aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/common
AgeCommit message (Collapse)AuthorFilesLines
2024-01-11[MARIADB][SO] Connect MariaDB Galera via master nodeAndreas Geissler2-3/+5
To avoid "lock" situations all clients of the mariadb-galera cluster should use the "primary" service, which connects to the master node. This service is provided by the mariadb-operator. Additionally for SO the bugfix for "local" DB configuration is fixed. Additionally missing readiness checks added to so-cnfm-lcm and so-etsi-nfvo-ns-lcm to wait for the DB job to complete Issue-ID: OOM-3261 Issue-ID: OOM-2697 Change-Id: I3d44f8b6d84d112c0271bfccebc4fa533c4e6aff Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-12-14[MARIADB] Fix db/user creation in operatorAndreas Geissler2-11/+11
Fix the resource names for db/user in mariadb template for the mariadb-operator and corrected the resource notation to work with ArgoCD Added missing "user" entry for mariadb-galera in NBI and Etsicatalog values.yaml and missing dbName in SDNC Issue-ID: OOM-3255 Issue-ID: OOM-3257 Change-Id: Ib11c20ce99bdd7f29415611d2c0795466415eea6 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-12-08[COMMON] Add roles for hazelcast appsAndreas Geissler2-0/+6
CDS and CPS use hazelcast, which requires additional resource read permissions (endpoint, service, node) Added it to roles-wrapper and ServiceAccount templates Issue-ID: OOM-3250 Change-Id: I8360ba657054b2468df55dc529beedd9fc79bada Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-12-05[MARIADB] Fix StorageClassName for GaleraAndreas Geissler1-0/+3
Add missing entry for customized StorageClass for the MariaDB-Operator based DB instances Issue-ID: OOM-3236 Change-Id: I6c65c1553fc01181aa7dbc5fedb3237c110fc172 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-11-17Merge "[MARIADB] Make the MariaDB service Operator aware"Lukasz Rajewski2-1/+9
2023-11-10[CASSANDRA] Make stargate and reaper deployment optionalAndreas Geissler2-1/+8
As Reaper startup is failing in many cases the deployment it should be possible to disable it to stabilize the gating Change the delay handling in the deploy plugin. Issue-ID: OOM-3246 Change-Id: Ibf435d30551aacc213d7c9d38bce72198f4f4b3d Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-10-24[MARIADB] Make the MariaDB service Operator awareAndreas Geissler2-1/+9
To support both Operator and non-operator deployments the service name should be either mariadb-galera-primary or mariadb-galera Issue-ID: OOM-3236 Change-Id: Ic7721e08ec6a257b537024cb4a4751d6155ee28c Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-10-19Merge "[CASSANDRA] Add Reaper and Stargate label checked by SDC/AAI"Lukasz Rajewski2-1/+12
2023-10-18[CASSANDRA] Add Reaper and Stargate label checked by SDC/AAIAndreas Geissler2-1/+12
Schema creations of Reaper and AAI/SDC can conflict with each other. Therefor the reaper init script should finish before AAI and SDC schema init scripts are started Update jvm options for cassandra instance Issue-ID: OOM-3246 Change-Id: I16cea161fc8b75e15c76c4cbe4851739782dfb06 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-10-16[MARIADB] Update mariadb template to the 0.21.0 OperatorAndreas Geissler3-21/+23
In the mariadb-operator version 0.21.0 changes to the CRDs have been done, which require a change in the template. see: https://github.com/mariadb-operator/mariadb-operator/pull/248 PeerAuthentication depends on galera setting (not know why) Issue-ID: OOM-3236 Change-Id: Iaf3cd7128e4c9889c1d56b9b83a72a352e60a39d Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-10-06Merge "[COMMON] Update Gateway-API resource definitions"Lukasz Rajewski1-11/+28
2023-10-05[MARIADB] Set mTLS mode to STRICT to solve mysql connection issuesAndreas Geissler1-1/+1
