summaryrefslogtreecommitdiffstats
path: root/kubernetes/common
AgeCommit message (Collapse)AuthorFilesLines
2021-06-22Merge changes from topic "appc-common-db"Sylvain Desbureaux1-1/+2
* changes: [OOF] Use the common mariadb-galera instance [COMMON] Add port under mariadb-galera chart
2021-06-21Merge "[COMMON] Fix ${!name} bashisms"Sylvain Desbureaux2-4/+15
2021-06-16[COMMON] Fix $BASH_SOURCE and pushd/popd bashismsGuillaume Lambert1-1/+1
pointed out by checkbashisms. Issue-ID: OOM-2643 Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com> Change-Id: Ic9c4edc0fc6bd94a95bcb85d84379e868fb09930
2021-06-16[COMMON] Add port under mariadb-galera chartMahmoud Abdelhamid1-1/+2
Update mariadb-galera chart to add internalport value under (.Values. service) to resolve the port settings needed for the template (common. mariadbPort) under (common/_mariadb.tpl). This parameter will use the default value of mariadb 3306 which can be changed in component charts. Issue-ID: OOM-2773 Signed-off-by: Mahmoud Abdelhamid <mahmoud.abdelhamid@orange.com> Change-Id: I0d59ba42f07426b14ec7bc7f157392b5f10b9006
2021-06-11[COMMON] Fix docker-registry-key empty credsSatoshi Fujii1-1/+1
When image repository does not allow anonymous pull, image pull failed due to empty credentials in docker-registry-key secret. This change fixes _repository.tpl repository generator to refer to .global.repositoryCred in override.yaml . Issue-ID: OOM-2767 Signed-off-by: Satoshi Fujii <fujii-satoshi@jp.fujitsu.com> Change-Id: I3cd7eabcdda547e99e0461767a0451dc1e51132b
2021-06-11Merge "[COMMON][DGBUILDER] Update chart with service account"Sylvain Desbureaux3-0/+9
2021-06-10[COMMON][DGBUILDER] Update chart with service accountfarida azmy3-0/+9
Add service account to requirements.yaml, values.yaml and deployment/statefulset Issue-ID: OOM-2720 Signed-off-by: farida azmy <farida.azmy.ext@orange.com> Change-Id: Iefe02cad5b2069879d043d17465f248f1f731519
2021-06-08[COMMON] Remove CertService client mechanismPiotr Marcinkiewicz7-262/+0
- Remove cmpv2Certificate chart in order to deprecate CertService client mechanism. - Remove CertServiceClient init containers in SDNC. - Replace CMPv2CertManagerIntegration with cmpv2Enabled flag Issue-ID: OOM-2744 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I8c818fcf64a029552c8833f68b6ae95fad379c8d
2021-05-28[COMMON][ETCD-INIT] Add etcd-init chartkrishnaa967-1/+256
- etcd-init chart will provision the users and roles in a running etcd instance - Change etcd container name for readiness init container to work Issue-ID: OOM-2746 Signed-off-by: krishnaa96 <krishna.moorthy6@wipro.com> Change-Id: I0cb6d3830b0048c4d70f381815bd3f858ec31ae7
2021-05-26Merge "[COMMON] Fix condition bracket bashisms - step 1"Krzysztof Opasiak1-1/+1
2021-05-26[COMMON] Fix ${!name} bashismsGuillaume Lambert2-4/+15
pointed out by checkbashisms. Note this kind of indirections can only be replaced directly in POSIX by commands using eval. Security risks must be evaluated for each context where eval is called. For a safe use, the context must ensure that only a limited number of possible constrainted values are passed to eval. https://mywiki.wooledge.org/Bashism#Parameter_Expansions https://mywiki.wooledge.org/BashFAQ/006#Indirection Issue-ID: OOM-264 Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com> Change-Id: Id27f3ffd1ddb092a9c038d3a45d9e3278720eb62
