Age | Commit message (Collapse) | Author | Files | Lines |
|
Use fresh certificate in Music
Issue-ID: OOM-2673
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I410f459ed2446bbae290e277747314708f5f97a5
|
|
Current startup script of etcd checks whether all assumed other nodes
are already running, before proceeding. This check, however, also
includes checking localhost, but due to using headless service
statefulset pod DNS discovery, it doesnt succeed immediately.
In some deployments k8s DNS server may be laggy, thus failing startup
script to finish before liveness check. This patch fixes such failures
of 1 pod etcd clusters, and improves startup time for any size ones.
Signed-off-by: Konrad Bańka <k.banka@samsung.com>
Issue-ID: OOM-2668
Change-Id: I2f9263a0f4964b0a495631775d0cbbceef25e85b
|
|
|
|
|
|
Today, onboarding custom certificates relies on `bash`. But image used
for that doesn't have bash.
Therefore, we need to use `sh` in order to onboard the certs.
Issue-ID: OOM-2666
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ia8087bd9484a013ac76044681059f634a4e45eb8
|
|
Align Cert Service Api to RFC4210.
Fix Cert Service Client CA_NAME validation.
Issue-ID: OOM-2656
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: Ia510b67b3d4e993df89a6be2c0899115b7e31dc7
|
|
Instead of globally choosing between virtualhosts and path based
ingress, it's better to allow to choose it per component.
Issue-ID: OOM-2641
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I952826d03722693ebae7c95a083b95bf83752d68
(cherry picked from commit afae229d3a7eb8c20633e049d3f597fb2eab7bbc)
|
|
This reverts the following commits:
* eb9eb59171a43d25fb012aaad0a1d37ca86bc2bf
* a72170b49e04aacb2ff476965904900fe5559fef
Reason for revert: upgrade script is not working well in all situations
Issue-ID: INT-1633
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ia61a08d1e6cc4499525d82c5b2dfd83cf2d6a3e8
|
|
Update charts and requirements to 7.0.0.
Create release notes for Guilin
Update documentation
Issue-ID: OOM-2638
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I965ed6b6ebb7d74bfddaff73edd3dd55a657841c
(cherry picked from commit 4f9902b6e7b5c70588160266276904ab81832867)
|
|
when repository is not globally set, readinessCheck gives back "empty"
value for repository, leading to a bad rendered chart.
Issue-ID: OOM-2592
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ic4e8553ca4dfed8e476ecb743d4434e0562ba295
|
|
Updated version of network-name-gen microservice to 1.0.2, which
contains fix for database initialization error (CCSDK-2978).
Issue-ID: CCSDK-2978
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I25fb44188086181714cfdd3b864ad69bad8f28bf
|
|
Update SDNC and CCSDK image versions to proper Guilin RC1 version.
Issue-ID: CCSDK-2931
Issue-ID: SDNC-1402
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I9d711d6c3e7c3130680fe3459326be0b5dd2e555
|
|
|
|
Limits set seemed to be to hard, loosening them in order to make it
work.
Issue-ID: REQ-362
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I99aa55fb2564683f4968e5831e9e7b9aaa751054
|
|
|
|
|
|
|
|
|
|
Use trim function in order to remove the 4 first spaces that breaks
configuration when aaf add config is a multiline (a.k.a uses `|`) YAML
entry.
Issue-ID: OOM-2611
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib53a8a87f896a66ba613d542cfca833804ef1d7a
|
|
Instead of setting TLS termination at POD level, it may be interesting
to terminate it at Ingress level.
This patch add the ability to do that using "Ingress" templates.
In order to achieve it, you need to configure it this way in
`values.yaml`:
```yaml
ingress:
enabled: false
service:
- baseaddr: 'my-endpoint'
name: 'my-service'
port: 8080
config:
tls:
secret: my-service-ingress-certs
```
Secret (here `my-service-ingress-certs`) must follow Kubernetest
`kubernetes.io/tls` type: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
Issue-ID: SO-3078
Issue-ID: SO-3237
Issue-ID: OOM-2609
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I76c0929d53289a581bc26d0d03cc8b9bd72d0fd1
|
|
Having limits is important in order to have safe deployment.
cassandra didn't had one so let's add them.
Issue-ID: OOM-2230
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Id3fef8c351f1be977eab49abd111304b9edd9151
|
|
It is not possible to override Cassandra backup cronjob image URL currently. This might cause the problem if non standard repository is used. This patch is fixing that issue.
