summaryrefslogtreecommitdiffstats
path: root/kubernetes/common
AgeCommit message (Collapse)AuthorFilesLines
2020-10-20[COMMON] Make certInitializer share truststore among instancesKrzysztof Opasiak7-3/+63
Truststore is quite heavy. If it is included several times in the component it can easily cross helm chart size limit. To fix this issue let's make sure that the truststore is created only once and then shared among all certInitializer instances. Issue-ID: AAF-1134 Change-Id: I546a88fea3fe869748194682e7dcf3ad566282ab Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-10-20Merge "Update makefiles to use specific helm version"Krzysztof Opasiak1-7/+8
2020-10-20Merge "[COMMON] Add limits to postgres deployments."Krzysztof Opasiak2-20/+30
2020-10-19[COMMON] Add limits to postgres deployments.Sylvain Desbureaux2-20/+30
Having limits is important in order to have safe deployment. postgres didn't had one so let's add them. Issue-ID: OOM-2230 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I279e01b6be6cddab1f792c75026b41dca5c6c694
2020-10-16Update makefiles to use specific helm versionJakub Latusek1-7/+8
Helm is now called by HELM_BIN variable which by default is set to helm and makefiles use helm from path. HELM_BIN can be overwritten so user can have two version of helm in system and choose which one to use. Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562 Change-Id: I0917796aafe234e87afa0ac3c4c15720296276d5
2020-10-16Merge "[SDC] Fix MSB annotation for sdc-be service port"Sylvain Desbureaux1-0/+1
2020-10-15Merge "[COMMON] More generic Cassandra backup"Sylvain Desbureaux1-3/+3
2020-10-15Merge "[COMMON] Use lowercase in common.fullname during linting in helm3"Sylvain Desbureaux1-1/+1
2020-10-14[COMMON] More generic Cassandra backupMarat Salakhutdinov1-3/+3
This patch will fix handling of the backup of cassandra installed with different than "cassandra" common name. Issue-ID: OOM-2596 Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca> Change-Id: Ifff440af79d6626fdbd1c2948795f98aabd167d7
2020-10-14[SDC] Fix MSB annotation for sdc-be service portSatoshi Fujii1-0/+1
Currently sdc-be 8080(http) port is disabled and no longer used, but the MSB annotation still points to that port so an issue occurs when a client tries to communicate with SDC via MSB. This will change the service port to 8443(https) in the annotation, and also pass 'enable_ssl' param so that MSB will use https scheme in proxying communication. Issue-ID: SDC-3314 Signed-off-by: Satoshi Fujii <fujii-satoshi@jp.fujitsu.com> Change-Id: I0f11fbe55fb21048571b657249b01065a2c0b443
2020-10-13Merge "[COMMON] Add limits to mongo statefulsets."Krzysztof Opasiak2-10/+17
2020-10-12[COMMON] Use lowercase in common.fullname during linting in helm3Jakub Latusek1-1/+1
.Template.BasePath return <component_name>/templates during linting. Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562 Change-Id: I9e44eca46334ac4c4d884f2aa71ad197283363a1
2020-09-29[common/elasticsearch] update elasticsearch imageAlexander Dehn3-3/+3
switch to version 7.6.2 in guilin Issue-ID: OOM-2579 Signed-off-by: Alexander Dehn <alexander.dehn@highstreet-technologies.com> Change-Id: I08e226b1898ee299e8cdf1165f2783b857bcfb03 Signed-off-by: Alexander Dehn <alexander.dehn@highstreet-technologies.com>
2020-09-25Merge "[DCAEGEN2][OOM] Update k8splugin configs"Sylvain Desbureaux1-1/+5
2020-09-24Don't use GNU make new shell assignment operatorBartek Grzybowski1-1/+1
Shell assignment operator "!=" is a new feature in GNU make 4.0 and breaks the chart build on previous versions of make which is still present in many still supported Linux distros. Change-Id: I74c3c5e910ff7b1344c3da95fa76d11ec31b37c6 Issue-ID: OOM-2562 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-09-24[DCAEGEN2][OOM] Update k8splugin configsJan Malkiewicz1-1/+5
