Age | Commit message (Collapse) | Author | Files | Lines |
|
Correct the security settings and improve templates.
Issue-ID: OOM-3288
Change-Id: Idf1d59b33bea4d27a523d990b218b2e36ffb0348
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
add resources entry to the _cassOp template
add resources setting to the cassandra instance
add additional settings to improve the performance
Issue-ID: OOM-3312
Change-Id: Iaa18e7c55a933f2403eff2dd93cb36f9786b3a41
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
common:
- Add settings to common pod templates and fix Cassandra
serviceMesh and MariaDB operator templates
- Added template for mongodb
- Empty lines to files added
readinessCheck:
- Add missing security settings
mariadb-init:
- add security settings in job
cassandra:
- Empty lines added to files
mongodb:
- make emptyDir volume size configurable
others:
- update chart dependency for mongodb in components
- fix linter errors in all files
Issue-ID: OOM-3295
Issue-ID: OOM-3296
Change-Id: Ieb64be337013e0477f7aaca9c75bb6a3f3264848
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
As hostPath volumes violate Cluster policies, they are
not allowed within pod definitions.
In our case only the "etc/localtime" is mounted to get
the timezone of the host, which is not required.
Issue-ID: OOM-3287
Change-Id: I6c8c8ea4e982d7e95e73f5fed7fc07ed47ceaab7
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Some ports need to be excluded from cassandra to support
JMX and Metrics interfaces.
Also some memory settings need to be adjusted.
Issue-ID: OOM-3275
Change-Id: I7530b69d65c7c612bcf54eba64d5a4dd5a20f753
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Currently in ONAP the imagePullSecrets is hardcoded to
'onap-docker-registry-key' which is created by the
repository-wrapper component.
With this change the secrets can be configured via setting
global.imagePullSecrets and optionally per image if it is
configured as map (image.pullSecrets)
Issue-ID: OOM-3284
Change-Id: I8644f9b46043b6014219c42928e057b149df43a4
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Some settings are still wrongly interpreted (e.g. 0.02Gi)
Therefor they are changed to non-floating numbers (e.g. 20Mi)
Issue-ID: OOM-3273
Change-Id: Icc88dead1ac5b1df8629d6adcc438a739e20522e
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Update all resource settings to the kubernetes recommended
normalized form. Fix ReadinessCheck resource limits.
Issue-ID: OOM-3273
Change-Id: Ie10903b801e4dc1689bcec092162d711a431a7a6
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Update cassandra to 4.1.3 and increase the write timeouts
to improve the AAI/SDC stability.
Increase the cql client version in SDC to be compliant with cassandra
Issue-ID: OOM-3275
Change-Id: Ie1b2f4d38e580eecacd416fca4e392b4a8b0c62a
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
As Reaper startup is failing in many cases the deployment
it should be possible to disable it to stabilize the gating
Change the delay handling in the deploy plugin.
Issue-ID: OOM-3246
Change-Id: Ibf435d30551aacc213d7c9d38bce72198f4f4b3d
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Schema creations of Reaper and AAI/SDC can conflict with each
other. Therefor the reaper init script should finish before
AAI and SDC schema init scripts are started
Update jvm options for cassandra instance
Issue-ID: OOM-3246
Change-Id: I16cea161fc8b75e15c76c4cbe4851739782dfb06
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Add template functions for the mariadb-operator resources
and update the mariadb-galera chart to support them
Change the flag to "useOperator" in cassandra to the global setup
and additional labels for cassandra resources
Changed Policy DB users to support the new mariadb User
and fixed db.sh script to wait for the DB user creation
Use the new readiness image 5.0.1 with the "app-name" option
Change the MariaDB-Galera Service to the "primary" to avoid Deadlocks
Fix previous SDNC patch (https://gerrit.onap.org/r/c/oom/+/135308) and
temporary disable MariaDB for SDNR, as it is not compatible to
MariaDB 11
Issue-ID: OOM-3236
Change-Id: Ie63fcc9c6d5fa802d38c592b449e7ff8553c2ab9
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
As Cassandra (via k8ssandra-operator) requires either a default
StorageClass, the instructions to set the default in the OOM docs
and removed the hardcoded "storageClass" setting in cassandra
installation.
