aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/common/postgres
AgeCommit message (Collapse)AuthorFilesLines
2024-08-07[COMMON] Synchronize common chartsAndreas Geissler1-2/+2
- solve actual findings during tests with kyverno policies - synchronize headers Issue-ID: OOM-3288 Issue-ID: OOM-3296 Change-Id: Ia7e7daa8864069493e09dd6511825aa939c5eeaf Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-07-05[COMMON] Fix Kyverno PoliciesAndreas Geissler12-11/+21
common: - Add settings to common pod templates and fix Cassandra serviceMesh and MariaDB operator templates - Added template for mongodb - Empty lines to files added readinessCheck: - Add missing security settings mariadb-init: - add security settings in job cassandra: - Empty lines added to files mongodb: - make emptyDir volume size configurable others: - update chart dependency for mongodb in components - fix linter errors in all files Issue-ID: OOM-3295 Issue-ID: OOM-3296 Change-Id: Ieb64be337013e0477f7aaca9c75bb6a3f3264848 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-04-13[COMMON] Remove hostPath entriesAndreas Geissler1-3/+0
As hostPath volumes violate Cluster policies, they are not allowed within pod definitions. In our case only the "etc/localtime" is mounted to get the timezone of the host, which is not required. Issue-ID: OOM-3287 Change-Id: I6c8c8ea4e982d7e95e73f5fed7fc07ed47ceaab7 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-03-20[COMMON] Make imagePullSecrets configurableAndreas Geissler1-2/+1
Currently in ONAP the imagePullSecrets is hardcoded to 'onap-docker-registry-key' which is created by the repository-wrapper component. With this change the secrets can be configured via setting global.imagePullSecrets and optionally per image if it is configured as map (image.pullSecrets) Issue-ID: OOM-3284 Change-Id: I8644f9b46043b6014219c42928e057b149df43a4 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-03-14[COMMON] Harmonize resource settings, Part 2Andreas Geissler1-4/+4
Some settings are still wrongly interpreted (e.g. 0.02Gi) Therefor they are changed to non-floating numbers (e.g. 20Mi) Issue-ID: OOM-3273 Change-Id: Icc88dead1ac5b1df8629d6adcc438a739e20522e Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-02-28[COMMON] Harmonize resource settingsAndreas Geissler1-12/+12
Update all resource settings to the kubernetes recommended normalized form. Fix ReadinessCheck resource limits. Issue-ID: OOM-3273 Change-Id: Ie10903b801e4dc1689bcec092162d711a431a7a6 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-02-19[POSTGRES][COMMON] Add support for postgres operatorrajesh.kumar16-7/+74
Add template for the postgres operator instance setup and modifications to use the postgres instance via Operator TBD: Update of documentation and fix for clients (DMaaP, CPS) Issue-ID: OOM-3247 Change-Id: I56c34400dc73c71b936a51260efd231017adaeae Signed-off-by: rajesh.kumar <rk00747546@techmahindra.com>
2023-07-21[COMMON] Add missing labels for etcd, mongo, postgresAndreas Geissler1-0/+12
Add labels for DB deployments to be compliant with Istio and kiali requirements Issue-ID: OOM-3230 Change-Id: I937d9f326dae8e2c2496eace2e919aa0b8eb0171 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-06-29[COMMON] Bump ONAP versionAndreas Geissler1-3/+3
Update chart versions to 13.0.0 for Montreal Issue-ID: OOM-3173 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: Ie53fd021f01e459c464e44f4459a73ba0b00c172
2023-05-12[COMMON] Add monitoring to postgresmiroslav.masaryk5-0/+232
Add monitoring to postgres db Issue-ID: OOM-3161 Signed-off-by: miroslav.masaryk <miroslav.masaryk@telekom.com> Change-Id: I470a8e9e471562d10ef423e23ad94b5c30db8740
2023-03-03[COMMON] Fix resources indentmiroslavmasaryk1-1/+1
Fix of resources template indent and therefore resources in components Issue-ID: OOM-3104 Signed-off-by: miroslavmasaryk <miroslav.masaryk@telekom.com> Change-Id: I825a3860db00cae4bb80b2aa2d82ac1a42b33124