The DISABLE setting for mysql ports lead to failing mysql connections therefor STRICT is used to fix initial connections see (https://istio.io/latest/about/faq/#mysql-with-mtls) Issue-ID: OOM-3236 Change-Id: I56c34400dc73c71b936a51260efd776349adaeae Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-10-02[COMMON] Update Gateway-API resource definitionsAndreas Geissler1-11/+28
Update the definitions based on test results to avoid ArgoCD resyncs. Issue-ID: OOM-3184 Change-Id: I0e87d0bbea4a45a480fe078e4d9ae7a0f22ff764 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-09-29[MARIADB][COMMON] Add support for mariadb-operatorAndreas Geissler35-87/+523
Add template functions for the mariadb-operator resources and update the mariadb-galera chart to support them Change the flag to "useOperator" in cassandra to the global setup and additional labels for cassandra resources Changed Policy DB users to support the new mariadb User and fixed db.sh script to wait for the DB user creation Use the new readiness image 5.0.1 with the "app-name" option Change the MariaDB-Galera Service to the "primary" to avoid Deadlocks Fix previous SDNC patch (https://gerrit.onap.org/r/c/oom/+/135308) and temporary disable MariaDB for SDNR, as it is not compatible to MariaDB 11 Issue-ID: OOM-3236 Change-Id: Ie63fcc9c6d5fa802d38c592b449e7ff8553c2ab9 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-08-22[COMMON] Rendering issue of templ common.nginxIngress for sub-componentsdemskeq81-4/+4
Fix context handling for templates common.nginxIngress and ingress.config.port Issue-ID: OOM-3237 Change-Id: Idabcdf8ca564d60e2d2471c7fde38412dc478b50 Signed-off-by: demskeq8 <alexander.dehn@highstreet-technologies.com>
2023-08-18[DMAAP] Update datarouter image versionsJack Lucas2-3/+1
Update to use container with shortened "X-DMAAP-DR-ON-BEHALF-OF" name for datarouter provisioning. Issue-ID: DMAAP-1893 Signed-off-by: Jack Lucas <jflos@sonoris.net> Change-Id: I21b043b8709000d2a30ea4e07e3fd0f8693a393c
2023-08-10[CASSANDRA] Disable sync ports for Istio sidecarAndreas Geissler1-0/+6
To enable the internal syncronization between Cassandra instances, the ports 7000 and 7001 have to be excluded in the Envoy Proxy Issue-ID: OOM-3235 Change-Id: I8355f8e15f1e3796e8f910cba0ac54d4e05c78fd Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-08-09Merge "[COMMON] Cleanup charts from unsupported parts"Micha? Jagie??o41-5017/+2
2023-08-09[COMMON] Fix for ServiceAccount in network-name-genAndreas Geissler2-1/+7
Added missing SA definition in values.yaml and changed location in deployment.yaml Issue-ID: OOM-3199 Change-Id: I1d488e8d0d65c4cd3cf0ae21d22fa1143c8d64ab Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-08-08[COMMON] Cleanup charts from unsupported partsAndreas Geissler41-5017/+2
Remove common charts (cert-wrapper, certInitializer, music) which are not needed anymore wor unsupported Issue-ID: OOM-3114 Change-Id: Iec3a49fd4f08b207961ddc572e2de873ee1480d5 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-08-08Merge "[COMMON][SA] Add default role creation to ServiceAccount"Micha? Jagie??o4-5/+122
2023-08-08Merge "[OOM] Fixing k8s ServiceAccounts"Micha? Jagie??o20-41/+52
2023-08-07[COMMON] Add support for Gateway-API in Ingress templateAndreas Geissler2-87/+478
Add options to set the Ingress provider and enhanced settings to provide different resource outputs for Ingress resurces Issue-ID: OOM-3184 Change-Id: I3a6ebf17191a558941d6e18fbfe676da0c78e487 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-08-07[OOM] Fixing k8s ServiceAccountsvladimir turok20-41/+52
Adding service account for the jobs Cleanup MSB, ES and other common charts from AAF dependencies Issue-ID: OOM-3199 Issue-ID: OOM-3114 Issue-ID: OOM-3116 Change-Id: I55bf80876c9fb3b110e538ed1a5504e0dc1d4e1a Signed-off-by: vladimir turok <vladimir.turok@t-systems.com>
2023-08-04[COMMON][SA] Add default role creation to ServiceAccountAndreas Geissler4-5/+122
