| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
- add Annotations to all job template metadata
- make the jobAnnotations configurable via values.yaml
Issue-ID: OOM-3254
Change-Id: I84a3a7e9a89ea272a239e7a86e9c615103c2c7e4
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
in ArgoCD"
|
|
- update label template and use it within the resource definitions
- add jobAnnotations in DB init jobs to make them GitOps ready
- add bitnami/common chart to nginx and fix lint errors
Issue-ID: OOM-3327
Issue-ID: OOM-3329
Change-Id: I72b1adad43ff479e46f6db2834c627d74c97a20c
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
- mariadb: manifest was not synced by ArgoCD, as entry for securityContext was wrong
- authentication: wrong keycloak-config-cli version and implementation
- so: added annotation for ArgoCD in job
Issue-ID: OOM-3330
Change-Id: I6f573defe2f44b625027325f318e63fca1846e3c
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
- contains performance improvement for the check time
- set default pullPolicy for the readiness to IfNotPresent
to avoid downloading this ~20 times
Issue-ID: INT-2292
Change-Id: Id712dc67d92d8d6eebf9ac7d13129e0192a82a46
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
|
|
- introduce nginx that serves as reverse proxy in front of the uui and uui-server pods
- this approach makes the web app work over ingress
- introduce new AAI_ADDR environment variable that may eventually
be used by uui-server to interface with AAI directly
Issue-ID: USECASEUI-854
Change-Id: I229e039f8dfe6df050886ade0ea37a30c7272494
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
|
|
- remove SecurytyContext settings
- remove fixed primary pod index from template
Issue-ID: OOM-3324
Change-Id: I535477ec43cde42cc63f1ab2620cf632eb64c943
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
- make roles in serviceAccount chart configurable via role.read and role.create
- change declaration of roles to work in environments with more restrictive RBAC rules
Issue-ID: OOM-3323
Change-Id: I25ddd1a7cf26047b9098de03bbb8598dfd367133
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
|
|
Correct the security settings and improve templates.
Issue-ID: OOM-3288
Change-Id: Idf1d59b33bea4d27a523d990b218b2e36ffb0348
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Add securityContext settings to resolve kyverno policy violations
Fix Jira Links in all release notes.
Issue-ID: OOM-3314
Change-Id: Ief20d42f2e4825754bf8d1a142665c7dd176a1d9
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
add resources entry to the _cassOp template
add resources setting to the cassandra instance
add additional settings to improve the performance
Issue-ID: OOM-3312
Change-Id: Iaa18e7c55a933f2403eff2dd93cb36f9786b3a41
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
- make pod/containerSecurityContext settings more configurable
in _pod.tpl
- fix MariaDB statefulset
- Fix temporal statefulset to comply with security rules
- Set timescaleDB via RepositoryGenerator
Issue-ID: OOM-3310
Change-Id: I870f1e835020c2b30225741e700d1a6abfba8ad3
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
- solve actual findings during tests with kyverno policies
- synchronize headers
Issue-ID: OOM-3288
Issue-ID: OOM-3296
Change-Id: Ia7e7daa8864069493e09dd6511825aa939c5eeaf
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
- add kyverno policy fixes for cassandra Operator template
- add new mongodb-init chart
- new parameter in global values to support "NativeSidecar"
which disables the deployment of the sidecar killer in jobs
- update of "killSideCar" function to use the new option
Issue-ID: OOM-3288
Issue-ID: OOM-3296
Change-Id: If7cafd10a14e9bc6b7843c0c2a62691c4e94ca71
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
- deploy 1.14.4 images
- increase AAI chart version to 14.0.1
- change sidecar killer job to use wget instead of curl
Issue-ID: AAI-3926
Change-Id: I405b52169006800b63fc76568482b4347c99c0b4
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
|
|
common:
- Add settings to common pod templates and fix Cassandra
serviceMesh and MariaDB operator templates
- Added template for mongodb
- Empty lines to files added
readinessCheck:
- Add missing security settings
mariadb-init:
- add security settings in job
cassandra:
- Empty lines added to files
mongodb:
- make emptyDir volume size configurable
others:
- update chart dependency for mongodb in components
- fix linter errors in all files
Issue-ID: OOM-3295
Issue-ID: OOM-3296
Change-Id: Ieb64be337013e0477f7aaca9c75bb6a3f3264848
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
- set resourceLimit's for emptyDir volumes
- use non-root group in mongo pods
- make pod filesystem read-only
- bump mongodb chart version from 14.12.2 to 14.12.3
- use new version in portal-ng, nbi, multicloud and dcae-tcagen2
Issue-ID: OOM-3293
Change-Id: Ife7445433337ac97a03f8cd22ad551e8745b9717
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
|
|
The configuration of an external MariaDB did not fit with
the template function of _mariadb.tpl and additionally
the template function has a bug in the service information.
