diff options
Diffstat (limited to 'kubernetes')
34 files changed, 134 insertions, 544 deletions
diff --git a/kubernetes/aai/components/aai-babel/resources/config/application.properties b/kubernetes/aai/components/aai-babel/resources/config/application.properties index 8c7e91ab84..8f47bf084b 100644 --- a/kubernetes/aai/components/aai-babel/resources/config/application.properties +++ b/kubernetes/aai/components/aai-babel/resources/config/application.properties @@ -25,11 +25,11 @@ logging.config=${CONFIG_HOME}/logback.xml tosca.mappings.config=${CONFIG_HOME}/tosca-mappings.json spring.application.name=aai-babel -spring.sleuth.enabled={{ default .Values.global.tracing.enabled .Values.tracing.enabled }} -spring.zipkin.baseUrl={{ default .Values.global.tracing.collector.baseUrl .Values.tracing.collector.baseUrl }} +spring.sleuth.enabled={{ .Values.global.tracing.enabled }} +spring.zipkin.baseUrl={{ .Values.global.tracing.collector.baseUrl }} spring.sleuth.messaging.jms.enabled = false spring.sleuth.trace-id128=true -spring.sleuth.sampler.probability={{ default .Values.global.tracing.sampling.probability .Values.tracing.collector.baseUrl }} +spring.sleuth.sampler.probability={{ .Values.global.tracing.sampling.probability }} spring.sleuth.propagation.type=w3c, b3 spring.sleuth.supports-join=false diff --git a/kubernetes/aai/components/aai-babel/values.yaml b/kubernetes/aai/components/aai-babel/values.yaml index cfe70ffc76..7bd28b02b8 100644 --- a/kubernetes/aai/components/aai-babel/values.yaml +++ b/kubernetes/aai/components/aai-babel/values.yaml @@ -22,7 +22,7 @@ global: tracing: enabled: false collector: - baseUrl: http://jaeger-collector.istio-system:9411 + baseUrl: http://jaeger-collector.istio-config:9411 sampling: probability: 1.0 @@ -103,15 +103,6 @@ resources: memory: "1Gi" unlimited: {} -## -## Use this to override the global defaults -tracing: -# enabled: false - collector: {} -# baseUrl: http://jaeger-collector.istio-system:9411 - sampling: {} -# probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%) - # adds jvm args for remote debugging the application debug: enabled: false diff --git a/kubernetes/aai/components/aai-modelloader/resources/application.properties b/kubernetes/aai/components/aai-modelloader/resources/application.properties index f910af1cae..e2dc186c82 100644 --- a/kubernetes/aai/components/aai-modelloader/resources/application.properties +++ b/kubernetes/aai/components/aai-modelloader/resources/application.properties @@ -14,11 +14,11 @@ server.port=9500 spring.application.name=aai-model-loader -spring.sleuth.enabled={{ .Values.tracing.enabled }} -spring.zipkin.baseUrl={{ .Values.tracing.collector.baseUrl }} +spring.sleuth.enabled={{ .Values.global.tracing.enabled }} +spring.zipkin.baseUrl={{ .Values.global.tracing.collector.baseUrl }} spring.sleuth.messaging.jms.enabled=false spring.sleuth.trace-id128=true -spring.sleuth.sampler.probability={{ .Values.tracing.sampling.probability }} +spring.sleuth.sampler.probability={{ .Values.global.tracing.sampling.probability }} spring.sleuth.propagation.type=w3c,b3 spring.sleuth.supports-join=false spring.sleuth.web.skip-pattern={{ join "," .Values.tracing.ignorePatterns }} diff --git a/kubernetes/aai/components/aai-modelloader/values.yaml b/kubernetes/aai/components/aai-modelloader/values.yaml index eae505458e..08d635107b 100644 --- a/kubernetes/aai/components/aai-modelloader/values.yaml +++ b/kubernetes/aai/components/aai-modelloader/values.yaml @@ -19,6 +19,13 @@ # Declare variables to be passed into your templates. global: # global defaults nodePortPrefix: 302 + tracing: + enabled: false + collector: + baseUrl: http://jaeger-collector.istio-config:9411 + sampling: + probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%) + # application image image: onap/model-loader:1.14.2 @@ -108,12 +115,9 @@ resources: memory: "2Gi" unlimited: {} +# use this to define service specific overrides +# for the global.tracing.