Age | Commit message (Collapse) | Author | Files | Lines |
|
- solve actual findings during tests with kyverno policies
- synchronize headers
Issue-ID: OOM-3288
Issue-ID: OOM-3296
Change-Id: Ia7e7daa8864069493e09dd6511825aa939c5eeaf
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
common:
- Add settings to common pod templates and fix Cassandra
serviceMesh and MariaDB operator templates
- Added template for mongodb
- Empty lines to files added
readinessCheck:
- Add missing security settings
mariadb-init:
- add security settings in job
cassandra:
- Empty lines added to files
mongodb:
- make emptyDir volume size configurable
others:
- update chart dependency for mongodb in components
- fix linter errors in all files
Issue-ID: OOM-3295
Issue-ID: OOM-3296
Change-Id: Ieb64be337013e0477f7aaca9c75bb6a3f3264848
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
As hostPath volumes violate Cluster policies, they are
not allowed within pod definitions.
In our case only the "etc/localtime" is mounted to get
the timezone of the host, which is not required.
Issue-ID: OOM-3287
Change-Id: I6c8c8ea4e982d7e95e73f5fed7fc07ed47ceaab7
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Currently in ONAP the imagePullSecrets is hardcoded to
'onap-docker-registry-key' which is created by the
repository-wrapper component.
With this change the secrets can be configured via setting
global.imagePullSecrets and optionally per image if it is
configured as map (image.pullSecrets)
Issue-ID: OOM-3284
Change-Id: I8644f9b46043b6014219c42928e057b149df43a4
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Some settings are still wrongly interpreted (e.g. 0.02Gi)
Therefor they are changed to non-floating numbers (e.g. 20Mi)
Issue-ID: OOM-3273
Change-Id: Icc88dead1ac5b1df8629d6adcc438a739e20522e
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Update all resource settings to the kubernetes recommended
normalized form. Fix ReadinessCheck resource limits.
Issue-ID: OOM-3273
Change-Id: Ie10903b801e4dc1689bcec092162d711a431a7a6
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Add template for the postgres operator instance setup and
modifications to use the postgres instance via Operator
TBD: Update of documentation and fix for clients (DMaaP, CPS)
Issue-ID: OOM-3247
Change-Id: I56c34400dc73c71b936a51260efd231017adaeae
Signed-off-by: rajesh.kumar <rk00747546@techmahindra.com>
|
|
Add labels for DB deployments to be compliant with Istio
and kiali requirements
Issue-ID: OOM-3230
Change-Id: I937d9f326dae8e2c2496eace2e919aa0b8eb0171
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Update chart versions to 13.0.0 for Montreal
Issue-ID: OOM-3173
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Ie53fd021f01e459c464e44f4459a73ba0b00c172
|
|
Add monitoring to postgres db
Issue-ID: OOM-3161
Signed-off-by: miroslav.masaryk <miroslav.masaryk@telekom.com>
Change-Id: I470a8e9e471562d10ef423e23ad94b5c30db8740
|
|
Fix of resources template indent and therefore resources in components
Issue-ID: OOM-3104
Signed-off-by: miroslavmasaryk <miroslav.masaryk@telekom.com>
Change-Id: I825a3860db00cae4bb80b2aa2d82ac1a42b33124
|
|
Update chart versions 12.0.0 for London
Issue-ID: OOM-3046
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Ic196235ff4f6ae14a7ecad799bd75a9666b2594a
|
|
Use version 11.0.0 for Kohn
Issue-ID: OOM-2971
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Icc0e0839fc6def2035383b5fa4c9153fc15fafda
|
|
Strategy is set to Recreate instead of using default RollingUpdate
Issue-ID: CPS-894
Change-Id: Ia5a5f54512baa6445a161c43075f0c29679691d0
Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca>
|
|
Move all Chart.yaml to use apiVersion: 2
Move dependencies from requirements.yaml to Chart.yaml
Changes to all makeFiles
Changes to helm deploy plugin
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: I03c5290eee9e40f76eacbf171e774204cf5fb1c0
Issue-ID: OOM-2845
|
|
Use version 9.0.0 for Istanbul
Also update the doc.