Issue-ID: OOM-2608
Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca>
Change-Id: I1eb0a97d1a852d16f8d1662f543c3f583e873a5d
|
|
|
|
Signed-off-by: Jakub Latusek <j.latusek@samsung.com>
Change-Id: I21ea78c96ff8bd5e729f2228f761df534f515358
Issue-ID: OOM-2562
|
|
|
|
|
|
components directory takes up a lot of
space and is included during helm package
Lets remove it using .helmignore
This is just a copy of idea showed in:
"[OOF] Add helmignore to ignore components"
by krishnaa96 <krishna.moorthy6@wipro.com>
Issue-ID: OOM-2534
Suggested-by: krishnaa96 <krishna.moorthy6@wipro.com>
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I25c82e79ba2c472b7761a63365573188ab8db56b
|
|
|
|
certInitializer is included multiple times in number of different
projects. If it contains the truststore then under if it is not used
it increases the size of the chart itself so that it our final ONAP
chart does not fit into default 20 Mb chartmuseum limit.
Let's resolve this by moving the configmap and its content to the
cert-wrapper which is included only once per onap instance.
Issue-ID: AAF-1134
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I654d9158e7b776c012653dbef2c8091a393635f0
|
|
Truststore is quite heavy. If it is included several times in the
component it can easily cross helm chart size limit.
To fix this issue let's make sure that the truststore is created only
once and then shared among all certInitializer instances.
Issue-ID: AAF-1134
Change-Id: I546a88fea3fe869748194682e7dcf3ad566282ab
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
|
|
|
|
|
|
Requests were set for Elasticsearch but not limits.
Add some limits and updating requests on real usage.
Issue-ID: REQ-362
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I8ccfa22dfafceb79fafb1c6f180c77d49cedb00d
|
|
Having limits is important in order to have safe deployment.
postgres didn't had one so let's add them.
Issue-ID: OOM-2230
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I279e01b6be6cddab1f792c75026b41dca5c6c694
|
|
Helm is now called by HELM_BIN variable which by default is set to helm
and makefiles use helm from path. HELM_BIN can be overwritten so user
can have two version of helm in system and choose which one to use.
Signed-off-by: Jakub Latusek <j.latusek@samsung.com>
Issue-ID: OOM-2562
Change-Id: I0917796aafe234e87afa0ac3c4c15720296276d5
|
|
|
|
|
|
|
|
This patch will fix handling of the backup of cassandra installed with
different than "cassandra" common name.
Issue-ID: OOM-2596
Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca>
Change-Id: Ifff440af79d6626fdbd1c2948795f98aabd167d7
|
|
Currently sdc-be 8080(http) port is disabled and no longer used,
but the MSB annotation still points to that port so an issue
occurs when a client tries to communicate with SDC via MSB.
This will change the service port to 8443(https) in the annotation,
and also pass 'enable_ssl' param so that MSB will use https
scheme in proxying communication.
Issue-ID: SDC-3314
Signed-off-by: Satoshi Fujii <fujii-satoshi@jp.fujitsu.com>
Change-Id: I0f11fbe55fb21048571b657249b01065a2c0b443
|
|
requests/limits for "small" deployments are too big compared to actual
usage.
Issue-ID: OOM-2230
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I2e3f6dae57714ddc85d2fc04a3793fe034ccc8ef
|
|
|
|
.Template.BasePath return <component_name>/templates during linting.
Signed-off-by: Jakub Latusek <j.latusek@samsung.com>
Issue-ID: OOM-2562
Change-Id: I9e44eca46334ac4c4d884f2aa71ad197283363a1
|
|
switch to version 7.6.2 in guilin
Issue-ID: OOM-2579
Signed-off-by: Alexander Dehn <alexander.dehn@highstreet-technologies.com>
Change-Id: I08e226b1898ee299e8cdf1165f2783b857bcfb03
Signed-off-by: Alexander Dehn <alexander.dehn@highstreet-technologies.com>
|
|
|
|
Shell assignment operator "!=" is a new feature in GNU make 4.0
and breaks the chart build on previous versions of make which is
still present in many still supported Linux distros.
Change-Id: I74c3c5e910ff7b1344c3da95fa76d11ec31b37c6
Issue-ID: OOM-2562
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
|
|
Top up certservice-api image
Update config for k8splugin 3.4.1:
- update images of certservice-client
- add certservice-client secret name to config
- add certservice-post-processor image to config
CertPostProcessor is an application which appends CMPv2
truststore entries to AAF CertMan truststore and allows
swapping AAF CertMan keystore for CMPv2 keystore.
Issue-ID: DCAEGEN2-2253
Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com>
Change-Id: Icc7020d8e1431f4ba2f49206b84bf3930d3c2c23
|
|
Having limits is important in order to have safe deployment.
mongo didn't had one so let's add them.
Issue-ID: OOM-2230
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I4791b924693e4e1eaac14077d4f30e3d29228779
|
|
Bump image versions to use Guilin M4 version of SDNC images and of
CCSDK dgbuilder. Note - SDNR remains disabled in this commit pending
fix to its endpoint. Also, note that CDS version bump is not included -
that will be submitted as a separate review.
Issue-ID: SDNC-1355
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I8d660a8e303a18d4674f832b9239fa50c5abf3f2
|
|
|