aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/common
AgeCommit message (Collapse)AuthorFilesLines
2020-11-23Merge "[COMMON][MARIADB-INIT] Uses new tpls for repos / images"Krzysztof Opasiak3-6/+6
2020-11-21[COMMON][MARIADB] Uses new tpls for repos / imagesSylvain Desbureaux6-22/+14
This commit makes mariadb galera template to use the new generator for repositories and images. As mariadb are coming from dockerhub, we're using directly this repository. Issue-ID: OOM-2364 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I7010ea3214c34fbee1ee697a127a1e43bfd16aed
2020-11-21[COMMON][MARIADB-INIT] Uses new tpls for repos / imagesSylvain Desbureaux3-6/+6
This commit makes mariadb init template to use the new generator for repositories and images. As mariadb images are coming from dockerhub, we're using directly this repository. Issue-ID: OOM-2364 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I21e99fc4c7c4d968b393d27dfad2b51bcc5c2cfd
2020-11-20[COMMON] New templates to handle repositoriesSylvain Desbureaux11-24/+361
Current repository templates handles only ONAP "nexus" repository configuration. So, all images coming from another repository (currently, OOM is using 4 repository, including nexus one) cannot simply be retrieved from another one. This commit add new templates, in a specific chart, in order to change that. Now, each for repository can be overidden and all 4 can have a credentials. Also, in order to minimize global variables, templates aimed to retrieve usual utility images (busybox, envsubst, readiness, ...) are created. Issue-ID: OOM-2634 Change-Id: I27eb33d830d56ec28f9de68599f5108a262983b3 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> [Reduce code size, add missing busyboxRepository] Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-11-20[GENERIC] move from registry.hub.docker.com to docker.ioSylvain Desbureaux3-3/+3
`registry.hub.docker.com` needs authentication now, in contrary to previous behavior. As OOM deployments is unauthenticated when using docker hib repository, all OOM deployments is broken. `docker.io` seems to be still OK with unauthenticated requests so let's move to this endpoint. Issue-ID: OOM-2636 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Iea81b882d347124af22b0a9c408081706b1c6c6d
2020-11-18[COMMON/VID] Modified VID to use Shared DB.RPMishra4-10/+50
This change modifies VID to use the shared DB instance of mariadb. In addition, we create a mechanism in mariadb-init to allow a shared DB user to run a script after the DB has been created. The script can be passed as a configMap (as is the case with VID) or it can be a standalone script that is passed as a string. Issue-ID: OOM-1226 Change-Id: Ie51823338562a6fbe7472025d62cd4dba688168d Signed-off-by: RPMishra <rpmishra@aarnanetworks.com> Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2020-11-12[CCSDK] Fix for naming serviceDan Timoney1-1/+1
Updated version of network-name-gen microservice to 1.0.2, which contains fix for database initialization error (CCSDK-2978). Issue-ID: CCSDK-2978 Signed-off-by: Dan Timoney <dtimoney@att.com> Change-Id: I25fb44188086181714cfdd3b864ad69bad8f28bf
2020-11-03[SDNC][CCSDK] Update SDNC and CCSDK image versions for Guilin RC1Dan Timoney2-2/+2
Update SDNC and CCSDK image versions to proper Guilin RC1 version. Issue-ID: CCSDK-2931 Issue-ID: SDNC-1402 Signed-off-by: Dan Timoney <dtimoney@att.com> Change-Id: I9d711d6c3e7c3130680fe3459326be0b5dd2e555
2020-11-02Merge "[COMMON] Add limits to cassandra statefulsets."Krzysztof Opasiak2-14/+11
2020-10-29[COMMON] Loosen limits for ElasticsearchSylvain Desbureaux1-2/+2
Limits set seemed to be to hard, loosening them in order to make it work. Issue-ID: REQ-362 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I99aa55fb2564683f4968e5831e9e7b9aaa751054
2020-10-27Merge "[COMMON] allow multiline config for aaf add config"Krzysztof Opasiak1-1/+1
2020-10-27Merge "[COMMON] Add TLS for Ingress configuration"Krzysztof Opasiak1-4/+24
2020-10-27Merge "[COMMON] Add limits to Elasticsearch"Krzysztof Opasiak1-13/+10
2020-10-27Merge "[COMMON] change comment style"Sylvain Desbureaux5-0/+10
2020-10-26[COMMON] allow multiline config for aaf add configSylvain Desbureaux1-1/+1
Use trim function in order to remove the 4 first spaces that breaks configuration when aaf add config is a multiline (a.k.a uses `|`) YAML entry. Issue-ID: OOM-2611 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ib53a8a87f896a66ba613d542cfca833804ef1d7a
2020-10-26[COMMON] Add TLS for Ingress configurationSylvain Desbureaux1-4/+24
