summaryrefslogtreecommitdiffstats
path: root/kubernetes/aaf/charts/aaf-sms
AgeCommit message (Collapse)AuthorFilesLines
2020-06-11[AAF SMS] Use certInitializer for certificatesSylvain Desbureaux23-1539/+0
AAF SMS was hardcoding its certificates in the container. This patch makes use of certInitializer in order to retrieve "fresh" certificates. In order to use certInitiliazer in a sub component, we had to move charts to component and add the right requirements. Issue-ID: AAF-1159 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I6ec55eddffd54dd56b03cea1a6f0b437f8bfa299 (cherry picked from commit 0de302ad6212185c842ce7232319e19d994dd520)
2020-05-25Merge "Fix policy api credentials for oof in oom" into frankfurtKrzysztof Opasiak1-4/+4
2020-05-20Fix policy api credentials for oof in oomvrvarma1-4/+4
Change-Id: I1be525c47862697aa26d757675a2933896e4e487 Signed-off-by: vrvarma <vikas.varma@att.com> Issue-ID: OPTFRA-750 (cherry picked from commit 7344c288f326851595ecd2971e91ea912a1853de)
2020-05-20Update oof so callback credentialsvrvarma3-2/+17
Update oof so callback credentials Change-Id: I210c1fe8f89a486a740449b641f8ff94fd1d3a8e Signed-off-by: vrvarma <vikas.varma@att.com> Issue-ID: OPTFRA-756 (cherry picked from commit 26dbd2bb64f6489259fc46174d39cd67b3397cc4)
2020-04-16[AAF] Use common secret in sms preloadKrzysztof Opasiak5-30/+273
Use common secret template and init container to fill config files for job that preloads secrets to SMS. Init container is prepared for temporary workaround required by the OOF team to encrypt passwords before storing them in sms. The only thing that has to be done is to instead of just assigning for example: export AAI_PASS=${AAI_PASS_PLAIN}; do export AAI_PASS=`awesomeEncryptCommand ${AAI_PASS_PLAIN}` Issue-ID: OPTFRA-720 Change-Id: I0ada7de0aa8710580ccf51cb9ab0822b81b4f46a Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-04-07AAF OOM 2.1.20ChrisC6-30/+74
Cleaned up up configs, JDK11 fixes, Hello and Agent works, now a model for Apps non-root fix Issue-ID: AAF-1081, AAF-1102 Signed-off-by: Instrumental <jgonap@stl.gathman.org> Signed-off-by: ChrisC <christophe.closset@intl.att.com> Change-Id: I4947075029db8abd7d2072b6b82064af8e2daa3e
2020-04-02Bump chart versionSylvain Desbureaux3-3/+3
Use 6.0.0 in preparation for Frankfurt release Issue-ID: OOM-2320 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I8ad82dfdf48b56c38c0e85d640b18cc13c8d9e67
2020-03-04[AAF] more memory for SMSSylvain Desbureaux1-2/+2
SMS requests/limits were set too low and thus it prevents start when on small flavors Issue-ID: AAF-1105 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ib591c972ceaa4186dd16ca5cebd86b58c0288718
2020-02-13[AAF] Loosen the limits for some AAF ComponentsSylvain Desbureaux1-2/+2
aaf-locate anf aaf-cm limits may have been a bit too stringent. giving some space to these components Issue-ID: OOM-2230 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Id295f3e42bd7220144e5990322e9e6043e087e0e
2020-02-01[ONAP-wide] Replace .Release.Name with common.releaseKrzysztof Opasiak13-26/+26
ONAP is too big to be deployed using helm install so we need to use a custom helm plugin helm deploy. This script deloys onap component by component instead of deploying evrything at once. Unfortunately this script also modifies the helm release by appending component name to it. As a result of this behavior our objects are called for example: onap-mariadb-galera-mariadb-galera-0 instead of just being called onap-mariadb-galera-0. This patch simplifies this naming convention by replacing all direct usages of .Release.Name with common.release macro which strips the component specific part from the release name. Issue-ID: OOM-2275 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ia8cead50d305adb00eef666d0a1ace74479b5183