Adds an option "createDefaultRoles" to create roles instead of using the roles-wrapper Issue-ID: OOM-3233 Change-Id: I03eb95b641034637fa218010025b2c452aba09d1 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-07-26[DMAAP] Introduce drprov-clientJack Lucas3-94/+40
Introduce the drprov-client (replaces dbc-client) and use it to provision data router feeds and subscriptions for DCAE datafile collector and pm-mapper. - Update the common dmaap provisioning template to use drprov-client instead of dbc-client. - Add drprov-client image to the repository generator. - Update the dcaegen2-services-common configMap template to generate JSON files suitable for provisioning data router directly. - Update the dcaegen2-services-common deployment template to use drprov-client as an init container instead of dbc-client. - Update dcae-datafile-collector and pm-mapper values.yaml to format feed and subscription data properly for drprov-client. - Update versions for datarouter-node and datarouter-prov - Update dependencies for DCAE datafile-collector and pm-mapper, which no longer depend on DMAAP bus controller. Issue-ID: DMAAP-1893 Signed-off-by: Jack Lucas <jflos@sonoris.net> Change-Id: Ia090365428362ff6aa94cfb4096ee4c6b554b480
2023-07-21[COMMON] Add missing labels for etcd, mongo, postgresAndreas Geissler7-57/+34
Add labels for DB deployments to be compliant with Istio and kiali requirements Issue-ID: OOM-3230 Change-Id: I937d9f326dae8e2c2496eace2e919aa0b8eb0171 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-07-19Merge "[COMMON] Add version label to be Istio ready"Andreas Geissler1-0/+5
2023-07-19[COMMON] Add version label to be Istio readyAndreas Geissler1-0/+5
Add the "version" label (Chart.Version or Chart.AppVesrion if exists) Correct the metadata of CPS deployment. Issue-ID: OOM-3230 Change-Id: I0a6907ed95c6b0dfcf7f89fec9c3dafbc2fb1d9b Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-07-19[DOC][CASSANDRA] Default StorageClass for Cassandra deploymentAndreas Geissler2-1/+3
As Cassandra (via k8ssandra-operator) requires either a default StorageClass, the instructions to set the default in the OOM docs and removed the hardcoded "storageClass" setting in cassandra installation. Issue-ID: OOM-3226 Change-Id: I815614c31ae6b7fcb811d86519d0df1cc4a8898d Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-07-18[CASSANDRA] Adjust the probe timeouts for StargateAndreas Geissler1-0/+12
The timeouts for Stargate are too small for a proper startup Issue-ID: OOM-3226 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I3235a1022d9c5380d3110c62e42a6f62cc13f001
2023-07-11[CASSANDRA] Enable new cassandra version using operatorAndreas Geissler1-1/+1
Deployment of shared cassandra (4.0.1) using k8ssandra-operator AAI config update to use new cassandra SDC config update to use new cassandra correct link in the oom_infra_optional_addons.rst Issue-ID: OOM-3226 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: Ieeec9ad5c22a0674a477741d0515ae4515c6f3b8
2023-06-29[COMMON] Bump ONAP versionAndreas Geissler28-89/+89
Update chart versions to 13.0.0 for Montreal Issue-ID: OOM-3173 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: Ie53fd021f01e459c464e44f4459a73ba0b00c172
2023-06-26[COMMON] Fix various helm errorsAndreas Geissler5-17/+4
Fixes in helmcharts which are not detected by helm, but kustomize in common, CDS, POLICY, SDC, SO Issue-ID: OOM-3200 Issue-ID: OOM-3201 Issue-ID: OOM-3202 Issue-ID: OOM-3203 Issue-ID: OOM-3204 Issue-ID: OOM-3205 Issue-ID: OOM-3206 Issue-ID: OOM-3207 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I8416726693d6606d936aaf4cfe2c097752689c29
2023-06-22[SDNC] Bump SDNC and CCSDK versions for London releaseDan Timoney1-1/+1
Bump versions of SDNC and CCSDK docker images for London release, bump sdnc version to 2.5.2 to resolve gating issues bump sdnc version to 2.5.3 to add missing Bierman API karaf feature bump sdnc version to 2.5.5 to resolve HTTP PATCH issue ueb-listener to use sdc-distr-client 2.0.0 (kafka native) Use Strimzi KafkaUser template Issue-ID: CCSDK-3876 Issue-ID: CCSDK-1789 Issue-ID: CCSDK-3908 Signed-off-by: Dan Timoney <dtimoney@att.com> Change-Id: I053058f09bad1f5d1578979134eed43eee1d76eb