Instead of setting TLS termination at POD level, it may be interesting to terminate it at Ingress level. This patch add the ability to do that using "Ingress" templates. In order to achieve it, you need to configure it this way in `values.yaml`: ```yaml ingress: enabled: false service: - baseaddr: 'my-endpoint' name: 'my-service' port: 8080 config: tls: secret: my-service-ingress-certs ``` Secret (here `my-service-ingress-certs`) must follow Kubernetest `kubernetes.io/tls` type: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls Issue-ID: SO-3078 Issue-ID: SO-3237 Issue-ID: OOM-2609 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I76c0929d53289a581bc26d0d03cc8b9bd72d0fd1
2020-10-26[COMMON] Add limits to cassandra statefulsets.Sylvain Desbureaux2-14/+11
Having limits is important in order to have safe deployment. cassandra didn't had one so let's add them. Issue-ID: OOM-2230 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Id3fef8c351f1be977eab49abd111304b9edd9151
2020-10-23[COMMON] Fix URL override for cassandra backup cronjobMarat Salakhutdinov1-1/+1
It is not possible to override Cassandra backup cronjob image URL currently. This might cause the problem if non standard repository is used. This patch is fixing that issue. Issue-ID: OOM-2608 Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca> Change-Id: I1eb0a97d1a852d16f8d1662f543c3f583e873a5d
2020-10-22Merge "[Tree-wide] Add helmignore to ignore components"Sylvain Desbureaux1-0/+1
2020-10-22[COMMON] change comment styleJakub Latusek5-0/+10
Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Change-Id: I21ea78c96ff8bd5e729f2228f761df534f515358 Issue-ID: OOM-2562
2020-10-21Merge "[COMMON] Move onap truststore to cert-wrapper"Krzysztof Opasiak6-11/+27
2020-10-21Merge "[COMMON] Make certInitializer share truststore among instances"Krzysztof Opasiak7-3/+63
2020-10-21[Tree-wide] Add helmignore to ignore componentsKrzysztof Opasiak1-0/+1
components directory takes up a lot of space and is included during helm package Lets remove it using .helmignore This is just a copy of idea showed in: "[OOF] Add helmignore to ignore components" by krishnaa96 <krishna.moorthy6@wipro.com> Issue-ID: OOM-2534 Suggested-by: krishnaa96 <krishna.moorthy6@wipro.com> Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I25c82e79ba2c472b7761a63365573188ab8db56b
2020-10-20Merge "[COMMON] Lower limit requirements for mariadb"Krzysztof Opasiak1-4/+4
2020-10-20[COMMON] Move onap truststore to cert-wrapperKrzysztof Opasiak6-11/+27
certInitializer is included multiple times in number of different projects. If it contains the truststore then under if it is not used it increases the size of the chart itself so that it our final ONAP chart does not fit into default 20 Mb chartmuseum limit. Let's resolve this by moving the configmap and its content to the cert-wrapper which is included only once per onap instance. Issue-ID: AAF-1134 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I654d9158e7b776c012653dbef2c8091a393635f0
2020-10-20[COMMON] Make certInitializer share truststore among instancesKrzysztof Opasiak7-3/+63
Truststore is quite heavy. If it is included several times in the component it can easily cross helm chart size limit. To fix this issue let's make sure that the truststore is created only once and then shared among all certInitializer instances. Issue-ID: AAF-1134 Change-Id: I546a88fea3fe869748194682e7dcf3ad566282ab Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-10-20Merge "Update makefiles to use specific helm version"Krzysztof Opasiak1-7/+8
2020-10-20Merge "[COMMON] Add limits to postgres deployments."Krzysztof Opasiak2-20/+30
2020-10-20[COMMON] Add limits to ElasticsearchSylvain Desbureaux1-13/+10
Requests were set for Elasticsearch but not limits. Add some limits and updating requests on real usage. Issue-ID: REQ-362 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I8ccfa22dfafceb79fafb1c6f180c77d49cedb00d
2020-10-19[COMMON] Add limits to postgres deployments.Sylvain Desbureaux2-20/+30
Having limits is important in order to have safe deployment. postgres didn't had one so let's add them. Issue-ID: OOM-2230 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I279e01b6be6cddab1f792c75026b41dca5c6c694
2020-10-16Update makefiles to use specific helm versionJakub Latusek1-7/+8
Helm is now called by HELM_BIN variable which by default is set to helm and makefiles use helm from path. HELM_BIN can be overwritten so user can have two version of helm in system and choose which one to use. Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562 Change-Id: I0917796aafe234e87afa0ac3c4c15720296276d5
2020-10-16Merge "[SDC] Fix MSB annotation for sdc-be service port"Sylvain Desbureaux1-0/+1
2020-10-15Merge "[COMMON] More generic Cassandra backup"Sylvain Desbureaux1-3/+3
2020-10-15Merge "[COMMON] Use lowercase in common.fullname during linting in helm3"Sylvain Desbureaux1-1/+1
