Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
This commit makes mariadb galera template to use the new generator for
repositories and images.
As mariadb are coming from dockerhub, we're using directly this
repository.
Issue-ID: OOM-2364
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I7010ea3214c34fbee1ee697a127a1e43bfd16aed
|
|
This commit makes mariadb init template to use the new generator for
repositories and images.
As mariadb images are coming from dockerhub, we're using directly this
repository.
Issue-ID: OOM-2364
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I21e99fc4c7c4d968b393d27dfad2b51bcc5c2cfd
|
|
Current repository templates handles only ONAP "nexus" repository
configuration.
So, all images coming from another repository (currently, OOM is using 4
repository, including nexus one) cannot simply be retrieved from another
one.
This commit add new templates, in a specific chart, in order to change
that.
Now, each for repository can be overidden and all 4 can have a
credentials.
Also, in order to minimize global variables, templates aimed to
retrieve usual utility images (busybox, envsubst, readiness, ...) are
created.
Issue-ID: OOM-2634
Change-Id: I27eb33d830d56ec28f9de68599f5108a262983b3
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
[Reduce code size, add missing busyboxRepository]
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
|
|
`registry.hub.docker.com` needs authentication now, in contrary to
previous behavior.
As OOM deployments is unauthenticated when using docker hib repository,
all OOM deployments is broken.
`docker.io` seems to be still OK with unauthenticated requests so let's
move to this endpoint.
Issue-ID: OOM-2636
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Iea81b882d347124af22b0a9c408081706b1c6c6d
|
|
This change modifies VID to use the shared DB instance of mariadb.
In addition, we create a mechanism in mariadb-init to allow a shared DB
user to run a script after the DB has been created.
The script can be passed as a configMap (as is the case with VID) or it
can be a standalone script that is passed as a string.
Issue-ID: OOM-1226
Change-Id: Ie51823338562a6fbe7472025d62cd4dba688168d
Signed-off-by: RPMishra <rpmishra@aarnanetworks.com>
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
Updated version of network-name-gen microservice to 1.0.2, which
contains fix for database initialization error (CCSDK-2978).
Issue-ID: CCSDK-2978
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I25fb44188086181714cfdd3b864ad69bad8f28bf
|
|
Update SDNC and CCSDK image versions to proper Guilin RC1 version.
Issue-ID: CCSDK-2931
Issue-ID: SDNC-1402
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I9d711d6c3e7c3130680fe3459326be0b5dd2e555
|
|
|
|
Limits set seemed to be to hard, loosening them in order to make it
work.
Issue-ID: REQ-362
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I99aa55fb2564683f4968e5831e9e7b9aaa751054
|
|
|
|
|
|
|
|
|
|
Use trim function in order to remove the 4 first spaces that breaks
configuration when aaf add config is a multiline (a.k.a uses `|`) YAML
entry.
Issue-ID: OOM-2611
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib53a8a87f896a66ba613d542cfca833804ef1d7a
|
|
Instead of setting TLS termination at POD level, it may be interesting
to terminate it at Ingress level.
This patch add the ability to do that using "Ingress" templates.
In order to achieve it, you need to configure it this way in
`values.yaml`:
```yaml
ingress:
enabled: false
service:
- baseaddr: 'my-endpoint'
name: 'my-service'
port: 8080
config:
tls:
secret: my-service-ingress-certs
```
Secret (here `my-service-ingress-certs`) must follow Kubernetest
`kubernetes.io/tls` type: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
Issue-ID: SO-3078
Issue-ID: SO-3237
Issue-ID: OOM-2609
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I76c0929d53289a581bc26d0d03cc8b9bd72d0fd1
|
|
Having limits is important in order to have safe deployment.
cassandra didn't had one so let's add them.
Issue-ID: OOM-2230
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Id3fef8c351f1be977eab49abd111304b9edd9151
|
|
It is not possible to override Cassandra backup cronjob image URL currently. This might cause the problem if non standard repository is used. This patch is fixing that issue.
Issue-ID: OOM-2608
Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca>
Change-Id: I1eb0a97d1a852d16f8d1662f543c3f583e873a5d
|
|
|
|
Signed-off-by: Jakub Latusek <j.latusek@samsung.com>
Change-Id: I21ea78c96ff8bd5e729f2228f761df534f515358
Issue-ID: OOM-2562
|
|
|
|
|
|
components directory takes up a lot of
space and is included during helm package
Lets remove it using .helmignore
This is just a copy of idea showed in:
"[OOF] Add helmignore to ignore components"
by krishnaa96 <krishna.moorthy6@wipro.com>
Issue-ID: OOM-2534
Suggested-by: krishnaa96 <krishna.moorthy6@wipro.com>
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I25c82e79ba2c472b7761a63365573188ab8db56b
|
|
|
|
certInitializer is included multiple times in number of different
projects. If it contains the truststore then under if it is not used
it increases the size of the chart itself so that it our final ONAP
chart does not fit into default 20 Mb chartmuseum limit.
Let's resolve this by moving the configmap and its content to the
cert-wrapper which is included only once per onap instance.