2019-12-11Merge "[AAF] Use global storage templates for PVC"Borislav Glozman9-144/+94
2019-12-05[AAF] Use global storage templates for PVCSylvain Desbureaux9-144/+94
OOM has now templates in order to create the needed PVC, using: * a PV with a specific class when using a common nfs mount path between nodes (sames as today use) --> is the default behavior today * or a storage class if we want to use dynamic PV. On this case, we use (in order of priority): - persistence.storageClassOverride if set on the chart - global.persistence.storageClass if set globally - persistence.storageClass if set on the chart I've also modified statefulset deployment so they can use their own PVC instead of writing into a specific directory inside I've also set to 'emptyDir' volumes when persistence is not enabled (except for aaf-config-pvc and aaf-status-pvc, which means that AAF will still not work when persistence is disabled). Change-Id: I05f133f058ebd9678df9ac0b7ef32bb43689e94f Issue-ID: OOM-1227 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2019-12-01[AAF] No resources limits on PODsSylvain Desbureaux3-8/+8
There were no resource limits on POD. Setting them. Change-Id: I1b57c3f1cd1b1dc71bbad4f7c307b1658d6e23e5 Issue-ID: OOM-2230 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2019-08-06AAF 2.1.15 DockersInstrumental2-2/+2
Issue-ID: AAF-902 Change-Id: I3a83eee98dfeb7fb9751019faf618897dbc9d34f Signed-off-by: Instrumental <jonathan.gathman@att.com>
2019-07-14Use nodePortPrefix variable in AAF (aaf-sms) chartsPawel Wieczorek2-2/+2
Issue-ID: AAF-383 Change-Id: I3e2591ca73c8ba559fd39aa1250471b15d1189d2 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-11Moving Helm Chart version for El AltoMike Elliott3-3/+3
Updating all helm chart versions to 5.0.0 for the El Alto release. Merge will be co-ordinated with the merge of a separate aai/oom patch. Please do not merge until this coordination has completed. Issue-ID: OOM-1980 Signed-off-by: Mike Elliott <mike.elliott@amdocs.com> Change-Id: I31daaebeacea33565f13affd2fa28fb15fe948ba
2019-06-03Updated certificates for SMSKiran Kamineni1-1/+1
SMS healthcheck breaks because of expired certificates This patch fixes that issue. Issue-ID: AAF-845 Change-Id: I2004e29e3271a829989e1f46ebcd7e07e1b6185a Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
2019-05-08SMS and SSHSH (AAF PTL) Release VersionInstrumental2-2/+2
Issue-ID: AAF-826 Change-Id: Ia8c23170ccaaa52c528d89417d95ddb3478ab00d Signed-off-by: Instrumental <jonathan.gathman@att.com>
2019-05-03AAF to Release version 2.1.13Gathman, Jonathan (jg1555)2-2/+2
Also upped SMS/SSHSM versions Issue-ID: AAF-823 Change-Id: I27de5079cd678d0206238873b81cb55b5612a67a Signed-off-by: Gathman, Jonathan (jg1555) <jg1555@us.att.com>
2019-05-01Apply Cert changesInstrumental1-1/+1
Issue-ID: AAF-822 Change-Id: I3185d827f3f67cb177534f7c7f3281375b77c613 Signed-off-by: Instrumental <jonathan.gathman@att.com>
2019-03-20Remove nodeport for aaf-smsKiran Kamineni1-2/+2
Nodeport exposes aaf-sms outside the cluster which is a security risk without the proper authentication systems in place. We will add external access if needed in the future. Issue-ID: OOM-1739 Change-Id: Ibefbd1c5656262131f00a2e53dbf5804f2ead084 Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
2019-02-10Update Chart version for Dublin ReleaseMike Elliott3-3/+3
All charts are being bumped from 3.0.0 to 4.0.0 for the Dublin release. In addition the requirement.yaml files have been updated to allow for chart versions that include timestamp suffix. A following on patch will take care of changes to the OOM Makefiles to support injection of the timestamp versions. Change-Id: Ie03d86fad2027e975e8b9106e3a828e4335037cb Issue-ID: OOM-1642 Signed-off-by: Mike Elliott <mike.elliott@amdocs.com>