2022-11-10[COMMON] Bump ONAP versionAndreas Geissler1-3/+3
Update chart versions 12.0.0 for London Issue-ID: OOM-3046 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: Ic196235ff4f6ae14a7ecad799bd75a9666b2594a
2022-06-24[COMMON] Bump ONAP versionAndreas Geissler1-3/+3
Use version 11.0.0 for Kohn Issue-ID: OOM-2971 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: Icc0e0839fc6def2035383b5fa4c9153fc15fafda
2022-03-31[CPS] Set postgres replica strategyBruno Sakoto1-0/+2
Strategy is set to Recreate instead of using default RollingUpdate Issue-ID: CPS-894 Change-Id: Ia5a5f54512baa6445a161c43075f0c29679691d0 Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca>
2021-12-07[GLOBAL] Migrate to helm v3efiacor2-24/+11
Move all Chart.yaml to use apiVersion: 2 Move dependencies from requirements.yaml to Chart.yaml Changes to all makeFiles Changes to helm deploy plugin Signed-off-by: efiacor <fiachra.corcoran@est.tech> Change-Id: I03c5290eee9e40f76eacbf171e774204cf5fb1c0 Issue-ID: OOM-2845
2021-10-15[COMMON] Bump ONAP versionSylvain Desbureaux2-3/+5
Use version 9.0.0 for Istanbul Also update the doc. Issue-ID: OOM-1 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I03e11799bf487226784c98b04116f005c89d1e70
2021-10-12[CPS] Use common postgres for CPSAbdelmuhaimen Seaudi1-2/+3
Add option for CPS to use common postgres Issue-ID: OOM-2839 Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com> Change-Id: Ida133999f26cf50d59103aa30a90c97fba3e66a0
2021-09-26[COMMON] Add and run pre-commit linters via toxguillaume.lambert1-3/+3
- create a .pre-commit-config.yaml configuration file with * gitlint * trailing blanks linter * tabs removal linter - exclude .git folder from it - exclude Makefiles since tabs are mandatory by default in them - create a tox pre-commit profile to run it from tox note gitlint is not runnable at this pre-commit stage - create pre-commit-install and pre-commit-uninstall tox profiles to (un)install hooks locally and (un)perform tests at each "git commit" call (i.e. without calling manually the pre-commit tox profile) - precise pre-commit stages/types in the pre-commit configuration file so that hooks are installed correctly. This avoids messages about skipped tests when they are run at a wrong stage. Issue-ID: OOM-2643 Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com> Change-Id: Ie95bb4f6f90be80b05a1398973caffeff7936881
2021-07-12[COMMON] Added imagePullSecrets to common template files with some fixandreas-geissler1-0/+2
Added the missing definition for imagePullSecrets in the statefulsets.yaml deployment.yaml to support the registryGenerator Issue-ID: OOM-2789 Signed-off-by: andreas-geissler <andreas-geissler@telekom.de> Change-Id: I013ba52c9c49f95cd3d53fcaa9eb084adcbfe662
2021-03-25Merge "[DOC][COMMON] Prepare Honolulu release"Krzysztof Opasiak2-3/+3
2021-03-24[ONAP] Upgrade crunchy imageTomasz Pietruszkiewicz1-0/+4
Set the newest version of crunchy-postgres image. In this image python 2.x was replaced by python 3.x. The crunchy-postgres image is used in few projects in the ONAP, not only in vnfsdk. Change-Id: I1799b6be66312d2418878533775c741b286bec61 Issue-ID: VNFSDK-647 Signed-off-by: Tomasz Pietruszkiewicz <tomasz.pietruszkiewicz@nokia.com>
2021-03-24[DOC][COMMON] Prepare Honolulu releaseSylvain Desbureaux2-3/+3
Updating the documentation and bumping version to 8.0.0 Issue-ID: OOM-1 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I6f942f1466fed64264c44fb8fc0e1ffc93a98f18
2021-03-08[COMMON] Fix postgres data persistenceBruno Sakoto2-0/+5
