aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/common
AgeCommit message (Collapse)AuthorFilesLines
7 days[MARIADB] Update image versions to the latest MariaDB OperatorAndreas Geissler7-8/+47
Update tags for MariaDB Galera Init and agent containers to v0.37.1 Add new docker repository for mariadb-operator images Update mariadb template to use resource settings Update SO jobAnnotation handling for DB init Fix minimu resource settings in SO Issue-ID: OOM-3335 Change-Id: I5f31e3db62ed27d33ea47b69645d9beb55e45335 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
10 days[UUI] Chart changes for uui-server 15.0.2Fiete Ostkamp2-3/+3
- define tracing properties in global section to allow centrally configuring it (for the whole platform) - define uui-server properties in values.yaml - use MaxRAMPercentage jvm arg to scale the jvm heap size dynamically with the pod resources (and give the process more than 128MB(!) max heap) - add a revisionHistoryLimit setting - do not use NodePorts - change default service type for nginx to ClusterIP Issue-ID: USECASEUI-875 Change-Id: I3c7893f4970c088844511ea5b038bf842ce90859 Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
12 days[COMMON] Add jobAnnotations as optional variablesAndreas Geissler9-17/+64
- add Annotations to all job template metadata - make the jobAnnotations configurable via values.yaml Issue-ID: OOM-3254 Change-Id: I84a3a7e9a89ea272a239e7a86e9c615103c2c7e4 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2025-02-24Merge "[COMMON] Add label template and make jobs GitOps ready"Lukasz Rajewski69-196/+3140
2025-02-24Merge "[COMMON] Fix mariadb template, so and authentication after checking ↵Lukasz Rajewski1-1/+1
in ArgoCD"
2025-02-23[COMMON] Add label template and make jobs GitOps readyAndreas Geissler69-196/+3140
- update label template and use it within the resource definitions - add jobAnnotations in DB init jobs to make them GitOps ready - add bitnami/common chart to nginx and fix lint errors Issue-ID: OOM-3327 Issue-ID: OOM-3329 Change-Id: I72b1adad43ff479e46f6db2834c627d74c97a20c Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2025-02-21[COMMON] Fix mariadb template, so and authentication after checking in ArgoCDAndreas Geissler1-1/+1
- mariadb: manifest was not synced by ArgoCD, as entry for securityContext was wrong - authentication: wrong keycloak-config-cli version and implementation - so: added annotation for ArgoCD in job Issue-ID: OOM-3330 Change-Id: I6f573defe2f44b625027325f318e63fca1846e3c Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2025-02-19Use 6.1.1 readiness imageFiete Ostkamp3-4/+4
- contains performance improvement for the check time - set default pullPolicy for the readiness to IfNotPresent to avoid downloading this ~20 times Issue-ID: INT-2292 Change-Id: Id712dc67d92d8d6eebf9ac7d13129e0192a82a46 Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
2025-01-20[USECASEUI] Make usecase-ui work via ingressFiete Ostkamp22-0/+3052
- introduce nginx that serves as reverse proxy in front of the uui and uui-server pods - this approach makes the web app work over ingress - introduce new AAI_ADDR environment variable that may eventually be used by uui-server to interface with AAI directly Issue-ID: USECASEUI-854 Change-Id: I229e039f8dfe6df050886ade0ea37a30c7272494 Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
2025-01-15[COMMON] Fix errors in mariadb operator templateAndreas Geissler2-6/+2
- remove SecurytyContext settings - remove fixed primary pod index from template Issue-ID: OOM-3324 Change-Id: I535477ec43cde42cc63f1ab2620cf632eb64c943 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-12-03Adjust default role mapping of the common serviceAccount chartFiete Ostkamp3-90/+122
- make roles in serviceAccount chart configurable via role.read and role.create - change declaration of roles to work in environments with more restrictive RBAC rules Issue-ID: OOM-3323 Change-Id: I25ddd1a7cf26047b9098de03bbb8598dfd367133 Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
2024-11-21[COMMON] Synchronize the chartsAndreas Geissler11-57/+39
Correct the security settings and improve templates. Issue-ID: OOM-3288 Change-Id: Idf1d59b33bea4d27a523d990b218b2e36ffb0348 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-10-15[ETCD] Add kyverno policy fixesAndreas Geissler3-1/+10