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I03e11799bf487226784c98b04116f005c89d1e70
|
|
Add option for CPS to use common postgres
Issue-ID: OOM-2839
Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
Change-Id: Ida133999f26cf50d59103aa30a90c97fba3e66a0
|
|
- create a .pre-commit-config.yaml configuration file with
* gitlint
* trailing blanks linter
* tabs removal linter
- exclude .git folder from it
- exclude Makefiles since tabs are mandatory by default in them
- create a tox pre-commit profile to run it from tox
note gitlint is not runnable at this pre-commit stage
- create pre-commit-install and pre-commit-uninstall tox profiles to
(un)install hooks locally and (un)perform tests at each "git commit"
call (i.e. without calling manually the pre-commit tox profile)
- precise pre-commit stages/types in the pre-commit configuration file
so that hooks are installed correctly. This avoids messages about
skipped tests when they are run at a wrong stage.
Issue-ID: OOM-2643
Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com>
Change-Id: Ie95bb4f6f90be80b05a1398973caffeff7936881
|
|
Added the missing definition for imagePullSecrets in the
statefulsets.yaml
deployment.yaml
to support the registryGenerator
Issue-ID: OOM-2789
Signed-off-by: andreas-geissler <andreas-geissler@telekom.de>
Change-Id: I013ba52c9c49f95cd3d53fcaa9eb084adcbfe662
|
|
|
|
Set the newest version of crunchy-postgres image.
In this image python 2.x was replaced by python 3.x.
The crunchy-postgres image is used in few projects in the ONAP,
not only in vnfsdk.
Change-Id: I1799b6be66312d2418878533775c741b286bec61
Issue-ID: VNFSDK-647
Signed-off-by: Tomasz Pietruszkiewicz <tomasz.pietruszkiewicz@nokia.com>
|
|
Updating the documentation and bumping version to 8.0.0
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I6f942f1466fed64264c44fb8fc0e1ffc93a98f18
|
|
This changes fixes postgres data lost that occurs when postgres pods
are restarting.
When crunchy data postgres image starts, it runs /opt/cpm/bin/setenv.sh
script to set PGDATA folder. This script contains:
--
export PGDATA=/pgdata/$HOSTNAME
if [[ -v PGDATA_PATH_OVERRIDE ]]; then
export PGDATA=/pgdata/$PGDATA_PATH_OVERRIDE
fi
--
Since postgres is now a deployment (commit 0b243b600), its pod name is
different on each startup, hence HOSTNAME and PGDATA are also
different each time.
This change is leveraging crunchy data PGDATA_PATH_OVERRIDE environment
variable to set PGDATA to a fixed path. By default, this path is set to
/pgdata/data.
Issue-ID: CPS-271
Change-Id: Icc0f05d64230a98bc21d8f2a74c12c6661e05482
Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca>
|
|
CPS Helm charts added
Issue-ID: CPS-7
Co-authored-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca>
Co-authored-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Co-authored-by: Bruno Sakoto <bruno.sakoto@bell.ca>
Signed-off-by: Claudio David Gasparini <claudio.gasparini@pantheon.tech>
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Signed-off-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca>
Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca>
Change-Id: I027e5e4b3eec78ce889168f8796d55e6f9fd9be6
Signed-off-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca>
|
|
Update charts and requirements to 7.0.0.
Create release notes for Guilin
Update documentation
Issue-ID: OOM-2638
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I965ed6b6ebb7d74bfddaff73edd3dd55a657841c
|
|
This commit makes postgreSQL template to use the new generator for repositories
and images.
Issue-ID: OOM-2364
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Idac6c4cf2c36e3440d4a7c11bf7ed231d89cdb44
|
|
`registry.hub.docker.com` needs authentication now, in contrary to
previous behavior.
As OOM deployments is unauthenticated when using docker hib repository,
all OOM deployments is broken.
