Age | Commit message (Collapse) | Author | Files | Lines |
|
Update the pod annotations to exclude the cluster communication
ports from the SM sidecars.
Fix mysql protocol setup fodddr istio and update mariadb-init job
to support istio sidecar communication.
This is separated from a patch for CDS SM compatibility
Issue-ID: OOM-2820
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I9e839e019c948614fea7d4b3b5930270f7e7a7c6
|
|
Use version 11.0.0 for Kohn
Issue-ID: OOM-2971
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Icc0e0839fc6def2035383b5fa4c9153fc15fafda
|
|
The matchLabels should use the existing Label:
app.kubernetes.io/name instead of adding a new label
Issue-ID: OOM-2820
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I9d4405f2855f34cc32085ba571478dafa344e51e
|
|
Update the port names of metrics and mariadb to match the
istio requirements and update the timeouts.
Fix mysql protocol setup for istio and update mariadb-init job
to support istio sidecar communication.
This is separated from a patch for CDS SM compatibility
Issue-ID: OOM-2820
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I02c19c9fcfbd76a2cede0b924174ad81b45d719e
|
|
We have stability issues with MariaDB (which didn't occur on istanbul).
Issue-ID: OOM-2963
Signed-off-by: Michal Jagiello <michal.jagiello@t-mobile.pl>
Change-Id: I23b31db06dd87a45a47c8b2741b36e6387e5d1ec
|
|
We observed from time to time issues with fetching data from
mariadb-galera. We suppose that can be related with too low
persistence volume size of mariadb-galera.
Increase that value and observe gating and daily.
Issue-ID: SDC-3949
Signed-off-by: Michal Jagiello <michal.jagiello@t-mobile.pl>
Change-Id: I964351b755e11a513da42f1c11da86bb1130ad96
|
|
The backup job stopped working after upgrade to bitnami images.
Mariabackup was not designed to work remotely, it is supposed to run
on the database server. Because of this we need to mount the data pvc
into the backup job pod. It will however connect to the database daemon
using a hostname, so we need to connect to the first replica in the
cluster. Also had to set readOnlyRootFilesystem=false and add emptyDir
volumes to solve various permission issues.
Issue-ID: OOM-2932
Signed-off-by: Jozsef Csongvai <jozsef.csongvai@bell.ca>
Change-Id: I776903f9ec541f8dc5818b2ba4c1292226ec2bc6
|
|
This was causing errors when using bootstrapFromNode
Issue-ID: OOM-2933
Signed-off-by: Jozsef Csongvai <jozsef.csongvai@bell.ca>
Change-Id: I55b49ad40b5f45b394acd064fcbc7f272298fde0
|
|
Setting the "prometheus: kube-prometheus" label selector for mariadb-galera
ServiceMonitor object is invalid since mariadb-galera-metrics service has
common labels assigned.
Without this change Prometheus (in kube-prometheus-stack) does not select
the mariadb-galera-metrics service for scraping and relevant target is
not created.
Change-Id: I64dfe83ff7fb448125f8726cf3ca33048ced04a8
Issue-ID: OOM-2925
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
|
|
Use version 10.6.5-debian-10-r28 instead of 10.6.5.
Also align clamp and so to use the same version as the other ones
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ie1db09b03daa1bb7792ee0ff6a73bd3483213e75
|
|
Bump version to the one asked by SECCOM.
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I99a4c1e412a2288b595d78470dc433466586529b
|
|
Move all Chart.yaml to use apiVersion: 2
Move dependencies from requirements.yaml to Chart.yaml
Changes to all makeFiles
Changes to helm deploy plugin
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: I03c5290eee9e40f76eacbf171e774204cf5fb1c0
Issue-ID: OOM-2845
|
|
Use version 9.0.0 for Istanbul
Also update the doc.
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I03e11799bf487226784c98b04116f005c89d1e70
|
|
DB connection from Policy Framework components fail intermittently with
Connection refused error. Upon investigation, identified that
mariadb-metrics readiness is failing with timeout, and thereby affecting
the db connectivity intermittently.