Issue-ID: AAF-1134
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I654d9158e7b776c012653dbef2c8091a393635f0
|
|
Truststore is quite heavy. If it is included several times in the
component it can easily cross helm chart size limit.
To fix this issue let's make sure that the truststore is created only
once and then shared among all certInitializer instances.
Issue-ID: AAF-1134
Change-Id: I546a88fea3fe869748194682e7dcf3ad566282ab
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
|
|
|
|
|
|
Requests were set for Elasticsearch but not limits.
Add some limits and updating requests on real usage.
Issue-ID: REQ-362
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I8ccfa22dfafceb79fafb1c6f180c77d49cedb00d
|
|
Having limits is important in order to have safe deployment.
postgres didn't had one so let's add them.
Issue-ID: OOM-2230
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I279e01b6be6cddab1f792c75026b41dca5c6c694
|
|
Helm is now called by HELM_BIN variable which by default is set to helm
and makefiles use helm from path. HELM_BIN can be overwritten so user
can have two version of helm in system and choose which one to use.
Signed-off-by: Jakub Latusek <j.latusek@samsung.com>
Issue-ID: OOM-2562
Change-Id: I0917796aafe234e87afa0ac3c4c15720296276d5
|
|
|
|
|
|
|
|
This patch will fix handling of the backup of cassandra installed with
different than "cassandra" common name.
Issue-ID: OOM-2596
Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca>
Change-Id: Ifff440af79d6626fdbd1c2948795f98aabd167d7
|
|
Currently sdc-be 8080(http) port is disabled and no longer used,
but the MSB annotation still points to that port so an issue
occurs when a client tries to communicate with SDC via MSB.
This will change the service port to 8443(https) in the annotation,
and also pass 'enable_ssl' param so that MSB will use https
scheme in proxying communication.
Issue-ID: SDC-3314
Signed-off-by: Satoshi Fujii <fujii-satoshi@jp.fujitsu.com>
Change-Id: I0f11fbe55fb21048571b657249b01065a2c0b443
|
|
requests/limits for "small" deployments are too big compared to actual
usage.
Issue-ID: OOM-2230
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I2e3f6dae57714ddc85d2fc04a3793fe034ccc8ef
|
|
|
|
.Template.BasePath return <component_name>/templates during linting.
Signed-off-by: Jakub Latusek <j.latusek@samsung.com>
Issue-ID: OOM-2562
Change-Id: I9e44eca46334ac4c4d884f2aa71ad197283363a1
|
|
switch to version 7.6.2 in guilin
Issue-ID: OOM-2579
Signed-off-by: Alexander Dehn <alexander.dehn@highstreet-technologies.com>
Change-Id: I08e226b1898ee299e8cdf1165f2783b857bcfb03
Signed-off-by: Alexander Dehn <alexander.dehn@highstreet-technologies.com>
|
|
|
|
Shell assignment operator "!=" is a new feature in GNU make 4.0
and breaks the chart build on previous versions of make which is
still present in many still supported Linux distros.
Change-Id: I74c3c5e910ff7b1344c3da95fa76d11ec31b37c6
Issue-ID: OOM-2562
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
|
|
Top up certservice-api image
Update config for k8splugin 3.4.1:
- update images of certservice-client
- add certservice-client secret name to config
- add certservice-post-processor image to config
CertPostProcessor is an application which appends CMPv2
truststore entries to AAF CertMan truststore and allows
swapping AAF CertMan keystore for CMPv2 keystore.
Issue-ID: DCAEGEN2-2253
Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com>
Change-Id: Icc7020d8e1431f4ba2f49206b84bf3930d3c2c23
|
|
Having limits is important in order to have safe deployment.
mongo didn't had one so let's add them.
Issue-ID: OOM-2230
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I4791b924693e4e1eaac14077d4f30e3d29228779
|
|
Bump image versions to use Guilin M4 version of SDNC images and of
CCSDK dgbuilder. Note - SDNR remains disabled in this commit pending
fix to its endpoint. Also, note that CDS version bump is not included -
that will be submitted as a separate review.
Issue-ID: SDNC-1355
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I8d660a8e303a18d4674f832b9239fa50c5abf3f2
|
|
|
|
|
|
|
|
aaf-cert-service has been renamed to oom-cert-service and moved from oom/kubernetes/aaf/components to oom/kubernetes/platform/components.
All aaf-cert-service references have been replaced with oom-cert-service.
Issue-ID: OOM-2526
Change-Id: I70ef4bf3ee7085a5ef7075bde68eb0ea0a95ebf7
Signed-off-by: Maciej Malewski <maciej.malewski@nokia.com>
|
|
This change makes the following fixes to dgbuilder:
* Replace hard-coded certificate with certificate generated by
certInitializer
* Configure dgbuilder to use http instead of https if AAF is
disabled (i.e. global aafEnabled property = false)
* Add resource limits
Issue-ID: SDNC-1356
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I8ca97c6a44f62a0abe5b5a6f8564ebcd2e4addb1
|