2021-05-21Merge "[COMMON] Change import-custom-cert from bash to sh"Sylvain Desbureaux1-2/+2
2021-05-19[COMMON] Change import-custom-cert from bash to sha.sreekumar1-2/+2
As part of removing GPLv3 license, policy components have moved from bash to sh. This change is required in import-custom-certs script so that custom certificates can be imported into components that try to import them. Without this change, the init containers of the components will just fail. Change-Id: I6c5028428d4cd7c8baf3e96cb16a3cd91db57f9e Issue-ID: POLICY-3232 Signed-off-by: a.sreekumar <ajith.sreekumar@bell.ca>
2021-05-19[COMMON] Enhance ONAP common-service template - add IPv4/IPv6 supportUbuntu1-0/+5
Generic change for all common services by adding ipFamilyPolicy field. Dual Stack service exposure will be provided depending on k8s version (v1.20+). Signed-off-by: Magdalena Biernacka <magdalena.1.biernacka@nokia.com> Issue-ID: OOM-2749 Change-Id: Ia7236705010e625c19a22e42ec9a02c9f75a0ec5
2021-05-17[COMMON] Fix condition bracket bashisms - step 1Guillaume Lambert1-1/+1
pointed out by checkbashisms $ mycmd=$(tox -e checkbashisms | grep '(\[\[ foo \]\] should be \[ foo \])' | sed -e "s@^[^.]*\(.[^ ]*\) line \([0-9]*\) .*@sed -i '\2s/\\\[\\\[\\\( [^]]*\\\)\\\]\\\]/[\\\1]/g' \1;@") $ eval $mycmd plus fix manually quoting hells induced and bash specific regex and multi-conditions Issue-ID: OOM-2643 Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com> Change-Id: Ie7ca5b71938fae22c200b7fead418618160fbe19
2021-05-12[MUSIC][CASSANDRA] Use Startup probesSylvain Desbureaux3-10/+23
Instead of long initial delay on readiness and liveness probes, use startup probes and be more aggressive on readiness and liveness. Also, decrease number of replicas from 3 to 1 Issue-ID: OOM-2742 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ideb0ede251332e182b975ff18ca5a75bcbff2351
2021-05-12Merge "[COMMON][ROLES] Create default roles once"Krzysztof Opasiak9-85/+194
2021-05-11Merge "[COMMON] Update _mariadb.tpl to use the proper db"Krzysztof Opasiak1-1/+1
2021-05-11[COMMON][ROLES] Create default roles onceSylvain Desbureaux9-85/+194
Instead of creating all roles every time with service account chart, let's just create the specific ones for a chart and point to default one for the three default roles. In order to lighten serviceAccount chart, whole logic for default role creation is in `roles-wrapper`. Issue-ID: OOM-2729 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ib4d6a2669ca7d747320a4bccb65aac863eb60956
2021-05-11Merge "[DCAEGEN2] Add pem support in CMPv2 for dcaegen2-services"Sylvain Desbureaux1-2/+14
2021-05-11Merge "[COMMON] Add custom certs into AAF truststore"Krzysztof Opasiak1-1/+2
2021-05-10[DCAEGEN2] Add pem support in CMPv2 for dcaegen2-servicesPiotr Marcinkiewicz1-2/+14
- Add mounting certificates in pem format. - Add comment description to certificates in dcae values Issue-ID: DCAEGEN2-2688 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I546292c33e25e36376b98d42e08a3c4ffa95de64
2021-05-10Merge "[DCAEGEN2] Add CMPv2 support to dcaegen2-services"Krzysztof Opasiak1-1/+48
2021-05-10Merge "[COMMON][CASSANDRA] Higher PVC Claim for Cassandra"Krzysztof Opasiak1-1/+1
2021-05-10[DCAEGEN2] Add CMPv2 support to dcaegen2-servicesRemigiusz Janeczek1-1/+48
Add support for CMPv2 certificates in dcaegen2-services-common template Add CMPv2 certificates to HV-VES and VES charts Issue-ID: DCAEGEN2-2688 Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> Change-Id: I6ade2c24f240872e78df92ca31b30c779f86e38b