So, changing readiness timeout from 1 second to 5 seconds so that
there is enough time to get back the /metrics response
and readiness can pass. Also making the properties configurable.
Similar issue could happen in other components too.
Change-Id: I8dfbfeb0fe791c1bce373dd9d7124d26457c4919
Issue-ID: POLICY-3637
Signed-off-by: a.sreekumar <ajith.sreekumar@bell.ca>
|
|
Add prometheus service monitor template to common charts so that components
can reuse it to enable scraping of their metrics by prometheus.
Issue-ID: OOM-2710
Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca>
Change-Id: Ifa8da676dec05192c518ba97208df60e5ec46f55
|
|
fix matchExpressions under nodeSelectorTerms to indicating
array construct.
there is no helm tpl defined with common.tplvalues, fixing
it to use common.tplValue
Issue-ID: OOM-2800
Signed-off-by: Prabhjot Singh Sethi <prabhjot@aarnanetworks.com>
Change-Id: I572ee30af745aa7f10c8438ea9516534e71d5acd
|
|
Update mariadb-galera chart to add internalport value under (.Values.
service) to resolve the port settings needed for the template (common.
mariadbPort) under (common/_mariadb.tpl).
This parameter will use the default value of mariadb 3306 which can be
changed in component charts.
Issue-ID: OOM-2773
Signed-off-by: Mahmoud Abdelhamid <mahmoud.abdelhamid@orange.com>
Change-Id: I0d59ba42f07426b14ec7bc7f157392b5f10b9006
|
|
|
|
Instead of long initial delay on readiness and liveness probes, use
startup probes and be more aggressive on readiness and liveness.
Issue-ID: OOM-2740
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I86015a4a0c4ab313929c5bd103dedced1df88ec3
|
|
With stability tests, we see that mariadb gets OOM killed and has some
CPU throttling.
Putting higher limits in order to make it no happen.
Scaling also replicas from VFC and APPC db from 3 to 1.
Issue-ID: INT-1883
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I2699b34ac5fcaa805c6fc01592c5a5f607b17fae
|
|
Camunda has given a guide in order to configure camunda
(https://docs.camunda.org/manual/latest/user-guide/process-engine/database/mariadb-galera-configuration/).
Applying it to ONAP camunda configuration.
gitlint-ignore: B1, body-max-line-length
Issue-ID: INT-1883
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ie0cb1c70e4271496ffd5e51ce1d816785f88689f
|
|
Updating the documentation and bumping version to 8.0.0
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I6f942f1466fed64264c44fb8fc0e1ffc93a98f18
|
|
Bitnami init script can automatically choose the node address (which is
the IP address of the container).
Unfortunately, this doesn't work when on dual stack as both IP addresses
with a space are given (see
https://github.com/bitnami/charts/issues/4077).
This patch force the IP address so we can get rid of this issue
Issue-ID: OOM-2661
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I5dd2147df1932b1f0fdde7c2b55585cff45bab68
|
|
Bitnami mariadb-galera image has a special environment variable that
allows to wait few seconds for mariadb to be fully initialized.
This is especially important when a lot of pods are created in parallel,
like in OOM.
Unfortunately, the variable name used wasn't the good one.
This patch rectifies that
Issue-ID: OOM-1720
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I2f41ec734a45197c40d5adfa9e214ba5e335f44d
|
|
Mariadb DB Galera containers version is outdated and unmaintained. We
need them to move to a new image provider.
As new image provider is not compatible with our old templates, we
also update the templates (by reworking bitnami mariadb-galera chart).
An update of global mariadb image is also done in order to match mariadb
galera version.
Issue-ID: OOM-1720
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib9976227759e90022183d4f37fc655143be4d6ac
|
|
Update charts and requirements to 7.0.0.
Create release notes for Guilin
Update documentation
Issue-ID: OOM-2638
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I965ed6b6ebb7d74bfddaff73edd3dd55a657841c
|
|
This commit makes mariadb galera template to use the new generator for
repositories and images.
As mariadb are coming from dockerhub, we're using directly this
repository.