* config keys tracing: - enabled: false - collector: - baseUrl: http://jaeger-collector.istio-system:9411 - sampling: - probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%) ignorePatterns: - /aai/util.* diff --git a/kubernetes/aai/components/aai-resources/Chart.yaml b/kubernetes/aai/components/aai-resources/Chart.yaml index 44b54bc3d3..7e6c6b6bd7 100644 --- a/kubernetes/aai/components/aai-resources/Chart.yaml +++ b/kubernetes/aai/components/aai-resources/Chart.yaml @@ -18,7 +18,7 @@ apiVersion: v2 description: ONAP AAI resources name: aai-resources -version: 15.0.2 +version: 15.0.3 dependencies: - name: common diff --git a/kubernetes/aai/components/aai-resources/resources/config/application.properties b/kubernetes/aai/components/aai-resources/resources/config/application.properties index 6c34705e8a..daa4e7dfe4 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/application.properties +++ b/kubernetes/aai/components/aai-resources/resources/config/application.properties @@ -28,11 +28,10 @@ spring.jersey.type=filter spring.main.allow-bean-definition-overriding=true server.servlet.context-path=/ -spring.sleuth.enabled={{ .Values.tracing.enabled }} -spring.zipkin.baseUrl={{ .Values.tracing.collector.baseUrl }} -spring.sleuth.messaging.jms.enabled = false +spring.sleuth.enabled={{ .Values.global.tracing.enabled }} +spring.zipkin.baseUrl={{ .Values.global.tracing.collector.baseUrl }} spring.sleuth.trace-id128=true -spring.sleuth.sampler.probability={{ .Values.tracing.sampling.probability }} +spring.sleuth.sampler.probability={{ .Values.global.tracing.sampling.probability }} spring.sleuth.propagation.type=w3c, b3 spring.sleuth.supports-join=false spring.sleuth.web.skip-pattern={{ join "," .Values.tracing.ignorePatterns }} diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml index 625267b318..861d6dacbd 100644 --- a/kubernetes/aai/components/aai-resources/values.yaml +++ b/kubernetes/aai/components/aai-resources/values.yaml @@ -26,6 +26,12 @@ global: # global defaults #Service Name of the cassandra cluster to connect to. #Override it to aai-cassandra if localCluster is enabled. serviceName: cassandra + tracing: + enabled: false + collector: + baseUrl: http://jaeger-collector.istio-config:9411 + sampling: + probability: 1.0 # Specifies a list of jobs to be run jobs: @@ -318,11 +324,6 @@ resources: unlimited: {} tracing: - enabled: false - collector: - baseUrl: http://jaeger-collector.istio-system:9411 - sampling: - probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%) ignorePatterns: - /aai/util.* diff --git a/kubernetes/aai/components/aai-schema-service/config/application.properties b/kubernetes/aai/components/aai-schema-service/config/application.properties index fc7bd40892..098be2fc59 100644 --- a/kubernetes/aai/components/aai-schema-service/config/application.properties +++ b/kubernetes/aai/components/aai-schema-service/config/application.properties @@ -24,12 +24,17 @@ info.build.version=1.1.0 spring.application.name=aai-schema-service spring.jersey.type=filter spring.main.allow-bean-definition-overriding=true -spring.sleuth.enabled={{ .Values.tracing.enabled }} -spring.zipkin.baseUrl={{ .Values.tracing.collector.baseUrl }} + +spring.sleuth.enabled={{ .Values.global.tracing.enabled }} +spring.zipkin.baseUrl={{ .Values.global.tracing.collector.baseUrl }} spring.sleuth.trace-id128=true -spring.sleuth.sampler.probability={{ .Values.tracing.sampling.probability }} +spring.sleuth.sampler.probability={{ .Values.global.tracing.sampling.probability }} spring.sleuth.propagation.type=w3c, b3 spring.sleuth.supports-join=false +{{- if and .Values.tracing .Values.tracing.ignorePatterns }} +spring.sleuth.web.skip-pattern={{ join "," .Values.tracing.ignorePatterns }} +{{- end }} + server.servlet.context-path=/ spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml index f1227835b6..f47c9a5e8e 100644 --- a/kubernetes/aai/components/aai-schema-service/values.yaml +++ b/kubernetes/aai/components/aai-schema-service/values.yaml @@ -19,6 +19,12 @@ # Declare variables to be passed into your templates. global: # global defaults nodePortPrefix: 302 + tracing: + enabled: false + collector: + baseUrl: http://jaeger-collector.istio-config:9411 + sampling: + probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%) # Common configuration for resources traversal and graphadmin config: @@ -188,6 +194,6 @@ podAnnotations: tracing: enabled: false collector: - baseUrl: http://jaeger-collector.istio-system:9411 + baseUrl: http://jaeger-collector.istio-config:9411 sampling: probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%) diff --git a/kubernetes/aai/components/aai-traversal/Chart.yaml b/kubernetes/aai/components/aai-traversal/Chart.yaml index d23237577d..03c27cb6bb 100644 --- a/kubernetes/aai/components/aai-traversal/Chart.yaml +++ b/kubernetes/aai/components/aai-traversal/Chart.yaml @@ -17,7 +17,7 @@ apiVersion: v2 description: ONAP AAI traversal name: aai-traversal -version: 15.0.2 +version: 15.0.3 dependencies: - name: common diff --git a/kubernetes/aai/components/aai-traversal/resources/config/application.properties b/kubernetes/aai/components/aai-traversal/resources/config/application.properties index f6fad88c19..027c9cd215 100644 --- a/kubernetes/aai/components/aai-traversal/resources/config/application.properties +++ b/kubernetes/aai/components/aai-traversal/resources/config/application.properties @@ -32,11 +32,10 @@ spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSou spring.profiles.active={{ .Values.global.config.profiles.active }} spring.jersey.application-path=/ -spring.sleuth.enabled={{ .Values.tracing.enabled }} -spring.zipkin.baseUrl={{ .Values.tracing.collector.baseUrl }} -spring.sleuth.messaging.jms.enabled = false +spring.sleuth.enabled={{ .Values.global.tracing.enabled }} +spring.zipkin.baseUrl={{ .Values.global.tracing.collector.baseUrl }} spring.sleuth.trace-id128=true -spring.sleuth.sampler.probability={{ .Values.tracing.sampling.probability }} +spring.sleuth.sampler.probability={{ .Values.global.tracing.sampling.probability }} spring.sleuth.propagation.type=w3c, b3 spring.sleuth.supports-join=false spring.sleuth.web.skip-pattern={{ join "," .Values.tracing.ignorePatterns }} diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml index 81f8e668c1..302d08e04c 100644 --- a/kubernetes/aai/components/aai-traversal/values.yaml +++ b/kubernetes/aai/components/aai-traversal/values.yaml @@ -28,6 +28,13 @@ global: # global defaults serviceName: cassandra # Cassandra datacenter name localDataCenter: dc1 + tracing: + enabled: false + collector: + baseUrl: http://jaeger-collector.istio-config:9411 + sampling: + probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%) + # Specifies a list of jobs to be run jobs: # When enabled, it will create the schema based on oxm and edge rules @@ -340,11 +347,6 @@ autoscaling: targetCPUUtilizationPercentage: 80 tracing: - enabled: false - collector: - baseUrl: http://jaeger-collector.istio-system:9411 - sampling: - probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%) ignorePatterns: - /aai/util.* diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index f2363b7915..a66554232f 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -34,6 +34,13 @@ global: # global defaults centralizedLoggingEnabled: false + tracing: + enabled: false + collector: + baseUrl: http://jaeger-collector.istio-config:9411 + sampling: + probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%) + cassandra: #This will instantiate AAI cassandra cluster, default:shared cassandra. localCluster: false diff --git a/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties b/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties index 004a9909ab..248e5bf4ec 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties +++ b/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties @@ -197,12 +197,13 @@ blueprintprocessor.k8s.plugin.url=http://multicloud-k8s:9015/ blueprintsprocessor.workflow.self-service-api.audit.storeEnable={{ .Values.workflow.storeEnabled }} #Tracing -spring.zipkin.baseUrl={{ .Values.tracing.collector.baseUrl }} +spring.sleuth.enabled={{ .Values.global.tracing.enabled }} +spring.zipkin.baseUrl={{ .Values.global.tracing.collector.baseUrl }} spring.zipkin.checkTimeout=5000 spring.zipkin.service.name={{ include "common.name" . }} spring.sleuth.messaging.jms.enabled=false spring.sleuth.trace-id128=true -spring.sleuth.sampler.probability={{ .Values.tracing.sampling.probability }} +spring.sleuth.sampler.probability={{ .Values.global.tracing.sampling.probability }} spring.sleuth.propagation.type=w3c, b3 spring.sleuth.supports-join=false spring.sleuth.web.skip-pattern={{ join "," .Values.tracing.ignorePatterns }} diff --git a/kubernetes/cds/components/cds-blueprints-processor/values.yaml b/kubernetes/cds/components/cds-blueprints-processor/values.yaml index 469e40f4bd..549a44f986 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/values.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/values.yaml @@ -36,6 +36,12 @@ global: # This configuration specifies Service and port for SDNC OAM interface sdncOamService: sdnc-oam sdncOamPort: 8282 + tracing: + enabled: false + collector: + baseUrl: http://jaeger-collector.istio-config:9411 + sampling: + probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%) # This concerns CDS/AAI communication through HTTP when TLS is not being needed # Port value should match the one in aai/values.yml : service.externalPlainPort aaiData: @@ -244,9 +250,5 @@ workflow: storeEnabled: false tracing: - collector: - baseUrl: http://jaeger-collector.istio-system:9411 - sampling: - probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%) ignorePatterns: - .*/execution-service/health-check diff --git a/kubernetes/cds/components/cds-sdc-listener/values.yaml b/kubernetes/cds/components/cds-sdc-listener/values.yaml index 4658b578bf..b270dc61bc 100644 --- a/kubernetes/cds/components/cds-sdc-listener/values.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/values.yaml @@ -97,7 +97,7 @@ flavor: small resources: small: limits: - cpu: "1" + cpu: "1500m" memory: "700Mi" requests: cpu: "0.5" diff --git a/kubernetes/cds/values.yaml b/kubernetes/cds/values.yaml index ced4f1d930..ac17183331 100644 --- a/kubernetes/cds/values.yaml +++ b/kubernetes/cds/values.yaml @@ -36,6 +36,12 @@ global: nameOverride: mariadb-galera # (optional) if localCluster=false and an external secret is used set this variable #userRootSecret: <secretName> + tracing: + enabled: false + collector: + baseUrl: http://jaeger-collector.istio-config:9411 + sampling: + probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%) ################################################################# diff --git a/kubernetes/cps/components/cps-temporal/values.yaml b/kubernetes/cps/components/cps-temporal/values.yaml index 56e229a0cd..97ffb3342f 100644 --- a/kubernetes/cps/components/cps-temporal/values.yaml +++ b/kubernetes/cps/components/cps-temporal/values.yaml @@ -83,7 +83,7 @@ replicaCount: 1 resources: small: limits: - cpu: "2" + cpu: "3" memory: "2Gi" requests: cpu: "1" diff --git a/kubernetes/multicloud/components/multicloud-k8s/values.yaml b/kubernetes/multicloud/components/multicloud-k8s/values.yaml index f22dfa7644..5109244cc1 