aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/common
AgeCommit message (Collapse)AuthorFilesLines
2023-04-21[POLICY][COMMON] Create Authorization Policies for PolicyAndrewLamb1-2/+2
Policy- Add initial authorized serviceaccounts for each sub component service Common- Change authorizationpolicy to match on the label app Issue-ID: OOM-3139 Change-Id: I411877b933d6dfcbdee633f1440d16c9658438e5 Signed-off-by: AndrewLamb <andrew.a.lamb@est.tech>
2023-04-20Merge "[PLATFORM] Add OAuth2-Proxy to ONAP"Andreas Geissler2-0/+11
2023-04-19Merge "[COMMON] Fix Authorization Policy Template"Andreas Geissler1-4/+2
2023-04-19[COMMON] Add app label to common.labelsFiete Ostkamp1-0/+1
- add an app label to all resources because this is picked up by Istio Issue-ID: OOM-3164 Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de> Change-Id: I71831b29c5c5b9ddc2bcafbc1567ed0dfa971e5c
2023-04-18[COMMON] Fix Authorization Policy TemplateAndrewLamb1-4/+2
Fix for: no matches for kind AuthorizationPolicy, when trying to install on deployment with no istio. Issue-ID: OOM-3163 Change-Id: I3e0be55d78e6c88655eeaf267c25b8e6747c5b3c Signed-off-by: AndrewLamb <andrew.a.lamb@est.tech>
2023-04-17[PLATFORM] Add OAuth2-Proxy to ONAPAndreas Geissler2-0/+11
As part of the ServiceMesh solution OAuth2-proxy will be used to enable a central authentication and authorization for ONAP Service Access. This patch delivers the function based on oauth2-proxy helmcharts: https://github.com/oauth2-proxy/manifests/tree/main/helm/oauth2-proxy Issue-ID: OOM-2489 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: Iafa82813a7b9494cf13d77d47a39fc6030cb919b
2023-04-07[COMMON][OTHERS] Fix dependency conditionsAndreas Geissler2-1/+4
In case of local DB the "init" dependency is activated as the "not" condition is not working Issue-ID: OOM-3152 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I27dba69a644bbcc2b61245c22784976ba7c66173
2023-03-30Merge "[SDNC] Chart cleanup from TLS/AAF options"Fiachra Corcoran5-78/+11
2023-03-29[SDNC] Chart cleanup from TLS/AAF optionsAndreas Geissler5-78/+11
Remove checks and add the usage of common templates Add information about external access to SDNC-callhome and add ingress setup for it Issue-ID: OOM-3122 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I7b32832ee31d811c23b4eaa5d43f7aa9d767c353
2023-03-29Merge "[COMMON][SO] Create authorization policy template"Andreas Geissler1-0/+81
2023-03-27[STRIMZI] Correction for external Access via IngressAndreas Geissler1-27/+85
VirtualService TCP route added in _ingress.tpl using protocol option in onap-strimzi ingress configuration Added support for multiple ports in _ingress.tpl added Fixed port setting in onap-strimzi for external interface Add information to the documents section Issue-ID: OOM-3109 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: If8507278d952ee29ceaa3f134b99d18bd6f31cb7
2023-03-21[COMMON][SO] Create authorization policy templateAndrewLamb1-0/+81
Create template for istio authorization policies Issue-ID: OOM-3148 Change-Id: I081288e8e9b0e8347ee6fd0d656398126826c273 Signed-off-by: AndrewLamb <andrew.a.lamb@est.tech>
2023-03-09[STRIMZI] External Kafka Access via IngressAndreas Geissler2-1/+16
Add Ingress configuration for Kafka brokers and bootstrap service and add advertized host/port settings Change the _service.tpl to modify a Nodeport to a ClusterIP depending in the usage of Ingress Issue-ID: OOM-3109 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I19a405b7fb9c06ce40322e7af824e1aad5baaa90
2023-03-09[DCAE-HV-VES] Move to use strimzi kafka tplefiacor1-0/+4
Move hv-ves to use strimzi kakfa tpl Topic naming is invalid so adding overrides to tpl Signed-off-by: efiacor <fiachra.corcoran@est.tech> Change-Id: Ied93c6329f51c3219b09b4f67f174c9e15727188 Issue-ID: DMAAP-1854
2023-03-06[CDS-BP-PROC] Move to use strimzi kafka templateefiacor1-1/+1
Clean up some of the redundant AAF config etc Signed-off-by: efiacor <fiachra.corcoran@est.tech> Change-Id: I3066457a5e45f2cbe75c4f12ab6137e234c77fc1 Issue-ID: DMAAP-1853
2023-03-03[COMMON] Fix resources indentmiroslavmasaryk13-22/+14
Fix of resources template indent and therefore resources in components Issue-ID: OOM-3104 Signed-off-by: miroslavmasaryk <miroslav.masaryk@telekom.com> Change-Id: I825a3860db00cae4bb80b2aa2d82ac1a42b33124