Add securityContext settings to resolve kyverno policy violations Fix Jira Links in all release notes. Issue-ID: OOM-3314 Change-Id: Ief20d42f2e4825754bf8d1a142665c7dd176a1d9 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-08-21[CASSANDRA] Add option to set the resource limitsAndreas Geissler4-5/+23
add resources entry to the _cassOp template add resources setting to the cassandra instance add additional settings to improve the performance Issue-ID: OOM-3312 Change-Id: Iaa18e7c55a933f2403eff2dd93cb36f9786b3a41 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-08-15[COMMON][TIMESCALEDB] TemporalDB and securityContext settingsAndreas Geissler8-33/+59
- make pod/containerSecurityContext settings more configurable in _pod.tpl - fix MariaDB statefulset - Fix temporal statefulset to comply with security rules - Set timescaleDB via RepositoryGenerator Issue-ID: OOM-3310 Change-Id: I870f1e835020c2b30225741e700d1a6abfba8ad3 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-08-07[COMMON] Synchronize common chartsAndreas Geissler24-38/+97
- solve actual findings during tests with kyverno policies - synchronize headers Issue-ID: OOM-3288 Issue-ID: OOM-3296 Change-Id: Ia7e7daa8864069493e09dd6511825aa939c5eeaf Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-07-17[COMMON] Update various common chartsAndreas Geissler15-6/+461
- add kyverno policy fixes for cassandra Operator template - add new mongodb-init chart - new parameter in global values to support "NativeSidecar" which disables the deployment of the sidecar killer in jobs - update of "killSideCar" function to use the new option Issue-ID: OOM-3288 Issue-ID: OOM-3296 Change-Id: If7cafd10a14e9bc6b7843c0c2a62691c4e94ca71 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-07-12[AAI] Use 1.14.4 imagesFiete Ostkamp1-1/+1
- deploy 1.14.4 images - increase AAI chart version to 14.0.1 - change sidecar killer job to use wget instead of curl Issue-ID: AAI-3926 Change-Id: I405b52169006800b63fc76568482b4347c99c0b4 Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
2024-07-05[COMMON] Fix Kyverno PoliciesAndreas Geissler87-145/+683
common: - Add settings to common pod templates and fix Cassandra serviceMesh and MariaDB operator templates - Added template for mongodb - Empty lines to files added readinessCheck: - Add missing security settings mariadb-init: - add security settings in job cassandra: - Empty lines added to files mongodb: - make emptyDir volume size configurable others: - update chart dependency for mongodb in components - fix linter errors in all files Issue-ID: OOM-3295 Issue-ID: OOM-3296 Change-Id: Ieb64be337013e0477f7aaca9c75bb6a3f3264848 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-05-06[COMMON] Fix Kyverno policy violations in common/mongodbFiete Ostkamp7-37/+64
- set resourceLimit's for emptyDir volumes - use non-root group in mongo pods - make pod filesystem read-only - bump mongodb chart version from 14.12.2 to 14.12.3 - use new version in portal-ng, nbi, multicloud and dcae-tcagen2 Issue-ID: OOM-3293 Change-Id: Ife7445433337ac97a03f8cd22ad551e8745b9717 Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
2024-04-17[MARIADB][POLICY] Correct the MariaDB ReadinessCheckAndreas Geissler1-4/+0
The configuration of an external MariaDB did not fit with the template function of _mariadb.tpl and additionally the template function has a bug in the service information. Issue-ID: OOM-3290 Change-Id: I92f758647012ebf289549665f7f5c20e94c9ff66 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-04-13[COMMON] Remove hostPath entriesAndreas Geissler7-44/+0
As hostPath volumes violate Cluster policies, they are not allowed within pod definitions. In our case only the "etc/localtime" is mounted to get the timezone of the host, which is not required. Issue-ID: OOM-3287 Change-Id: I6c8c8ea4e982d7e95e73f5fed7fc07ed47ceaab7 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-04-11[COMMON] Update all ReadinessChecksAndreas Geissler2-3/+3
Use the new "service" feature of the readiness image to resolve startup dependencies. Issue-ID: OOM-3280 Change-Id: Ia331d51528676744e5e0479d1fd0ca02830c3499 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-04-11Merge "[SDNC] Move dgbuilder and network-name-gen to SDNC"Lukasz Rajewski17-937/+0