`docker.io` seems to be still OK with unauthenticated requests so let's
move to this endpoint.
Issue-ID: OOM-2636
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Iea81b882d347124af22b0a9c408081706b1c6c6d
|
|
Having limits is important in order to have safe deployment.
postgres didn't had one so let's add them.
Issue-ID: OOM-2230
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I279e01b6be6cddab1f792c75026b41dca5c6c694
|
|
|
|
Change-Id: I811b5a5fe6f6c77209ab7f7b2da5fe188cf7b2db
Signed-off-by: Jakub Latusek <j.latusek@samsung.com>
Issue-ID: OOM-2562
|
|
Change-Id: I8cb12dae07cc3984e7dcfc602afa4c2d07317e9a
Signed-off-by: Jakub Latusek <j.latusek@samsung.com>
Issue-ID: OOM-2562
|
|
Readiness container v3.x and up are now present in ONAP main repository.
They're also not using root user anymore and then script path has
changed.
Finally, "job_complete" script has been integrated in main "ready"
script.
As those changes are significant, we must upgrade all the components at
once.
Depends-On: I5afa83892043f4844afe12e61724a8d368a9f2e0
Issue-ID: OOM-2545
Signed-off-by: Grzegorz Lis <grzegorz.lis@nokia.com>
Change-Id: I0b4eb5dd86390273532d67d0a9696e1cfcadf110
|
|
Issue-ID: OOM-2479
Signed-off-by: Daniel Milaszkiewicz <daniel.milaszkiewicz@nokia.com>
Change-Id: Ic64b84db2c192cd5d737b5ef6d59aa4b4c20a48e
|
|
' is one of characters that are placed in passwords by our default
password generation algorith. As ' is a special character in SQL files
we need to escape it before substituting environment variables in .sql file.
Issue-ID: OOM-2317
Reported-by: Fiachra Corcoran <fiachra.corcoran@est.tech>
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I970eaf03fbcbfa8cb68df4a06ee27503d02d896a
|
|
Issue-ID: OOM-2250
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ibad1e8d523d2a182d2f43e1ae2b46fff07c11e01
|
|
ONAP is built using plain makefile rules. List of targets is generated
using wildcard function. Based on make changelog:
http://git.savannah.gnu.org/cgit/make.git/tree/NEWS
since version 3.82 wildcard is not going to sort its results which
means that charts are being processed in an arbitrary order which may
lead to build failure due to missing dependencies.
Since version 4.3 make started sorting the wildcard results once again
which may lead to build issues.
To avoid that and make our builds predictible independently from
Makefile version let's make sure that we always sort wildcard results.
Addinally let's use 'file://' instead of '@local' for charts in common
to resolve dependencies between them.
Issue-ID: OOM-2399
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Iacb02dcdbd577ce0e9ca1078dd0586d296ec9375
|
|
Use 6.0.0 in preparation for Frankfurt release
Issue-ID: OOM-2320
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I8ad82dfdf48b56c38c0e85d640b18cc13c8d9e67
|
|
It turned out that our current implementation of common secret
template is really heavy which makes onap linitng extremely long.
To improve the situation let's introduce some results caching instead
of processing templates over and over.
For now we cannot simply replace common secret template because in
mariadb-init we generate list of secrets on the fly so we will need
to revisit this fragment later.
Whole series of patches managed to reduce ONAP linting time to 40
mins.
Issue-ID: OOM-2051
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Id2e743147afa37290df19b73feee67621f13f67c
|
|
Postgres image that we are currently using uses sed to replace
passwords placeholders with their actual values at startup time.
This apprach is very fragile and leads to issues if & happens to be a
part of password as it has a special meaning in sed.
To fix this issue let's just extract the setup.sql file from the
container and process it on our own in init container using envsubst
and then mount it to the main container to be used.