2023-02-19[POLICY] Move policy dist to use strimzi templatesefiacor1-1/+0
Move policy dist to use strimzi templates Signed-off-by: efiacor <fiachra.corcoran@est.tech> Change-Id: I4a03812a7545ce7a4fcd5443a2c0af89933b1a63 Issue-ID: DMAAP-1857
2023-02-17[DCAE][HVVES] Make HVVES collector SM compatibleAndreas Geissler1-0/+9
As we have problems to send binary data to the HVVES collector the support for service appProtocol attribute is required to fix the hvves service protocol to "tcp" and to disable the port for sidecar usage Issue-ID: OOM-3076 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: Ied6ca4d4d8cd088c8ec0e0ee13068dfdbfb38461
2023-02-06[COMMON] Fix nodePort creation in _service.tplAndreas Geissler1-6/+6
In case of non-TLS service the nodePort was not reserved and missed to disable tls for the services (tlsEnabled) Issue-ID: OOM-3094 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I7f5102a499f4b262556787b5db682e28a9ebcf81
2023-01-31Merge "[DMAAP] Remove AAF dependency"Andreas Geissler2-1/+5
2023-01-31Merge "[COMMON] Add pre/postfix and customized port option for Istio Ingress"Andreas Geissler1-23/+63
2023-01-31[DMAAP] Remove AAF dependencyefiacor2-1/+5
Remove DMaaP NodePorts Update dmaap-bc postgres setup and dbc-client image used by DCAE Use the http port of the dbcClient in the dmaapProvisioning job Signed-off-by: efiacor <fiachra.corcoran@est.tech> Change-Id: Ie4888b58b6f7e1405ed67625900da89e58b5cb79 Issue-ID: DMAAP-1573
2023-01-25[COMMON][NAMEGEN] Fix the Policy and AAI Urls in SM caseAndreas Geissler1-2/+2
fix the AAI/Policy urls for network-name-gen in case of ServiceMesh (http interfaces) Issue-ID: OOM-3091 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I8bea8de53643f8c09a25b83985047d56c940f99a
2023-01-19[COMMON] Add pre/postfix and customized port option for Istio IngressAndreas Geissler1-23/+63
Add new options for the created Ingress URLs (preaddr, postaddr) and allow to create Ingress configurations using customized ports Correction added to the installation of the Ingress Gateway. Issue-ID: OOM-3084 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: Ib31050c169799409c6e968adce7ff41e215e3ff9
2022-12-12[MARIADB] Fix for helm compilation in local DB caseAndreas Geissler1-0/+18
The compilation of the job fails, as default values for mariadb-galera are missing in the values.yaml Issue-ID: OOM-3077 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: Iafd7f8ecb2d3b2d3ae8b252e82a5b494516dfb43
2022-12-06[STRIMZI] Add strimzi kafka templatesefiacor1-0/+132
Add template for strimzi KafkaUser and topic Move sdc-be to use given templates Signed-off-by: efiacor <fiachra.corcoran@est.tech> Change-Id: Idc3c5af7f4945466f8419fed7d2f43de36aacd13 Issue-ID: DMAAP-1836
2022-11-25[COMMON] Correct Ingress template to create Istio GW/VSAndreas Geissler2-64/+142
The template should create for each Ingress service a single Gateway/VirtualService Resource, small update of service template Issue-ID: OOM-3000 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I480f8c7b6b9ca3a84813a9e96c4d796d332facc7
2022-11-10[COMMON] Bump ONAP versionAndreas Geissler28-90/+90
Update chart versions 12.0.0 for London Issue-ID: OOM-3046 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: Ic196235ff4f6ae14a7ecad799bd75a9666b2594a
2022-11-03[COMMON] Remove aafConfig as it's replaced by certInitializerKrzysztof Opasiak1-162/+0
aafConfig is obsolete now so let's remove it from the source code to be sure that people use the new one. Issue-ID: AAF-1134 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ie1e05cf0fbe82474edcb3c35ca0df011f4e3a449
2022-09-30Merge "[CCSDK] Version bump for CCSDK Kohn release"Fiachra Corcoran2-2/+2
2022-09-29[DMAAP] Update Kohn versionsefiacor1-1/+1
Bump image version for kohn release Signed-off-by: efiacor <fiachra.corcoran@est.tech> Change-Id: I34e6714797e88c0cf6131022696b537aa36ff505 Issue-ID: DMAAP-1769
2022-09-29[CCSDK] Version bump for CCSDK Kohn releaseTimoney, Dan (dt5972)2-2/+2
Version bump of CCSDK artifacts for Kohn release. Reverted cds-ui version to Jakarta (1.3.0) due to startup issue. Issue-ID: CCSDK-3754 Signed-off-by: Timoney, Dan (dt5972) <dtimoney@att.com> Change-Id: Ib832f3634e97eb7b80856ffc71d3b39f56e1f276
2022-09-28[PLATFROM] Update cert-manager release to 2.6.0Andreas Geissler1-1/+1