2024-04-10[SDNC] Move dgbuilder and network-name-gen to SDNCAndreas Geissler17-937/+0
Move the charts from /common to sdnc/components and simplify the DB creation. Issue-ID: OOM-3286 Change-Id: Ib0c53e51b96ad2e1573859b9d938e700c0bea4ac Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-04-09[CASSANDRA] Add some fixes for K8ssandra OperatorAndreas Geissler2-6/+25
Some ports need to be excluded from cassandra to support JMX and Metrics interfaces. Also some memory settings need to be adjusted. Issue-ID: OOM-3275 Change-Id: I7530b69d65c7c612bcf54eba64d5a4dd5a20f753 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-04-05Merge "[MARIADB] Update mariadb-operator and templates to 0.27.0"Lukasz Rajewski4-36/+49
2024-04-05[MARIADB] Update mariadb-operator and templates to 0.27.0Andreas Geissler4-36/+49
Update the Mariadb template to support the mariadb-operator version 0.27.0, which changed the CRD naming and the content structure. Temporarily disable istio-sidecar, as problems with init jobs for MariaDB Issue-ID: OOM-3281 Change-Id: Ia9563a5074a739e4b879a7840bedb1d73fbc1b54 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-04-03Merge "[COMMON][READINESS] Update readiness image and use service feature"Lukasz Rajewski14-39/+71
2024-03-27[COMMON][READINESS] Update readiness image and use service featureAndreas Geissler14-39/+71
Update the ReadinessCheck (13.1.0) to support the "services" feature of readiness image version 6.0.2 and use the feature in the charts under common (dgbuilder, etcd-init, mariadb-galera, mariadb-init, postgres-init) Additional exclude K8S API port (443) from Istio Sidecar communication to allow CNI Plugin Issue-ID: OOM-3280 Change-Id: Ibe030aa9debfc82e88f2ce5e309dd6fa2250f211 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-03-20[COMMON] Make imagePullSecrets configurableAndreas Geissler18-31/+186
Currently in ONAP the imagePullSecrets is hardcoded to 'onap-docker-registry-key' which is created by the repository-wrapper component. With this change the secrets can be configured via setting global.imagePullSecrets and optionally per image if it is configured as map (image.pullSecrets) Issue-ID: OOM-3284 Change-Id: I8644f9b46043b6014219c42928e057b149df43a4 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-03-14[COMMON] Harmonize resource settings, Part 2Andreas Geissler17-41/+41
Some settings are still wrongly interpreted (e.g. 0.02Gi) Therefor they are changed to non-floating numbers (e.g. 20Mi) Issue-ID: OOM-3273 Change-Id: Icc88dead1ac5b1df8629d6adcc438a739e20522e Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-03-14Merge "[COMMON] Update MariaDB readinessChecks to fix Operator issues"Lukasz Rajewski3-22/+31
2024-03-11[COMMON] Update MariaDB readinessChecks to fix Operator issuesAndreas Geissler3-22/+31
Give different readinessCheck rules depending on the usage of mariaDB Operator and local/global DB setup Apply these changes to CDS, NBI, SO, SDNC, Policy Issue-ID: OOM-3280 Change-Id: I4e6f584558ffebb6ab602db88a73c2f02891902e Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-03-07[MONGODB] Update to latest bitnami mongodb chartAndreas Geissler70-384/+10408
Import the latest bitnami mongodb chart and update the client charts, which use it: - NBI - DCAEGEN2/TCAEGEN2 (include Chart.yaml fix) - MULTICLOUD/K8S THe new version supports the initial creation of DBs and user Issue-ID: OOM-3277 Change-Id: I75a475aadb8b84a313527b75f4c69e85624af8ba Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-02-28[COMMON] Harmonize resource settingsAndreas Geissler22-112/+154
Update all resource settings to the kubernetes recommended normalized form. Fix ReadinessCheck resource limits. Issue-ID: OOM-3273 Change-Id: Ie10903b801e4dc1689bcec092162d711a431a7a6 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-02-23[CASSANDRA] Update cassandra version and fix timeoutsAndreas Geissler2-4/+6
Update cassandra to 4.1.3 and increase the write timeouts to improve the AAI/SDC stability. Increase the cql client version in SDC to be compliant with cassandra Issue-ID: OOM-3275 Change-Id: Ie1b2f4d38e580eecacd416fca4e392b4a8b0c62a Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-02-21Merge "[POSTGRES][COMMON] Add support for postgres operator"Lukasz Rajewski20-23/+170
