {{ .Values.service.internalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName }}s - {{ if eq .Values.service.type "NodePort" -}} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - {{ end }} - {{ end }} + {{if eq .Values.service.type "NodePort" -}} + - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} + {{- else -}} + - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.externalPort2 .Values.service.externalPort }} + targetPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} + name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} + {{- end}} selector: app: {{ include "common.name" . }} release: {{ include "common.release" . }} diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml index 6267da90f3..e86ae4c0d2 100644 --- a/kubernetes/sdc/components/sdc-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-fe/values.yaml @@ -114,9 +114,10 @@ service: portName: http internalPort: 8181 externalPort: 8181 - nodePort2: "07" internalPort2: 9443 externalPort2: 9443 + nodePort: "07" + ingress: enabled: false diff --git a/kubernetes/sdnc/components/dmaap-listener/values.yaml b/kubernetes/sdnc/components/dmaap-listener/values.yaml index 7ef646f3e1..5094b6eb52 100644 --- a/kubernetes/sdnc/components/dmaap-listener/values.yaml +++ b/kubernetes/sdnc/components/dmaap-listener/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-dmaap-listener-image:2.3.0 +image: onap/sdnc-dmaap-listener-image:2.3.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml index 768a617b63..c89f03b824 100644 --- a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml +++ b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-ansible-server-image:2.3.0 +image: onap/sdnc-ansible-server-image:2.3.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh index 099103ca79..d92a1049e3 100755 --- a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh +++ b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh {{/* # Copyright © 2018 Amdocs @@ -33,8 +33,8 @@ failover(){ debugLog "Currently running sdnc and dns failover" return fi - trap "rm -f ${lockFile}" INT TERM RETURN - echo $BASHPID > ${lockFile} + trap "rm -f ${lockFile}" INT TERM EXIT + echo $$ > ${lockFile} # perform takeover debugLog "Started executing sdnc.failover for $SITE_NAME" diff --git a/kubernetes/sdnc/components/sdnc-web/values.yaml b/kubernetes/sdnc/components/sdnc-web/values.yaml index f75b56726c..c066b5e0c7 100644 --- a/kubernetes/sdnc/components/sdnc-web/values.yaml +++ b/kubernetes/sdnc/components/sdnc-web/values.yaml @@ -23,7 +23,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: "onap/sdnc-web-image:2.2.5" +image: "onap/sdnc-web-image:2.3.2" pullPolicy: Always config: diff --git a/kubernetes/sdnc/components/ueb-listener/values.yaml b/kubernetes/sdnc/components/ueb-listener/values.yaml index 50fee59a32..4d3cce7076 100644 --- a/kubernetes/sdnc/components/ueb-listener/values.yaml +++ b/kubernetes/sdnc/components/ueb-listener/values.yaml @@ -55,7 +55,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-ueb-listener-image:2.3.0 +image: onap/sdnc-ueb-listener-image:2.3.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/resources/config/conf/oauth-provider.config.json b/kubernetes/sdnc/resources/config/conf/oauth-provider.config.json index 8d3c106bb9..7f99ed9497 100644 --- a/kubernetes/sdnc/resources/config/conf/oauth-provider.config.json +++ b/kubernetes/sdnc/resources/config/conf/oauth-provider.config.json @@ -2,7 +2,7 @@ "tokenSecret": "${OAUTH_TOKEN_SECRET}", "tokenIssuer": {{ .Values.config.sdnr.oauth.tokenIssuer | quote }}, "publicUrl": {{ .Values.config.sdnr.oauth.publicUrl | quote }}, - "redirectUri": "{{ .Values.config.sdnr.oauth.redirectUri | quote | default "null" }}", + "redirectUri": "{{ .Values.config.sdnr.oauth.redirectUri | default "null" }}", "supportOdlUsers": "{{ .Values.config.sdnr.oauth.supportOdlUsers | default "true" }}", "providers": {{ .Values.config.sdnr.oauth.providers | toJson }} -}
