| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
AAF SMS was hardcoding its certificates in the container.
This patch makes use of certInitializer in order to retrieve "fresh"
certificates.
In order to use certInitiliazer in a sub component, we had to move
charts to component and add the right requirements.
Issue-ID: AAF-1159
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I6ec55eddffd54dd56b03cea1a6f0b437f8bfa299
|
|
Update oof so callback credentials
Change-Id: I210c1fe8f89a486a740449b641f8ff94fd1d3a8e
Signed-off-by: vrvarma <vikas.varma@att.com>
Issue-ID: OPTFRA-756
|
|
Use common secret template and init container to fill config files for
job that preloads secrets to SMS.
Init container is prepared for temporary workaround required by the
OOF team to encrypt passwords before storing them in sms.
The only thing that has to be done is to instead of just assigning for
example:
export AAI_PASS=${AAI_PASS_PLAIN};
do
export AAI_PASS=`awesomeEncryptCommand ${AAI_PASS_PLAIN}`
Issue-ID: OPTFRA-720
Change-Id: I0ada7de0aa8710580ccf51cb9ab0822b81b4f46a
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
|
|
Cleaned up up configs, JDK11 fixes, Hello and Agent works, now a model for Apps
non-root fix
Issue-ID: AAF-1081, AAF-1102
Signed-off-by: Instrumental <jgonap@stl.gathman.org>
Signed-off-by: ChrisC <christophe.closset@intl.att.com>
Change-Id: I4947075029db8abd7d2072b6b82064af8e2daa3e
|
|
ONAP is too big to be deployed using helm install so we need to
use a custom helm plugin helm deploy. This script deloys onap
component by component instead of deploying evrything at
once. Unfortunately this script also modifies the helm release by
appending component name to it.
As a result of this behavior our objects are called for example:
onap-mariadb-galera-mariadb-galera-0
instead of just being called onap-mariadb-galera-0.
This patch simplifies this naming convention by replacing all direct
usages of .Release.Name with common.release macro which strips the
component specific part from the release name.
Issue-ID: OOM-2275
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ia8cead50d305adb00eef666d0a1ace74479b5183
|
|
OOM has now templates in order to create the needed PVC, using:
* a PV with a specific class when using a common nfs mount path between
nodes (sames as today use) --> is the default behavior today
* or a storage class if we want to use dynamic PV.
On this case, we use (in order of priority):
- persistence.storageClassOverride if set on the chart
- global.persistence.storageClass if set globally
- persistence.storageClass if set on the chart
I've also modified statefulset deployment so they can use their own PVC
instead of writing into a specific directory inside
I've also set to 'emptyDir' volumes when persistence is not enabled
(except for aaf-config-pvc and aaf-status-pvc, which means that AAF will
still not work when persistence is disabled).
Change-Id: I05f133f058ebd9678df9ac0b7ef32bb43689e94f
Issue-ID: OOM-1227
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
Issue-ID: AAF-902
Change-Id: I3a83eee98dfeb7fb9751019faf618897dbc9d34f
Signed-off-by: Instrumental <jonathan.gathman@att.com>
|
|
Issue-ID: AAF-383
Change-Id: I3e2591ca73c8ba559fd39aa1250471b15d1189d2
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Issue-ID: OOM-1563
Change-Id: I383dbec29291ba5b13d613f60d8eb343b9c59dda
Signed-off-by: dkamdocs <devesh.kumar@amdocs.com>
|
|
Add a preload job that loads secrets from config
files into secret management service after it comes up.
P1: Includes osdf.json which contains secrets for oof-osdf
P2: Add has.json for oof-has
Issue-ID: AAF-548
Change-Id: Ib03cf6771a445be8ab00621cf26ca0e902af4ab3
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
|
|
cleaning up merge conflict
implementing template
reducing overly large resource limits
adding limits to aaf-sms.
Issue-ID: OOM-1146
Change-Id: Idac679dc9be94ab92ea95c38f9f237af65307131
Signed-off-by: dsingh.278 <dsingh.278@gmail.com>
Signed-off-by: Mandeep Khinda <mandeep.khinda@amdocs.com>
|
|
Issue-ID: OOM-1145
Change-Id: I1510339a820802554b6e8b9a201619ef66be17a0
Signed-off-by: Mandeep Khinda <mandeep.khinda@amdocs.com>
|
|
Using an initContainer and to start SMS only after
vault and consul have already started. This prevents
restarts of the sms container.
Issue-ID: AAF-421
Change-Id: Ied3264711d5d931a1d18523eadcc84e188ededa5
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
|
|
SMS got a new SAN certificate and we are
using that in this deployment now.
Applications will now query on https://aaf-sms.onap
This should also fix the failing healthcheck
for SMS
-P3: Changing liveness and readiness probes to use
https instead of tcp which was throwing up TLS error
spam on the server
Issue-ID: AAF-284
Change-Id: I654eced0bb75c8b5c807c45773f308d824dfb571
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
|
|
SMS uses vault for its backend which needs
an unseal operation to proceed.
Quorumclient provides the unseal operation
via 3 replicas that store each unseal shard
and provide it during unseal.
Issue-ID: AAF-255
Change-Id: I62db7a450e1e81aa6bfb2cc5b9da29ce99efd24b
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
|
Sylvain Desbureaux
vrvarma
Krzysztof Opasiak
ChrisC
Instrumental
Pawel Wieczorek
dkamdocs
Kiran Kamineni
dsingh.278
Mandeep Khinda