100644 --- a/kubernetes/multicloud/components/multicloud-k8s/values.yaml +++ b/kubernetes/multicloud/components/multicloud-k8s/values.yaml @@ -174,14 +174,14 @@ flavor: large resources: small: limits: - cpu: "200m" + cpu: "400m" memory: "500Mi" requests: cpu: "10m" memory: "10Mi" large: limits: - cpu: "400m" + cpu: "600m" memory: "1Gi" requests: cpu: "10m" diff --git a/kubernetes/policy/Chart.yaml b/kubernetes/policy/Chart.yaml index 52e3bf302a..f7e1e50ff0 100644 --- a/kubernetes/policy/Chart.yaml +++ b/kubernetes/policy/Chart.yaml @@ -50,7 +50,7 @@ dependencies: repository: 'file://components/policy-drools-pdp' condition: policy-drools-pdp.enabled - name: policy-opa-pdp - version: ~15.x-0 + version: ~16.x-0 repository: 'file://components/policy-opa-pdp' condition: policy-opa-pdp.enabled - name: policy-distribution diff --git a/kubernetes/policy/components/policy-opa-pdp/Chart.yaml b/kubernetes/policy/components/policy-opa-pdp/Chart.yaml index 6416e5016e..78a804a75c 100644 --- a/kubernetes/policy/components/policy-opa-pdp/Chart.yaml +++ b/kubernetes/policy/components/policy-opa-pdp/Chart.yaml @@ -19,7 +19,7 @@ apiVersion: v2 description: ONAP Policy OPA PDP (PDP-O) name: policy-opa-pdp -version: 15.0.0 +version: 16.0.0 dependencies: - name: common @@ -31,3 +31,6 @@ dependencies: - name: serviceAccount version: ~13.x-0 repository: '@local' + - name: readinessCheck + version: ~13.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-opa-pdp/resources/config/config.json b/kubernetes/policy/components/policy-opa-pdp/resources/config/config.json index e978b84186..bb18a3bacc 100755 --- a/kubernetes/policy/components/policy-opa-pdp/resources/config/config.json +++ b/kubernetes/policy/components/policy-opa-pdp/resources/config/config.json @@ -21,22 +21,6 @@ "logging": { "level": "debug" }, - "services": [ - { - "name": "opa-bundle-server", - "url": "http://policy-opa-pdp:8282/opa/bundles" - } - ], - "bundles": { - "opabundle": { - "service": "opa-bundle-server", - "resource": "bundle.tar.gz", - "polling": { - "min_delay_seconds": 60, - "max_delay_seconds": 120 - } - } - }, "decision_logs": { "console": true } diff --git a/kubernetes/policy/components/policy-opa-pdp/resources/policies/policy-data.tar.gz b/kubernetes/policy/components/policy-opa-pdp/resources/policies/policy-data.tar.gz Binary files differdeleted file mode 100644 index fa841c0191..0000000000 --- a/kubernetes/policy/components/policy-opa-pdp/resources/policies/policy-data.tar.gz +++ /dev/null diff --git a/kubernetes/policy/components/policy-opa-pdp/templates/configmap.yaml b/kubernetes/policy/components/policy-opa-pdp/templates/configmap.yaml index cc08af6937..4a3f85ead7 100755 --- a/kubernetes/policy/components/policy-opa-pdp/templates/configmap.yaml +++ b/kubernetes/policy/components/policy-opa-pdp/templates/configmap.yaml @@ -27,16 +27,3 @@ metadata: data: {{ tpl (.Files.Glob "resources/config/*.{sql,json,properties,xml}").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-configmap-policies-data - namespace: {{ include "common.namespace" . }} - labels: {{- include "common.labels" . | nindent 4 }} -{{- with .Files.Glob "resources/policies/*" }} -binaryData: -{{- range $path, $bytes := . }} - {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} -{{- end }} -{{- end }} diff --git a/kubernetes/policy/components/policy-opa-pdp/templates/deployment.yaml b/kubernetes/policy/components/policy-opa-pdp/templates/deployment.yaml index 6c25bac01c..744562d261 100755 --- a/kubernetes/policy/components/policy-opa-pdp/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-opa-pdp/templates/deployment.yaml @@ -29,29 +29,7 @@ spec: spec: {{ include "common.podSecurityContext" . | indent 6 | trim }} initContainers: - - command: - - /bin/sh - args: - - -c - - | - echo "*** set