2019-01-17Merge "global image pull issue Issue-ID: OOM-1563"Borislav Glozman3-3/+3
2018-12-21global image pull issuedkamdocs3-3/+3
Issue-ID: OOM-1563 Change-Id: I383dbec29291ba5b13d613f60d8eb343b9c59dda Signed-off-by: dkamdocs <devesh.kumar@amdocs.com>
2018-12-19Reconfigure nodeport usageKiran Kamineni1-2/+2
Removed the nodeport usage for sms-db Converted all multicloud-prometheus charts to use ClusterIP for now. We can allocate nodeports for them later on when the services are requested by other services in multicloud. Also, disabled the multicloud-prometheus charts from starting up by default. Change once dependent charts or services are added. Issue-ID: OOM-1555 Change-Id: I2dddc54015844de3abbbf786f95b8bb6eba92d86 Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
2018-10-31add OOF-HAS AAF integrationsandovalfr1-0/+8
Issue-ID: OPTFRA-331 Change-Id: I4811511424c42aec0dc98d2dcdf3cce3cc2bd218 Signed-off-by: sandovalfrOAM <frank_sandoval@oamtechnologies.com> Signed-off-by: Frank Sandoval <frank.sandoval@oamtechnologies.com>
2018-10-30Update sms version to 3.0.1Kiran Kamineni2-4/+4
Update SMS version to 3.0.1 to reflect latest image Issue-ID: AAF-390 Change-Id: Ie4b6c45bf2dc3e8352810809b2c88523240b6d43 Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
2018-10-26OOF HAS Helm chart updatesDileep Ranganathan1-2/+2
Helm charts updated for HAS with MUSIC v3. Sync conductor.conf, added dependent containers for AAF. Read config from values.yaml. Disabled AAF authentication. Updated resources for OSDF and HAS charts. Removed hardcoded values for namespace Change-Id: I683cd0b8c86a6cc9a4b4c4793051878e0d0e5b2f Issue-ID: OPTFRA-363 Signed-off-by: Dileep Ranganathan <dileep.ranganathan@intel.com> Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
2018-10-18Sync docker tags with release manifestGary Wu2-2/+2
Sync docker tags with the release manifest. It is assumed that the release manifest is the "single source of truth" and that the versions in the helm charts are out of date. Change-Id: I2902e60b25f57409dd616780a626e63c92d26769 Issue-ID: INT-663 Signed-off-by: Gary Wu <gary.i.wu@huawei.com>
2018-10-09Add sms preload job that preloads secretsKiran Kamineni4-0/+241
Add a preload job that loads secrets from config files into secret management service after it comes up. P1: Includes osdf.json which contains secrets for oof-osdf P2: Add has.json for oof-has Issue-ID: AAF-548 Change-Id: Ib03cf6771a445be8ab00621cf26ca0e902af4ab3 Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
2018-10-02commiting resource limit for onap-aaf componentdsingh.2786-60/+64
cleaning up merge conflict implementing template reducing overly large resource limits adding limits to aaf-sms. Issue-ID: OOM-1146 Change-Id: Idac679dc9be94ab92ea95c38f9f237af65307131 Signed-off-by: dsingh.278 <dsingh.278@gmail.com> Signed-off-by: Mandeep Khinda <mandeep.khinda@amdocs.com>
2018-09-25Updating charts to use common resource templateMandeep Khinda2-2/+2
Issue-ID: OOM-1145 Change-Id: I1510339a820802554b6e8b9a201619ef66be17a0 Signed-off-by: Mandeep Khinda <mandeep.khinda@amdocs.com>
2018-09-24Update Chart versions to 3.0Mike Elliott3-3/+3
All Chart versions and requirement dependencies have been updated to 3.0 for Casablanca release. Change-Id: Iea57e5da09ea8a8bac0a415b9a6196151cbea10b Issue-ID: OOM-1354 Signed-off-by: Mike Elliott <mike.elliott@amdocs.com>
2018-09-19Sync values from docker-manifest-staging fileAlexis de Talhouët2-2/+2
Change-Id: Ic8f11dc20c425aab144fe28a5e761552eb7b025b Issue-ID: OOM-1422 Signed-off-by: Alexis de Talhouët <adetalhouet89@gmail.com>
2018-08-14Add readiness step for deploymentKiran Kamineni3-3/+20