This changes fixes postgres data lost that occurs when postgres pods are restarting. When crunchy data postgres image starts, it runs /opt/cpm/bin/setenv.sh script to set PGDATA folder. This script contains: -- export PGDATA=/pgdata/$HOSTNAME if [[ -v PGDATA_PATH_OVERRIDE ]]; then export PGDATA=/pgdata/$PGDATA_PATH_OVERRIDE fi -- Since postgres is now a deployment (commit 0b243b600), its pod name is different on each startup, hence HOSTNAME and PGDATA are also different each time. This change is leveraging crunchy data PGDATA_PATH_OVERRIDE environment variable to set PGDATA to a fixed path. By default, this path is set to /pgdata/data. Issue-ID: CPS-271 Change-Id: Icc0f05d64230a98bc21d8f2a74c12c6661e05482 Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca>
2021-03-03[CPS] Configuration Persistence Service Chartsputhuparambil.aditya1-0/+3
CPS Helm charts added Issue-ID: CPS-7 Co-authored-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca> Co-authored-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Co-authored-by: Bruno Sakoto <bruno.sakoto@bell.ca> Signed-off-by: Claudio David Gasparini <claudio.gasparini@pantheon.tech> Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Signed-off-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca> Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca> Change-Id: I027e5e4b3eec78ce889168f8796d55e6f9fd9be6 Signed-off-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca>
2020-11-30[COMMON][DOC] Bump version GuilinSylvain Desbureaux2-3/+3
Update charts and requirements to 7.0.0. Create release notes for Guilin Update documentation Issue-ID: OOM-2638 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I965ed6b6ebb7d74bfddaff73edd3dd55a657841c
2020-11-24[COMMON][POSTGRES] Uses new tpls for repos / imagesSylvain Desbureaux3-13/+6
This commit makes postgreSQL template to use the new generator for repositories and images. Issue-ID: OOM-2364 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Idac6c4cf2c36e3440d4a7c11bf7ed231d89cdb44
2020-11-20[GENERIC] move from registry.hub.docker.com to docker.ioSylvain Desbureaux1-1/+1
`registry.hub.docker.com` needs authentication now, in contrary to previous behavior. As OOM deployments is unauthenticated when using docker hib repository, all OOM deployments is broken. `docker.io` seems to be still OK with unauthenticated requests so let's move to this endpoint. Issue-ID: OOM-2636 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Iea81b882d347124af22b0a9c408081706b1c6c6d
2020-10-19[COMMON] Add limits to postgres deployments.Sylvain Desbureaux2-20/+30
Having limits is important in order to have safe deployment. postgres didn't had one so let's add them. Issue-ID: OOM-2230 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I279e01b6be6cddab1f792c75026b41dca5c6c694
2020-09-16Merge "Remove field not defined in deployment specification"Sylvain Desbureaux1-1/+0
2020-09-15Remove field not defined in deployment specificationJakub Latusek1-1/+0
Change-Id: I811b5a5fe6f6c77209ab7f7b2da5fe188cf7b2db Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562
2020-09-15Replace YAML comments with helm comments in templatesJakub Latusek1-0/+2
Change-Id: I8cb12dae07cc3984e7dcfc602afa4c2d07317e9a Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562
2020-09-04[GENERAL] Use readiness container v3.0.1Sylvain Desbureaux1-2/+1
Readiness container v3.x and up are now present in ONAP main repository. They're also not using root user anymore and then script path has changed. Finally, "job_complete" script has been integrated in main "ready" script. As those changes are significant, we must upgrade all the components at once. Depends-On: I5afa83892043f4844afe12e61724a8d368a9f2e0 Issue-ID: OOM-2545 Signed-off-by: Grzegorz Lis <grzegorz.lis@nokia.com> Change-Id: I0b4eb5dd86390273532d67d0a9696e1cfcadf110
2020-07-07Make COMMON/POSTGRES compatible with Kubernetes v1.17milaszki1-1/+4
Issue-ID: OOM-2479 Signed-off-by: Daniel Milaszkiewicz <daniel.milaszkiewicz@nokia.com> Change-Id: Ic64b84db2c192cd5d737b5ef6d59aa4b4c20a48e
2020-05-25[COMMON] Allow to use ' in postgres passwordsKrzysztof Opasiak1-4/+11