Issue-ID: OOM-3290
Change-Id: I92f758647012ebf289549665f7f5c20e94c9ff66
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
As hostPath volumes violate Cluster policies, they are
not allowed within pod definitions.
In our case only the "etc/localtime" is mounted to get
the timezone of the host, which is not required.
Issue-ID: OOM-3287
Change-Id: I6c8c8ea4e982d7e95e73f5fed7fc07ed47ceaab7
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Use the new "service" feature of the readiness image to
resolve startup dependencies.
Issue-ID: OOM-3280
Change-Id: Ia331d51528676744e5e0479d1fd0ca02830c3499
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
Move the charts from /common to sdnc/components and simplify
the DB creation.
Issue-ID: OOM-3286
Change-Id: Ib0c53e51b96ad2e1573859b9d938e700c0bea4ac
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Some ports need to be excluded from cassandra to support
JMX and Metrics interfaces.
Also some memory settings need to be adjusted.
Issue-ID: OOM-3275
Change-Id: I7530b69d65c7c612bcf54eba64d5a4dd5a20f753
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
Update the Mariadb template to support the mariadb-operator
version 0.27.0, which changed the CRD naming and the content
structure.
Temporarily disable istio-sidecar, as problems with init jobs
for MariaDB
Issue-ID: OOM-3281
Change-Id: Ia9563a5074a739e4b879a7840bedb1d73fbc1b54
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
Update the ReadinessCheck (13.1.0) to support the "services" feature
of readiness image version 6.0.2 and use the feature in the charts
under common (dgbuilder, etcd-init, mariadb-galera, mariadb-init,
postgres-init)
Additional exclude K8S API port (443) from Istio Sidecar communication
to allow CNI Plugin
Issue-ID: OOM-3280
Change-Id: Ibe030aa9debfc82e88f2ce5e309dd6fa2250f211
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Currently in ONAP the imagePullSecrets is hardcoded to
'onap-docker-registry-key' which is created by the
repository-wrapper component.
With this change the secrets can be configured via setting
global.imagePullSecrets and optionally per image if it is
configured as map (image.pullSecrets)
Issue-ID: OOM-3284
Change-Id: I8644f9b46043b6014219c42928e057b149df43a4
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Some settings are still wrongly interpreted (e.g. 0.02Gi)
Therefor they are changed to non-floating numbers (e.g. 20Mi)
Issue-ID: OOM-3273
Change-Id: Icc88dead1ac5b1df8629d6adcc438a739e20522e
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
Give different readinessCheck rules depending on the usage
of mariaDB Operator and local/global DB setup
Apply these changes to CDS, NBI, SO, SDNC, Policy
Issue-ID: OOM-3280
Change-Id: I4e6f584558ffebb6ab602db88a73c2f02891902e
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Import the latest bitnami mongodb chart and update the
client charts, which use it:
- NBI
- DCAEGEN2/TCAEGEN2 (include Chart.yaml fix)
- MULTICLOUD/K8S
THe new version supports the initial creation of DBs and user
Issue-ID: OOM-3277
Change-Id: I75a475aadb8b84a313527b75f4c69e85624af8ba
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Update all resource settings to the kubernetes recommended
normalized form. Fix ReadinessCheck resource limits.
Issue-ID: OOM-3273
Change-Id: Ie10903b801e4dc1689bcec092162d711a431a7a6
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Update cassandra to 4.1.3 and increase the write timeouts
to improve the AAI/SDC stability.
