Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
Added the missing definition for imagePullSecrets in the
statefulsets.yaml
deployment.yaml
to support the registryGenerator
Issue-ID: OOM-2789
Signed-off-by: andreas-geissler <andreas-geissler@telekom.de>
Change-Id: I013ba52c9c49f95cd3d53fcaa9eb084adcbfe662
(cherry picked from commit f84cccd0fad42df9fc4c590ea93a2f164f3f3071)
|
|
Bump charts to version 8.0.1
Also update / create license header
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib511f952ea97ecb60f360448a0d976769b225071
|
|
|
|
As part of removing GPLv3 license, policy components have moved from
bash to sh. This change is required in import-custom-certs script so
that custom certificates can be imported into components that try to
import them. Without this change, the init containers of the
components will just fail.
Change-Id: I6c5028428d4cd7c8baf3e96cb16a3cd91db57f9e
Issue-ID: POLICY-3232
Signed-off-by: a.sreekumar <ajith.sreekumar@bell.ca>
(cherry picked from commit f79b6676cfdc380e004f184a21bb969b2824c06e)
|
|
With stability tests, we see that mariadb gets OOM killed and has some
CPU throttling.
Putting higher limits in order to make it no happen.
Scaling also replicas from VFC and APPC db from 3 to 1.
Issue-ID: INT-1883
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I2699b34ac5fcaa805c6fc01592c5a5f607b17fae
(cherry picked from commit 4d04706a2295529efbc265091979971dc90c8382)
|
|
Camunda has given a guide in order to configure camunda
(https://docs.camunda.org/manual/latest/user-guide/process-engine/database/mariadb-galera-configuration/).
Applying it to ONAP camunda configuration.
gitlint-ignore: B1, body-max-line-length
Issue-ID: INT-1883
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ie0cb1c70e4271496ffd5e51ce1d816785f88689f
(cherry picked from commit 7d3ddcdcdcbb00c495a5ac93df9cf30e8f929963)
|
|
|
|
Bump versions of CCSDK (including CDS) and SDNC images for
SDNC Honolulu release.
Fixed issues found in CDS command-executor and py-executor
pods.
Added missing env variable settings.
Issue-ID: CCSDK-3125
Issue-ID: SDNC-1473
Issue-ID: CCSDK-3192
Issue-ID: CCSDK-3197
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Id3bbe696313c568dc9ffb328715a7fc572330411
|
|
Currently if we want to scale message router kafka and zookeeper
we need to do manual changes in charts to make it work. With this patch
all can be done with override files.
Issue-ID: OOM-2613
Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca>
Change-Id: I1782dca26f964f33c250520ee2e187619cee0e5e
|
|
|
|
Set the newest version of crunchy-postgres image.
In this image python 2.x was replaced by python 3.x.
The crunchy-postgres image is used in few projects in the ONAP,
not only in vnfsdk.
Change-Id: I1799b6be66312d2418878533775c741b286bec61
Issue-ID: VNFSDK-647
Signed-off-by: Tomasz Pietruszkiewicz <tomasz.pietruszkiewicz@nokia.com>
|
|
Updating the documentation and bumping version to 8.0.0
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I6f942f1466fed64264c44fb8fc0e1ffc93a98f18
|
|
|
|
This changes fixes postgres data lost that occurs when postgres pods
are restarting.
When crunchy data postgres image starts, it runs /opt/cpm/bin/setenv.sh
script to set PGDATA folder. This script contains:
--
export PGDATA=/pgdata/$HOSTNAME
if [[ -v PGDATA_PATH_OVERRIDE ]]; then
export PGDATA=/pgdata/$PGDATA_PATH_OVERRIDE
fi
--
Since postgres is now a deployment (commit 0b243b600), its pod name is
different on each startup, hence HOSTNAME and PGDATA are also
different each time.
This change is leveraging crunchy data PGDATA_PATH_OVERRIDE environment
variable to set PGDATA to a fixed path. By default, this path is set to
/pgdata/data.
Issue-ID: CPS-271
Change-Id: Icc0f05d64230a98bc21d8f2a74c12c6661e05482
Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca>
|
|
|
|
CPS Helm charts added
Issue-ID: CPS-7
Co-authored-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca>
Co-authored-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Co-authored-by: Bruno Sakoto <bruno.sakoto@bell.ca>
Signed-off-by: Claudio David Gasparini <claudio.gasparini@pantheon.tech>
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Signed-off-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca>
Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca>
Change-Id: I027e5e4b3eec78ce889168f8796d55e6f9fd9be6
Signed-off-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca>
|
|
readiness check can be launched in a lot of various situation.
Especially, it can be runned on deployments / statefulsets where the
user and group are fixed.
But python code underneath can work only when user is set to "onap" as
requirements are installed only for this specific user.
This patch forces the user and group to the desired one.
Issue-ID: OOM-2694
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ie70f8e851c30f530fd7a0d6e34ee5bda9274e874
|
|
|
|
The built-in command source is a bashism.
Profiles script must be dotted and not sourced when possible.
Issue-ID: OOM-2688 OOM-2158
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: Id7cad0d499129fa3b7ea020e906748243b1b3ace
|
|
|
|
Instead of having the exact same port number for service and container,
let's allow to use an internal port (usually > 1024) and a service port
(usually 80 or 443).