' is one of characters that are placed in passwords by our default password generation algorith. As ' is a special character in SQL files we need to escape it before substituting environment variables in .sql file. Issue-ID: OOM-2317 Reported-by: Fiachra Corcoran <fiachra.corcoran@est.tech> Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I970eaf03fbcbfa8cb68df4a06ee27503d02d896a
2020-05-15[COMMON] Enable password generation in postgresKrzysztof Opasiak1-3/+3
Issue-ID: OOM-2250 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ibad1e8d523d2a182d2f43e1ae2b46fff07c11e01
2020-05-08[Tree-wide] Make chart build process predictibleKrzysztof Opasiak1-1/+1
ONAP is built using plain makefile rules. List of targets is generated using wildcard function. Based on make changelog: http://git.savannah.gnu.org/cgit/make.git/tree/NEWS since version 3.82 wildcard is not going to sort its results which means that charts are being processed in an arbitrary order which may lead to build failure due to missing dependencies. Since version 4.3 make started sorting the wildcard results once again which may lead to build issues. To avoid that and make our builds predictible independently from Makefile version let's make sure that we always sort wildcard results. Addinally let's use 'file://' instead of '@local' for charts in common to resolve dependencies between them. Issue-ID: OOM-2399 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Iacb02dcdbd577ce0e9ca1078dd0586d296ec9375
2020-04-02Bump chart versionSylvain Desbureaux2-2/+2
Use 6.0.0 in preparation for Frankfurt release Issue-ID: OOM-2320 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I8ad82dfdf48b56c38c0e85d640b18cc13c8d9e67
2020-03-25[COMMON] Optimize common secret templateKrzysztof Opasiak2-9/+9
It turned out that our current implementation of common secret template is really heavy which makes onap linitng extremely long. To improve the situation let's introduce some results caching instead of processing templates over and over. For now we cannot simply replace common secret template because in mariadb-init we generate list of secrets on the fly so we will need to revisit this fragment later. Whole series of patches managed to reduce ONAP linting time to 40 mins. Issue-ID: OOM-2051 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Id2e743147afa37290df19b73feee67621f13f67c
2020-03-10[COMMON] Allow special characters in postgress passwordsKrzysztof Opasiak3-3/+80
Postgres image that we are currently using uses sed to replace passwords placeholders with their actual values at startup time. This apprach is very fragile and leads to issues if & happens to be a part of password as it has a special meaning in sed. To fix this issue let's just extract the setup.sql file from the container and process it on our own in init container using envsubst and then mount it to the main container to be used. Issue-ID: OOM-2317 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ifd51d8f0af0099958caa209185fb7a87a0480bd2
2020-02-18[OOM] Bump postgresql versionSylvain Desbureaux1-1/+1
Use version 10.11 deployed by crunchydata scripts version 4.2.1. this will: * remove some CVEs (in particular CVE-2019-10164) * use UTF-8 as default encoding Issue-ID: OOM-2290 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I6f6ca18b48c435f55f5ffcb88e4f2dc83b758b84
2020-02-14[COMMON] fix primary PVC for postgres templateSylvain Desbureaux1-1/+0
The last line of the template rewrites PVC storage class and thus the behavior is not the expected one. This patch removes the faulty (and unecessary) line. Issue-ID: OOM-1227 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ia0e2f6fbd7d40bbf0de719bbf35f0f0424e1a076
2020-02-07[COMMON] Remove pgpoolKrzysztof Opasiak10-1022/+0
It seems that pgpool is never thus there is no need to spend time moving it to common secret template Issue-ID: OOM-2250 Change-Id: I237f9e01cec80bd47ff47c7eb4db282471cfad07 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-02-07[COMMON] Use common secret template in postgresKrzysztof Opasiak3-29/+23