Increase the cql client version in SDC to be compliant with cassandra
Issue-ID: OOM-3275
Change-Id: Ie1b2f4d38e580eecacd416fca4e392b4a8b0c62a
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
Add template for the postgres operator instance setup and
modifications to use the postgres instance via Operator
TBD: Update of documentation and fix for clients (DMaaP, CPS)
Issue-ID: OOM-3247
Change-Id: I56c34400dc73c71b936a51260efd231017adaeae
Signed-off-by: rajesh.kumar <rk00747546@techmahindra.com>
|
|
Update snmptrap-collector to 2.0.8.
Fix outdated configuration library.
Add "protocol" to common.containerPorts.
Update dcae-snmptrap-collector chart version to 13.0.1.
Update dcaegen2-services chart version to 13.0.2.
Issue-ID: DCAEGEN2-3409
Issue-ID: OOM-3251
Signed-off-by: Jack Lucas <jflos@sonoris.net>
Change-Id: If0ca26e07fdbbebafb442dc0ead3a14d4ea0d4a6
|
|
Using the mariadb-operator version 0.24.0 a backup to
S3 storages is supported and implemented in the
templates and mariadb chart
Add a missing mariadbOperator config for mariadb-init
Issue-ID: OOM-3264
Change-Id: I065053832c226740b2a3b64b065cecc599f28296
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
To avoid "lock" situations all clients of the mariadb-galera
cluster should use the "primary" service, which connects
to the master node.
This service is provided by the mariadb-operator.
Additionally for SO the bugfix for "local" DB configuration
is fixed.
Additionally missing readiness checks added to so-cnfm-lcm and
so-etsi-nfvo-ns-lcm to wait for the DB job to complete
Issue-ID: OOM-3261
Issue-ID: OOM-2697
Change-Id: I3d44f8b6d84d112c0271bfccebc4fa533c4e6aff
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Fix the resource names for db/user in mariadb template for
the mariadb-operator and corrected the resource notation
to work with ArgoCD
Added missing "user" entry for mariadb-galera in NBI and
Etsicatalog values.yaml and missing dbName in SDNC
Issue-ID: OOM-3255
Issue-ID: OOM-3257
Change-Id: Ib11c20ce99bdd7f29415611d2c0795466415eea6
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
CDS and CPS use hazelcast, which requires additional
resource read permissions (endpoint, service, node)
Added it to roles-wrapper and ServiceAccount templates
Issue-ID: OOM-3250
Change-Id: I8360ba657054b2468df55dc529beedd9fc79bada
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Add missing entry for customized StorageClass for
the MariaDB-Operator based DB instances
Issue-ID: OOM-3236
Change-Id: I6c65c1553fc01181aa7dbc5fedb3237c110fc172
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
As Reaper startup is failing in many cases the deployment
it should be possible to disable it to stabilize the gating
Change the delay handling in the deploy plugin.
Issue-ID: OOM-3246
Change-Id: Ibf435d30551aacc213d7c9d38bce72198f4f4b3d
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
To support both Operator and non-operator deployments
the service name should be either mariadb-galera-primary or
mariadb-galera
Issue-ID: OOM-3236
Change-Id: Ic7721e08ec6a257b537024cb4a4751d6155ee28c
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
Schema creations of Reaper and AAI/SDC can conflict with each
other. Therefor the reaper init script should finish before
AAI and SDC schema init scripts are started
Update jvm options for cassandra instance
Issue-ID: OOM-3246
Change-Id: I16cea161fc8b75e15c76c4cbe4851739782dfb06
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
In the mariadb-operator version 0.21.0 changes to the CRDs
have been done, which require a change in the template.
see: https://github.com/mariadb-operator/mariadb-operator/pull/248
PeerAuthentication depends on galera setting (not know why)
Issue-ID: OOM-3236
Change-Id: Iaf3cd7128e4c9889c1d56b9b83a72a352e60a39d
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
Andreas Geissler
Lukasz Rajewski
Fiete Ostkamp
rajesh.kumar
Jack Lucas