summaryrefslogtreecommitdiffstats
path: root/kubernetes/common
AgeCommit message (Collapse)AuthorFilesLines
2020-05-26Naming micro-service - Helm chart values updates.bt29832-3/+17
Changes requested by Yuriy. Moved policy password to secrets. Issue-ID: CCSDK-1307 Signed-off-by: bt2983 <bt2983@att.com> Change-Id: Ibec80f147ad1f7623b5915afd0072f7add76ef9f (cherry picked from commit 91566f00ca5ad9d76ff658f05fc8596ab481287a)
2020-05-22Naming micro-service - Helm chart values updates.bt29831-1/+1
Changes requested by Yuriy. Updated Policy URL. Issue-ID: CCSDK-1307 Signed-off-by: bt2983 <bt2983@att.com> Change-Id: I8880fdc5a3a3611f036b3277991c5880f250f3f7 (cherry picked from commit 06961eb7abf0b71206f414e8a2456e0801e32ed0)
2020-05-18Merge "[COMMON] Use "" instead of {} as a default value to avoid warning" ↵Sylvain Desbureaux1-1/+1
into frankfurt
2020-05-18[COMMON] Enable password generation in postgresKrzysztof Opasiak1-3/+3
Issue-ID: OOM-2250 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ibad1e8d523d2a182d2f43e1ae2b46fff07c11e01 (cherry picked from commit b51ee37db0bf164fb24961c5f1146e22ea245dfa)
2020-05-18[COMMON] Use "" instead of {} as a default value to avoid warningKrzysztof Opasiak1-1/+1
After we upgraded our helm version we started getting below issues with emails: Warning: Merging destination map for chart 'curator'. Overwriting table item 'image', with non table value: onap/sdnc-image:1.8.2 To fix this let's just use "" instead of () for our daily operations. Issue-ID: OOM-2412 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I5f2c215c281036a7eb921d6a805527c807a4aca9 (cherry picked from commit 8953675506f4b3807502a3be73b846ab5fe79c67)
2020-05-12[Tree-wide] Make chart build process predictibleKrzysztof Opasiak13-17/+16
ONAP is built using plain makefile rules. List of targets is generated using wildcard function. Based on make changelog: http://git.savannah.gnu.org/cgit/make.git/tree/NEWS since version 3.82 wildcard is not going to sort its results which means that charts are being processed in an arbitrary order which may lead to build failure due to missing dependencies. Since version 4.3 make started sorting the wildcard results once again which may lead to build issues. To avoid that and make our builds predictible independently from Makefile version let's make sure that we always sort wildcard results. Addinally let's use 'file://' instead of '@local' for charts in common to resolve dependencies between them. Issue-ID: OOM-2399 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Iacb02dcdbd577ce0e9ca1078dd0586d296ec9375 (cherry picked from commit aae2da91becf5f1f56329d49656c1ad634917cba)
2020-05-07Merge "[AAF] v1.16+ compatible templates"Krzysztof Opasiak1-0/+14
2020-05-07Merge "[COMMON] Add new template for obtaining certificate"Sylvain Desbureaux6-0/+272
2020-05-06Use RC1 version of CCSDK artifactsDan Timoney1-1/+1
Update helm charts to use RC1 version of CCSDK dockers Issue-ID: CCSDK-2358 Signed-off-by: Dan Timoney <dtimoney@att.com> Change-Id: Id247bdf3442084d724b84ed752956d08868c7ddf
2020-05-06[COMMON] Add new template for obtaining certificateKrzysztof Opasiak6-0/+272
Add new template that can be used to obtain certificate by component. Make also a PoC with NBI. Strongly based on aaf-config template. Issue-ID: AAF-1134 Change-Id: I10cb2a7b36a8dc436be337518cc15431aabbbc5d Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-05-05MUSIC spring boot helm charts (music-sb)Tschaen, Brendan31-1159/+725
Removal of tomcat and zookeeper as per latest music version.. Replaced with cassandra only and spring boot version of music, adding support for https and running the music container under a non-root user Update oof-has music-api configuration, use https Switch to music-api-springboot for all the ready.py Issue-ID: MUSIC-572 Signed-off-by: Tschaen, Brendan <ctschaen@att.com> Change-Id: Idbfac29cb5e9808787b5994e2575f055c292a146 Signed-off-by: vrvarma <vikas.varma@att.com>
2020-05-05[COMMON] add missing ingress templateSylvain Desbureaux1-0/+15
ingress template is needed to create ingress. Issue-ID: OOM-2173 Issue-ID: OOM-2188 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ia957cb25f3f76658affabd148aaa4118b2d7ea0c
2020-05-04[AAF] v1.16+ compatible templatesSylvain Desbureaux1-0/+14
