summaryrefslogtreecommitdiffstats
path: root/kubernetes/common
AgeCommit message (Collapse)AuthorFilesLines
2021-02-12[MUSIC] Update certificateSylvain Desbureaux2-2/+1
Use fresh certificate in Music Issue-ID: OOM-2673 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I410f459ed2446bbae290e277747314708f5f97a5
2021-01-26[COMMON][ETCD] Skip startup self-discovery for etcd nodesKonrad Bańka1-0/+4
Current startup script of etcd checks whether all assumed other nodes are already running, before proceeding. This check, however, also includes checking localhost, but due to using headless service statefulset pod DNS discovery, it doesnt succeed immediately. In some deployments k8s DNS server may be laggy, thus failing startup script to finish before liveness check. This patch fixes such failures of 1 pod etcd clusters, and improves startup time for any size ones. Signed-off-by: Konrad Bańka <k.banka@samsung.com> Issue-ID: OOM-2668 Change-Id: I2f9263a0f4964b0a495631775d0cbbceef25e85b
2021-01-21Merge "[COMMON][CERTS] Use sh to onboard custom certs" into guilinKrzysztof Opasiak2-8/+14
2021-01-20Merge "[COMMON] Configure paths for Ingress" into guilinKrzysztof Opasiak1-31/+7
2021-01-19[COMMON][CERTS] Use sh to onboard custom certsSylvain Desbureaux2-8/+14
Today, onboarding custom certificates relies on `bash`. But image used for that doesn't have bash. Therefore, we need to use `sh` in order to onboard the certs. Issue-ID: OOM-2666 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ia8087bd9484a013ac76044681059f634a4e45eb8
2021-01-07[PLATFORM] Update cert service images to 2.1.1Piotr Marcinkiewicz1-2/+2
Align Cert Service Api to RFC4210. Fix Cert Service Client CA_NAME validation. Issue-ID: OOM-2656 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: Ia510b67b3d4e993df89a6be2c0899115b7e31dc7
2021-01-07[COMMON] Configure paths for IngressSylvain Desbureaux1-31/+7
Instead of globally choosing between virtualhosts and path based ingress, it's better to allow to choose it per component. Issue-ID: OOM-2641 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I952826d03722693ebae7c95a083b95bf83752d68 (cherry picked from commit afae229d3a7eb8c20633e049d3f597fb2eab7bbc)
2020-12-10Revert "[COMMON] add pre upgrade script for mariadb-galera"Sylvain Desbureaux5-437/+1
This reverts the following commits: * eb9eb59171a43d25fb012aaad0a1d37ca86bc2bf * a72170b49e04aacb2ff476965904900fe5559fef Reason for revert: upgrade script is not working well in all situations Issue-ID: INT-1633 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ia61a08d1e6cc4499525d82c5b2dfd83cf2d6a3e8
2020-11-30[COMMON][DOC] Bump version GuilinSylvain Desbureaux44-54/+54
Update charts and requirements to 7.0.0. Create release notes for Guilin Update documentation Issue-ID: OOM-2638 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I965ed6b6ebb7d74bfddaff73edd3dd55a657841c (cherry picked from commit 4f9902b6e7b5c70588160266276904ab81832867)
2020-11-26[COMMON] Readiness check has an improper imageSylvain Desbureaux1-0/+2
when repository is not globally set, readinessCheck gives back "empty" value for repository, leading to a bad rendered chart. Issue-ID: OOM-2592 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ic4e8553ca4dfed8e476ecb743d4434e0562ba295
2020-11-12[CCSDK] Fix for naming serviceDan Timoney1-1/+1
Updated version of network-name-gen microservice to 1.0.2, which contains fix for database initialization error (CCSDK-2978). Issue-ID: CCSDK-2978 Signed-off-by: Dan Timoney <dtimoney@att.com> Change-Id: I25fb44188086181714cfdd3b864ad69bad8f28bf
2020-11-03[SDNC][CCSDK] Update SDNC and CCSDK image versions for Guilin RC1Dan Timoney2-2/+2
Update SDNC and CCSDK image versions to proper Guilin RC1 version. Issue-ID: CCSDK-2931 Issue-ID: SDNC-1402 Signed-off-by: Dan Timoney <dtimoney@att.com> Change-Id: I9d711d6c3e7c3130680fe3459326be0b5dd2e555
2020-11-02Merge "[COMMON] Add limits to cassandra statefulsets."Krzysztof Opasiak2-14/+11
2020-10-29[COMMON] Loosen limits for ElasticsearchSylvain Desbureaux1-2/+2
Limits set seemed to be to hard, loosening them in order to make it work. Issue-ID: REQ-362 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I99aa55fb2564683f4968e5831e9e7b9aaa751054
2020-10-27Merge "[COMMON] allow multiline config for aaf add config"Krzysztof Opasiak1-1/+1
2020-10-27Merge "[COMMON] Add TLS for Ingress configuration"Krzysztof Opasiak1-4/+24
2020-10-27Merge "[COMMON] Add limits to Elasticsearch"Krzysztof Opasiak1-13/+10
2020-10-27Merge "[COMMON] change comment style"Sylvain Desbureaux5-0/+10