2021-05-10Merge "[COMMON][MARIADB] Use Startup probes"Krzysztof Opasiak2-6/+29
2021-05-10Merge "[COMMON][MARIADB] Give higher requests/limits"Krzysztof Opasiak1-6/+6
2021-05-08[COMMON][MARIADB] Use Startup probesSylvain Desbureaux2-6/+29
Instead of long initial delay on readiness and liveness probes, use startup probes and be more aggressive on readiness and liveness. Issue-ID: OOM-2740 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I86015a4a0c4ab313929c5bd103dedced1df88ec3
2021-05-07[COMMON][CASSANDRA] Higher PVC Claim for CassandraSylvain Desbureaux1-1/+1
After 3 monthes, usage of Cassandra disk is 8Gi. Moving PVC Claim to 10Gi in order to satisfy this. Issue-ID: OOM-1 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: If8de6fecdbbc49d588e4234a62f91f319531fca4
2021-05-07[COMMON] Update _mariadb.tpl to use the proper dbMahmoud Abdelhamid1-1/+1
Update common.mariadbService definition under _mariadb.tpl to use the proper name of DB in case of local installation Issue-ID: OOM-2736 Signed-off-by: Mahmoud Abdelhamid <mahmoud.abdelhamid@orange.com> Change-Id: I454915d493f692076eadbf6ccd69c2d93f36ffc4
2021-05-06Merge "[COMMON][CERTINIT] Generate cert with certInit"Krzysztof Opasiak7-2/+137
2021-05-06Merge "[COMMON][CASSANDRA] Use Startup probes"Krzysztof Opasiak2-4/+22
2021-05-06Merge "[COMMON][CERTS] Allow to provide custom certs easily"Krzysztof Opasiak3-1/+34
2021-05-06[COMMON][MARIADB] Give higher requests/limitsSylvain Desbureaux1-6/+6
With stability tests, we see that mariadb gets OOM killed and has some CPU throttling. Putting higher limits in order to make it no happen. Scaling also replicas from VFC and APPC db from 3 to 1. Issue-ID: INT-1883 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I2699b34ac5fcaa805c6fc01592c5a5f607b17fae
2021-05-06[COMMON][CERTS] Allow to provide custom certs easilySylvain Desbureaux3-1/+34
Instead of mandating to provide custom certificates before creation of helm packages, let's propose to include certificates from a known secret or configmap. The current implementation will first search for secret and if not provided will look for configmap. Issue-ID: OOM-2731 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: If2f90adc18efe59c0516db9409964a236bd17a66
2021-05-06[COMMON][CERTINIT] Generate cert with certInitSylvain Desbureaux7-2/+137
Some components are http based but want to be usable from outside world. Instead of dealing with TLS part on the component itself, let's use certInitializer to generate a secret with the certs which will be usable by Ingress Issue-ID: SO-3078 Issue-ID: SO-3237 Issue-ID: CPS-281 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: If166716d159586b1eb94c111e9d3d82a54c2fd6e
2021-05-06[COMMON][CASSANDRA] Use Startup probesSylvain Desbureaux2-4/+22
Instead of long initial delay on readiness and liveness probes, use startup probes and be more aggressive on readiness and liveness. Issue-ID: OOM-2741 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: If60f345fd1e11fd1419cee58efb7d53e56dc5c79
2021-05-06[COMMON][MUSIC] Simplify cert retrieval scriptSylvain Desbureaux1-2/+1
As retrieving values is now done via a generic script, let's clean a little bit cert retrieval in order to remove unneeded part. Issue-ID: OOM-2688 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I9da14ac5079b2888352bccb8eae984c8421d900f