Issue-ID: OOM-2317
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ifd51d8f0af0099958caa209185fb7a87a0480bd2
|
|
Use version 10.11 deployed by crunchydata scripts version 4.2.1.
this will:
* remove some CVEs (in particular CVE-2019-10164)
* use UTF-8 as default encoding
Issue-ID: OOM-2290
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I6f6ca18b48c435f55f5ffcb88e4f2dc83b758b84
|
|
The last line of the template rewrites PVC storage class and thus the
behavior is not the expected one.
This patch removes the faulty (and unecessary) line.
Issue-ID: OOM-1227
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ia0e2f6fbd7d40bbf0de719bbf35f0f0424e1a076
|
|
It seems that pgpool is never thus there is no need to spend
time moving it to common secret template
Issue-ID: OOM-2250
Change-Id: I237f9e01cec80bd47ff47c7eb4db282471cfad07
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
|
|
Use common secret template for storing DB credentials
Issue-ID: OOM-2250
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ic640bba21a368cf3dd7d3a712abd13907b86a217
|
|
When I did diff between deployment-primary and deployment-replica it
turned out that this is pretty much the same file apart from primary
and replica words.
To avoid making the same changes in both files, let's just introduce a
template that can be included with parameter.
Issue-ID: OOM-2246
Change-Id: Ia13b993b9f23008d6be6b3d0e8b745446048de4e
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
|
|
ONAP is too big to be deployed using helm install so we need to
use a custom helm plugin helm deploy. This script deloys onap
component by component instead of deploying evrything at
once. Unfortunately this script also modifies the helm release by
appending component name to it.
As a result of this behavior our objects are called for example:
onap-mariadb-galera-mariadb-galera-0
instead of just being called onap-mariadb-galera-0.
This patch simplifies this naming convention by replacing all direct
usages of .Release.Name with common.release macro which strips the
component specific part from the release name.
Issue-ID: OOM-2275
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ia8cead50d305adb00eef666d0a1ace74479b5183
|
|
When creating https://gerrit.onap.org/r/c/oom/+/99478, forgot to
backport storage class part of https://gerrit.onap.org/r/c/oom/+/98962.
Issue-ID: OOM-2234
Issue-ID: OOM-1227
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I3c42b28ad5bea67eda004b0209c8a21783b539f1
|
|
Instead of statefulset + inner work in the container, use deployments in
order to be more reliable
Change-Id: Icf4fe1303ae3489c822558e28bb08b69af2d4970
Issue-ID: OOM-2234
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
OOM has now templates in order to create the needed PVC, using:
* a PV with a specific class when using a common nfs mount path between
nodes (sames as today use) --> is the default behavior today
* or a storage class if we want to use dynamic PV.
On this case, we use (in order of priority):
- persistence.storageClassOverride if set on the chart
- global.persistence.storageClass if set globally
- persistence.storageClass if set on the chart
I've also aligned the PV creation of the different charts.
I've also aligned the PVC creation of the different charts.
I've removed unused mysql chart and (badly) used nfs-provisioner chart.
I've also make cassandra backup work with dynamic PV (but RWX only for
now).
Change-Id: I0ea3f8c7514ca648d94b6c682684c06b822bbe0a
Issue-ID: OOM-2229
Issue-ID: OOM-2228
Issue-ID: OOM-2227
Issue-ID: OOM-1227
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
Updating all helm chart versions to 5.0.0 for the El Alto release.
Merge will be co-ordinated with the merge of a separate aai/oom patch.
Please do not merge until this coordination has completed.
Issue-ID: OOM-1980
Signed-off-by: Mike Elliott <mike.elliott@amdocs.com>
Change-Id: I31daaebeacea33565f13affd2fa28fb15fe948ba
|
|
All charts are being bumped from 3.0.0 to 4.0.0 for the Dublin release.
In addition the requirement.yaml files have been updated to allow for
chart versions that include timestamp suffix. A following on patch will
take care of changes to the OOM Makefiles to support injection of the
timestamp versions.
Change-Id: Ie03d86fad2027e975e8b9106e3a828e4335037cb
Issue-ID: OOM-1642
Signed-off-by: Mike Elliott <mike.elliott@amdocs.com>
|