Top up certservice-api image Update config for k8splugin 3.4.1: - update images of certservice-client - add certservice-client secret name to config - add certservice-post-processor image to config CertPostProcessor is an application which appends CMPv2 truststore entries to AAF CertMan truststore and allows swapping AAF CertMan keystore for CMPv2 keystore. Issue-ID: DCAEGEN2-2253 Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com> Change-Id: Icc7020d8e1431f4ba2f49206b84bf3930d3c2c23
2020-09-23[COMMON] Add limits to mongo statefulsets.Sylvain Desbureaux2-10/+17
Having limits is important in order to have safe deployment. mongo didn't had one so let's add them. Issue-ID: OOM-2230 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I4791b924693e4e1eaac14077d4f30e3d29228779
2020-09-21[SDNC/CCSDK] Guilin version bumpDan Timoney1-1/+1
Bump image versions to use Guilin M4 version of SDNC images and of CCSDK dgbuilder. Note - SDNR remains disabled in this commit pending fix to its endpoint. Also, note that CDS version bump is not included - that will be submitted as a separate review. Issue-ID: SDNC-1355 Signed-off-by: Dan Timoney <dtimoney@att.com> Change-Id: I8d660a8e303a18d4674f832b9239fa50c5abf3f2
2020-09-18Merge "[OOM] Moving cert-service to platform"Sylvain Desbureaux1-3/+3
2020-09-18Merge "[CCSDK] Configure dgbuilder to use certInitializer"Sylvain Desbureaux4-21/+53
2020-09-18Merge "Use lowercase in common.fullname during linting in helm3"Sylvain Desbureaux1-0/+5
2020-09-18[OOM] Moving cert-service to platformMaciej Malewski1-3/+3
aaf-cert-service has been renamed to oom-cert-service and moved from oom/kubernetes/aaf/components to oom/kubernetes/platform/components. All aaf-cert-service references have been replaced with oom-cert-service. Issue-ID: OOM-2526 Change-Id: I70ef4bf3ee7085a5ef7075bde68eb0ea0a95ebf7 Signed-off-by: Maciej Malewski <maciej.malewski@nokia.com>
2020-09-17[CCSDK] Configure dgbuilder to use certInitializerDan Timoney4-21/+53
This change makes the following fixes to dgbuilder: * Replace hard-coded certificate with certificate generated by certInitializer * Configure dgbuilder to use http instead of https if AAF is disabled (i.e. global aafEnabled property = false) * Add resource limits Issue-ID: SDNC-1356 Signed-off-by: Dan Timoney <dtimoney@att.com> Change-Id: I8ca97c6a44f62a0abe5b5a6f8564ebcd2e4addb1
2020-09-17Use lowercase in common.fullname during linting in helm3Jakub Latusek1-0/+5
Helm3 linting check if object name conform Kubernetes naming requirements Change-Id: I03ac6f4c33048b59d495390a38f4adf6d3afa489 Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562
2020-09-17Merge "Use lowercase in secret name during helm3 linting"Sylvain Desbureaux1-0/+4
2020-09-16Merge "Use helm-push plugin"Sylvain Desbureaux1-0/+6
2020-09-16Merge "Use common.resources template to generate resources"Sylvain Desbureaux1-1/+1
2020-09-16Merge "Remove field not defined in statefulset specification"Sylvain Desbureaux1-13/+0
2020-09-16Merge "Remove field not defined in deployment specification"Sylvain Desbureaux1-1/+0
2020-09-16Merge "Use default password during linting in helm3"Sylvain Desbureaux1-0/+3
2020-09-16Use helm-push pluginJakub Latusek1-0/+6
Helm3 remove serve command, instead developer suggest to use chartMuseum. In makefile we check helm version and for helm3 we use helm-push plugin to push chart package to local repository Change-Id: I50800c4577140d6dcbd363142efdf625a5ea9e2e Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562
2020-09-15Use common.resources template to generate resourcesJakub Latusek1-1/+1
Change-Id: Ibb947b44286f9f3df4a2b5c9e1cef9c3f76cde6b Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562
2020-09-15Remove field not defined in statefulset specificationJakub Latusek1-13/+0
Change-Id: I70d5571f51a297bf164a299f614b0809576cd65f Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562
2020-09-15Remove field not defined in deployment specificationJakub Latusek1-1/+0
Change-Id: I811b5a5fe6f6c77209ab7f7b2da5fe188cf7b2db Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562