Issue-ID: OOM-2674
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib90073fc8b069fceed7666778ae0c7b8a8ffcdca
|
|
Current script that retrieve certificates can fail but exit code will be
0. We then add a check in the script in order to avoid such issue
Issue-ID: OOM-2688
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib41c66a4de46db8752f68ef35a2bfb67ca575246
|
|
As for main cassandra chart, with Azure and also some internal
deployments, `nodepool status` takes more than 3 seconds and so
cassandra is not coming up or quite randomly.
This patch gives more room to `nodepool status` to answer.
Issue-ID: OOM-2687
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: If6a148a432ed3d83a1e89d38f20fe87e89ab0f57
|
|
With Azure and also some internal deployments, `nodepool status` takes
more than 3 seconds (it can go up to 6 seconds) and so cassandra is not
coming up or quite randomly.
This patch gives more room to `nodepool status` to answer.
Issue-ID: OOM-2687
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I98b0adc751e3cd4fa8710f88567cd8896db548eb
|
|
- correct cmpv2Certificate to take outputType from 'certificates'
- add postStart hook for CertManagerIntegration to make cert dir writable
- add setting ODL_CERT_DIR env
Issue-ID: SDNC-1477
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I4531392cc4f113b173d10a27b98b1fe97d6faa4d
|
|
|
|
Fix so that the useNodePortExt flag is honored when
creating a k8s Service with the service template.
Issue-ID: OOM-2679
Signed-off-by: Jack Lucas <jflos@sonoris.net>
Change-Id: I40ff3ab6df28ee1f9c582dff35a5360f632accbd
|
|
In order to make cassandra behaving smoothly on service mesh, we must
make it listen to 127.0.0.1 but broadcasting the real IP address.
This patch does it.
Issue-ID: OOM-2252
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I2c494a987a7d2d72ddce84ac7fab15bcadbc8cf4
|
|
|
|
Make music to use cert manager to generate
and load the certificates
Issue-ID: OOM-2673
Signed-off-by: Krishna Moorthy <krishna.moorthy6@wipro.com>
Change-Id: I3c655107bebb969f317bcbe87cfc6a55a1821533
|
|
- Create certManagerCertificate chart for Certificate template
- Change default values for duration and renewBefore
- Add creation Secret with keystore password
- Use template in SDNC (add volumes and volumesMounts)
Issue-ID: OOM-2568
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: Ib70d91b599fa6813ed0a6d5b96206508f2fdafcf
|
|
|
|
|
|
Enhance CertServiceAPI response (include CMP server error messages)
Fix KeyUsage extension sent to CMPv2 server
Issue-ID: OOM-2658
Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com>
Change-Id: Ic2c68b85fce08d20e423b316a3234e6f00799a42
|
|
|
|
New TLS part of Ingress templating was broken. This commit fixes it.
Issue-ID: OOM-2609
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I0b9b41e052911ef0064696ac7cf6ca8a274ae1dd
|
|
|
|
Current startup script of etcd checks whether all assumed other nodes
are already running, before proceeding. This check, however, also
includes checking localhost, but due to using headless service
statefulset pod DNS discovery, it doesnt succeed immediately.
In some deployments k8s DNS server may be laggy, thus failing startup
script to finish before liveness check. This patch fixes such failures
of 1 pod etcd clusters, and improves startup time for any size ones.
Signed-off-by: Konrad Bańka <k.banka@samsung.com>
Issue-ID: OOM-2668
Change-Id: I2f9263a0f4964b0a495631775d0cbbceef25e85b
|
|
|
|
Create generic template to simplify CertServiceClient use
Issue-ID: OOM-2568
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Change-Id: I4fb9829b27b1dd13a9e7a098f807710cc5648438
|
|
Today, onboarding custom certificates relies on `bash`. But image used
for that doesn't have bash.
Therefore, we need to use `sh` in order to onboard the certs.
Issue-ID: OOM-2666
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ia8087bd9484a013ac76044681059f634a4e45eb8
|
|
Bitnami init script can automatically choose the node address (which is
the IP address of the container).
Unfortunately, this doesn't work when on dual stack as both IP addresses
with a space are given (see
https://github.com/bitnami/charts/issues/4077).
This patch force the IP address so we can get rid of this issue
Issue-ID: OOM-2661
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I5dd2147df1932b1f0fdde7c2b55585cff45bab68
|
|
This commit makes common template to use the new generator for
repositories and images.
Issue-ID: OOM-2364
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I35123faf99ae3bffea68bc39776f320c4168b45f
|
|
|
|
Genereate names of certificate and secret
Issue-ID: OOM-2568
Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com>
Change-Id: I014df059f348e974f6d222b5d6d1c2416bea0440
|
|
|
|
|
|
This commit makes Readiness Check template to use the new generator for
repositories and images.
Issue-ID: OOM-2364
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I6d115a071e11f9e992f04ec2a14595a5aed5401b
|
|
Align Cert Service Api to RFC4210.
Fix Cert Service Client CA_NAME validation.
Fix Cert Service External Provider logging.
Issue-ID: OOM-2656
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Change-Id: I644946b139bd4879e44cdf705eadcc4c2c81a0e2
|