2020-10-26[COMMON] allow multiline config for aaf add configSylvain Desbureaux1-1/+1
Use trim function in order to remove the 4 first spaces that breaks configuration when aaf add config is a multiline (a.k.a uses `|`) YAML entry. Issue-ID: OOM-2611 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ib53a8a87f896a66ba613d542cfca833804ef1d7a
2020-10-26[COMMON] Add TLS for Ingress configurationSylvain Desbureaux1-4/+24
Instead of setting TLS termination at POD level, it may be interesting to terminate it at Ingress level. This patch add the ability to do that using "Ingress" templates. In order to achieve it, you need to configure it this way in `values.yaml`: ```yaml ingress: enabled: false service: - baseaddr: 'my-endpoint' name: 'my-service' port: 8080 config: tls: secret: my-service-ingress-certs ``` Secret (here `my-service-ingress-certs`) must follow Kubernetest `kubernetes.io/tls` type: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls Issue-ID: SO-3078 Issue-ID: SO-3237 Issue-ID: OOM-2609 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I76c0929d53289a581bc26d0d03cc8b9bd72d0fd1
2020-10-26[COMMON] Add limits to cassandra statefulsets.Sylvain Desbureaux2-14/+11
Having limits is important in order to have safe deployment. cassandra didn't had one so let's add them. Issue-ID: OOM-2230 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Id3fef8c351f1be977eab49abd111304b9edd9151
2020-10-23[COMMON] Fix URL override for cassandra backup cronjobMarat Salakhutdinov1-1/+1
It is not possible to override Cassandra backup cronjob image URL currently. This might cause the problem if non standard repository is used. This patch is fixing that issue. Issue-ID: OOM-2608 Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca> Change-Id: I1eb0a97d1a852d16f8d1662f543c3f583e873a5d
2020-10-22Merge "[Tree-wide] Add helmignore to ignore components"Sylvain Desbureaux1-0/+1
2020-10-22[COMMON] change comment styleJakub Latusek5-0/+10
Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Change-Id: I21ea78c96ff8bd5e729f2228f761df534f515358 Issue-ID: OOM-2562
2020-10-21Merge "[COMMON] Move onap truststore to cert-wrapper"Krzysztof Opasiak6-11/+27
2020-10-21Merge "[COMMON] Make certInitializer share truststore among instances"Krzysztof Opasiak7-3/+63
2020-10-21[Tree-wide] Add helmignore to ignore componentsKrzysztof Opasiak1-0/+1
components directory takes up a lot of space and is included during helm package Lets remove it using .helmignore This is just a copy of idea showed in: "[OOF] Add helmignore to ignore components" by krishnaa96 <krishna.moorthy6@wipro.com> Issue-ID: OOM-2534 Suggested-by: krishnaa96 <krishna.moorthy6@wipro.com> Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I25c82e79ba2c472b7761a63365573188ab8db56b
2020-10-20Merge "[COMMON] Lower limit requirements for mariadb"Krzysztof Opasiak1-4/+4
2020-10-20[COMMON] Move onap truststore to cert-wrapperKrzysztof Opasiak6-11/+27
certInitializer is included multiple times in number of different projects. If it contains the truststore then under if it is not used it increases the size of the chart itself so that it our final ONAP chart does not fit into default 20 Mb chartmuseum limit. Let's resolve this by moving the configmap and its content to the cert-wrapper which is included only once per onap instance. Issue-ID: AAF-1134 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I654d9158e7b776c012653dbef2c8091a393635f0
2020-10-20[COMMON] Make certInitializer share truststore among instancesKrzysztof Opasiak7-3/+63
Truststore is quite heavy. If it is included several times in the component it can easily cross helm chart size limit. To fix this issue let's make sure that the truststore is created only once and then shared among all certInitializer instances. Issue-ID: AAF-1134 Change-Id: I546a88fea3fe869748194682e7dcf3ad566282ab Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-10-20Merge "Update makefiles to use specific helm version"Krzysztof Opasiak1-7/+8
2020-10-20Merge "[COMMON] Add limits to postgres deployments."Krzysztof Opasiak2-20/+30
2020-10-20[COMMON] Add limits to ElasticsearchSylvain Desbureaux1-13/+10
Requests were set for Elasticsearch but not limits. Add some limits and updating requests on real usage. Issue-ID: REQ-362 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I8ccfa22dfafceb79fafb1c6f180c77d49cedb00d
2020-10-19[COMMON] Add limits to postgres deployments.Sylvain Desbureaux2-20/+30