Use the different "common" templates in order to create consistent and v1.16+ compatible templates for the different resources of AAF Issue-ID: AAF-1122 Issue-ID: OOM-1971 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Iefc1391211a69b6584ea127066ce430d4f5eb389
2020-05-04[COMMON|APPC|SDNC] add Ingress to dgbuilderSylvain Desbureaux1-0/+6
Add Ingress for dgbuilder in common and update SDNC and APPC in order to use proper configuration. Issue-ID: OOM-2173 Issue-ID: OOM-2188 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ib810ce3f4b3ff2ff3297c39be352d246aef6d7f1
2020-04-30Merge "[COMMON] Switch dgbuilder chart to new API"Krzysztof Opasiak1-4/+2
2020-04-27[COMMON] Allow to use ' in mysql passwordsKrzysztof Opasiak3-1/+111
derivePassword which we use to generate our passwords includes ' in set of special characters that can be used in passwords. Current implementation of bitnami configure-mysql.sh simply concatenates password surrounded with '' rest of SQL query. This causes issues if password contains ' as it creates invalid SQL statement. To fix this issue we just patch the script and escape the special ' character in password. Issue-ID: OOM-2246 Reported-by: Mateusz Pilat <m.pilat@partner.samsung.com> Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I3d2150760755e55558e2045cbb7ca5693c8ab71f Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-04-24[COMMON] Switch dgbuilder chart to new APIKrzysztof Opasiak1-4/+2
While working on password removal we added a new configuration node (config.db) which should be used for passing db credentials. Now when all user are switched to use new config options we can remove backward compatibility layer and start using new options. Issue-ID: OOM-2247 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I77876fbfc0a4af18fa36f0e8c5813a5e393a7e09
2020-04-22Merge "[COMMON] templates for centralized logs"Krzysztof Opasiak1-0/+53
2020-04-22[COMMON] templates for centralized logsSylvain Desbureaux1-0/+53
Add three templates: * one for creating the sidecar * one for creating the configmap * one for creating the volumes Issue-ID: OOM-2370 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I34ac35a30b3ab892622431ee7c70277bc7b1f41d
2020-04-20Merge "[DMaaP DR Node] v1.16+ compatible templates"Krzysztof Opasiak1-0/+30
2020-04-20Merge "[COMMON] helm chart for elastic db"Krzysztof Opasiak36-4/+2255
2020-04-20[COMMON] helm chart for elastic dbAlexander Dehn36-4/+2255
Add elasticdb as common chart to oom Issue-ID: SDNC-1061 Signed-off-by: Alexander Dehn <alexander.dehn@highstreet-technologies.com> Change-Id: Id8c48113b8d4193d7f13991296f0307a29724c01 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2020-04-17Add repository for cassandra imageafenner1-1/+1
Change-Id: I287b830f86da0fe0adc440cf9e645f8d244aefe1 Issue-ID: OOM-2368 Signed-off-by: afenner <andrew.fenner@est.tech>
2020-04-16[DMaaP DR Node] v1.16+ compatible templatesSylvain Desbureaux1-0/+30
Use the different "common" templates in order to create consistent and v1.16+ compatible templates for the different resources of DMaaP DR Node. Issue-ID: OOM-1971 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I399b168882d09bd8f08148758a0f683e15ac141c
2020-04-15Merge "[COMMON] Remove hardcoded mariadb-galera password"Sylvain Desbureaux1-1/+1
2020-04-14[COMMON] Allow use of second Node Port PrefixSylvain Desbureaux1-1/+32
OOM uses two node port prefix. Templates were not able to use the second one. This patch allows templates to use the second node port prefix and also to override on a per chart basis the value of the node port prefix. Issue-ID: OOM-1971 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I05f43e3dad93d6f0fbf575657ea41082e7c91053
2020-04-14[COMMON] Remove hardcoded mariadb-galera passwordKrzysztof Opasiak1-1/+1
The time has come! All ONAP charts use now common secret template at least for the mariadb-galera root password (and most of them also for user part). This means that it should be now safe to remove hardcoded mariadb-galera root password and depend on common secret template to generate it for every deployment. No more secretpassword!:D Issue-ID: OOM-2342 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ib9d8bbcc45bfd85a4d762c716c03dba23d901009
2020-04-03Merge "[COMMON] Faster aafConfig template"Krzysztof Opasiak1-123/+45
2020-04-03Merge "[COMMON] More versatile templates for storage"Krzysztof Opasiak1-45/+199
2020-04-03[COMMON] Faster aafConfig templateSylvain Desbureaux1-123/+45