Issue-ID: OOM-2364
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I7010ea3214c34fbee1ee697a127a1e43bfd16aed
|
|
This change modifies VID to use the shared DB instance of mariadb.
In addition, we create a mechanism in mariadb-init to allow a shared DB
user to run a script after the DB has been created.
The script can be passed as a configMap (as is the case with VID) or it
can be a standalone script that is passed as a string.
Issue-ID: OOM-1226
Change-Id: Ie51823338562a6fbe7472025d62cd4dba688168d
Signed-off-by: RPMishra <rpmishra@aarnanetworks.com>
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
Signed-off-by: Jakub Latusek <j.latusek@samsung.com>
Change-Id: I21ea78c96ff8bd5e729f2228f761df534f515358
Issue-ID: OOM-2562
|
|
requests/limits for "small" deployments are too big compared to actual
usage.
Issue-ID: OOM-2230
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I2e3f6dae57714ddc85d2fc04a3793fe034ccc8ef
|
|
|
|
Readiness container v3.x and up are now present in ONAP main repository.
They're also not using root user anymore and then script path has
changed.
Finally, "job_complete" script has been integrated in main "ready"
script.
As those changes are significant, we must upgrade all the components at
once.
Depends-On: I5afa83892043f4844afe12e61724a8d368a9f2e0
Issue-ID: OOM-2545
Signed-off-by: Grzegorz Lis <grzegorz.lis@nokia.com>
Change-Id: I0b4eb5dd86390273532d67d0a9696e1cfcadf110
|
|
Fix both clamp and common mariadb-galera instances to make sure that
special characters in passwords are escaped properly.
Issue-ID: OOM-2328
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Iee48523d36d404ad7b21515f0d205f2f60a507ed
|
|
Issue-ID: OOM-2525
Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca>
Change-Id: I7ea70454368c68e3a264a181a57fae7bad1219d1
|
|
|
|
Issue-ID: OOM-2482
Signed-off-by: Daniel Milaszkiewicz <daniel.milaszkiewicz@nokia.com>
Change-Id: I5dbe0b168535d48068a93dd3494a59bf90ea2a6f
|
|
any changes to charts that could cause loss of all data.
Issue-ID: OOM-2442
Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca>
Change-Id: Ifd3bbc0f63e95b1c8797ecd09a891195faafc8c2
|
|
When upgrading from a version to another, it may be impossible to do it
"simply" because of changes in immutable properties of statefulsets. We
change that here by creating a temporary deployment which will hold the
whole databases during the time the old statefulset gets destroyed and
the new one gets created.
Issue-ID: OOM-2316
Signed-off-by: tringuyen <tri.nguyen@tatacommunications.com>
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I318d72830d5002f50597e23e0753e292f8b47c53
|
|
After we upgraded our helm version we started getting below issues
with emails:
Warning: Merging destination map for chart 'curator'.
Overwriting table item 'image', with non table value:
onap/sdnc-image:1.8.2
To fix this let's just use "" instead of () for our daily operations.
Issue-ID: OOM-2412
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I5f2c215c281036a7eb921d6a805527c807a4aca9
|
|
derivePassword which we use to generate our passwords includes ' in
set of special characters that can be used in passwords.
Current implementation of bitnami configure-mysql.sh simply
concatenates password surrounded with '' rest of SQL query. This
causes issues if password contains ' as it creates invalid SQL statement.
To fix this issue we just patch the script and escape the special '
character in password.
Issue-ID: OOM-2246
Reported-by: Mateusz Pilat <m.pilat@partner.samsung.com>
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I3d2150760755e55558e2045cbb7ca5693c8ab71f
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
|
|
The time has come! All ONAP charts use now common secret template at
least for the mariadb-galera root password (and most of them also for
user part). This means that it should be now safe to remove hardcoded
mariadb-galera root password and depend on common secret template to
generate it for every deployment.