Having limits is important in order to have safe deployment. postgres didn't had one so let's add them. Issue-ID: OOM-2230 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I279e01b6be6cddab1f792c75026b41dca5c6c694
2020-10-16Update makefiles to use specific helm versionJakub Latusek1-7/+8
Helm is now called by HELM_BIN variable which by default is set to helm and makefiles use helm from path. HELM_BIN can be overwritten so user can have two version of helm in system and choose which one to use. Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562 Change-Id: I0917796aafe234e87afa0ac3c4c15720296276d5
2020-10-16Merge "[SDC] Fix MSB annotation for sdc-be service port"Sylvain Desbureaux1-0/+1
2020-10-15Merge "[COMMON] More generic Cassandra backup"Sylvain Desbureaux1-3/+3
2020-10-15Merge "[COMMON] Use lowercase in common.fullname during linting in helm3"Sylvain Desbureaux1-1/+1
2020-10-14[COMMON] More generic Cassandra backupMarat Salakhutdinov1-3/+3
This patch will fix handling of the backup of cassandra installed with different than "cassandra" common name. Issue-ID: OOM-2596 Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca> Change-Id: Ifff440af79d6626fdbd1c2948795f98aabd167d7
2020-10-14[SDC] Fix MSB annotation for sdc-be service portSatoshi Fujii1-0/+1
Currently sdc-be 8080(http) port is disabled and no longer used, but the MSB annotation still points to that port so an issue occurs when a client tries to communicate with SDC via MSB. This will change the service port to 8443(https) in the annotation, and also pass 'enable_ssl' param so that MSB will use https scheme in proxying communication. Issue-ID: SDC-3314 Signed-off-by: Satoshi Fujii <fujii-satoshi@jp.fujitsu.com> Change-Id: I0f11fbe55fb21048571b657249b01065a2c0b443
2020-10-13[COMMON] Lower limit requirements for mariadbSylvain Desbureaux1-4/+4
requests/limits for "small" deployments are too big compared to actual usage. Issue-ID: OOM-2230 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I2e3f6dae57714ddc85d2fc04a3793fe034ccc8ef
2020-10-13Merge "[COMMON] Add limits to mongo statefulsets."Krzysztof Opasiak2-10/+17
2020-10-12[COMMON] Use lowercase in common.fullname during linting in helm3Jakub Latusek1-1/+1
.Template.BasePath return <component_name>/templates during linting. Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562 Change-Id: I9e44eca46334ac4c4d884f2aa71ad197283363a1
2020-09-29[common/elasticsearch] update elasticsearch imageAlexander Dehn3-3/+3
switch to version 7.6.2 in guilin Issue-ID: OOM-2579 Signed-off-by: Alexander Dehn <alexander.dehn@highstreet-technologies.com> Change-Id: I08e226b1898ee299e8cdf1165f2783b857bcfb03 Signed-off-by: Alexander Dehn <alexander.dehn@highstreet-technologies.com>
2020-09-25Merge "[DCAEGEN2][OOM] Update k8splugin configs"Sylvain Desbureaux1-1/+5
2020-09-24Don't use GNU make new shell assignment operatorBartek Grzybowski1-1/+1
Shell assignment operator "!=" is a new feature in GNU make 4.0 and breaks the chart build on previous versions of make which is still present in many still supported Linux distros. Change-Id: I74c3c5e910ff7b1344c3da95fa76d11ec31b37c6 Issue-ID: OOM-2562 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-09-24[DCAEGEN2][OOM] Update k8splugin configsJan Malkiewicz1-1/+5
Top up certservice-api image Update config for k8splugin 3.4.1: - update images of certservice-client - add certservice-client secret name to config - add certservice-post-processor image to config CertPostProcessor is an application which appends CMPv2 truststore entries to AAF CertMan truststore and allows swapping AAF CertMan keystore for CMPv2 keystore. Issue-ID: DCAEGEN2-2253 Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com> Change-Id: Icc7020d8e1431f4ba2f49206b84bf3930d3c2c23
2020-09-23[COMMON] Add limits to mongo statefulsets.Sylvain Desbureaux2-10/+17
Having limits is important in order to have safe deployment. mongo didn't had one so let's add them. Issue-ID: OOM-2230 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I4791b924693e4e1eaac14077d4f30e3d29228779
2020-09-21[SDNC/CCSDK] Guilin version bumpDan Timoney1-1/+1
Bump image versions to use Guilin M4 version of SDNC images and of CCSDK dgbuilder. Note - SDNR remains disabled in this commit pending fix to its endpoint. Also, note that CDS version bump is not included - that will be submitted as a separate review. Issue-ID: SDNC-1355 Signed-off-by: Dan Timoney <dtimoney@att.com> Change-Id: I8d660a8e303a18d4674f832b9239fa50c5abf3f2
2020-09-18Merge "[OOM] Moving cert-service to platform"Sylvain Desbureaux1-3/+3