Use common secret template for storing DB credentials Issue-ID: OOM-2250 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ic640bba21a368cf3dd7d3a712abd13907b86a217
2020-02-06[COMMON] Share deployment configuration in PostgresKrzysztof Opasiak3-246/+146
When I did diff between deployment-primary and deployment-replica it turned out that this is pretty much the same file apart from primary and replica words. To avoid making the same changes in both files, let's just introduce a template that can be included with parameter. Issue-ID: OOM-2246 Change-Id: Ia13b993b9f23008d6be6b3d0e8b745446048de4e Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-02-01[ONAP-wide] Replace .Release.Name with common.releaseKrzysztof Opasiak15-24/+24
ONAP is too big to be deployed using helm install so we need to use a custom helm plugin helm deploy. This script deloys onap component by component instead of deploying evrything at once. Unfortunately this script also modifies the helm release by appending component name to it. As a result of this behavior our objects are called for example: onap-mariadb-galera-mariadb-galera-0 instead of just being called onap-mariadb-galera-0. This patch simplifies this naming convention by replacing all direct usages of .Release.Name with common.release macro which strips the component specific part from the release name. Issue-ID: OOM-2275 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ia8cead50d305adb00eef666d0a1ace74479b5183
2020-01-23[COMMON] Fix PV/PVC for postgresSylvain Desbureaux4-0/+13
When creating https://gerrit.onap.org/r/c/oom/+/99478, forgot to backport storage class part of https://gerrit.onap.org/r/c/oom/+/98962. Issue-ID: OOM-2234 Issue-ID: OOM-1227 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I3c42b28ad5bea67eda004b0209c8a21783b539f1
2019-12-17[COMMON] Use deployment for postgresqlSylvain Desbureaux20-177/+604
Instead of statefulset + inner work in the container, use deployments in order to be more reliable Change-Id: Icf4fe1303ae3489c822558e28bb08b69af2d4970 Issue-ID: OOM-2234 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2019-12-05[Common] Use global storage templates for PVCSylvain Desbureaux2-59/+34
OOM has now templates in order to create the needed PVC, using: * a PV with a specific class when using a common nfs mount path between nodes (sames as today use) --> is the default behavior today * or a storage class if we want to use dynamic PV. On this case, we use (in order of priority): - persistence.storageClassOverride if set on the chart - global.persistence.storageClass if set globally - persistence.storageClass if set on the chart I've also aligned the PV creation of the different charts. I've also aligned the PVC creation of the different charts. I've removed unused mysql chart and (badly) used nfs-provisioner chart. I've also make cassandra backup work with dynamic PV (but RWX only for now). Change-Id: I0ea3f8c7514ca648d94b6c682684c06b822bbe0a Issue-ID: OOM-2229 Issue-ID: OOM-2228 Issue-ID: OOM-2227 Issue-ID: OOM-1227 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2019-07-11Moving Helm Chart version for El AltoMike Elliott4-4/+4
Updating all helm chart versions to 5.0.0 for the El Alto release. Merge will be co-ordinated with the merge of a separate aai/oom patch. Please do not merge until this coordination has completed. Issue-ID: OOM-1980 Signed-off-by: Mike Elliott <mike.elliott@amdocs.com> Change-Id: I31daaebeacea33565f13affd2fa28fb15fe948ba
2019-02-10Update Chart version for Dublin ReleaseMike Elliott4-4/+4
All charts are being bumped from 3.0.0 to 4.0.0 for the Dublin release. In addition the requirement.yaml files have been updated to allow for chart versions that include timestamp suffix. A following on patch will take care of changes to the OOM Makefiles to support injection of the timestamp versions. Change-Id: Ie03d86fad2027e975e8b9106e3a828e4335037cb Issue-ID: OOM-1642 Signed-off-by: Mike Elliott <mike.elliott@amdocs.com>