2020-09-15Use lowercase in secret name during helm3 lintingJakub Latusek1-0/+4
Change-Id: I69b66828ba23db07c4885ae058e229a0af3e8df2 Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562
2020-09-15Use default password during linting in helm3Jakub Latusek1-0/+3
Helm3 change release name during linting to test-release Change-Id: Iabc6fc8cd0c9bb6d707d1432d4b9cadaabbbc97e Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562
2020-09-15Replace YAML comments with helm comments in templatesJakub Latusek36-2/+73
Change-Id: I8cb12dae07cc3984e7dcfc602afa4c2d07317e9a Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562
2020-09-15Merge "[common] Add application mount path to cert initializer"Sylvain Desbureaux2-1/+2
2020-09-12[common] Add application mount path to cert initializerkrishnaa962-1/+2
Add new mount path value in values.yaml to specify app mount path Issue-ID: OPTFRA-803 Signed-off-by: krishnaa96 <krishna.moorthy6@wipro.com> Change-Id: I70771e0ab6ec16f7f4cfadcb8448ecfdfb6e8f4b
2020-09-11[TREE-WIDE] Use faster version of common secret templateKrzysztof Opasiak1-2/+2
Replace all calls to common.secret with a faster version to save some linting time. Issue-ID: OOM-2248 Change-Id: I3372c87226d5dd8b7468ebed2d77e7ceceba5777 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-09-09[COMMON] Make mongo run as non-rootKrzysztof Opasiak2-0/+10
Use our helper template and k8s features to make mongodb run as a non-root user as per Guiling requirements. Issue-ID: DCAEGEN2-2424 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I44bc079a2cc49dc1b0f1da88e220290098e909d5
2020-09-08Merge "[CLAMP,COMMON] Escape special chars in mysql passwords"Sylvain Desbureaux1-2/+3
2020-09-07Merge "[COMMON] Use faster version of common secret template"Krzysztof Opasiak3-27/+23
2020-09-07Merge "[COMMON] Allow to initialize custom mariadb instance"Krzysztof Opasiak2-5/+14
2020-09-07Merge "[COMMON/elasticsearch] Avoid 'Warning: Merging destination map for ↵Sylvain Desbureaux9-72/+64
chart'"
2020-09-07Merge "[COMMON] Allow to set default password complexity"Sylvain Desbureaux1-1/+14
2020-09-06[COMMON] Use faster version of common secret templateKrzysztof Opasiak3-27/+23
Replace all calls to common.secret in mariadb-init with the faster version common.secretFast to save some linting time. Issue-ID: OOM-2248 Change-Id: Id1658b46f3322ecc68155fafd72480e922978369 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-09-06[COMMON] Allow to initialize custom mariadb instanceKrzysztof Opasiak2-5/+14
Add the ability to use mariadb-init to create databases in any mariadb-galera instace not only the common one. Issue-ID: OPTFRA-800 Change-Id: Idfeacc9af49620378eb5b06ae3628f92e740cc65 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-09-04[GENERAL] Use readiness container v3.0.1Sylvain Desbureaux24-69/+52
Readiness container v3.x and up are now present in ONAP main repository. They're also not using root user anymore and then script path has changed. Finally, "job_complete" script has been integrated in main "ready" script. As those changes are significant, we must upgrade all the components at once. Depends-On: I5afa83892043f4844afe12e61724a8d368a9f2e0 Issue-ID: OOM-2545 Signed-off-by: Grzegorz Lis <grzegorz.lis@nokia.com> Change-Id: I0b4eb5dd86390273532d67d0a9696e1cfcadf110
2020-09-02[COMMON] Allow to set default password complexityKrzysztof Opasiak1-1/+14
With the introduction of common secret template many of ONAP passwords started being automatically generated. The algorithm that we use for this purpose allows to choose the complexity of generated password. By default we use "long" which contains special characters. Unfortunately this turns out to often cause some issue. To make our deployment more stable and user friendly lets allow the deployer to choose the desired password complexity. Issue-ID: OOM-2328 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ib7a412e19f6b44f20c8ac388393936cf5d967d4e