2020-10-14[COMMON] More generic Cassandra backupMarat Salakhutdinov1-3/+3
This patch will fix handling of the backup of cassandra installed with different than "cassandra" common name. Issue-ID: OOM-2596 Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca> Change-Id: Ifff440af79d6626fdbd1c2948795f98aabd167d7
2020-10-14[SDC] Fix MSB annotation for sdc-be service portSatoshi Fujii1-0/+1
Currently sdc-be 8080(http) port is disabled and no longer used, but the MSB annotation still points to that port so an issue occurs when a client tries to communicate with SDC via MSB. This will change the service port to 8443(https) in the annotation, and also pass 'enable_ssl' param so that MSB will use https scheme in proxying communication. Issue-ID: SDC-3314 Signed-off-by: Satoshi Fujii <fujii-satoshi@jp.fujitsu.com> Change-Id: I0f11fbe55fb21048571b657249b01065a2c0b443
2020-10-13[COMMON] Lower limit requirements for mariadbSylvain Desbureaux1-4/+4
requests/limits for "small" deployments are too big compared to actual usage. Issue-ID: OOM-2230 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I2e3f6dae57714ddc85d2fc04a3793fe034ccc8ef
2020-10-13Merge "[COMMON] Add limits to mongo statefulsets."Krzysztof Opasiak2-10/+17
2020-10-12[COMMON] Use lowercase in common.fullname during linting in helm3Jakub Latusek1-1/+1
.Template.BasePath return <component_name>/templates during linting. Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562 Change-Id: I9e44eca46334ac4c4d884f2aa71ad197283363a1
2020-09-29[common/elasticsearch] update elasticsearch imageAlexander Dehn3-3/+3
switch to version 7.6.2 in guilin Issue-ID: OOM-2579 Signed-off-by: Alexander Dehn <alexander.dehn@highstreet-technologies.com> Change-Id: I08e226b1898ee299e8cdf1165f2783b857bcfb03 Signed-off-by: Alexander Dehn <alexander.dehn@highstreet-technologies.com>
2020-09-25Merge "[DCAEGEN2][OOM] Update k8splugin configs"Sylvain Desbureaux1-1/+5
2020-09-24Don't use GNU make new shell assignment operatorBartek Grzybowski1-1/+1
Shell assignment operator "!=" is a new feature in GNU make 4.0 and breaks the chart build on previous versions of make which is still present in many still supported Linux distros. Change-Id: I74c3c5e910ff7b1344c3da95fa76d11ec31b37c6 Issue-ID: OOM-2562 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-09-24[DCAEGEN2][OOM] Update k8splugin configsJan Malkiewicz1-1/+5
Top up certservice-api image Update config for k8splugin 3.4.1: - update images of certservice-client - add certservice-client secret name to config - add certservice-post-processor image to config CertPostProcessor is an application which appends CMPv2 truststore entries to AAF CertMan truststore and allows swapping AAF CertMan keystore for CMPv2 keystore. Issue-ID: DCAEGEN2-2253 Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com> Change-Id: Icc7020d8e1431f4ba2f49206b84bf3930d3c2c23
2020-09-23[COMMON] Add limits to mongo statefulsets.Sylvain Desbureaux2-10/+17
Having limits is important in order to have safe deployment. mongo didn't had one so let's add them. Issue-ID: OOM-2230 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I4791b924693e4e1eaac14077d4f30e3d29228779
2020-09-21[SDNC/CCSDK] Guilin version bumpDan Timoney1-1/+1
Bump image versions to use Guilin M4 version of SDNC images and of CCSDK dgbuilder. Note - SDNR remains disabled in this commit pending fix to its endpoint. Also, note that CDS version bump is not included - that will be submitted as a separate review. Issue-ID: SDNC-1355 Signed-off-by: Dan Timoney <dtimoney@att.com> Change-Id: I8d660a8e303a18d4674f832b9239fa50c5abf3f2
2020-09-18Merge "[OOM] Moving cert-service to platform"Sylvain Desbureaux1-3/+3
2020-09-18Merge "[CCSDK] Configure dgbuilder to use certInitializer"Sylvain Desbureaux4-21/+53
2020-09-18Merge "Use lowercase in common.fullname during linting in helm3"Sylvain Desbureaux1-0/+5
2020-09-18[OOM] Moving cert-service to platformMaciej Malewski1-3/+3
aaf-cert-service has been renamed to oom-cert-service and moved from oom/kubernetes/aaf/components to oom/kubernetes/platform/components. All aaf-cert-service references have been replaced with oom-cert-service. Issue-ID: OOM-2526 Change-Id: I70ef4bf3ee7085a5ef7075bde68eb0ea0a95ebf7 Signed-off-by: Maciej Malewski <maciej.malewski@nokia.com>
2020-09-17[CCSDK] Configure dgbuilder to use certInitializerDan Timoney4-21/+53
This change makes the following fixes to dgbuilder: * Replace hard-coded certificate with certificate generated by certInitializer * Configure dgbuilder to use http instead of https if AAF is disabled (i.e. global aafEnabled property = false) * Add resource limits Issue-ID: SDNC-1356 Signed-off-by: Dan Timoney <dtimoney@att.com> Change-Id: I8ca97c6a44f62a0abe5b5a6f8564ebcd2e4addb1