right permissions to the different folders" - chown -R {{ .Values.permissions.uid }}:{{ .Values.permissions.gid }} /var/log; - chmod -R 755 /var/log - chown -R {{ .Values.permissions.uid }}:{{ .Values.permissions.gid }} /opt/; - chmod -R 755 /opt/* - tar -xvf /tmp/policies/policy-data.tar.gz -C /opt/ - image: {{ include "repositoryGenerator.image.busybox" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - {{ include "common.containerSecurityContext" . | indent 8 | trim }} - name: {{ include "common.name" . }}-readiness - volumeMounts: - - name: logs - mountPath: /var/log - - name: tmp-policies-data - mountPath: /tmp/policies - - name : opa-policies-data - mountPath: /opt/ - + {{ include "common.readinessCheck.waitFor" . | nindent 8 }} containers: - name: {{ include "common.name" . }} {{ include "common.containerSecurityContext" . | indent 10 | trim }} @@ -65,8 +43,12 @@ spec: value: "{{ .Values.kafka.useSASL }}" - name: KAFKA_URL value: {{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }} + - name: POD_UID + valueFrom: + fieldRef: + fieldPath: metadata.uid - name: GROUPID - value: "{{ .Values.kafka.groupid }}" + value: "{{ .Values.groupIdPrefix }}-$(POD_UID)" - name: LOG_LEVEL value: "{{ .Values.log.loglevel }}" - name: PAP_TOPIC @@ -97,9 +79,6 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: - - - name: opa-policies-data - mountPath: /opt - name: opa-config mountPath: /app/config - name: opa-bundles @@ -117,13 +96,6 @@ spec: {{- end }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - - name: tmp-policies-data - configMap: - name: {{ include "common.fullname" . }}-configmap-policies-data - defaultMode: 0755 - - name: opa-policies-data - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-policies-data - name: opa-config configMap: name: {{ include "common.fullname" . }}-configmap-config diff --git a/kubernetes/policy/components/policy-opa-pdp/templates/pvc.yaml b/kubernetes/policy/components/policy-opa-pdp/templates/pvc.yaml deleted file mode 100755 index 5a1e9e3450..0000000000 --- a/kubernetes/policy/components/policy-opa-pdp/templates/pvc.yaml +++ /dev/null @@ -1,38 +0,0 @@ -{{/* -# ============LICENSE_START======================================================= -# Copyright (C) 2025 Deutsche Telekom Intellectual Property. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 -# ============LICENSE_END========================================================= -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ include "common.fullname" . }}-policies-data - namespace: {{ include "common.namespace" . }} - labels: {{- include "common.labels" . | nindent 4 }} -spec: - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.logsSize }} - storageClassName: {{ include "common.storageClass" . }} - volumeMode: Filesystem - -{{- end }} diff --git a/kubernetes/policy/components/policy-opa-pdp/values.yaml b/kubernetes/policy/components/policy-opa-pdp/values.yaml index 20c7e513bc..b7a5944ea4 100644 --- a/kubernetes/policy/components/policy-opa-pdp/values.yaml +++ b/kubernetes/policy/components/policy-opa-pdp/values.yaml @@ -43,7 +43,8 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-opa-pdp:1.0.0 +image: onap/policy-opa-pdp:1.0.4 + pullPolicy: Always componentName: &componentName policy-opa-pdp @@ -79,20 +80,19 @@ config: policyPdpPapTopic: policy-pdp-pap securityContext: - user_id: 0 - group_id : 0 - runAsNonRoot: false + fsGroup: 1000 + user_id: 1000 + group_id : 1000 + runAsNonRoot: true + runAsUser: 1000 containerSecurityContext: - enabled: true - privileged: false - allowPrivilegeEscalation: true + runAsGroup: 1000 + runAsUser: 1000 + runAsNonRoot: true readOnlyRootFilesystem: false - runAsNonRoot: false - runAsUser: 0 - runAsGroup: 0 - + allowPrivilegeEscalation: true kafka: groupid: "policy-opa-pdp" @@ -133,6 +133,11 @@ readiness: initialDelaySeconds: 20 periodSeconds: 10 +readinessCheck: + wait_for: + services: + - 'policy-pap' + service: type: ClusterIP name: *componentName @@ -198,6 +203,7 @@ dirSizes: bundleDir: sizeLimit: 5Gi +groupIdPrefix: opa-pdp #Pods Service Account serviceAccount: @@ -244,8 +250,9 @@ config: kafkaUser: authenticationType: scram-sha-512 acls: - - name: policy-opa-pdp + - name: opa-pdp type: group + patternType: prefix operations: [ Create, Describe, Read, Write ] - name: policy-pdp-pap type: topic diff --git a/kubernetes/portal-ng/components/portal-ng-preferences/values.yaml b/kubernetes/portal-ng/components/portal-ng-preferences/values.yaml index fd2180b36f..dff4775ee2 100644 --- a/kubernetes/portal-ng/components/portal-ng-preferences/values.yaml +++ b/kubernetes/portal-ng/components/portal-ng-preferences/values.yaml @@ -35,7 +35,7 @@ service: resources: small: limits: - cpu: "500m" + cpu: "1" memory: "512Mi" requests: cpu: "100m" diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml index c4e6945a8b..2b10d1b9ef 100644 --- a/kubernetes/sdc/components/sdc-cs/values.yaml +++ b/kubernetes/sdc/components/sdc-cs/values.yaml @@ -150,15 +150,15 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 60 - periodSeconds: 10 + initialDelaySeconds: 120 + periodSeconds: 120 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: initialDelaySeconds: 120 - periodSeconds: 10 + periodSeconds: 60 service: type: ClusterIP diff --git a/kubernetes/sdc/components/sdc-helm-validator/templates/deployment.yaml b/kubernetes/sdc/components/sdc-helm-validator/templates/deployment.yaml index ef006d8071..894bfd60f7 100644 --- a/kubernetes/sdc/components/sdc-helm-validator/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-helm-validator/templates/deployment.yaml @@ -37,6 +37,12 @@ spec: env: - name: LOG_LEVEL value: {{ .Values.config.loggingLevel }} + - name: TRACING_ENABLED + value: {{ .Values.global.tracing.enabled | quote }} + - name: COLLECTOR_URL + value: {{ .Values.global.tracing.collector.baseUrl }} + - name: TRACING_SAMPLING_PROBABILITY + value: {{ .Values.global.tracing.sampling.probability | quote }} livenessProbe: httpGet: path: {{ .Values.liveness.path }} diff --git a/kubernetes/sdc/components/sdc-helm-validator/values.yaml b/kubernetes/sdc/components/sdc-helm-validator/values.yaml index 7d3883cd91..b96e3c1544 100644 --- a/kubernetes/sdc/components/sdc-helm-validator/values.yaml +++ b/kubernetes/sdc/components/sdc-helm-validator/values.yaml @@ -18,8 +18,14 @@ # Global values global: pullPolicy: Always + tracing: + enabled: false + collector: + baseUrl: http://jaeger-collector.istio-config:9411 + sampling: + probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%) -image: onap/sdc-helm-validator:1.3.1 +image: onap/sdc-helm-validator:1.3.2 containerPort: &svc_port 8080 config: diff --git a/kubernetes/sdc/values.yaml b/kubernetes/sdc/values.yaml index 88cd12654a..23324186a1 100644 --- a/kubernetes/sdc/values.yaml +++ b/kubernetes/sdc/values.yaml @@ -65,6 +65,12 @@ global: topics: sdcDistNotifTopic: ¬if-topic-name SDC-DISTR-NOTIF-TOPIC sdcDistStatusTopic: &status-topic-name SDC-DISTR-STATUS-TOPIC + tracing: + enabled: false + collector: + baseUrl: http://jaeger-collector.istio-config:9411 + sampling: + probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%) # Environment file env: @@ -124,4 +130,3 @@ cassandra: socket_read_timeout: 20000 socket_connect_timeout: 20000 janusgraph_connection_timeout: 10000 - diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index 8742059f85..3aeec82344 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -47,7 +47,6 @@ global: dbUser: root dbPassword: secretpassword # dbCredsExternalSecret: some secret - msbEnabled: true app: siteName: onapheat auth: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456 @@ -183,370 +182,6 @@ service: - name: http port: *containerPort nodePort: '77' - annotations: - msb.onap.org/service-info: | - {{ if .Values.global.msbEnabled -}}[ - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/cloudResources/{version:[vV][1]}/operationalEnvironments", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/cloudResources/{version:[vV][1]}/operationalEnvironments/{operationalEnvironmentId}/activate", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/cloudResources/{version:[vV][1]}/operationalEnvironments/{operationalEnvironmentId}/deactivate", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/cloudResourcesRequests/{version:[vV][1]}/{requestId}/unlock", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/cloudResourcesRequests/{version:[vV][1]}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/orchestrationRequests/{version:[vV][4-7]}/{requestId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/orchestrationRequests/{version:[vV][4-7]}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/orchestrationRequests/{version:[vV][4-7]}/{requestId}/unlock", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/activate", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/deactivate", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][7]}/serviceInstances/assign", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][7]}/serviceInstances/{serviceInstanceId}/unassign", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/enablePort", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/disablePort", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/activate", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/deactivate", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/addRelationships", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/removeRelationships", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/replace", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/applyUpdatedConfig", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}/replace", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/inPlaceSoftwareUpdate", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}/deactivateAndCloudDelete", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/scaleOut", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/volumeGroups", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/volumeGroups/{volumeGroupInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/volumeGroups/{volumeGroupInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/networks", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/networks/{networkInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - }, - { - "serviceName": "so", - "version": "v1", - "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/networks/{networkInstanceId}", - "protocol": "REST", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"0", - "lb_policy":"ip_hash" - } - ]{{ end }} updateStrategy: type: RollingUpdate @@ -565,7 +200,7 @@ flavor: small resources: small: limits: - cpu: "1" + cpu: "1500m" memory: "4Gi" requests: cpu: "0.5" diff --git a/kubernetes/uui/components/uui-server/values.yaml b/kubernetes/uui/components/uui-server/values.yaml index 182dcfeea7..4ea0030920 100644 --- a/kubernetes/uui/components/uui-server/values.yaml +++ b/kubernetes/uui/components/uui-server/values.yaml @@ -22,7 +22,7 @@ global: tracing: collector: - baseUrl: http://jaeger-collector.istio-system:9411 + baseUrl: http://jaeger-collector.istio-config:9411 sampling: probability: 1.0 @@ -130,7 +130,7 @@ ingress: tracing: # enabled: false collector: {} -# baseUrl: http://jaeger-collector.istio-system:9411 +# baseUrl: http://jaeger-collector.istio-config:9411 sampling: {} # probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%) |