Using an initContainer and to start SMS only after vault and consul have already started. This prevents restarts of the sms container. Issue-ID: AAF-421 Change-Id: Ied3264711d5d931a1d18523eadcc84e188ededa5 Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
2018-06-06Sync docker image versions from manifestGary Wu2-2/+2
Sync docker image versions from docker manifest commit b075c2738d81c258f2157eb329241b00e27938ec Change-Id: I3aab98252d3318431cc4ce49221f552d7bc57b7d Issue-ID: OOM-1053 Signed-off-by: Gary Wu <gary.i.wu@huawei.com>
2018-05-15Enable https endpoint for SMSKiran Kamineni6-18/+24
SMS got a new SAN certificate and we are using that in this deployment now. Applications will now query on https://aaf-sms.onap This should also fix the failing healthcheck for SMS -P3: Changing liveness and readiness probes to use https instead of tcp which was throwing up TLS error spam on the server Issue-ID: AAF-284 Change-Id: I654eced0bb75c8b5c807c45773f308d824dfb571 Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
2018-05-11Update readiness-check to 2.0.0Gary Wu1-1/+1
Change-Id: I3477393d2ba98fe1d48561efc6991e88d8e03793 Issue-ID: OOM-1076 Signed-off-by: Gary Wu <gary.i.wu@huawei.com>
2018-05-10Improve docker registry secret managementBorislavG3-3/+0
Change-Id: I2d1ff878c215becc9856af184eb0b11defd75e1d Issue-ID: OOM-1064 Signed-off-by: BorislavG <Borislav.Glozman@amdocs.com>
2018-05-08Sync docker image images with docker-manifest.csvGary Wu2-2/+2
Update the docker image versions in the OOM helm charts with the versions specified in the docker-manifest.csv in the integration repo. Change-Id: I38bd9e98ae1b15ed4bbc68051b8516f311aa8db0 Issue-ID: OOM-1053 Signed-off-by: Gary Wu <gary.i.wu@huawei.com>
2018-05-07AAF ChartsMahendra Raghuwanshi2-4/+5
-PS3-MK -renaming charts to remove hyphen -refactoring service name configuration. It wasn't quite correct the way it was. It was taking the chart name as the service name and not using the values.yaml from the top level chart as intended. -Jonathan asked to name the main app service "aaf-service and cassandra to "aaf-cass" as this is what is in the cert -squashed https://gerrit.onap.org/r/#/c/45923/1 into this commit. -updated robot to the latest settings Robot tests are failing but all pods come up. I think this can be merged and the AAF team investigate the robot health issue in a running system -PS4-MK -reverting sms changes and taking the latest from master -removing repository from the global section of the aaf values. -this was causing all images to be pulled from nexus3.onap.org which was failing to pull images that come from docker hub. There is supposed to be a proxy through nexus3 to dockerhub but maybe we are missing something. -PS5-MK -removing nodeports from non gui related charts. There are conflicts -PS6-Kiran -Adding imagepullsecrets for aaf-sms-vault subchart -updated image repository to pull from nexus3 -tested and works now and should fix the pull errors -PS7-Kiran -Previous patch picked up a couple of unintended changes -Reverting them -PS8-MK -removing names from identities -using https for robot test Issue-ID: OOM-930 Change-Id: I98f40ef5af03dda73aebf12f6fa48d928915ab34 Signed-off-by: Mahendra Raghuwanshi <mahendra.raghuwanshi@amdocs.com> Add Beijing CQLs into OOM Issue-ID: AAF-114 Change-Id: I2c2d46738ba0885c41f710997d4b212b6ce4d2de Signed-off-by: Instrumental <jonathan.gathman@att.com> Signed-off-by: Mandeep Khinda <mandeep.khinda@amdocs.com> Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
2018-04-25Adding Quorum client sub chart for smsKiran Kamineni20-0/+1013
SMS uses vault for its backend which needs an unseal operation to proceed. Quorumclient provides the unseal operation via 3 replicas that store each unseal shard and provide it during unseal. Issue-ID: AAF-255 Change-Id: I62db7a450e1e81aa6bfb2cc5b9da29ce99efd24b Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>