Update libraries to fix vulnerabilities Issue-ID: OOM-2985 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I8ac4a769a791ffb90dfd57358dd839c7a631c403
2022-08-31Merge "[COMMON] Disable Nodeports in _service template"Jack Lucas2-0/+5
2022-08-19[COMMON] Disable Nodeports in _service templateAndreas Geissler2-0/+5
When using the _service template in case of ServiceMesh a NodePort is changed to a ClusterIP Issue-ID: OOM-2013 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I42fa1af57dc393356990bedc3ec52babb4f6c09a
2022-08-19[COMMON] Add Istio IngressGateway configAndreas Geissler1-2/+103
In the _ingress.tpl create Gateway and VirtualService resources when SM is enabled, add ssl redirect and use plain_port, if it is defined in ingress config Issue-ID: OOM-3000 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I20c9f88573547fbad631df3c5e0fa17fbdeed80b
2022-08-18[CASSANDRA] Change values to makre Cassandra instances more stableMichal Jagiello1-4/+4
Based on Cassandra documentation enlarge limits of Cassandra pods and the heap size Issue-ID: AAI-3492 Signed-off-by: Michal Jagiello <michal.jagiello@t-mobile.pl> Change-Id: I43e6eeb043b75e5bf5333a3fbdb66f832f01c867 (cherry picked from commit 56b8db227af43c0698eb877dc723f93ad5a0d812)
2022-08-17Merge "[COMMON] Update Makefiles to enable parallelization"Jack Lucas5-22/+65
2022-08-17[COMMON] Update Makefiles to enable parallelizationAndreas Geissler5-22/+65
All Makefiles are updated to support SKIP_LINT option, have a defined order of compilation (common -> components) to support the parallel compilation of charts using: make all -j8 (for 8 Jobs). Additionally use cm-push instead of push to use the new K8S/Helm version Issue-ID: OOM-3011 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: If9903c9d5bc646b5ce54075acc616e98c4b6706e
2022-08-02[DCAEGEN2-SVCS] Support config update via configMapJack Lucas1-21/+6
Change chart to mount application configuration configMap directly on the application container and rely on the DCAE SDK to do environment variable substitution on the configMap content. This allows changing configuration by editing the configMap without restarting the application. Remove message router authenticated topic provisioning from DCAE. Issue-ID: DCAEGEN2-2935 Signed-off-by: Jack Lucas <jflos@sonoris.net> Change-Id: I85139e64f8cb7e1b88f8fca8d5d84cc71f946290
2022-07-29[COMMON][CASSANDRA] Cassandra ServiceMesh ImprovementsAndreas Geissler1-1/+5
Disable inter-cluster ports from the Sidecar communication Issue-ID: OOM-2820 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: Ie9b523e881a6dd5bef62debdf208994d03a08f29
2022-07-08[COMMON][MARIABD] Fix MariaDB ServiceMesh compatibilityAndreas Geissler1-1/+2
Update the pod annotations to exclude the cluster communication ports from the SM sidecars. Fix mysql protocol setup fodddr istio and update mariadb-init job to support istio sidecar communication. This is separated from a patch for CDS SM compatibility Issue-ID: OOM-2820 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I9e839e019c948614fea7d4b3b5930270f7e7a7c6
2022-06-24[COMMON] Bump ONAP versionAndreas Geissler28-90/+90
Use version 11.0.0 for Kohn Issue-ID: OOM-2971 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: Icc0e0839fc6def2035383b5fa4c9153fc15fafda
2022-06-23Merge "[COMMON][ELASTIC] ElasticSearch ServiceMesh compatibility"Jack Lucas3-5/+5
2022-06-23Merge "[SDNC] Update image to install final Jakarta fixes"Andreas Geissler1-1/+1
2022-06-22Merge "[COMMON] Network-name-gen and dgbuilder ServiceMesh compatibility"Jack Lucas3-6/+18
2022-06-22Merge "[COMMON] Elasticsearch ServiceMesh compatibility"Jack Lucas3-0/+18
2022-06-22Merge "[COMMON][POSTGRES] Make DB init jobs ServiceMesh compatible"Jack Lucas4-0/+14
2022-06-08[SDNC] Update image to install final Jakarta fixesDan Timoney1-1/+1
Update versions for SDNC images to install final Jakarta fixes. Issue-ID: SDNC-1706 Signed-off-by: Dan Timoney <dtimoney@att.com> Change-Id: Ic0c7ddf9f61f020889aa814d7031f6f76a473a8f
2022-06-02[COMMON] Network-name-gen and dgbuilder ServiceMesh compatibilityRadoslaw Chmiel3-6/+18
Network-name-gen and dgbuilder charts changes to make it work with servicemesh Issue-ID: OOM-2982 Signed-off-by: Radoslaw Chmiel <r.chmiel@partner.samsung.com> Change-Id: I23bffe3f2de6196dbad1bbb03ea0c2fc46313865