2024-02-19[POSTGRES][COMMON] Add support for postgres operatorrajesh.kumar20-23/+170
Add template for the postgres operator instance setup and modifications to use the postgres instance via Operator TBD: Update of documentation and fix for clients (DMaaP, CPS) Issue-ID: OOM-3247 Change-Id: I56c34400dc73c71b936a51260efd231017adaeae Signed-off-by: rajesh.kumar <rk00747546@techmahindra.com>
2024-02-15[DCAEGEN2] Update snmptrap-collector imageJack Lucas1-0/+3
Update snmptrap-collector to 2.0.8. Fix outdated configuration library. Add "protocol" to common.containerPorts. Update dcae-snmptrap-collector chart version to 13.0.1. Update dcaegen2-services chart version to 13.0.2. Issue-ID: DCAEGEN2-3409 Issue-ID: OOM-3251 Signed-off-by: Jack Lucas <jflos@sonoris.net> Change-Id: If0ca26e07fdbbebafb442dc0ead3a14d4ea0d4a6
2024-01-17[MARIADB] Provide S3 Backup for MariaDB instancesAndreas Geissler5-24/+57
Using the mariadb-operator version 0.24.0 a backup to S3 storages is supported and implemented in the templates and mariadb chart Add a missing mariadbOperator config for mariadb-init Issue-ID: OOM-3264 Change-Id: I065053832c226740b2a3b64b065cecc599f28296 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-01-11[MARIADB][SO] Connect MariaDB Galera via master nodeAndreas Geissler2-3/+5
To avoid "lock" situations all clients of the mariadb-galera cluster should use the "primary" service, which connects to the master node. This service is provided by the mariadb-operator. Additionally for SO the bugfix for "local" DB configuration is fixed. Additionally missing readiness checks added to so-cnfm-lcm and so-etsi-nfvo-ns-lcm to wait for the DB job to complete Issue-ID: OOM-3261 Issue-ID: OOM-2697 Change-Id: I3d44f8b6d84d112c0271bfccebc4fa533c4e6aff Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-12-14[MARIADB] Fix db/user creation in operatorAndreas Geissler2-11/+11
Fix the resource names for db/user in mariadb template for the mariadb-operator and corrected the resource notation to work with ArgoCD Added missing "user" entry for mariadb-galera in NBI and Etsicatalog values.yaml and missing dbName in SDNC Issue-ID: OOM-3255 Issue-ID: OOM-3257 Change-Id: Ib11c20ce99bdd7f29415611d2c0795466415eea6 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-12-08[COMMON] Add roles for hazelcast appsAndreas Geissler2-0/+6
CDS and CPS use hazelcast, which requires additional resource read permissions (endpoint, service, node) Added it to roles-wrapper and ServiceAccount templates Issue-ID: OOM-3250 Change-Id: I8360ba657054b2468df55dc529beedd9fc79bada Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-12-05[MARIADB] Fix StorageClassName for GaleraAndreas Geissler1-0/+3
Add missing entry for customized StorageClass for the MariaDB-Operator based DB instances Issue-ID: OOM-3236 Change-Id: I6c65c1553fc01181aa7dbc5fedb3237c110fc172 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-11-17Merge "[MARIADB] Make the MariaDB service Operator aware"Lukasz Rajewski2-1/+9
2023-11-10[CASSANDRA] Make stargate and reaper deployment optionalAndreas Geissler2-1/+8
As Reaper startup is failing in many cases the deployment it should be possible to disable it to stabilize the gating Change the delay handling in the deploy plugin. Issue-ID: OOM-3246 Change-Id: Ibf435d30551aacc213d7c9d38bce72198f4f4b3d Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-10-24[MARIADB] Make the MariaDB service Operator awareAndreas Geissler2-1/+9
To support both Operator and non-operator deployments the service name should be either mariadb-galera-primary or mariadb-galera Issue-ID: OOM-3236 Change-Id: Ic7721e08ec6a257b537024cb4a4751d6155ee28c Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-10-19Merge "[CASSANDRA] Add Reaper and Stargate label checked by SDC/AAI"Lukasz Rajewski2-1/+12
2023-10-18[CASSANDRA] Add Reaper and Stargate label checked by SDC/AAIAndreas Geissler2-1/+12
Schema creations of Reaper and AAI/SDC can conflict with each other. Therefor the reaper init script should finish before AAI and SDC schema init scripts are started Update jvm options for cassandra instance Issue-ID: OOM-3246 Change-Id: I16cea161fc8b75e15c76c4cbe4851739782dfb06 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>