\ No newline at end of file +} diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index d45e13eb01..9539d01068 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -210,7 +210,7 @@ certificates: # application images pullPolicy: Always -image: onap/sdnc-image:2.3.0 +image: onap/sdnc-image:2.3.2 # flag to enable debugging - application support required debugEnabled: false diff --git a/kubernetes/strimzi/templates/strimzi-kafka.yaml b/kubernetes/strimzi/templates/strimzi-kafka.yaml index 5f1e7303d9..4e8779d1d2 100644 --- a/kubernetes/strimzi/templates/strimzi-kafka.yaml +++ b/kubernetes/strimzi/templates/strimzi-kafka.yaml @@ -73,7 +73,6 @@ spec: inter.broker.protocol.version: "3.0" storage: type: jbod - class: {{ include "common.storageClass" (dict "dot" . "suffix" "kafka" "persistenceInfos" .Values.persistenceKafka) }} volumes: - id: 0 type: persistent-claim @@ -89,6 +88,10 @@ spec: replicas: {{ .Values.replicaCount }} config: ssl.hostnameVerification: false + ssl.quorum.hostnameVerification: false + {{- if (include "common.onServiceMesh" .) }} + sslQuorum: false + {{- end }} storage: type: persistent-claim size: {{ .Values.persistenceZk.size }} diff --git a/kubernetes/strimzi/values.yaml b/kubernetes/strimzi/values.yaml index 9e63c2c131..26b714a342 100644 --- a/kubernetes/strimzi/values.yaml +++ b/kubernetes/strimzi/values.yaml @@ -23,7 +23,7 @@ global: ################################################################# # Application configuration defaults. ################################################################# -replicaCount: 2 +replicaCount: 3 kafkaInternalPort: 9092 saslMechanism: scram-sha-512 version: 3.0.0 diff --git a/kubernetes/uui/components/uui-server/resources/entrypoint/run.sh b/kubernetes/uui/components/uui-server/resources/entrypoint/run.sh index f96dd74bd3..283d55b741 100644 --- a/kubernetes/uui/components/uui-server/resources/entrypoint/run.sh +++ b/kubernetes/uui/components/uui-server/resources/entrypoint/run.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh {{/* # # Copyright 2016-2017 ZTE Corporation. @@ -28,7 +28,7 @@ sleep 10 echo "usecase-ui database init script start..." dbScript="$main_path/resources/bin/initDB.sh" -source $dbScript 127.0.0.1 5432 postgres uui +$dbScript 127.0.0.1 5432 postgres uui echo "usecase-ui database init script finished normally..." JAVA_PATH="$JAVA_HOME/bin/java" @@ -40,4 +40,4 @@ jar_path="$main_path/usecase-ui-server.jar" echo @jar_path@ $jar_path echo "Starting usecase-ui-server..." -$JAVA_PATH $JAVA_OPTS -classpath $jar_path -jar $jar_path $SPRING_OPTS
\ No newline at end of file +$JAVA_PATH $JAVA_OPTS -classpath $jar_path -jar $jar_path $SPRING_OPTS diff --git a/kubernetes/vfc/components/vfc-generic-vnfm-driver/values.yaml b/kubernetes/vfc/components/vfc-generic-vnfm-driver/values.yaml index d92989dbcb..b1d1aa3ef3 100644 --- a/kubernetes/vfc/components/vfc-generic-vnfm-driver/values.yaml +++ b/kubernetes/vfc/components/vfc-generic-vnfm-driver/values.yaml @@ -26,7 +26,7 @@ global: # application image flavor: small -image: onap/vfc/gvnfmdriver:1.4.3 +image: onap/vfc/gvnfmdriver:1.4.4 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/components/vfc-nslcm/values.yaml b/kubernetes/vfc/components/vfc-nslcm/values.yaml index 21ff189046..5ffe4c122e 100644 --- a/kubernetes/vfc/components/vfc-nslcm/values.yaml +++ b/kubernetes/vfc/components/vfc-nslcm/values.yaml @@ -41,7 +41,7 @@ secrets: # application image flavor: small -image: onap/vfc/nslcm:1.4.4 +image: onap/vfc/nslcm:1.4.7 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/components/vfc-vnflcm/values.yaml b/kubernetes/vfc/components/vfc-vnflcm/values.yaml index e4ae447491..f29169268e 100644 --- a/kubernetes/vfc/components/vfc-vnflcm/values.yaml +++ b/kubernetes/vfc/components/vfc-vnflcm/values.yaml @@ -41,7 +41,7 @@ secrets: # application image flavor: small -image: onap/vfc/vnflcm:1.4.2 +image: onap/vfc/vnflcm:1.4.3 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/components/vfc-vnfres/values.yaml b/kubernetes/vfc/components/vfc-vnfres/values.yaml index 68d66a6558..8230144443 100644 --- a/kubernetes/vfc/components/vfc-vnfres/values.yaml +++ b/kubernetes/vfc/components/vfc-vnfres/values.yaml @@ -41,7 +41,7 @@ secrets: # application image flavor: small -image: onap/vfc/vnfres:1.4.0 +image: onap/vfc/vnfres:1.4.1 pullPolicy: Always #Istio sidecar injection policy |