"index" function is bad in term of performance in Helm. Reworked the templates in order to avoid it. as certificates are retrieved at every boot (and as already present certs are deleted before), we don't need persistent storage Also set aafImage as a global variable in order to have a consistent use accross ONAP Issue-ID: EXTAPI-375 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ie3f5ae5c2a37d816afc42d2c67ebe8e40e749c79
2020-04-02Use released Frankfurt M4 images for SDNC and CCSDKDan Timoney1-1/+1
Update image versions for SDNC and CCSDK to use Frankfurt M4 versions Updated CDS versions to use repaired version 0.7.1 Reverted naming service to El Alto version (0.6.3) as workaround while startup issue is investigated. Issue-ID: SDNC-1110 Signed-off-by: Dan Timoney <dtimoney@att.com> Change-Id: Ie76466dd65a3a3dfb0df2aaa13f14c298bbc7c11
2020-04-02Bump chart versionSylvain Desbureaux25-27/+27
Use 6.0.0 in preparation for Frankfurt release Issue-ID: OOM-2320 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I8ad82dfdf48b56c38c0e85d640b18cc13c8d9e67
2020-04-01[COMMON] More versatile templates for storageSylvain Desbureaux1-45/+199
1. Add the possibility to specify a suffix and a specific persistence information path. This is useful when a deployment has several PVC 2. Create a template for Volume Claim Templates in Statefulset Issue-ID: OOM-1971 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I0ed47818e8f5a73b54f95cb82615adaa03bf8ce8
2020-04-01[SDC BE] Remove HTTP node port 30205gummar1-7/+12
Keep HTTP port reachable from inside the server. Issue-ID: OJSI-101 Change-Id: I0468697d8f3d0192a5d8e102501db0d14633fa86 Signed-off-by: gummar <raj.gumma@est.tech> Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2020-03-31[COMMON] Allow to include filePaths as a reference to variableKrzysztof Opasiak1-1/+13
filePaths comes as a list and we didn't "fully support" passing this variable as a reference to other variable like we do in all other cases. Let's fix that and allow both constructs: secrets: - name: construct 1 type: generic filePaths: - file1 - file2 - name: construct 2 type: generic filePaths: '{{ .Values.fpaths }}' fpaths: | - file1 - file2 - '{{ include "templateThatGeneratesFileName" . }} Please note the | after : in fpaths. It means that from yaml point of view this is is a string. We need to do it this way because we pass this to tpl function and then we need to collect a proper list from it. Issue-ID: SO-2730 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I5a6b475366bfea4cd0995a7e530bf88cb8ad639e
2020-03-26Merge "[COMMON] Handle generic secrets in secretFast"Krzysztof Opasiak1-1/+4
2020-03-26[COMMON] Handle generic secrets in secretFastSylvain Desbureaux1-1/+4
Generic secrets needs filePaths key in their dictionary which was not correctly handled by previous implementation of secretFast. Issue-ID: OOM-2051 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Idc1062db5867bd23d580fbe59c90c0ce410151ce
2020-03-26[COMMON] Add annotations to resource metadata tplSylvain Desbureaux1-1/+4
Resource Metadata template can now have an optional "annotation" field in dict, which can be useful for post install job for example. Issue-ID: OOM-1971 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ib25ce4e09a7a51a35cf878e1c1198370e6dd2b20
2020-03-25[COMMON] Optimize common secret templateKrzysztof Opasiak17-31/+263
It turned out that our current implementation of common secret template is really heavy which makes onap linitng extremely long. To improve the situation let's introduce some results caching instead of processing templates over and over. For now we cannot simply replace common secret template because in mariadb-init we generate list of secrets on the fly so we will need to revisit this fragment later. Whole series of patches managed to reduce ONAP linting time to 40 mins. Issue-ID: OOM-2051 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Id2e743147afa37290df19b73feee67621f13f67c
2020-03-18Enhancements for common templatesAlexander Dehn4-37/+329