Issue-ID: OOM-3226
Change-Id: I815614c31ae6b7fcb811d86519d0df1cc4a8898d
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Deployment of shared cassandra (4.0.1) using k8ssandra-operator
AAI config update to use new cassandra
SDC config update to use new cassandra
correct link in the oom_infra_optional_addons.rst
Issue-ID: OOM-3226
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Ieeec9ad5c22a0674a477741d0515ae4515c6f3b8
|
|
Update chart versions to 13.0.0 for Montreal
Issue-ID: OOM-3173
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Ie53fd021f01e459c464e44f4459a73ba0b00c172
|
|
Fixes in helmcharts which are not detected by helm, but kustomize in
common, CDS, POLICY, SDC, SO
Issue-ID: OOM-3200
Issue-ID: OOM-3201
Issue-ID: OOM-3202
Issue-ID: OOM-3203
Issue-ID: OOM-3204
Issue-ID: OOM-3205
Issue-ID: OOM-3206
Issue-ID: OOM-3207
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I8416726693d6606d936aaf4cfe2c097752689c29
|
|
- K8ssandraCluster resources template file added
- Modification of the cassandra chart to add the option to install
cassandra using the k8ssandra-operator
- AAI and SDC values changed to support the new cassandra settings
- Fix for SDC cql version in jobs
- for London make k8ssandra-operator optional (default: false)
Issue-ID: OOM-3168
Signed-off-by: Dasarathi, Swain (ds00528024) <ds00528024@techmahindra.com>
Change-Id: Idfe232460c9c1f584536e60ea042345d7dca3164
|
|
Update chart versions 12.0.0 for London
Issue-ID: OOM-3046
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Ic196235ff4f6ae14a7ecad799bd75a9666b2594a
|
|
Based on Cassandra documentation enlarge limits of Cassandra pods
and the heap size
Issue-ID: AAI-3492
Signed-off-by: Michal Jagiello <michal.jagiello@t-mobile.pl>
Change-Id: I43e6eeb043b75e5bf5333a3fbdb66f832f01c867
(cherry picked from commit 56b8db227af43c0698eb877dc723f93ad5a0d812)
|
|
Disable inter-cluster ports from the Sidecar communication
Issue-ID: OOM-2820
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Ie9b523e881a6dd5bef62debdf208994d03a08f29
|
|
Use version 11.0.0 for Kohn
Issue-ID: OOM-2971
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Icc0e0839fc6def2035383b5fa4c9153fc15fafda
|
|
- Add service monitor template
- Add metrics container to Cassandra statefulset
- Update values.yaml to add metrics and servicemonitor config
- Modify service template to add metrics port configuration
Issue-ID: OOM-2914
Signed-off-by: Suresh Charan <suresh.charan@amdocs.com>
Change-Id: Ia47daea337a414c91367a08ecc043bb3bd9ba697
|
|
Variable attribute 'local' is not POSIX but is LSB supported.
It is available in other shells such as ash or dash.
And in ksh, local is the default scope of functions vaiables.
Though, the syntax "local var=XX" is only supported and found in bash.
Sadly, this is not detected by checkbashims.
- fix "local var=XX" bashisms
- add a manual command in tox.ini to detect them in the CI
https://wiki.ubuntu.com/DashAsBinSh#local
https://wiki.ubuntu.com/DashAsBinSh#declare_or_typeset
https://stackoverflow.com/questions/12000949/scope-of-variables-in-ksh
Issue-ID: OOM-2643
Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com>
Change-Id: Iff26e50cd352eeb760d923a4740a6f92184fe0f2
|
|
Move all Chart.yaml to use apiVersion: 2
Move dependencies from requirements.yaml to Chart.yaml
Changes to all makeFiles
Changes to helm deploy plugin
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: I03c5290eee9e40f76eacbf171e774204cf5fb1c0
Issue-ID: OOM-2845
|
|
Use version 9.0.0 for Istanbul
Also update the doc.
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I03e11799bf487226784c98b04116f005c89d1e70
|
|
- add checkbahims to tox.ini default profiles
- remove -f options to unforce bashisms detection in explicit bash
scripts and to differentiate treatments between bash and sh
- migrate #!/bin/bash shebangs to #!/bin/sh for scripts without bashisms
The following scripts have not been migrated since they still use
bashisms difficult to migrate (mostly arrays - more details below)
./kubernetes/common/mariadb-init/resources/config/db_init.sh
./kubernetes/portal/components/portal-mariadb/resources/config/ \
mariadb/docker-entrypoint.sh
./kubernetes/helm/plugins/deploy/deploy.sh
./kubernetes/helm/plugins/undeploy/undeploy.sh
./kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh
$ find . -not -path '*/\.*' -name *.sh -exec checkbashisms -f {} + 2>&1\
| grep line | cut -d' ' -f 7- | sort | uniq -c | sort -k1,1nr
18 (bash arrays, ${name[0|*|@]}):
2 (declare):
1 ($FUNCNAME):
1 (shopt):
1 (trap with ERR|DEBUG|RETURN):
https://mywiki.wooledge.org/Bashism#Arrays
https://mywiki.wooledge.org/Bashism#Special_Variables
https://mywiki.wooledge.org/Bashism#Builtins
https://www.oilshell.org/release/0.5.alpha2/test/spec.wwz/builtin-trap.html
Issue-ID: OOM-2643
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: Id06ad1d45004321a293bdd26038d8da5f7b6b4ac
|
|
with the following command
$ find . -not -path '*/\.*' -name *.sh -exec sed -i 's/\t/ /g' {} +
then realign manually what deserves it and in particular,
unindent some EOF scripting tags so they do not trigger errors.