2021-04-30[DCAE] Common template update for policy sidecarvv770d2-1/+8
Template enhanced to include policy sidecar support for DCAE components Issue-ID: DCAEGEN2-2689 Change-Id: Ida7eeadbcc2df2af9579fdda939d0427a7963b63 Signed-off-by: vv770d <vv770d@att.com>
2021-04-27Merge "[COMMON] Fix condition equality bashisms"Krzysztof Opasiak3-9/+9
2021-04-27Merge "[PLATFORM] Generate Cert-Service certs with Cert-Manager"Sylvain Desbureaux6-62/+74
2021-04-26[COMMON][MARIADB] Align conf with camunda needsSylvain Desbureaux1-0/+6
Camunda has given a guide in order to configure camunda (https://docs.camunda.org/manual/latest/user-guide/process-engine/database/mariadb-galera-configuration/). Applying it to ONAP camunda configuration. gitlint-ignore: B1, body-max-line-length Issue-ID: INT-1883 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ie0cb1c70e4271496ffd5e51ce1d816785f88689f
2021-04-22[PLATFORM] Generate Cert-Service certs with Cert-ManagerPiotr Marcinkiewicz6-62/+74
Utilize Cert-Manager to secure communication between Cert-Service and its clients, adjust templates and configs. Issue-ID: OOM-2712 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I96426b1a184b4d254575e76d29214d9deda08cce Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
2021-04-19[COMMON] Add custom certs into AAF truststoreSylvain Desbureaux1-1/+2
Instead of creating a truststore nobody is using when using AAF, let's reuse AAF truststore and onboard certs in it. Issue-ID: OOM-2730 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Idb1af0357e286d9536c5d16f592068b61f885b0a
2021-04-19Merge "[COMMON] Fix function declarations bashisms"Sylvain Desbureaux1-2/+2
2021-04-16[COMMON] Fix condition equality bashismsGuillaume Lambert3-9/+9
pointed out by checkbashisms. $ mycmd=$(tox -e checkbashisms | grep "(should be 'b = a')" | sed -e "s@^[^.]*\(.[^ ]*\) line \([0-9]*\) .*@sed -i -e '\2s/==/=/g' \1;@") $ eval $mycmd Issue-ID: OOM-2643 Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com> Change-Id: I9032130bc4717e111de11a73187c2f1052376e45
2021-04-14[COMMON] Fix function declarations bashismsGuillaume Lambert1-2/+2
pointed out by checkbashisms. $ mycmd=$(tox -e checkbashisms | grep "^possible .*'function' is useless " | sed -e "s@^[^.]*\(.[^ ]*\) line \([0-9]*\) .*@sed -i -e '\2s/functio n \\\([^ ()]*\\\) *(\\\?)\\\?/\\\1 ()/\' -e '\2s/(){/() {/' \1;@") $ eval $mycmd Issue-ID: OOM-2643 Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com> Change-Id: Ic41c8ba8288b7a90db9f5775cd601c09ff2ab663
2021-04-14Merge "[COMMON] Use proper format specifiers to printf masterPassword"Sylvain Desbureaux1-3/+3
2021-04-13[COMMON] Use proper format specifiers to printf masterPasswordKrzysztof Opasiak1-3/+3
%s should be used instead of %d to printf strings. Even though with %d everything works perfectly fine (as we just need any string) let's fix this. Issue-ID: OOM-2328 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I338c47b0f2a82c698c44579737f698b1f19ade38
2021-04-13[COMMON] Fix shell scripts missing shebangsGuillaume Lambert1-2/+2
pointed out by checkbashisms. $ tox -e checkbashisms |grep 'interpreter line' | cut -d' ' -f2 |xargs grep -lv '#!/bin/sh' | xargs sed -i -e '1i#!/bin/sh' -e '1i\\' plus manual fixes Issue-ID: OOM-2643 Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com> Change-Id: Ic41fec6ebadd162cecf889f2b119ac82551bd21d