_labels.tpl: - support of additional customized labels in common.labels, common.matchLabels, common.selectors common.templateMetadata - support of name suffix in common.resourceMetadata _name.tpl: - support of name suffix in common.name, common.fullname, common.fullnameExplicit _service.tpl - support of additional customized labels in common.serviceMetadata, common.*service - support of sessionAffinity in common.service New common template: _aafconfig - new common template to enable charts for AAF includes templates for init container, volumemounts, pvc and pv Issue-ID: SDNC-1088 Change-Id: Icbaa806608f9e1f36f0e47686668ae3632d3f2b0 Signed-off-by: Alexander Dehn <alexander.dehn@highstreet-technologies.com> Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2020-03-10[COMMON] Allow special characters in postgress passwordsKrzysztof Opasiak3-3/+80
Postgres image that we are currently using uses sed to replace passwords placeholders with their actual values at startup time. This apprach is very fragile and leads to issues if & happens to be a part of password as it has a special meaning in sed. To fix this issue let's just extract the setup.sql file from the container and process it on our own in init container using envsubst and then mount it to the main container to be used. Issue-ID: OOM-2317 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ifd51d8f0af0099958caa209185fb7a87a0480bd2
2020-03-09Merge "[COMMON] Add a template for PV"Krzysztof Opasiak1-1/+55
2020-03-06[COMMON] Add a template for PVSylvain Desbureaux1-1/+55
Issue-ID: OOM-1227 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ia885d54fbb9a9fe1ea8a0dec311f63b11cc028c6
2020-03-06[COMMON] Allow to attach annotations to secretsKrzysztof Opasiak1-1/+8
SO adds some annotations to one of its secres so let's extend the common secret template with the ability to add annotations. Issue-ID: OOM-2328 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I4c33d87724b2296852d62e2ddf9061ff4e235157
2020-03-06[COMMON] Handle TLS/Non-TLS for ServiceSylvain Desbureaux4-26/+728
Current service and headlessService templates doesn't handle the fact that out of cluster ports must be TLS encrypted only. With a new (backward compatible) DSL, this is now possible. In values.yaml, all ports in service part with port AND plain_port will have the ability to be HTTP or HTTPS depending on the context. Per default, they'll be HTTPS. TLS choice will be done according this table: | tlsOverride | global.tlsEnabled | global.serviceMesh.enabled | global.serviceMesh.tls | result | |-------------|-------------------|----------------------------|------------------------|--------| | not present | not present | not present | any | true | | not present | not present | false | any | true | | not present | not present | true | false | true | | not present | not present | true | true | false | | not present | true | any | any | true | | not present | false | any | any | false | | true | any | any | any | true | | false | any | any | any | false | Service template will create one or two service templates according to this table: | serviceType | both_tls_and_plain | result | |---------------|--------------------|--------------| | ClusterIP | any | one Service | | Not ClusterIP | not present | one Service | | Not ClusterIP | false | one Service | | Not ClusterIP | true | two Services | If two services are created, one is ClusterIP with both crypted and plain ports and the other one is NodePort (or LoadBalancer) with crypted port only. Issue-ID: OOM-1936 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: If766dd73132022d1a6e578fd36113c461bb91ea5
2020-02-27Merge "Cassandra 3 Upgrade"Krzysztof Opasiak1-1/+2
2020-02-26Merge "[COMMON] Allow to choose between nodePortPrefix and nodePortPrefixExt"Borislav Glozman1-1/+4
2020-02-26Cassandra 3 Upgradeshrek20001-1/+2
Move OOM to use SDC cassandra 3 Issue-ID: SDC-2595 Signed-off-by: shrek2000 <oren.kleks@amdocs.com> Change-Id: Ie58f3420cad70fbed7931656a98951e69a4b7b4b Signed-off-by: shrek2000 <oren.kleks@amdocs.com>
2020-02-24[COMMON] Allow to choose between nodePortPrefix and nodePortPrefixExtKrzysztof Opasiak1-1/+4
Add the ability to specify whether a nodePortPrefix or nodePortPrefixExt should be used while defining a port using common service template. Now you can specify: ports: - name: http port: 9098 nodePort: "09" prefix: nodePortPrefixExt Issue-ID: OOM-1971 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ied78584e5b1c8f479ca180890df67ad4dee3501a
2020-02-22Drop support for postgres-legacy common chartKrzysztof Opasiak17-1456/+0
There is no need to maintain two postgres charts if all components can work with the newest version so let's remove the legacy one. Issue-ID: OOM-2310 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I8b399902e37fdec7e55552e7972daaf1c0c74cfe