Issue-ID: OOM-2643
Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com>
Change-Id: Ibfa463ec8083d5a39de18a54d9c1d8746710fe03
|
|
pointed out by checkbashisms
Issue-ID: OOM-2643
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: I34d828ac4ab27b5ce6547a20aecc610cdcecf00e
|
|
|
|
|
|
|
|
Added the missing definition for imagePullSecrets in the
statefulsets.yaml
deployment.yaml
to support the registryGenerator
Issue-ID: OOM-2789
Signed-off-by: andreas-geissler <andreas-geissler@telekom.de>
Change-Id: I013ba52c9c49f95cd3d53fcaa9eb084adcbfe662
|
|
Add service account to requirements.yaml, values.yaml and
deployment/statefulset
Issue-ID: OOM-2703
Signed-off-by: farida azmy <farida.azmy.ext@orange.com>
Co-authored-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I226584b16b2cd1c22a4e71eb48ad95d974640006
|
|
With istio >= 1.10, cassandra doesn't need anymore to listen on
127.0.0.1.
Issue-ID: OOM-2252
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib3817f5404a21a96a6fadc76b5cd501b01e9ab25
|
|
pointed out by checkbashisms.
Issue-ID: OOM-2643
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: I1915d4fcbf38b32180d5a7caa36531ad2fc798a9
|
|
|
|
pointed out by checkbashisms.
Issue-ID: OOM-2643
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: Ic9c4edc0fc6bd94a95bcb85d84379e868fb09930
|
|
pointed out by checkbashisms.
Note this kind of indirections can only be replaced directly in POSIX
by commands using eval.
Security risks must be evaluated for each context where eval is called.
For a safe use, the context must ensure that only a limited number of
possible constrainted values are passed to eval.
https://mywiki.wooledge.org/Bashism#Parameter_Expansions
https://mywiki.wooledge.org/BashFAQ/006#Indirection
Issue-ID: OOM-264
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: Id27f3ffd1ddb092a9c038d3a45d9e3278720eb62
|
|
pointed out by checkbashisms
$ mycmd=$(tox -e checkbashisms
| grep '(\[\[ foo \]\] should be \[ foo \])'
| sed -e "s@^[^.]*\(.[^ ]*\) line \([0-9]*\) .*@sed -i '\2s/\\\[\\\[\\\(
[^]]*\\\)\\\]\\\]/[\\\1]/g' \1;@")
$ eval $mycmd
plus fix manually quoting hells induced and bash specific regex
and multi-conditions
Issue-ID: OOM-2643
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: Ie7ca5b71938fae22c200b7fead418618160fbe19
|
|
After 3 monthes, usage of Cassandra disk is 8Gi.
Moving PVC Claim to 10Gi in order to satisfy this.
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: If8de6fecdbbc49d588e4234a62f91f319531fca4
|
|
Instead of long initial delay on readiness and liveness probes, use
startup probes and be more aggressive on readiness and liveness.
Issue-ID: OOM-2741
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: If60f345fd1e11fd1419cee58efb7d53e56dc5c79
|
|
|
|
pointed out by checkbashisms.
$ mycmd=$(tox -e checkbashisms | grep "(should be 'b = a')" | sed -e
"s@^[^.]*\(.[^ ]*\) line \([0-9]*\) .*@sed -i -e '\2s/==/=/g' \1;@")
$ eval $mycmd
Issue-ID: OOM-2643
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: I9032130bc4717e111de11a73187c2f1052376e45
|
|
pointed out by checkbashisms.
$ mycmd=$(tox -e checkbashisms | grep "^possible .*'function' is useless
" | sed -e "s@^[^.]*\(.[^ ]*\) line \([0-9]*\) .*@sed -i -e '\2s/functio
n \\\([^ ()]*\\\) *(\\\?)\\\?/\\\1 ()/\' -e '\2s/(){/() {/' \1;@")
$ eval $mycmd
Issue-ID: OOM-2643
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: Ic41c8ba8288b7a90db9f5775cd601c09ff2ab663
|
|
Updating the documentation and bumping version to 8.0.0
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I6f942f1466fed64264c44fb8fc0e1ffc93a98f18
|
|
With Azure and also some internal deployments, `nodepool status` takes
more than 3 seconds (it can go up to 6 seconds) and so cassandra is not
coming up or quite randomly.
This patch gives more room to `nodepool status` to answer.
Issue-ID: OOM-2687
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I98b0adc751e3cd4fa8710f88567cd8896db548eb
|
|
In order to make cassandra behaving smoothly on service mesh, we must
make it listen to 127.0.0.1 but broadcasting the real IP address.
This patch does it.
Issue-ID: OOM-2252
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I2c494a987a7d2d72ddce84ac7fab15bcadbc8cf4
|
|
Update charts and requirements to 7.0.0.
Create release notes for Guilin
Update documentation
Issue-ID: OOM-2638
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I965ed6b6ebb7d74bfddaff73edd3dd55a657841c
|
|
This commit makes cassandra template to use the new generator for
repositories and images.
Also, as cassandra is retrieved from dockerHub, we change the path in order to
reflect that.
Issue-ID: OOM-2364
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ibd2c03879035f2bdb83177bba2e4d6f32e108ca7
|
|
Having limits is important in order to have safe deployment.
cassandra didn't had one so let's add them.
Issue-ID: OOM-2230
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Id3fef8c351f1be977eab49abd111304b9edd9151
|