2023-05-26Merge "[COMMON] Adding Common Template for cassa-operator"Andreas Geissler14-4/+176
2023-05-26[COMMON] Adding Common Template for cassa-operatordasarathi52802414-4/+176
- K8ssandraCluster resources template file added - Modification of the cassandra chart to add the option to install cassandra using the k8ssandra-operator - AAI and SDC values changed to support the new cassandra settings - Fix for SDC cql version in jobs - for London make k8ssandra-operator optional (default: false) Issue-ID: OOM-3168 Signed-off-by: Dasarathi, Swain (ds00528024) <ds00528024@techmahindra.com> Change-Id: Idfe232460c9c1f584536e60ea042345d7dca3164
2023-05-25[COMMON] Update Common Authorization PolicyAndrewLamb1-1/+1
Change app label to use same common.name as the common.labels use. Issue-ID: OOM-3148 Change-Id: Id1a27326df89883c96f6c2f5d3019dd29c19c74d Signed-off-by: AndrewLamb <andrew.a.lamb@est.tech>
2023-05-12[COMMON] Add monitoring to postgresmiroslav.masaryk5-0/+232
Add monitoring to postgres db Issue-ID: OOM-3161 Signed-off-by: miroslav.masaryk <miroslav.masaryk@telekom.com> Change-Id: I470a8e9e471562d10ef423e23ad94b5c30db8740
2023-04-28Merge "[POLICY][COMMON] Create Authorization Policies for Policy"Andreas Geissler1-2/+2
2023-04-27[COMMON] Fix template common.nginxIngress rendering issueAlexander Dehn1-1/+1
add LF in case of tls config Issue-ID: OOM-3172 Signed-off-by: demskeq8 <alexander.dehn@highstreet-technologies.com> Change-Id: I34d8a38972e568c67dfbacc2fe97132789379628
2023-04-21[POLICY][COMMON] Create Authorization Policies for PolicyAndrewLamb1-2/+2
Policy- Add initial authorized serviceaccounts for each sub component service Common- Change authorizationpolicy to match on the label app Issue-ID: OOM-3139 Change-Id: I411877b933d6dfcbdee633f1440d16c9658438e5 Signed-off-by: AndrewLamb <andrew.a.lamb@est.tech>
2023-04-20Merge "[PLATFORM] Add OAuth2-Proxy to ONAP"Andreas Geissler2-0/+11
2023-04-19Merge "[COMMON] Fix Authorization Policy Template"Andreas Geissler1-4/+2
2023-04-19[COMMON] Add app label to common.labelsFiete Ostkamp1-0/+1
- add an app label to all resources because this is picked up by Istio Issue-ID: OOM-3164 Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de> Change-Id: I71831b29c5c5b9ddc2bcafbc1567ed0dfa971e5c
2023-04-18[COMMON] Fix Authorization Policy TemplateAndrewLamb1-4/+2
Fix for: no matches for kind AuthorizationPolicy, when trying to install on deployment with no istio. Issue-ID: OOM-3163 Change-Id: I3e0be55d78e6c88655eeaf267c25b8e6747c5b3c Signed-off-by: AndrewLamb <andrew.a.lamb@est.tech>
2023-04-17[PLATFORM] Add OAuth2-Proxy to ONAPAndreas Geissler2-0/+11
As part of the ServiceMesh solution OAuth2-proxy will be used to enable a central authentication and authorization for ONAP Service Access. This patch delivers the function based on oauth2-proxy helmcharts: https://github.com/oauth2-proxy/manifests/tree/main/helm/oauth2-proxy Issue-ID: OOM-2489 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: Iafa82813a7b9494cf13d77d47a39fc6030cb919b
2023-04-07[COMMON][OTHERS] Fix dependency conditionsAndreas Geissler2-1/+4
In case of local DB the "init" dependency is activated as the "not" condition is not working Issue-ID: OOM-3152 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I27dba69a644bbcc2b61245c22784976ba7c66173
2023-03-30Merge "[SDNC] Chart cleanup from TLS/AAF options"Fiachra Corcoran5-78/+11
2023-03-29[SDNC] Chart cleanup from TLS/AAF optionsAndreas Geissler5-78/+11
Remove checks and add the usage of common templates Add information about external access to SDNC-callhome and add ingress setup for it Issue-ID: OOM-3122 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I7b32832ee31d811c23b4eaa5d43f7aa9d767c353