No more secretpassword!:D
Issue-ID: OOM-2342
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ib9d8bbcc45bfd85a4d762c716c03dba23d901009
|
|
Use 6.0.0 in preparation for Frankfurt release
Issue-ID: OOM-2320
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I8ad82dfdf48b56c38c0e85d640b18cc13c8d9e67
|
|
It turned out that our current implementation of common secret
template is really heavy which makes onap linitng extremely long.
To improve the situation let's introduce some results caching instead
of processing templates over and over.
For now we cannot simply replace common secret template because in
mariadb-init we generate list of secrets on the fly so we will need
to revisit this fragment later.
Whole series of patches managed to reduce ONAP linting time to 40
mins.
Issue-ID: OOM-2051
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Id2e743147afa37290df19b73feee67621f13f67c
|
|
When deploying a shared mariadb-galera instance using common chart
a dummy database is created based on the default values n the chart.
This is obviously unnecessary and creates an obviousl security issue.
That's why let's make sure that when we deploy a shared mariadb
instance no dummy databases are created.
Issue-ID: OOM-2053
Change-Id: I1130cb8eb555b15a2d8b365102d69e32259233eb
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
|
|
Usage of plain strings is very fragile especially when you try
to change them. That's why instead of depending on strings let's
just define a few convenience templates to be used in projects
that use mariadb-galera chart.
Issue-ID: OOM-2249
Change-Id: Ib867d34090b06a15ea3898a9524f5e3d04a656c0
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
|
|
ONAP is too big to be deployed using helm install so we need to
use a custom helm plugin helm deploy. This script deloys onap
component by component instead of deploying evrything at
once. Unfortunately this script also modifies the helm release by
appending component name to it.
As a result of this behavior our objects are called for example:
onap-mariadb-galera-mariadb-galera-0
instead of just being called onap-mariadb-galera-0.
This patch simplifies this naming convention by replacing all direct
usages of .Release.Name with common.release macro which strips the
component specific part from the release name.
Issue-ID: OOM-2275
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ia8cead50d305adb00eef666d0a1ace74479b5183
|
|
Instead of defining the secret in some custom way let's use the common
template (common.secret). To avoid some issues in ONAP components that
depend on this chart let's do not remove for now the default username
and password. We will do this when all services properly utylize
secrets to store mariadb credentials.
Issue-ID: OOM-2053
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I78e224299cccd9632192ee03a45cd077e6f0906f
|
|
OOM has now templates in order to create the needed PVC, using:
* a PV with a specific class when using a common nfs mount path between
nodes (sames as today use) --> is the default behavior today
* or a storage class if we want to use dynamic PV.
On this case, we use (in order of priority):
- persistence.storageClassOverride if set on the chart
- global.persistence.storageClass if set globally
- persistence.storageClass if set on the chart
I've also aligned the PV creation of the different charts.
I've also aligned the PVC creation of the different charts.
I've removed unused mysql chart and (badly) used nfs-provisioner chart.
I've also make cassandra backup work with dynamic PV (but RWX only for
now).
Change-Id: I0ea3f8c7514ca648d94b6c682684c06b822bbe0a
Issue-ID: OOM-2229
Issue-ID: OOM-2228
Issue-ID: OOM-2227
Issue-ID: OOM-1227
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
Two helper functions are defined:
- common.storageClass: will print the right storage class according to
properties set or not:
* if no storage class set --> use previous behavior (storage class
named `common.fullname-data`.
* if a "persistence.storageClassOverride" is set for this specific chart,
we use it (if it's "-", we set to default one)
* if a "global.persistence.storageClass" has been set (and no
storageClassOverride for this chart), we use it (same specificity than
storageClassOverride)
* if a "persistence.storageClass) has been set (and no
storageClassOverride nor global one), we use it (same specificity
than storageClassOverride)
- common.needPV: will print "True" if we need a PV (no storageClass and
storageClassOverride being set).
an implementation example with mariadb-galera is provided.
Issue-ID: OOM-1500
Change-Id: I20a667e17b00c255c4b828e3c66f9c0df7c8755c
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
Used PVC(s) are actually created in the statefulset
Change-Id: I24f2c3ff0934178c9af06bfee60b4b6e35cfe953
Issue-ID: OOM-2155
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|